Ethereum private chain to public chain
blockchain includes public blockchain, joint (instry) blockchain and private blockchain. Public chain point-to-point e-cash system: bitcoin, smart contract and decentralized application platform: Ethereum
blockchain is a new application mode of distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and other computer technologies
blockchain is an important concept of bitcoin. In essence, it is a decentralized database. At the same time, as the underlying technology of bitcoin, it is a series of data blocks generated by using cryptographic methods. Each data block contains a batch of bitcoin network transaction information, Used to verify the validity of its information (anti-counterfeiting) and generate the next block
extended data
according to the different degree of blockchain network centralization, three kinds of blockchains under different application scenarios are differentiated:
1. The blockchain with the whole network open and without user authorization mechanism is called public chain
2. The authorized nodes are allowed to join the network, and the information can be viewed according to the authority. It is often used in the inter agency blockchain, which is called alliance chain or instry chain
3. All the nodes in the network are in the hands of one organization, which is called private chain
alliance chain and private chain are also called licensing chain, and public chain is called non licensing chain
blockchain features
1, decentralization. Blockchain technology does not rely on additional third-party management institutions or hardware facilities, and there is no central control. In addition to the self-contained blockchain itself, each node realizes information self verification, transmission and management through distributed accounting and storage. Decentralization is the most prominent and essential feature of blockchain
2. Openness. Blockchain technology is based on open source. In addition to the private information of all parties involved in the transaction is encrypted, the data of blockchain is open to everyone. Anyone can query blockchain data and develop related applications through the open interface, so the information of the whole system is highly transparent
3. Independence. Based on consensus specifications and Protocols (similar to various mathematical algorithms such as hash algorithm used by bitcoin), the whole blockchain system does not rely on other third parties, and all nodes can automatically and safely verify and exchange data in the system without any human intervention
4. Safety. As long as 51% of all data nodes cannot be controlled, the network data cannot be arbitrarily manipulated and modified, which makes the blockchain itself relatively safe and avoids subjective and artificial data changes
5. Anonymity. Unless there are legal requirements, technically speaking, the identity information of each block node does not need to be disclosed or verified, and the information can be transferred anonymously
Public chain, also known as "public chain", refers to the blockchain that anyone in the world can enter the system at any time to read data, send confirmatory transactions and compete for bookkeeping. The public chain is generally considered to be "completely decentralized", because no indivial or institution can control or tamper with the reading and writing of data in it. In terms of application, blockchain public chain mainly includes bitcoin, Ethereum, super ledger, most counterfeit currencies and smart contracts. The ancestor of blockchain public chain is bitcoin blockchain, which has the following characteristics:
1, open source code
upload the code to GitHub, and everyone can get complete blockchain data by downloading, Accept the test of the public
2, complete decentralization
anyone can become a node, each node is open, everyone can participate in the calculation of the blockchain, any node is not permanent, but phased, and any center is not mandatory for nodes. Anyone can read and send transactions, and transactions can be effectively confirmed on the blockchain. Anyone can participate in the consensus process. The consensus process determines whether a block can be added to the blockchain and the exact current state. Everyone can get financial reward from it, which is proportional to their contribution to the consensus process. These public chains are generally considered to be "completely decentralized"
3. Developing decentralized applications
through this public chain, developers can easily develop centralized applications. Public chain can protect the rights and interests of users from the influence of program developers
This is two different concepts. According to different standards, blockchain can be classified into three categories:
& # 8195&# 8195; 1) According to the network scope of blockchain, it can be divided into public chain, private chain and alliance chain
&# 8195; 2) According to the docking type of blockchain, it is divided into single chain, side chain and interconnection chain
&# 8195; 3) According to the display environment of blockchain deployment, it can be divided into main chain and test chain
the main chain can be understood as a formal online and independent blockchain network, while the public chain refers to a blockchain that can be read by anyone, can send transactions and can be effectively confirmed by anyone, and can participate in its consensus process
The public chain is open to all, the private chain is open to indivials who meet specific conditions, and the alliance chain is open to authorized organizations or institutions
public chain, also known as public blockchains, refers to a consensus blockchain that can be read by anyone in the world, sent by anyone, and effectively confirmed
private chain, also known as fully private blockchains, refers to the blockchain in which the write permission is completely in the hands of an organization, and all nodes participating in the blockchain will be strictly controlled
alliance chain, or alliance blockchains, refers to a blockchain that is managed by several organizations or institutions. Each organization or institution controls one or more nodes and records transaction data together. Only these organizations and institutions can read, write and send transaction data in the alliance chain
blockchain has three types: public chain, private chain and alliance chain
blockchain is a new application mode of distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and other computer technologies
blockchain is an important concept of bitcoin. It is essentially a disintermediated database. At the same time, as the underlying technology of bitcoin, it is a series of data blocks generated by using cryptographic methods. Each data block contains the information of a bitcoin network transaction, Used to verify the validity of its information (anti-counterfeiting) and generate the next block
< H2 > reference: blockchain networkprogram developers have no right to interfere with users, and each participant (i.e. node) can freely join and exit the network, and carry out relevant operations according to their wishes
private blockchain is on the contrary. The write permission of the network is fully controlled by an organization or institution, and the data read permission is regulated by the organization, either open to the outside world or with a certain degree of access restrictions
in short, it can be understood as a weakly centralized or multi centralized system. Because the participating nodes are strictly limited and few; Compared with public chain, private chain has shorter time to reach consensus, faster transaction speed, higher efficiency and lower cost
the alliance chain is a blockchain between the public chain and the private chain, which can realize "partial decentralization"
each node in the chain usually has its corresponding entity or organization; Participants join the network through authorization and form a stakeholder alliance to jointly maintain the operation of the blockchain.
