Bitcoin’s Fork And Its Security Implications

Bitcoin’s fork and its security implications .jpg

By Cassio Goldschmidt

Bitcoin

Despite the fact Bitcoin continues to be the most followed fork, numerous relevant yet controversial updates took place in the code base. Due to an arbitrary limitation in the block size to 1Mb, the number of transactions that can go inside a block, and the time it takes to generate a new block in the blockchain, Bitcoin is able to process about 3 transactions per second.

Although Bitcoin could theoretically process up to 7 transactions per second, this number is never being reached. Compare this number with Visa’s 24,000 transactions per second and it quickly becomes obvious that Bitcoin desperately needed changes to improve scalability. Effectively Activated on August 23rd with block 481,824, BIP 91, better known as Segregated Witness (SegWit), doubled the maximum number of transactions on the Bitcoin network to 6 transactions per second. While not an impressive number, it accomplishes this improvement maintaining backward compatibility without touching the hard-coded 1-megabyte limit. If current investment in Bitcoin hardware is maintained, it becomes easy for the majority of miners to endorse the change.

 

SegWit is about security, not scability

SegWit scales Bitcoin by trimming transaction data that was stored in the block and segregating it in another structure, freeing up space for more transactions. While this trim increased the number of transactions, this is a desirable side benefit and not the main reason for the change.

By segregating transaction data in another structure, SegWit address third-party and scriptSig malleability security weakness. In the past, a maliciously crafted malformed signature resulted in a committed transaction with a completely different transaction id (txid). The problem with effectively committing a transaction with a different Id is that the sender perceived the transaction as a failed transaction because the txid was never recorded in the blockchain. Without this important confirmation, the sender may attempt to perform the transaction again, effectively paying the receiver twice. SegWit solves this security issue by moving the malleable parts of the transaction into the transaction witness, and segregating that witness so that changes to the witness does not affect calculation of the txid.

SegWit not only resolves this important Bitcoin security weakness that brought MtGox (pronounced Mountain Gox), once the largest Bitcoin exchange, to bankruptcy but it also paves the road to new technologies like confidential transactions and certain secure signature algorithms to be adopted as well as the off-chain Lightning Network. The fact LiteCoin with its 56 transactions per second and no scalability issues already adopted SegWit back in May 2017. This is another evidence the main benefit of SegWit is not scalability but a security enhancement.

The soft fork does not come without perils: increases in codebase size is often associated with an increase in the likelihood to create bugs and new security vulnerabilities due to the increased attack surface. It’s not uncommon for security vulnerabilities to stay in the codebase for years until they are discovered. Security researchers are more and more attracted to study Bitcoin as the value of the crypto currency continues to increase, arguably becoming “the bug bounty program with the highest reward in the world”. Whether flaws will be publicly announced remains to be seen. The current model incentivizes secrecy: it benefits the exploitation of the finding and diminishes the potential for reputational damage of Bitcoin as a trustworthy technology.

 

Bitcoin Cash

Bitcoin Cash’s sudden fork announcement which took place on August 1st caught a lot of people by surprise. The new currency was created by a former Facebook developer that wanted to increase block sizes, with the hypothetical result being more transactions being processed on the blockchain. With an increase of 1Mb to 8Mb, bitcoin Cash can process 8x more transactions per second.

The creation of a hard fork that changes the block size makes Bitcoin Cash incompatible with the current Bitcoin mining devices and user wallets. To incentivize the community to adopt the new crypto currency, Bitcoin Cash also cloned the blockchain. As a result, everyone who owned bitcoin before the fork now has an identical amount of bitcoin cash that is recorded in Bitcoin Cash’s forked blockchain.

Priced at $517.46 at the time of writing, sellers and buyers are motivated to use the new coins they gained for free. This creates a problem for bitcoin exchanges. Supporting a new coin isn’t something that can be easily accomplished: customer support teams need to be aware of the complexities and nuances so they can explain them to customers. Systems for processing deposits and withdrawals must be updated. Additional servers need to be spun up and integrated with existing systems. Security auditing and quality assurance testing must run their course. Compliance guidelines and terms of service need to be updated and reviewed by legal teams. While the change in block size seems simple, it opens a number of areas for potential security flaws in the eco-system and if the trend of copying cloning the blockchain continues, exchanges are likely going to stick to a policy of not supporting cloned crypto currencies. If a user wants to benefit from upcoming forks, the person should keep coins in her own wallet.

One common question related to Bitcoin cash is how it protects against replay and wipeout attacks.  Bitcoin Cash transactions use a new flag SIGHASH_FORKID, which is non-standard to the legacy blockchain. This prevents Bitcoin Cash transactions from being replayed on the Bitcoin blockchain and vice versa. However, if the private keys that can unlock coins in unspent transactions made prior to August 1st are compromised, the same keys can be used to perform transactions on both Bitcoin and Bitcoin Cash blockchains. One solution to mitigate the issues is to create new random keys and move the initial bitcoin cash funds to the new address.

 

Coming next, SegWit2x

During the month of November, approximately 90 days after the activation of Segregated Witnesses in the Bitcoin blockchain, a new hard fork is expected at block 494,784. SegWit2x will increase the block size to 2MBs and, unless we can all agree that what we used to call Bitcoin is no longer Bitcoin, SegWit2x can also create another version of the Bitcoin blockchain with its own unique cryptocurrency. With a portion of Bitcoin's mining network backing the new Bitcoin cash blockchain, it remains to be seen just how many miners on either chain will dedicate computing power to yet another Blockchain, which will be the topic of my next article.

Read Bitcoin’s Fork And Its Security Implications – Part 2


About Cassio Goldschmidt

The Vice President, Cyber Resilience Practice at Stroz Friedberg, an AON company, Cassio Goldschmidt is an internationally recognized information security leader with strong background in both product and program-level security. Outside work, Cassio is known for his contributions to Open Web Application Security Project (OWASP) , Software Assurance Forum for Excellence in Code (SAFECode), the Common Weakness Enumeration (CWE)/SysAdmin, Audit, Network, Security (SANS) Top 25 Most Dangerous Software Errors, along with contributing to the security education curriculum of numerous universities and industry certifications.

More About Cassio