Do you know about the blockchain?
Attacks on blockchain have involved all aspects of the application layer, contract layer, bottom layer, and infrastructure layer.
Once the blockchain attack is successful, the losses are usually as many as one million, ten million, and hundreds of millions of dollars.
Bitcoin's price cliff, behind the attacker's blessing
Successful blockchain attacks are often the simplest means
The frequency of use of logical loopholes determines the security of blockchain and needs a mature attacker's perspective.
In order to avoid hard fork processing, the patience of transferring property in batches can be extended to 2 years.
The blockchain platform was attacked several times in a row, directly leading to the bankruptcy
The blockchain black production scale has begun, and the players and the players may come from the same hands.
Do you know about blockchain technology?
The application layer is the preferred target of the attacker, and the exchange is often the bull's eye.
The intelligent contract layer is the top priority of security protection, and it can't be modified into a double-edged sword.
Subsidiary structure and infrastructure layer security risks
Social engineering, internal attacks, fishing... a lot of
The world-famous Somali pirates, the executives are generally a few people, a ship, not a powerful firepower. After the successful ship grabs, the ransom requirement of millions and ten thousand dollars is not the firepower, not the size of the ship, more Familiarity with the sea, the use of geographical location, and the behavior that you dare to do.
Summarizing all the blockchain security cases in history, the attack process and bad results of this emerging industry will make people feel that the strength of this attack, the strategy and the profitability of the attack are very Similarly, attackers targeting blockchains at this stage can be imaged as "pirate" attackers.
The result is good: when the US Navy, the Chinese Navy and other forces regularly stationed and rotated to escort the passing merchant ships, Somali pirates gradually disappeared because of the intervention of the regular army.
The current blockchain enterprises also seem to urgently need the intervention of professional regular army. Through in-depth research on the dimensions of attackers' portraits, attack behaviors, attack logic chains, and effective methods of loss recovery, we propose practical and effective means for the current " The "wallless" attack is contained.
With the rise of the entire blockchain industry, Changting Technology has served a number of related companies, covering a variety of types. In this process, the Changting Security Service team realized that the blockchain enterprise practitioners have a high security awareness, but the understanding of blockchain security is lacking; the institutions that study blockchain security technology at home and abroad are not non-existent. However, the lack of information channels has led to delays in knowledge acquisition. é‚ Decided to integrate the research results with high quality and truly problem-solving resources through years of accumulation in the security industry. At the current stage, the blockchain will be employed. A relatively objective reference can be used to find resources.
This resulted in the joint efforts of Changting Technology, ConsenSys and Bitian China, and the release of the country's first "Guidelines for the Safety of Blockchain Survival".
Because of its background in attack and defense technology, Changting Technology is one of the earliest network security companies in China to research and serve blockchain enterprises. It has accumulated rich materials and used years of offensive and defensive research and practical experience to sort out relatively mature methodology. ConsenSys Founded in 2015 by Ethereum co-founder Joseph Lubin, headquartered in New York, with more than 600 global teams, its security team ConsenSys Diligence provides security services, tools and best practice guides for Ethereum Ecology; Is the first person to translate Bitcoin founder Nakamoto's paper into Chinese. In 2013, he joined the Jank Group to create Bitland. This Chinese company, which was founded less than five years ago, is called the invisible on the Bitcoin industry chain. empire.
The three companies complemented the report from a richer perspective and tried to provide blockchain practitioners with more dimensional reference information.
Blockchain security, itself is also a "chain"The blockchain, named after Bitcoin. The currency has also become the most widely known blockchain application case. However, from an application perspective, the blockchain is a product of a combination of cryptography, mathematics, computer science, network science, and sociology. From an innovation perspective, blockchains are cleverly integrated with a variety of existing technologies, such as asymmetric encryption, peer-to-peer networking techniques, hashing algorithms, and consensus algorithms. It is an engineering innovation rather than a scientific theory innovation. The blockchain starts in the currency, but it is far from being limited to coins. The nature of its application can be categorized as the digitization of assets and the management of blockchain trustworthiness and traceability.
From the concept of 2008 to the recognition of the important potential value of blockchain technology in 2013, the industry began to try to apply it to scenarios other than digital currency (such as crowdfunding, asset trading, ownership management, identity authentication, etc.). In just a few years, the blockchain quickly became the hottest technology.
At present, there are hundreds of blockchain-related companies on the market, which can be roughly classified into digital currency and technology applications according to the type and mode of business. As the name suggests, digital currency is a middleware that reflects, communicates, and exchanges value in keeping with the digital economy. The technical application is to use blockchain technology to reduce costs and improve efficiency in many real-world scenarios. Due to the difference in business form and mode, the two have different security claims.
The application layer is often the target of choice for attackers, the most common trading platforms. Security issues include unauthorised access by exchange servers, exchange DDoS attacks, employee host security issues, and malicious program infections. The intelligent contract layer is the focus of the entire security precaution. Once the smart contract is extremely difficult to modify, the security of the contract often determines the life and death of a project. The world-famous The DAO event is a tens of millions of dollars lost by re-entry attacks; representative projects involving smart contract development include blockchain wallets, crowdfunding funds, blockchain tokens, blockchain games, and more. Unauthorized access attacks, Solidity programming hazards, etc. are common problems at the contract level. The underlying structural layer and infrastructure layer security need to pay attention to blockchain implementation layer security risks, community-specific DoS attacks, EVM security risks, and so on. In addition, security awareness and management, including how to identify prevention of social engineering attacks, internal attacks, third-party risk control failures, phishing attacks are also indispensable. Obviously, blockchain security itself is a chain of “chainsâ€, and security protection requires a systematic life cycle system and God's perspective.
Develop a lifecycle security systemThe data shows that the main countries of blockchain patent applications include China, the United States, South Korea, and Japan. China has the fastest growth, and more than half of the world's blockchain patents are in China. At present, the number of China's blockchain startups is second only to the United States. Many of the top 20 digital assets in the world's market capitalization are of Chinese descent. In addition, by disclosing the annual report of each bank, 12 of the 26 listed banks of A-shares have been put into operation in the blockchain application during the year, including three state-owned banks, six national joint-stock banks, and three city commercial banks.
Figure: Hyper Cycle diagram of the blockchain
The application of blockchain technology is gradually deepening. In order to deal with the security problems faced by the blockchain more comprehensively and systematically, we must not only consider the security risks faced by each layer in the technical architecture, but also integrate the security solutions into the blocks. In every link of chain development, the security management plan of the blockchain security development life cycle is finally realized.
Since the birth of the blockchain, various attacks have emerged in an endless stream, and the security situation is grim, requiring effective methods to defend. ————Wu Jihan, founder of Bitland
I am honored to work with Changting Technology and Bitland to publish a blockchain security depth report, and hope to make some contributions to improve the safety awareness and technical capabilities of the whole industry through the report. Safety has always been one of the core issues of the blockchain. ConsenSys looks forward to building a safety ecosystem with industry partners and promoting the development of blockchain technology in China and the world. ————Tang Yi, head of ConsenSys China
When we embrace the revolution brought by blockchain technology, we are also facing a severe security test—whether it is the design of the system or the security breaches in the implementation, it may bring a devastating blow to the entire application. In this release of the guide, we focus on blockchain security, the security needs of different applications, past attacks and coping strategies, and hope to bring inspiration to the industry.
Floor Standing Display,Signage Advertising Display,Advertising Lcd Screen,Standing Digital Signage
APIO ELECTRONIC CO.,LTD , https://www.displayapio.com