① perceptual motor stage (from birth to 2 years old), in which infants only have "perceptual motor intelligence" and begin to coordinate the activities between perceptual perception and movement, without appearance and thinking; Infants began to be able to distinguish themselves and objects, and further understand the relationship between action and effect
in the pre operation stage (2-7 years old), the signal function of representation and language appears, and children can use representation and language to describe the external world, which greatly expands children's ability of intelligent activities. However, at this stage, there is no "conservation" and "reversibility", and egocentrism is more prominent< (3) at the stage of concrete operation (7-12 years old), children have concrete operation ability, and "conservation" and "reversibility" appear“ Operation is the core concept of Piaget's intelligence growth theory. The so-called operation refers to a special intelligence program that transforms information for a certain purpose, and it is reversible. But in this period, children's calculation can not leave the help of specific things or images< (4) in the stage of formal operation (12-15 years old), adolescents have the ability of formal operation, and their psychological level is close to that of alts. The so-called "formal operation" is to "liberate the form from the content". Thinking goes beyond the specific content of the perceived facts or things and develops towards the direction of things that are not directly perceived or in the future. For example, reasoning various propositions and solving problems according to hypotheses.
private chain: refers to the blockchain whose write permission is controlled by an organization and institution, and the qualification of participating nodes will be strictly limited
alliance chain: refers to a blockchain with several institutions participating in the management. Each institution runs one or more nodes. The data only allows different institutions in the system to read, write and send transactions, and record transaction data together
alliance chain is a relatively new way to apply blockchain technology to enterprises. The public chain is open to all, while the private chain usually only provides services for one enterprise. The alliance chain has more restrictions than the public chain, and usually provides services for the cooperation among multiple enterprises
the difference between alliance chain and public chain is that it requires prior permission. Therefore, not everyone with an Internet connection can access the alliance blockchain. Alliance chain can also be described as semi decentralized. The control of alliance chain is not granted to a single entity, but to multiple organizations or indivials
for alliance chain, consensus process may be different from public chain. The consensus participants of the alliance chain may be a group of pre approved nodes on the network, rather than anyone can participate in the process. Alliance chain allows more control over the network
when it comes to the advantages of alliance chain:
first of all, alliance chain is completely controlled by a specific group, but it is not monopoly. When each member agrees, this control can establish its own rules
secondly, it has greater privacy, because the information used to verify the block will not be disclosed to the public, and only alliance members can process the information. It creates greater trust and confidence for platform customers
finally, compared with the public blockchain, the alliance chain has no transaction costs and is more flexible. A large number of verifiers in public blockchain lead to the trouble of synchronization and mutual protocol. Usually this divergence will lead to bifurcation, but the alliance chain will not
alliance chain technology can be used to optimize the business process of most traditional information systems, especially for business scenarios without strong center, multi-party cooperation and controllable risk. The shared ledger mechanism of alliance chain can greatly rece the reconciliation cost, improve the efficiency of data acquisition, increase the fault tolerance, consolidate the trust foundation, and avoid malicious fraud
with the continuous development of blockchain technology, more and more institutions and enterprises begin to increase the research and application of blockchain. Compared with the public chain, the alliance chain has better landing, and has been supported by many enterprises and the government
alliance chain can be understood as a kind of distributed ledger established by internal institutions to meet the needs of specific instries. This account book is open and transparent to internal institutions. However, if there are relevant business needs and the data of this account book is modified, it is still necessary to join the smart contract
smart contract is a kind of computer protocol which aims to disseminate, verify or execute contracts in an information way. Smart contracts allow trusted transactions without a third party, which are traceable and irreversible
generally speaking, the current mainstream architecture of alliance chain intelligent contract is: system contract + business contract
system contract: the configuration is completed before the node is started. It is generally used for system management (such as bcos precompiled contract (permission management, naming management, etc.), and it is written by the project side, with high security
Business Contract: it is written according to the actual business and needs to be deployed. It is similar to the public chain smart contract. It is written by the general internal organization participants and needs to comply with certain requirements. The security is general< However, there are still security risks in the following aspects:
(1) code language security features
one is to continue to use the main stream public chain programming language and improve on it (such as: the solidness used by bcos), The other is to specify the corresponding smart contract mole (such as fabric's go / Java / node. JS) based on the general programming language. No matter what language is used to program the smart contract, there are security problems in its corresponding language and related contract standards< (2) integer overflow caused by contract execution: no matter which virtual machine is used to execute the contract, all kinds of integer types have corresponding storage width. When trying to save data beyond this range, the signed number will overflow
