Understanding the risks associated with blockchain

By: John Fennell, Executive Vice President and Chief Risk Officer, The Options Clearing Corporation (OCC) Oct 2019

In 2009, with the launch of Bitcoin, the concept of the distributed ledger (or blockchain) was introduced. Blockchain provides a decentralised system for completing the exchange of data or digital assets through a cryptographically-secure consensus mechanism. Shortly after its introduction, the technology went through a second innovation with the development of smart contracts. Smart contracts are a set of decentralised applications, which can be designed to interact with other smart contracts providing an autonomous, immutable, traceable and secure environment to generate an event based on what was transacted in the ledger.

With the combination of these innovations, significant excitement has been generated with technologists and practitioners. Blockchain presents opportunities to reduce counter party risks and enhance efficiency, especially related to trade reconciliations supporting settlement, clearing, and interbank payment processes. However, as an operator of market infrastructure relied upon for supporting the undisrupted functioning of the financial markets, one must understand the risks associated with the blockchain to ensure operational resilience. This is foundational to empower the perceived benefits of blockchain, while supporting the ongoing confidence, integrity and continuity of global financial markets.

One of the more widely known inherent risks associated with blockchain relates to the 51% vulnerability, which can permit an attacker to break down the consensus mechanism and assume control over the blockchain. By launching a 51% attack, an attacker can manipulate and modify the blockchain information, reverse transactions or initiate double spending attacks, exclude or modify transactions, impact the operations of miners and impede the confirmation process. Although unconfirmed, it has been widely reported that two miners recently executed a successful 51% cyber attack on the Bitcoin blockchain in May 2019.

A consistently popular cyber attack vector focuses on the targeting and exploitation of the endpoint device with the objective to compromise user credentials or their private keys. Private keys, in the context of blockchain, serve as the identity and security credentials of the users of the distributed ledger supporting the ultimate anonymity of the ledger. Protecting the security of the private keys is critical for ensuring confidence in the blockchain. If a user loses its private key or it is stolen by a criminal through a cyber attack, it cannot be recovered or worse, the user’s blockchain account is at risk. It is important that the implementation of a blockchain solution maintains a rigorous infrastructure supporting the custody, protection and recoverability of its users’ private keys.

The introduction of smart contracts has also increased inherent security risks by introducing a new threat vector. Blockchain smart contracts, or applications, execute on general-purpose information technology platforms running standard hardware and operating systems. Cyber attacks are increasingly targeting the underlying infrastructure through exploitation of known security vulnerabilities. Given these applications are embedded in the blockchain, criminals can deploy contracts designed to facilitate the leakage of confidential information, steal private keys and deploy a zero-days attack. This highlights the importance for blockchain participants to practice good cyber hygiene and employ best practices, particularly related to their ability to scan for potential vulnerabilities embedded within smart contracts and maintain a process to address any material vulnerabilities when identified.

From a technology debt perspective, it is important to have a process to evaluate and optimise the design of smart contracts to protect against the accumulation of inefficiencies in the code impacting the operations of the blockchain over time. Examples of under-optimised code in smart contracts include dead code, opaque predicate and loops, which could lead to degraded execution times, bandwidth, and memory utilisation. Weaknesses in the code of the smart contracts can also make a blockchain more susceptible to Denial of Service attacks, which can reduce confidence in the blockchain. Scans of certain blockchain implementations have identified cases where over 80% of smart contracts deployed in a blockchain instance maintained evidence of these types of inefficient code. This amplifies the need to be able to scan for weaknesses in the design of smart contracts to protect against the long-term degradation of the blockchain over time.

There are a variety of use-cases that have been identified as having the potential to enhance the function of financial markets empowered by blockchain. However, this new technology also comes with new risks. As operators of the infrastructure serving as the foundation for secure markets, we must not sacrifice the operational resilience and continuity of that infrastructure in pursuit of innovation. As technology evolves it will present an opportunity to execute business faster, more securely and at lower costs, but to leverage these opportunities and not jeopardise the confidence we have been entrusted with from market participants, it is critical that one acknowledge and understand the risks and develop frameworks to mitigate those risks.