Common solutions to blockchain performance include
technology listing can be realized as long as the regulatory agencies, financial institutions and users are moved to the chain, all transactions are on the chain, and certain management and view permissions are set, which can not only ensure data security, but also use the non tampering and traceable performance of blockchain technology to complete regulatory operations, so that the whole chain circle can develop healthily. It's always manipulated by people, where are the funds coming in? If we don't supervise it well, the market opportunities will be depressed.
One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development
the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with The third is to use cold wallet The fourth is to back up the private keyblockchain is a new application mode of distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and other computer technologies
the so-called consensus mechanism is a mathematical algorithm to establish trust and obtain interests between different nodes in the blockchain system
in a narrow sense, blockchain is a kind of chain data structure that combines data blocks in chronological order in a sequential way, and it can not be tampered with and forged by cryptography
broadly speaking, blockchain technology is a new distributed infrastructure and computing method, which uses blockchain data structure to verify and store data, uses distributed node consensus algorithm to generate and update data, uses cryptography to ensure the security of data transmission and access, and uses intelligent contract composed of automated script code to program and operate data< Advantages:
1) the algorithm is simple and easy to implement
2) there is no need to exchange additional information between nodes to reach a consensus
3) it takes a lot of cost to destroy the system< Disadvantages:
1) waste of energy
2) it is difficult to shorten the block confirmation time
3) the new blockchain must find a different hash algorithm, otherwise it will face bitcoin attack
4) it is easy to generate bifurcation and needs to wait for multiple confirmations
5) there is no finality, and checkpoint mechanism is needed to make up for it.
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can only attack successfully when they hold more than 51% of the token, which is more difficult than 51% of the computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring great losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contracts, and the other is to follow the principles of smart contract security development
the security development principles of smart contract are: be prepared for possible errors to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
the second is to verify the hash value before software installation to ensure that the digital wallet software has not been tampered with
the third is to use cold wallets
the fourth is to back up the private key.
digital currency also makes use of this feature of blockchain. Puyin is a kind of tea standard digital currency developed based on blockchain technology.
Pyramid selling is harmful to family, society, indivial mind and social stability
Deng Wanhong, deputy director of Shenyang Public Security Bureau, said on the 18th that Shenyang police have successfully cracked a major pyramid selling case involving 25 provinces, autonomous regions and cities through continuous efforts. Up to now, the police suspect 24 suspects in criminal detention, and seized 364 million yuan in cash. On September 15 this year, a clue to the implementation of illegal pyramid selling activities entered the sight of Shenyang police. According to the preliminary investigation of Shenyang Public Security Bureau, the gang involved a large number of people. In September and October this year alone, it developed nearly 100000 people, involving 25 provinces, autonomous regions and cities such as Liaoning, Beijing and Tianjin. According to the preliminary statistics, the amount involved in the case reached 600 million yuan. The gang is eligible for membership by paying a membership fee of 3900 yuan per person. At that time, it will get an annual income of no less than 150000 yuan. At the same time, each member of the development of a new member, you can get a bonus of several hundred yuan In short, the existence of MLM organizations not only threatens families and indivials, but also affects social stabilitynowadays, blockchain has become an area of public concern, and many enterprises have already studied the implementation of this technology. However, there are still a large number of people who are not familiar with the relevant concepts of blockchain technology. Recently, Viking Research Institute and think tank a jointly proced the blockchain instry dictionary. Bianews, as a media partner, has been authorized to popularize the knowledge of blockchain every day
today, bianews will bring you a little knowledge of blockchain. (2) the characteristics of blockchain
1. Anonymity / anonymousness because the data exchange between the nodes of the blockchain follows a fixed and predictable algorithm, the blockchain network does not need to be trusted and can exchange data based on address rather than personal identity
2. Autonomous / autonomous blockchain adopts consensus based mechanism, which enables all nodes in the whole system to exchange data, record data and update data freely and safely in a de trusted environment, without any human intervention
3. The open / openness blockchain system is open, and any node can have the total account book of the whole network. Except that the private information of the parties directly related to the data is encrypted by asymmetric encryption technology, the data of the blockchain is open to all nodes, so the information of the whole system is highly transparent
4. The digital nature of programmable / programmable distributed ledger means that blockchain transactions can be associated with computing logic and are programmable in nature. Therefore, users can set algorithms and rules to automatically trigger transactions between nodes
5. The traceability / Traceability blockchain stores all the historical data after the genesis block through the block data structure, and any data on the blockchain can be traced back to its origin through the chain structure
6. Tamper proof / after the information of tamper proof blockchain is added to the blockchain through consensus, it is jointly recorded by all nodes, and the mutual correlation is ensured through cryptography, so the difficulty and cost of tampering is very high
7. The collective maintenance / collectively maintain blockchain system is jointly maintained by all the nodes with maintenance function. All nodes can query blockchain data and develop related applications through open interfaces
8. No license / permissionless no license means that all nodes can request to add any transaction to the blockchain, but only if all users think it is legal.
openness mainly refers to that the stored information in the blockchain is completely open to all participants. This is mainly determined by the point-to-point network storage mode of the blockchain. In the blockchain network, each node can store a of the blockchain, and the uniqueness of the blockchain can ensure that the is exactly the same between different nodes
security mainly refers to that the information stored in the blockchain block is saved after being processed by digital encryption technology, and only the private key holder can decrypt the information to obtain the real information. Other members can only see and verify the integrity and uniqueness of information, but cannot see the real information
uniqueness is mainly e to the fact that the information on the blockchain cannot be tampered with once it is on the chain, so it is unique. Of course, the uniqueness here also includes the uniqueness in space, that is, all nodes have only one version of information, and also includes the uniqueness in time, that is, the historical data cannot be changed. This uniqueness also means that the blockchain maintains the characteristics of a unique main chain in the process of operation, and once other chains appear, it is a bifurcation. The emergence of bifurcation will lead to the plication of blockchain in two different spatial dimensions. Of course, to solve this problem, we need to set reasonable consensus rules to avoid. When the concept of blockchain was hot, many related top domain names were registered and used as blockchain platforms.