Therefore, in this article, we will explain the security of blockchain technology, which is expanding as a technological foundation, while touching on examples of quality problems that have occurred in cryptographic assets.
Blockchain is a technology with high tamper resistance
Blockchain is expected to be applied to the services we use daily.
In the first place, blockchain is a technology that has emerged as the foundation that supports Bitcoin, a cryptographic asset, and has the feature that “data once recorded on the blockchain cannot be changed later.” Another feature of blockchain is “transparency of transactions”. In the blockchain, anyone can check the record of “who”, “when”, “what”, “how much”, and “by what route” the transaction was made.
The reliability of transactions based on blockchain is guaranteed by these features such as “cannot be tampered with” and “ensuring transparency of transactions”.
It is expected to be widely applied not only in the financial industry but also in fields such as logistics and food hygiene where it is desired to guarantee service quality by records. For example, in logistics services, by recording information such as producers, delivery times, and transportation routes on the blockchain, it becomes possible to provide reliability to the products that customers get along with the services.
In other words, the high tamper resistance of blockchain is a technology that can more clearly disclose the “reliability” that is important in business.
Technology that supports blockchain
When building a service using blockchain, engineers should understand the technology that supports blockchain.
The key to understanding the technologies that support blockchain is “P2P,” “encryption technology,” and “smart contracts.” By knowing them, not only will the implementation when building the system be accurate and smooth but also when defining requirements and requirements with the members who operate the service, it will be possible to listen and propose more concretely. Will be.
Distributed management by the P2P network
Blockchain data management is maintained by a technology called “P2P network”.
A P2P network is a form of the network formed by connecting each node (computer). Rather than centrally processing data as in a client-server system, each node can handle everything from data possession to processing. This realizes distributed management and is a mechanism that can maintain the system even if some servers fail.
The P2P (Peer to Peer) technology itself is an old technology, but it forms an important foundation of the blockchain, which is a new technology. By using P2P, a centralized structure like a conventional client-server system can be created. It is breaking through.
In the blockchain, each node that participates in the network is connected, and each node has the same ledger (blockchain). For example, in the case of Bitcoin, each miner (or group) who performs mining is a node. With this mechanism, each node can own and manage the ledger, so it is possible to realize an infrastructure that makes it difficult for the blockchain itself to go down, and it also leads to the deterrence of data tampering.
Of course, it is not only P2P networks that guarantee high tamper resistance, but it is a technology that plays a part in the high tamper resistance of blockchain.
“Encryption technology” also plays an important role as a technology that supports blockchain. In the blockchain, “public-key cryptography” is used to confirm the trader.
As mentioned above, blockchain was born to support the Bitcoin system and is now used as the basis for all crypto assets (excluding Ripple). Since crypto assets are a mechanism for trading value, proving “whether or not the trading partner is the person” is a very important factor when using the system.
Therefore, in cryptographic asset transactions, “digital signatures” using public-key cryptography are used to authenticate the identity of the trading partner. This authentication mechanism has been used for a long time and is not a new technology or idea. However, it plays an important role in supporting blockchain technology, including the exchange of value in crypto assets.
Digital signature used in Bitcoin transactions
In “public-key cryptography,” the data is encrypted using the public key of the person to whom you want to pass the information, and the recipient decrypts the data using your private key. This is the exchange of encrypted data. However, in crypto-asset transactions based on blockchain technology, the above procedure is reversed and used as a digital signature. For example, when trading Bitcoin, there are the following requirements.
- Mr. A, who received the bitcoin from Mr. B, confirms that it belongs to Mr. B himself.
- Mr. B, who sends Bitcoin, proves to Mr. A that it belongs to Mr. B himself.
If this requirement is not met, the transaction will be fraudulent. Therefore, the request is satisfied by the following exchange, which is the reverse of the procedure of public-key cryptography.
- Mr. B signs the data with his private key
- Mr. A uses the public key generated from Mr. B’s private key to collate the signature of the data received from Mr. B.
At this time, only the signature created by Mr. B’s private key can be collated with Mr. A’s public key. In other words, you can “prove” that Mr. B, who has the private key, signed it. By recording reliable transaction results on the blockchain using encryption technology in this way, the transparency of the blockchain itself is also ensured.
A “smart contract” is a mechanism for realizing the automation of contract behavior on the system and is executed on the blockchain. Smart contract technology makes it possible to perform pre-specified actions when certain contract terms are met on the blockchain.
For example, smart contracts are a technology that can be applied to insurance contracts and automatic renewal of rental properties. Even for death insurance that makes it impossible for the policyholder to execute the contract, by specifying the contract conditions and actions in advance using a smart contract, even if the contractor dies, the insurance money will not require complicated procedures by the bereaved family. It can be used to automate insurance payments.
Of course, if you record the contract conditions using smart contracts on the blockchain, you can prevent changes and falsification of the contract contents, so you can guarantee the reliability that you can not receive illegal insurance claims.
In this way, services that apply blockchain-based “smart contracts” are expected to apply to various fields related to each contract.
Hacking damage that occurred on the virtual currency exchange
A blockchain that is said to be tamper-proof and fraudulent. However, because hacking damage has occurred frequently, there are some doubts about quality control. Even in Japan, there was hacking damage to the virtual currency exchange as a big incident of total damage, and many users lost their assets. In addition, not only service providers such as virtual currency exchanges but also cryptographic assets managed by individuals are being stolen.
What I want to clarify here is that it is not the transaction data recorded on the blockchain that is cracked (malicious hacking), but the data recording device called “wallet” that stores cryptographic assets. ..
In other words, this wallet management system is extremely important to prevent blockchain hacking.
A private key management system determines the quality of crypto assets
A typical system that uses blockchain is the Bitcoin system, but the reality of Bitcoin assets is the “secret key.” In other words, possession of a private key is synonymous with possession of Bitcoin, so losing a private key is also synonymous with losing crypto assets.
In the past, there was a case where the crypto assets of the cryptocurrency exchange were stolen, but this is also the damage caused by the theft of the private key (including the user’s private key) managed by the cryptocurrency exchange. In other words, the quality control of blockchain in crypto asset management is not that the data recorded in the blockchain is tampered with, but the quality of the “private key” management system.
One of the causes of cryptocurrency exchange hacking damage that occurred at home and abroad was that hot wallets (wallets that are always connected to the network) were used to manage private keys.
One of the causes of hacking damage is that transactions before recording on the blockchain are tampered with, but it is an exaggeration to say that most of the damage is caused by the management system of “private key” which can be said to be the cryptographic asset itself. Not.
Therefore, when building a service using blockchain, it can be said that the point to be strongly aware of to ensure its quality is “the management method of the private key that proves the ownership of data”.
A security that should be linked with services
Services using blockchain will play a major role as the infrastructure that supports our lives in the future.
In such a trend, as an engineer, I would like to pay particular attention to “why blockchain is highly resistant to tampering” and “knowledge about blockchain-related technology to ensure quality”. “How to handle the information that accompanies the system”. In particular, the handling of private keys is greatly related to “ownership of data, which is a cryptographic asset”, so it greatly affects the quality of service. Especially for cryptographic assets, “managing private keys offline” is the basic idea of security to prevent hacking damage.
When designing a service using a blockchain, it is important to understand that “data recorded on the blockchain is tamper-resistant” and take security measures such as strengthening the management of private keys. By designing and developing services with these in mind, we will ultimately be able to provide high-quality services.
If you ever want to know about similar things, check out the Facebook page Maga Techs.