Over the last few years, the use of blockchain in both consumer and enterprise products has increased exponentially. Competition among blockchain technologies results in rapid changes and continuously evolving designs, making it difficult for security professionals to assess whether a certain blockchain is suitable, and more importantly secure, for use within their organisation.
In this second part of the Blockchain Security Assessments series, we will explore a framework that security professionals can utilise to assess the practicality and security of a blockchain for their specific business requirements. The framework is split into sub-sections to allow organisations to score and compare these areas across different blockchains. Each of the sections may vary in importance for your organisation, therefore it is important to score and weight each area according to your organisation’s requirements. This framework should be treated as a high-level guide and, where possible, should be expanded upon based on each blockchain’s features and functionality.
Ecosystem Controls
Ecosystem controls refer to the high-level governance, economic model, and development community in a blockchain’s ecosystem.
These can provide a high-level overview of a blockchain’s security capabilities without going in-depth into technical security controls (which will be covered in the next section).
Governance
Blockchain governance refers to the decision making, control, and coordination of stakeholders on a particular blockchain. This sub-section evaluates whether policies are effective and implemented in a secure manner to enforce compliance and auditability.
Governance |
Who is allowed to participate on this blockchain as a node, user or developer? |
Is there a process for vetting new stakeholders? |
How do stakeholders manage proposals (for example voting, evaluation, testing, and implementation)? |
How do stakeholders implement standards, specifications and policies? |
How are these policies and standards audited to ensure compliance? |
Have there been previous major incident(s) on this blockchain? If so, how was this handled by stakeholders and what were the outcome(s)? |
Economic Model
This sub-section evaluates how participants are incentivised on the blockchain and how security has been built into the economic model.
Economic Model |
How sustainable is the token economic model (for example inflationary/deflationary)? |
What is the incentive model and payout mechanism for nodes? |
How does the economic model handle computing resources? |
How does the economic model improve security across the blockchain? |
What is the resource cost to attack this blockchain (for example are attackers disincentivised by this)? |
Development Practices
This sub-section evaluates the maturity and innovation in the blockchain’s development communities.
Development Practices |
Is the code base open source? |
What size is the development community relative to other blockchains? |
Are there proprietary components to this blockchain? |
How is collaboration achieved between developers and stakeholders? |
What are the supported programming languages? |
Are there automated smart contract testing and audit tools? |
Technical Controls
This section focuses on in-depth technical controls which can be assessed alongside the “Ecosystem Controls” from the previous section. While each sub-section may not be applicable to every blockchain (particularly those which operate in a closed/private environment), these should be used as a general guide and expanded upon where a blockchain contains additional features or functionality.
Identity and Access Management (IDAM)
This sub-section evaluates how the blockchain implements access controls for all participants, whether these are just users of the blockchain or nodes which actively participate in maintaining the blockchain.
Identity and Access Management |
How do users access functionality and data on this blockchain? |
Are there role-based access control (RBAC) or attribute-based access control (ABAC) capabilities? |
How is the lifecycle of entities (for example users or nodes) managed? This includes registration and removal of such entities. |
How are entities verified and authenticated? |
If a permissioned blockchain, how are memberships managed (for example verification, registration, and authorisation)? |
If a permissioned blockchain, are IDAM controls centralised or delegated? |
Data Privacy and Regulation
While not applicable to all blockchains, this sub-section evaluates the data privacy features of a blockchain and whether regulatory compliance requirements can be met.
Data Privacy and Regulation |
What do nodes and users have access to by default? |
Does the blockchain prioritise anonymity (this could be an advantage or disadvantage depending on the intended use case)? |
Does the blockchain support private chains or transactions? If so, how are these implemented and tested by the community? |
Are there policies in place to comply with any applicable laws and/or regulations? |
How are policies enforced to ensure compliance? |
Is there a mechanism for user consent to share data with a third party? |
How is the confidentiality of data managed at-rest, in-motion, and when used? |
Cryptography
This sub-section evaluates the cryptographic standards which are supported and enforced on the blockchain. Key lifecycle, disaster recovery, and future-proof features are important areas to consider when evaluating and comparing blockchains.
