Blockchain isn’t as decentralized as you think: Defense agency report

Published at: June 22, 2022

Distributed ledger technology (DLT) and blockchains including Bitcoin and Ethereum may be more vulnerable to centralization risks than initially thought, according to Trail of Bits. 

The security firm on Tuesday released its report titled “Are Blockchains Decentralized?” which was commissioned by the United States government’s Defense Advanced Research Projects Agency (DARPA).

The report aims to investigate whether blockchains like Bitcoin and Ethereum are truly decentralized, though the report appeared to focus largely on Bitcoin.

Among its key findings, the security firm found that outdated Bitcoin nodes, unencrypted blockchain mining pools and a majority of unencrypted Bitcoin network traffic traversing over only a limited number of ISPs could leave room for various actors to garner excessive and centralized control over the network.

Bitcoin nodes

The report stated that a subnetwork of Bitcoin nodes is largely responsible for reaching consensus and communicating with miners and that a “vast majority of nodes do not meaningfully contribute to the health of the network.”

It also found that 21% of Bitcoin nodes are running an older version of the Bitcoin Core client, which is known to have vulnerability concerns such as consensus errors. It states that “it is vital that all DLT nodes operate on the same latest version of software, otherwise, consensus errors can occur and lead to a blockchain fork.”

A Bitcoin node is any computer that stores and verifies blocks in the blockchain. Nodes are used to monitor the health and security of the Bitcoin blockchain and validate the accuracy of transactions. The current version all nodes should run is Bitcoin Core 22.0.

Another takeaway from the report found that Bitcoin’s mining pool protocol Stratum is unencrypted and essentially unauthenticated.

This means that malicious attacks can be made to “estimate the hashrate and payouts of a miner in the pool” and “manipulate Stratum messages to steal CPU cycles and payouts from mining pool participants.”

Funneling through ISPs

The authors also found vulnerabilities in the infrastructure, based on the fact that Bitcoin protocol traffic is unencrypted and 60% of the network traffic traverses only three ISPs.

This is a problem because “ISPs and hosting providers have the ability to arbitrarily degrade or deny service to any node.”

Twenty-six pages of detailed information, data and infographics are contained within the report. DARPA started in 1958 and is responsible for the development of emerging technologies for use by the agency of the United States Department of Defense and the U.S. military. Trail of Bits is a cybersecurity research and consulting firm that was engaged by DARPA to develop the report.

Related: Centralized vs. decentralized digital networks: Key differences

The report comes at interesting timing, after centralization concerns were highlighted on Solana.

On Sunday, Solana-based decentralized finance (DeFi) lending protocol Solend put together a spur-of-the-moment governance proposal aimed at taking over a whale’s wallet that was facing liquidation which was threatening to put a strain on Solend and its users.

The proposal, which was passed by one whale, saw immediate kickback from Twitter and the creation of another governance vote to invalidate the previously approved proposal. Observers argued that the move could cause damage to the overall image of DeFi as taking control of one of Solend’s wallets means the fundamental principles of DeFi fall into question and reversing a vote wasnt much better.

Tags
Related Posts
How the NFT market leveraged blockchain tech for explosive growth
It’s fun to talk about nonfungible tokens, or NFTs, because they are the perfect example of how the impact of blockchain technology in people’s lives goes way beyond the financial market. As we could see in hundreds of headlines in the past few months, they have gripped the world’s attention because they are a new manner of interacting with culture, music, sports and the media. This article will clarify what NFTs are, how they work, how the NFT boom started, and why blockchain technology has made it possible for NFTs to create a new economy. Related: A cure for copyright …
Music / June 13, 2021
Cointelegraph announces the Top 100 Notable People in Blockchain 2021
Let’s get one thing out of the way: You will not agree with every selection on the Cointelegraph list of the Top 100 Notable People in Blockchain. In fact, you will almost certainly disagree, vehemently, with many of the people we’ve included on this year’s list. You will rage at the inclusion of [insert comedy villain here] and the exclusion of, say, Charles Hoskinson. Particularly if you are indeed Charles Hoskinson. You will seethe at the fact that Arthur Hayes is nowhere to be found. (We looked.) You'll eat your own... words because you once tweeted that John McAfee was …
Decentralization / Feb. 1, 2021
Crypto Market Trading — Inside Look From Those Earning a Living Off It
Since Bitcoin (BTC) came into the world back in 2009, the digital asset industry as a whole has grown quite exponentially — with the market reaching its apex on the break of 2017-2018. Additionally, in the midst of all this, there has been a rise in the crypto trading sector, with the total capitalization of this domain currently pegged around the $277.90 billion mark. In its most basic sense, cryptocurrency trading can be compared to forex trading because it allows enthusiasts to purchase digital assets using fiat currencies. Not only that, investors can also choose to make use of a …
Decentralization / July 29, 2019
Web3 developer growth hits an all-time high as ecosystem matures
“Web3” may be one of the biggest buzzwords of 2022, but the idea of creating an entirely decentralized platform to host decentralized applications has long been a vision of the crypto community. While it’s notable that some blockchain companies began building out Web3 applications four or five years ago, the Web3 space has only started gaining traction recently. The recent growth of Web3 was highlighted in a new report from Electric Capital, a venture capital firm that has been investing in Web3 companies since 2018. The “Electric Capital 2021 Developer Report” analyzed data from nearly 500,000 code repositories and 160 …
Decentralization / Feb. 3, 2022
DeFi transforming lending routes on the blockchain
The world of decentralized finance (DeFi) is gradually expanding to encompass a significant share of the global financial lending space by virtue of the inherently trustless manner of operation and the ease of accessing capital. As the crypto ecosystem has grown to a $2-trillion industry by market capitalization, new products and offerings have emerged thanks to burgeoning innovation in blockchain technology. Lending and borrowing have become an integral part of the crypto ecosystem, especially with the emergence of DeFi. Lending and borrowing are one of the core offerings of the traditional financial system, and most people are familiar with the …
Decentralization / May 14, 2022