Data integrity using blockchains

Blockchains thus facilitate ‘decentralised consensus’ by being a distributed ‘open-platform’ ledger (database) that retains a (developing) list of records, while at the same time precluding revisions of such records after the fact. Blockchains provide data integrity across multiple parties by providing all users in the ecosystem with proof of disintermediated trust; traditionally, this assurance of integrity had to be accomplished by an independent trusted third party. The blockchain provides openness, incorruptibility, accessibility, and the ability to store and transfer data in a secure manner by design; it offers a mechanism for entities that do not know or trust each other to generate a generic shared record or a shared record of asset ownership. The information held on a blockchain is a shared database that is consistently and automatically reconciled; the database is not stored in any discrete or single host or computer but instead the data is stored as groupings (blocks) of information that are identical in all nodes in the P2P network; therefore, the blockchain cannot in principle be deleted, altered, or controlled by any individual node. Blockchains can be public, private, or consortium: Public blockchains have ledgers visible to everyone on the network and anyone can verify and add a block of transactions to the block- chain (e.g., a cryptocurrency); private blockchains only allow specific nodes in the private organisation to verify and add a transaction block, however, everyone on the network can typically view the chain; in consortium block- chains, only a set of organisation (such as financial institutions) can verify and add transactions, however the ledger can be visible to all or can be restricted to a specified community [87,88].

Thus, nodes can create new blocks of transactions containing various types of data (to be protected); they can validate and digitally sign the transaction; and they can undertake ‘mining’ to achieve consensus using the consensus protocol (other ancillary functions can also be supported by the nodes). Any node can typically generate a transaction and broadcast it to all nodes in the P2P network. The network nodes validate the transaction using a consensus algorithm that employs the extant transactions. After the transaction is verified, the transaction and the related metadata is combined with other transactions to generate a new block which is added to the existing blockchain. When a transaction is generated by a node it is placed into a local pool of unconfirmed transactions. Miners in the network gather and select transactions from said pools to form a block of transactions. These other miners endeavour to verify the transaction, and if they can individually validate it, the block is added to their copy blockchain (the miners reach consensus). To add this transaction to the blockchain, miners need to find a solution to a complex computationally intensive mathematical problem by executing the PoW algorithm. When a miner finds a solution, the solution is broadcasted (along with their block) to the other miners on the network; the other miners are able to verify it, if all transactions inside the block are valid, consistent with the existing record of transactions on the blockchain [76]. Figure 2.8 summarises the key high-level activities of miners. The number of transactions in a block correlates with

Figure 2.8 High-level activities of miners.

the computational effort required to run the consensus protocol; in turn, this computational effort has a direct impact on confirmation time - transaction validity or lack thereof. It follows that the consensus protocol has a major impact on the scalability of the blockchain-based environment.

If implemented correctly, this blockchain arrangement can make it expensive and computationally difficult to add fraudulent transactions, but at the same time makes it relatively easy to verify that a given transaction is valid. Because blockchains are in principle resistant to modification of the underlying data, they are being considered to support registers of transactions covering anything of value; the information in the blockchain can represent a broad variety of facts, documents, financial transactions, agreements, contracts, signatures, textual elements, or simply data packets [50-52,89-91]. In fact, a number of financial firms, stock exchanges, and even some central banks are planning to use blockchains as part of their operations. The original application of blockchains was for the Bitcoin cryptocurrency; there are now in excess of 1,000 cryptocurrencies in the market.

In summary, the integrity of the information contained in blockchain is protected by the consensus mechanism, and the longest branch of blocks is the one that is considered to be the valid one. The PoW is designed in such a manner that it is computationally complex (pricey) for a nefarious agent to modify a block: Other P2P miners are in the position to invalidate the nefarious agent because the trusted collection of blocks acts to discredit the block that might be generated by a nefarious agent; for a compromised block to be successfully added to the chain, it would require the nefarious agent to solve the PoW faster than the rest of the nodes in the P2P network, but this is computationally challenging, requiring to have control of at least 51% of the computing resources in the P2P network.

Possible weaknesses of blockchains

Although blockchains are generally considered ‘unhackable’, there are subtle weaknesses, although vulnerabilities may relate more to the implementation than the intrinsic blockchain concept itself. The more complex a blockchain system is, the higher the chance the practitioner implementing the system will invariably make some mistake while setting it up. To give an example, while it may be very difficult to decrypt a stream, it may be possible, instead, to place a trojan or malware in the device undertaking the encryption and thus expose the key or the algorithm being used. Specifically, ‘subtle cryptographic flaws’ unwittingly built into a cryptocurrency protocol have been documented; leaky or ill-designed client (node) software is also a potential risk.

Many commercial blockchain implementations use a PoW process as the canonical protocol for verifying transactions. As noted previously, the protocol is formulated on the concept that the majority (e.g., 51% or some higher threshold) of the participants (miners) on the network decide which version of the blockchain represents the authoritative chain (database). Nodes need to invest large amounts of computing power to demonstrate they are trustworthy peers are able to add information about new transactions to the database. However, a miner who might surreptitiously gain control of a large amount, specifically a majority of the network’s PoW power, can confabulate and defraud other nodes by manufacturing an alternative version, called a ‘fork’, of the blockchain. A nefarious agent that is able to control the majority of the mining power can institute the fork as being the authoritative version of the blockchain in question. This is known as the ‘51% attack’; these have appeared recently in the context of cryptocurrencies because by performing a 51% attack on the cryptocurrency blockchain, one can reverse a cryptocurrency transfer, and double-spend the currency. These recent attacks have targeted cryptocurrencies because of the financial gains to the perpetrator - reportedly, hackers have already stolen about $2 В (less so for other applications as of yet); however, the expectation is that 51% attacks will grow in frequency and severity in the future [43]. ASIC mining is another threat; it enables mining companies to enhance the raw power of the mining hardware, greatly enhancing its computing power. Smart contracts based on blockchains are being created in various industries [92]; these contracts automate the movement, execution, and filing of financial- oriented activities (transfers, sales, leases, and so on) and other activities (e.g., voting, online gambling), consistent with defined rules and conditions. Unfortunately, there have been documented infractions based on flaws in the software, giving rise to difficult predicaments when endeavouring to rectify the matter and quell propagation issues. Another issue is exposure to Sybil attacks, which is an attempt to control a P2P network by creating multiple fake identities; although these fake identities appear to be unique users to outside observers, a single nefarious entity controls many identities at once, allowing the nefarious entity to influence the network through augmented voting power in a democratic network (or via echo chamber messaging in a social network) [93].