Cryptography |
What cryptographic standards are enforced? |
Does the blockchain support the update of cryptographic algorithms? If so, are these done in a secure and efficient manner? |
How does the platform future-proof for quantum-resistant cryptography? |
How are cryptographic keys managed throughout their lifecycle (such as generation, usage, storage, and revocation)? |
Are cryptographic keys backed up? |
In the event of an incident, can cryptographic keys be recovered, revoked and/or regenerated? |
Consensus Protocol
The consensus protocol plays a crucial part in how the blockchain operates and has a large impact on how the blockchain handles security, scalability, and decentralisation. This sub-section aims to help you understand a blockchain’s consensus protocol and determine its effectiveness in tackling each of these areas (including areas where sacrifices have been made).
Consensus Protocol |
What consensus protocol(s) are supported? |
How does the protocol handle decentralisation? |
How does the consensus protocol handle availability? |
How does the consensus protocol handle security? |
How does the consensus protocol prevent double spending and sybil attacks? |
How does the consensus protocol handle scalability? |
How are blocks constructed, validated, and committed? |
How is P2P connectivity implemented (for example which P2P interface, discovery mechanism, peer-routing mechanism)? |
Integrations
This sub-section evaluates how the blockchain supports integrations to real-world data. This includes assessing whether supported integrations are secure, reliable, and well documented.
Data Integrations |
How is real-world data (for example real-world events or enterprise systems) securely translated into blockchain events for smart contracts? |
How is real-world data translated to ensure data integrity and reliability? |
What enterprise applications and data connectors are currently supported? |
Are supported APIs and SDKs well developed and documented? |
Do APIs follow secure architecture principles and standards? |
Additional Areas to Consider
While not directly related to security, these areas should be considered when assessing a blockchain and should provide further insight into the practicality of a blockchain for your specific requirements.
Scalability
This sub-section evaluates the efficiency of the blockchain when handling transactions (such as transaction speed) and capacity (such as number and size of transactions).
Scalability |
How efficient is the consensus algorithm(s) when compared to other blockchains? |
How do the transaction capacity and speed compare to other blockchains? |
Does the blockchain support L2 chains? If so, how is the performance and throughput improved? |
Does the blockchain support off-chain storage? If so, how is the performance and throughput improved? |
Interoperability
This sub-section should be evaluated if the blockchain supports connecting to other blockchains and if this functionality is required by your particular use case.
Interoperability |
What mechanism(s) are supported when integrating with other blockchains? |
What shared security functionality is used in these mechanism(s)? |
Are there performance drawbacks or limitations to cross-chain interactions? |
Is there support for L0 cross-chain blockchains? |
Is there cross-chain support for L2 roll-ups? |
Performance
Performance is often a key metric used to assess a blockchain and should be considered as it can identify operational inefficiencies which can have an impact based on your operational requirements.
Performance |
How efficient is the consensus protocol when compared to other blockchains (for example benchmarking data)? |
Are there known performance constraints? |
What monitoring mechanisms are in place to prevent inefficient operations? |
Key Risks
Regulatory Compliance
As of the date of this blog, regulatory uncertainty continues to remain a challenge in the blockchain industry. This is due to concerns over money laundering, privacy and compliance, as well as the securitization of assets. Security professionals should be aware of these risks when considering implementing this technology and we advise you work alongside legal and compliance professionals to ensure any regulatory requirements are met.
Zero-day Vulnerabilities
Blockchain technologies continue to evolve at a rapid pace, resulting in the introduction of new attack vectors. Due to the immutable nature of smart contracts, some of these vulnerabilities can have devastating consequences once discovered. In many cases, this has caused substantial financial loss for end-users. When experimenting with blockchain technology, security professionals should be aware of such risks and take extra steps to reduce the likelihood of a successful attack or reduce the financial damage caused if such an attack were to occur.
Summary
This blog has provided key areas which security professionals should consider evaluating when considering a blockchain to use for their organisation. However, as blockchain technologies continue to rapidly evolve there will be an ever-present risk of new regulatory requirements as well as new security vulnerabilities being introduced into the ecosystem. As such, blockchains should be assessed not only from a security standpoint, but also from both a legal and compliance standpoint with any potential risks highlighted before proceeding with implementation. At Wilbourne, we have worked on evaluating enterprise blockchain solutions and performing smart contract audits. If you require assistance in reviewing the security of blockchain solutions, please do not hesitate to contact us to discuss your requirements.