As per Trail of Bits, DLT and blockchains like Bitcoin and Ethereum may be more susceptible to centralization problems than previously anticipated.
The security company published its “Are Blockchains Decentralized?” assessment on Tuesday. The report was ordered by the Defense Advanced Research Projects Agency of the US government (DARPA).
Although it focuses primarily on Bitcoin, the analysis seeks to determine whether blockchains like Bitcoin and Ethereum are decentralized.
What are the findings of the study?
The security company’s key conclusions included the possibility for different actors to obtain excessive, centralized network control due over Blockchain. This is due to outdated Bitcoin nodes, unencrypted blockchain mining pools, and a majority of unencrypted Bitcoin network traffic passing through only a small number of ISPs.
A subnetwork of Bitcoin nodes, according to the research, is primarily in charge of reaching consensus and interacting with miners. The vast majority of nodes “do not substantially contribute to the health of the network.”
Additionally, it was discovered that 21% of Bitcoin nodes were using an outdated version of the Bitcoin Core client. These would be known to have security issues like consensus problems. To prevent consensus issues and a blockchain fork, it is essential that all DLT nodes run the same most recent software version, according to the statement.
Any blockchain machine that saves and verifies blocks is referred to as a bitcoin node. Nodes are used to verify the integrity of transactions and keep an eye on the safety and security of the Bitcoin blockchain. All nodes should be running Bitcoin Core 22.0 as of right now.
The investigation also revealed that the Stratum mining pool technology for Bitcoin is not secured and is essentially unauthenticated.
To estimate a miner’s hashrate and payouts and to modify Stratum messages to deprive miners of their CPU time and payouts, respectively, are thus examples of malicious attacks that might be launched.
ISPs can control nodes
Based on the fact that the Bitcoin protocol traffic is not encrypted and that only three ISPs account for 60% of the network traffic, the authors also discovered flaws in the infrastructure.
The ability of ISPs and providers to arbitrarily reduce or deny service to any node makes this a concern.
The report’s 26 pages are filled with in-depth facts, figures, and infographics. Since its founding in 1958, DARPA has created cutting-edge technologies for the US Department of Defense and the US military. DARPA hired the cybersecurity research and consulting company Trail of Bits to create the report.
The study comes at an appropriate time
After Solana raised worries about centralization, the study arrived at an important time
The decentralized finance (DeFi) lending platform Solend, based on Solana, came up with a last-minute governance plan on Sunday to take control of a whale’s wallet. The wallet was about to be liquidated and put pressure on Solend and its customers.
Twitter immediately reacted negatively to the idea when it was approved by one whale, leading to the establishment of a new governance vote to nullify the earlier vote. According to observers, the action might harm DeFi’s reputation overall. This is so since seizing control of one of Solend’s wallets calls into question the organization’s core values and because overturning a vote wasn’t any better.