stack overflow: when there are too many method parameters and local variables defined and the bytes are too large, the program may have errors
denial of service attack: it mainly involves the alliance chain that consumes resources to execute the contract, and the corresponding transaction cannot be completed e to the exhaustion of resources
(3) contract security problems caused by system mechanism
here mainly refers to the alliance chain of Multi Chain Architecture:
if the generation of contract variables depends on uncertain factors (such as the time stamp of this node) or a variable that is not persistent in the ledger, the transaction verification may fail because the reading and writing sets of the variable of each node are different
global variables are not stored in the database, but in a single node. Therefore, if this kind of node fails or restarts, it may cause the global variable value to be no longer consistent with other nodes, and affect node transactions. Therefore, data read, written or returned from the database should not depend on global state variables
when calling the contract of the external chain in the multi chain structure, only the return result of the called chain code function may be obtained, and no transaction will be submitted in any form in the external channel
when a contract accesses external resources, it may expose unexpected security risks of the contract and affect the chain code business logic
(4) business security issues
the smart contract of alliance chain is to complete a business requirement and execute a business, so there may still be security risks in business logic and business implementation, such as function permission mismatch, unreasonable input parameters, and improper exception handling
our suggestions on alliance chain security are as follows:
(1) simplify the design of smart contract to achieve the balance between function and security
(2) strictly implement smart contract code audit (self-evaluation / project team review / tripartite audit)
(3) strengthen the security training for smart contract developers
(4) implement the application of blockchain, It needs to be promoted step by step, from simple to complex. In this process, we should constantly comb the contract and platform related functions / security attributes
(5) consider the idea of devsecops (development + Security + operations)
chain platform security includes: transaction security, consensus security, account security, compliance, RPC security, endpoint security, P2P security, etc
hackers attack alliance chain by means of internal threats, DNS attacks, MSP attacks, 51% attacks, etc
take MSP attack as an example: MSP is the abbreviation of membership service provider in fabric alliance chain. It is a component that provides an abstract member operation framework. MSP abstracts all cryptographic mechanisms and protocols behind the issuance and verification of certificates and user authentication. An MSP can define its own identity, as well as identity management (authentication) and authentication (generation and verification of signatures) rules< Generally speaking, attacks against MSP may exist in the following aspects:
(1) internal threats: a) the current version of MSP allows single certificate control, that is, if an insider holds a certificate that can manage MSP, he can configure the fabric network, such as adding or revoking access rights, Adding identity to CRL (essentially blacklisted identity), too centralized management may lead to security risks. b) If there are sensors and other Internet of things devices connected to the alliance chain, it may spread false information to the chain, and because the sensor itself may not support perfect security protection, it may lead to further attacks
(2) private key leakage, the certificate file of node or sensor is generally stored locally, which may lead to private key leakage, and then lead to witch attack, man in the cloud attack, etc.
(3) DNS attack: when creating a new participant's identity and adding it to MSP, DNS attack may occur in any case. The process of creating certificates to blockchain members may be attacked in many places, such as man in the middle attack, cache poisoning, DDoS. An attacker can convert a simple DNS query into a larger payload, causing DDoS attacks. Similar to Ca attacks, this attack results in certificate tampering and / or theft, such as the permissions and access rights that some blockchain members will have. Sensor networks are particularly vulnerable to DDoS attacks. Smart city is not only faced with the weakness of sensor networks against DDoS attacks, but also the challenge of blockchain system< (4) Ca attack: digital certificate and identity are very important to the operation of MSP. Hyperledger fabric allows users to choose how to run a certification authority and generate encrypted materials. Options include fabric Ca, process built by hyperledger fabric, cryptogen contributors, and own / third party ca. The implementation of these CAS has its own defects. Cryptogen generates all the private keys in a centralized location, which are then fully and securely copied by the user to the appropriate host and container. This facilitates private key disclosure attacks by providing all private keys in one place. In addition to the weakness of the implementation, the whole MSP and the membership of the blockchain run on the Ca, and have the ability to trust that the certificate is valid, and the certificate owner is what they call the identity. If the attack on well-known third-party CA is executed successfully, the security of MSP may be damaged, resulting in forged identity. Another weakness of Ca in hyperledger fabric is how they are implemented in MSP. MSP needs at least one root Ca, and can support as root Ca and intermediate CA as needed. If the root CA certificate is attacked, all certificates issued by the root certificate will be affected
Cheng chain security has launched the alliance chain security solution. With the development of alliance chain ecology, in 2020, Cheng chain security has cooperated with multi provincial network information office to conct multi-level security audit on the alliance chain system of local government, enterprises and institutions from the bottom of the chain to the application layer, and found the loopholes and weaknesses of the alliance chain system with multiple scenarios, multiple applications and multiple forms and its supporting systems
in addition, Cheng Lianan has cooperated with ant blockchain to join the open alliance chain as the first batch of nodes selected by ant blockchain. We will give full play to security technology, service and market