Page 72 - FIGI: Security Aspects of Distributed Ledger Technologies
P. 72
209 In essence, the third party’s transaction is included in a longer or more trusted chain and the recipient’s transaction may
return to a transaction pool to be deemed invalid as another transaction using the same currency – transferred to the
third party – has already occurred and is finalized.
210 An unconfirmed transaction is a transaction that has been submitted to the network but has not yet been placed in a
block which has been confirmed by the network and added to the blockchain.
211 Unlike other attacks, this would still be possible even when all nodes maintain communication with honest peers.
212 Culubas (2011) Timejacking & Bitcoin, available at http:// bit .ly/ 30G4DmI
213 On the other hand, concentration of use in just one blockchain type could also possibly trigger competition-related
issues.
214 Upgrading of a blockchain may require multiple consensus steps. For example, to upgrade the blockchain which Bitcoin
uses requires a Bitcoin Improvement Proposal (BIP) design document for introducing new features since Bitcoin has no
formal structure. See Anceaume, E et al. (2016) Safety Analysis of Bitcoin Improvement Proposals, available at https://
goo .gl/ MO3JBb.
215 Blockchain interoperability would for example involve be sending Ether crypto-currency and receiving Bitcoin
‘naturally’ through blockchain protocols, but without a third party such as an exchange being required.
216 For example, the Cosmos Network, POS-based network that primarily aims to facilitate blockchain interoperability as
the ‘Internet of Blockchains’ as well as the Polkadot Network. The protocols allow for the creation of new blockchains
that are able to send transactions and messages between each other. See Fardi, O (2019) How Proof Of Stake (POS)
Algorithms 'Create Decentralized & Open Networks,' available at http:// bit .ly/ 2Sn7a26; and Kajpust, D (2018) Blockchain
Interoperability: Cosmos vs. Polkadot, available at http:// bit .ly/ 2XZH5r8
217 ArborSert (2015) ASERT Threat Intelligence Report 2015-04
218 Vasek M; Thornton M; Moore T (2014) Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem, available
at http:// bit .ly/ 2XXMpez
219 Moore, V (2015) There’s No Free Lunch, Even Using Bitcoin: Tracking the Popularity and Profits of Virtual Currency
Scams, available at http:// bit .ly/ 2LVKBAi
220 HKMA (2017) Whitepaper 2.0 on Distributed Ledger Technology; ‘…there is a greater incentive to attack a larger
mining pool than a smaller one... because a larger mining pool has a smaller relative competitor base, and eliminating
a competitor from a small base yields more benefit than eliminating one from a larger base.’ Johnson, B; Laszka, A;
Vasek, M et al. (2014) Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools, available at http:// bit
.ly/ 2YdmaF6; Vasek M; Thornton M; Moore T (2014) Empirical Analysis of Denial-of-Service Attacks in the Bitcoin
Ecosystem, available at http:// bit .ly/ 2XXMpez
221 In 2015, five mining pools - AntPool, BW.com, NiceHash, CKPool and GHash.io - were struck by a DDOS attack which
shut down mining activity by these pools for several hours. The attacker demanded a ransom payment of 5-10 BTC to
cease the attack. Higgins, S (2015) Bitcoin Mining Pools Targeted in Wave of DDOS Attacks, available at http:// bit .ly/
32zxc75
222 See Zetzsche, D; Buckley, R & Arner, D (2018) The Distributed Liability of Distributed Ledgers: Legal Risks of Blockchain,
available at http:// bit .ly/ 30OikAb
223 ProofofResearch (2018) Bitcoin Denial of Service Vulnerability Found in the Code, available at http:// bit .ly/ 2JFyXrS
224 ‘Bitcoin was one of the most targeted industries.’ http:// bit .ly/ 2XQdZz5
225 Cloudfare (2019) Bitfly Uses Cloudflare Spectrum to Protect TCP Traffic from DDoS Attacks, available at http:// bit .ly/
2SnGZII
226 Similarly, the creation and invocation of so-called ‘banlists’ where groups of people decide which nodes to prohibit
from accessing a particular blockchain is a percolating issue in public DLs, with no resolution as yet visible. So-called
‘watchtowers’ operating over the ‘Layer 2’ Lightning network can also identify ostensibly malicious actors who may
then be blocked. Watchtowers are third-parties that monitor the Bitcoin blockchain 24/7 on behalf of their clients.
They identify and penalize malicious actors for cheating other users within channels and evaluate whether or not a
participant in a Lightning channel has improperly broadcast a prior channel state, which could be used to reclaim funds
after closing the channel with an invalid state. Curran, B (2019) What Are Watchtowers in Bitcoin’s Lightning Network?,
available at http:// bit .ly/ 2WKPxht
227 Dewey, J ed. (2019) Blockchain Laws and Regulations | Laws and Regulations, available at http:// bit .ly/ 2wCOstg
228 The Governing Council for the Hedera DLT for example consists of up to 39 organizations and enterprises, reflecting
up to 18 unique industries globally. Council members are responsible for governing software changes. See https:// www
.hedera .com/ council
70 Security Aspects of Distributed Ledger Technologies