A Survey on the Security of Blockchain Systems

Xiaoqi Li,Peng Jiang,Ting Chen,Xiapu Luo,Qiaoyan Wen
DOI: https://doi.org/10.48550/arXiv.1802.06993
2020-11-05
Abstract:Since its inception, the blockchain technology has shown promising application prospects. From the initial cryptocurrency to the current smart contract, blockchain has been applied to many fields. Although there are some studies on the security and privacy issues of blockchain, there lacks a systematic examination on the security of blockchain systems. In this paper, we conduct a systematic study on the security threats to blockchain and survey the corresponding real attacks by examining popular blockchain systems. We also review the security enhancement solutions for blockchain, which could be used in the development of various blockchain systems, and suggest some future directions to stir research efforts into this area.
Cryptography and Security
What problem does this paper attempt to address?
The problem this paper attempts to address is the security issue of blockchain systems. Specifically, although blockchain technology has shown broad application prospects in multiple fields since its inception, research on its security and privacy issues is relatively insufficient, lacking systematic examination. This paper aims to systematically study the security threats of blockchain and evaluate these threats by analyzing actual attack cases in popular blockchain systems. Additionally, the paper reviews solutions to enhance blockchain security and proposes some future research directions. ### Main Contributions of the Paper: 1. **For the first time, systematically examined the security risks faced by popular blockchain systems**. 2. **Investigated actual attacks in popular blockchain systems from 2009 to May 2017 and analyzed the vulnerabilities exploited in these attacks**. 3. **Summarized practical academic achievements in improving blockchain security and suggested future research directions**. ### Structure of the Paper: - **Section 2**: Introduces the main components of blockchain technology, including consensus mechanisms, node synchronization processes, and the development stages of blockchain. - **Section 3**: Systematically examines the security risks faced by blockchain. - **Section 4**: Investigates actual blockchain attack cases. - **Section 5**: Summarizes methods to improve blockchain security. - **Section 6**: Proposes future research directions. - **Section 7**: Conclusion. ### Main Technologies and Development Stages: - **Blockchain 1.0**: Mainly applied to cryptocurrencies, such as Bitcoin. - **Blockchain 2.0**: Introduces smart contracts, allowing developers to create various decentralized applications (dAPP). ### Classification of Security Risks: - **Common Risks** (applicable to Blockchain 1.0 and 2.0): - 51% Attack: Vulnerability in the consensus mechanism that may allow a single miner to control the entire blockchain. - Private Key Security: Improper generation and management of private keys may be exploited by attackers. - Criminal Activities: Anonymity leads to Bitcoin being used for illegal activities, such as ransomware, underground market transactions, and money laundering. - Double Spending: Attackers exploit time differences to perform double spending attacks. - Transaction Privacy Leakage: Despite protective measures, the privacy of user transactions may still be leaked. - **Specific Risks** (only applicable to Blockchain 2.0): - Criminal Smart Contracts: Criminals use smart contracts for malicious activities, such as password theft. - Smart Contract Vulnerabilities: Programming errors may lead to security vulnerabilities in smart contracts. ### Summary: By systematically studying the security threats of blockchain systems, this paper not only reveals the current security issues but also provides directions for future security research. This is of great significance for promoting the healthy development of blockchain technology.