Beyond the fashion phenomenon, what can a blockchain really be useful for and what are the best security practices to adopt when developing blockchain applications?
A blockchain is a global and distributed registry, fully replicated on each node of the network that composes it. In this way, a blockchain has no single point of failure. Moreover, exchanges of information (transactions) take place between these nodes, exchanges which are authenticated and irreversible. A blockchain is generally sufficiently generic to be used in multiple uses depending on the business context.
1.1 – Main features
A blockchain has the following main interests:
Scalability: A blockchain is very easily expandable, a node that connects to any other node automatically extends the blockchain, with no necessary configuration changes
Resilience: It is very difficult to prevent the whole network from functioning, whatever the type of attacks envisaged
Integrity and authenticity of the data: the transactions are all signed, and the entries of the distributed register are not modifiable
Decentralization: no network node is central or differentiated from the others, the network has no single point of failure
Fast and flexible transactions compared to traditional banking networks: transactions are verified and confirmed in very short times (from a few tens of seconds to a few minutes).
Otherwise, a fundamentally interesting point of blockchain is the possibility for some of them to execute smart contracts, autonomous programs deployed at a specific time, which will automatically run in a decentralized manner when certain conditions are met. A smart contract deployed by its author is not modifiable, even by this one, and its execution is not falsifiable because all the nodes of the network will execute it to fall on a consensus. Even if some nodes are corrupted, the smart contract will run normally, whatever happens, as long as half of the network is healthy.
There are hundreds of different blockchains and electronic currencies (see, for example, https://coinmarketcap.com/). Many are unhelpful because they are only copies of others with a change. But some of them have a particular interest because of their way of working, for example: Bitcoin (well-known and widely spread), Ethereum, Zcash (for anonymous money transfers), Ripple (for multi-currency applications), Lisk (for 100% decentralized web applications), Tezos (for its integrated governance model), Iota (for IoT) or Byteball…
1.2 – A promising blockchain: Ethereum
Among the many blockchains created for the last 5 years, one stands out quite clearly. Released in July 2015, Ethereum has many interests: very powerful smarts contract, a very short transaction validation time (15 seconds), rich documentation and excellent support from the community and even from a few professionals. Finally, most of the existing smart contracts are developed for Ethereum, and many have been used to raise collaborative funds of tens of millions of euros. A public directory of Ethereum applications, “State of the dApps,” is available at http://dapps.ethercasts.com/. Today, the capitalization invested in Ethereum represents $ 9 billion, or one-third of that invested in Bitcoin.
- Use cases
However, many cases do not justify the use of a blockchain. On a blockchain, on the one hand transactions are very limited in size and number (Bitcoin is limited to about 5 transactions per second, and Ethereum to about ten), on the other hand a blockchain is rather expensive energetically speaking compared to a conventional computer redundancy. A blockchain is especially useful in the presence of several independent actors who do not trust each other a priori, and if they can benefit from it (a financial incentive, or at least a saving of money or time).
Use cases are notarial services, electronic voting (with some adjustments for scalability reasons), retention of evidence, collection or raising of funds, or conditional execution of transactions (sequestration, pledge, bets …). Several companies already provide a real commercial service to their customers, for example the French start-up Woleet (https://woleet.io), which offers an electronic notary service, a data anchoring and a standardized proof of prior art on the Bitcoin blockchain.
Given the wide range of these uses, two main sectors have a lot to gain: banking and insurance. According to an EFMA and Deloitte 2016 survey, the “fintechs” explore the uses of blockchain for two main reasons: to create new business models for 37% of them, and to increase efficiency by reducing costs for 20% of them. Moreover, several German banks like Fidor are experimenting with the Ripple blockchain for cross-border transactions. BNP Paribas carries out numerous experiments which are often relayed on social media, while the Caisse des Dépots and the Banque de France participate jointly in several experiments.
