It is common to hear people talking about the safety of blockchains. Decentralization has now become the main word in the sphere. This magical word seems to beneficially permeate all kinds of blockchain projects, whether they are currencies, smart contract platforms, exchanges, wallets, or something else. We also hear about the benefits of permanent registry, transaction or contract immutability, no central points of failure, private keys backed by cryptography, and many more advantages of blockchain. These common compliments to blockchain are products of the security that underpins blockchain, but not explanations of what creates this environment of added security. In this article, we explain in simple terms what gives blockchains their great security features.
What is Blockchain?
We will start with a brief definition and explanation of the term blockchain itself. A blockchain is a chain of digital blocks that contain records. In the case of cryptocurrencies, these records are transaction data. Each block is connected to all the blocks before and after it, making it very difficult for anyone to tamper with the data. In order to alter a record or transaction, a malicious actor needs to change the block containing the information he or she wants to alter, and then needs to alter the information on all the other blocks linked in the chain in order to avoid detection. This is so computer intensive that in practical terms, and in a properly distributed network, it is practically impossible. There are two main types of consensus algorithms for blockchains that verify occurrences in a different way which we have explained in this article: Proof of Work vs Proof of Stake.
What makes a Blockchain decentralized?
A blockchain is decentralized because the participants that verify the chain’s records (called miners, in the case of Bitcoin or forgers in the case of PoS coins) are distributed across a peer-to-peer network that continually syncs and updates the recorded data. Since these verifying entities are not contained in one location, there is no central point of failure. This means that if one of the verifiers in a chain goes offline, the integrity of the system is not compromised. This also makes it very hard for a single verifier to tamper with the data registered on the chain. In a Proof of Stake blockchain, an attacker would need to control 51% of the available currency. After controlling this big share of tokens, he could, theoretically, launch an attack on the network. Still, this would not happen in practical terms. First of all, it is too expensive to control 51% of a token. Second, once the integrity of a blockchain is compromised, all the holders would drop the coin and the value would plummet, leaving the attacker with a big share of worthless coins.
Where does cryptography come into play?
Cryptography is another commonly used term in the blockchain sphere. It is even etymologically included in one of the common terms that is ascribed to most blockchain projects, the term “cryptocurrency”. Cryptography comes into play in two distinct realms. The first one is in transaction verifications. In blockchains functioning on Proof of Stake, transactions are verified by the creation of a coinstake. In this process, a cryptographic hash is calculated based on the transaction income of a given network participant. This hash is then checked against a requirement, with the difficulty being inversely proportional to the age of the coins in the staking node.
The second instance in which cryptography is used is to make transactions. The system used is called asymmetrical cryptography. This is a system that uses pairs of keys that accomplish two main functions: authentication and encryption. The pair is composed by a public key, that can be disseminated and known; and a private key, which should only be known by the owner. In order for a transaction to occur on a blockchain, the owner of a private key needs to use this key in order to create an outgoing transaction. The public key, is used to receive the incoming transaction. In order to simplify this explanation, we use Qtum as an example. If a holder of qtum wants to send some coins to someone else, he will use his private key, the one that no one else knows, to send the qtums to the receiver, who will share his public key, which determines where the qtum will be received. Private keys are mathematically related to all Qtum addresses generated for a given wallet. In order for the wallet balance to change, the correct private key needs to be input. If the private key is not correct, the transaction will not occur.
These two applications of cryptography are essential in maintaining a blockchain safe. The first application guarantees the integrity and truthfulness of the recorded data, while the second assures that only owners of a given token can make transactions. It is common to hear cases of stolen coins and hacked wallets. This is not a failure of blockchain security, since recorded transactions or private keys are never cracked; but a failure of personal security, a case in which a malicious actor steals the private key from the owner.
It is very common to hear a cascade of compliments when blockchain security becomes the topic of conversation. Blockchains are indeed quite safe, but most people only know the outcomes of this added security, like the immutability of contracts, the elimination of third parties, the creation of trustless systems, and others. In this article, we learned that blockchain security mainly derives from decentralization and cryptography. On one hand, the decentralized nature of the system eliminates single points of failure and deters network attacks by making them too costly. On the other hand, cryptography lets consensus be reached and validates the data stored on the blockchain. It also enables and secures the safe transaction of data without the necessity of third parties. I hope this article will come in hand the next time you attempt to explain why blockchains are so secure!