A blockchain is a decentralized, distributed and the public digital ledger that is used to record transactions across many computers so that the record cannot be altered retroactively without the alteration of all subsequent blocks and the collusion of the network.
According to MIT Technology Review, the entire logic of using a blockchain is to allow people who don’t trust one another—share valuable data in a secure, tamperproof way because blockchains store data using sophisticated math and innovative software rules that are extremely difficult for attackers to manipulate.
Two things make this system theoretically tamperproof, a cryptographic fingerprint unique to each block, and a “consensus protocol,” the process by which the nodes in the network agree on a shared history.
The fingerprint, called a hash, takes a lot of computing time and energy to generate initially. It thus serves as proof that the miner who added the block to the blockchain did the computational work to earn a bitcoin reward. It also serves as a kind of seal, since altering the block would require generating a new hash. Verifying whether or not the hash matches its block, however, is easy, and once the nodes have done so they update their respective copies of the blockchain with the new block. This is the consensus protocol.
These hashes also serve as the links in the blockchain which means each block includes the previous block’s unique hash. So if you want to change an entry in the ledger retroactively, you have to calculate a new hash not only for the block it’s in but also for every subsequent block. And you have to do this faster than the other nodes can add new blocks to the chain. This is what makes the blockchain tamperproof, or “immutable.”
Creative ways to cheat
People have found creative ways to cheat. Emin Gün Sirer and his colleagues at Cornell University have shown that there is a way to subvert a blockchain even if you have less than half the mining power of the other miners.
Another possibility is an eclipse attack. Nodes on the blockchain must remain in constant communication in order to compare data. An attacker who manages to take control of one node’s communications and fool it into accepting false data that appears to come from the rest of the network can trick it into wasting resources or confirming fake transactions.
Is blockchain really secure?
A recent work by Sirer and colleagues shows that neither Bitcoin nor Ethereum is as decentralized as you might think. They found that the top four bitcoin-mining operations had more than 53 percent of the system’s average mining capacity per week. By the same measure, three Ethereum miners accounted for 61 percent.
Some say alternative consensus protocols, perhaps ones that don’t rely on mining, could be more secure. But this hypothesis hasn’t been tested on a large scale, and new protocols would likely have their own security problems.
So in the end, “secure” ends up being very hard to define in the context of blockchains. Secure from whom? Secure for what? “It depends on your perspective.