Previously, one of the main obstacles for banks was that for the creation of a new electronic asset (or financial product), it was necessary to create the associated blockchain. Today, between the creation of private auxiliary blockchains (also known as side chains), and especially the emergence of standards for the issuance of generic electronic tokens, such as the ERP20 standard on Ethereum (https: // Github.com/ethereum/EIPs/issues/20), already widely successfully used especially for many fundraisers, things are more simple. The existence of standards of electronic tokens is very promising and allows to consider multiple applications in the near future: local currencies, loyalty points in retail, purchase vouchers & coupons, etc.
For insurance, Blockchain allows to automate and rationalize the relationship with the insured: automatic computation of risks by oracles and smart contracts, unique loss declaration, automatic payment of premiums, easy payment of compensations. The company Etherisc specializes itself in the creation of individual insurance policies on the Blockchain Ethereum with “Flight Delays Suck! (https://fdd.etherisc.com), a completely customizable insurance covering aircraft delays, which can be subscribed a few minutes before departure and whose risk calculation is completely transparent to the user. In the same spirit, “Jamii Crop Insurance” (https://crop.etherisc.com) is an insurance which cover crops against the risks of drought or floods. Axa Strategic Ventures is considering the development of side-chains for interoperability between blockchains and the processing of massive transactions, while Allianz Risk Transfer AG implements blockchains to facilitate the negotiation of obligations related to natural disasters.
The need of security when using digital technologies manipulating funds or electronic evidence is obvious. The “DAO” case, which took place in early 2016, was a recent reminder of that. “The DAO” was a crowdfunding smart contract, especially for the company Slock.it which designs connected locks. Because of the innovative aspect of this Ethereum smart contract, the success was immediate, and more than 150 million euros were collected for an initial project that required only a few hundred thousand euros! Unfortunately, in June 2016 an implementation vulnerability of the smart contract “The DAO” is exploited and a recursive call is used to siphon one third of the collected funds. An intervention by the developers has allowed in-extremis to patch the breach, at the cost of great questions about the governance of a blockchain: who should be able to intervene?
Let’s see now what can be recommended to improve smart contracts security of. A first significant criterion is the development language of smart contracts. There are two families:
Imperative languages: widespread and simple to write, it is very difficult to evaluate their security when programs become medium-sized.
Functional languages: much less common and known to developers, usually more complex to write, but they have the great interest of being easy to verify almost automatically from a security point of view, thanks to formal proofs.
Otherwise, the keywords are the simplicity, the modularity and the code reuse. Ethereum’s Solidity programming language, while complex, allows the use of classes and objects, which facilitates reusability. Other good practices inherited from traditional development engineering are the writing of unit tests and integration tests. It is also advisable to adopt the complete separation of conditions and actions in the code, also called “Condition-Oriented Programming”.
Other good technical practices are:
The implementation of a “killswitch” in smart contracts, which is an emergency function to block the contract, freeze funds and make manual withdrawals in case of malfunctions or vulnerabilities exploitation in the contract.
Writing of conditions for input and output of functions (pre and post-conditions), checking the expected conformity of the processed and returned data.
Attempts to produce formal proofs, even partial ones, which are easier to achieve with functional languages.
The use of dedicated test environments (frameworks or testblocks), as well as “mocks”, test classes to develop scenarios to be tested.
Finally, what is unique is the various economic incentives are fundamental to contribute to the security of a smart contract: limit of amounts treated, bug bounties programs (see the European leader https://bountyfactory.io), or predictive markets such as Augur (https://augur.net/) and Gnosis (https://gnosis.pm) help to anticipate potential security issues. These very specific practices are beginning to become widespread.
It should be noted that all these good practices take little account of the economic aspects and it is possible that the attacker uses tortuous or counterintuitive approaches if it is profitable for him. The security of blockchain and smart contracts is therefore a vast field requiring diverse expertise (architecture, algorithmy, cryptography, secure development), and that is why Digital Security is at your disposal to assist you in your design and development projects, blockchain implementation, technical and legal risk assessment, and audits of cryptographic primitives in general.