Is Sovrin Impervious to Hacks?


#1

Remember when Bitcoin said it could never be hacked because it was built on a distributed ledger? That was $70 Million dollars ago as of last week.

“Yesterday morning at about 1 a.m. a hacker or a group of hackers was able to infiltrate our systems through a compromised company computer,” NiceHash CEO Marko Kobal

Remember when Sovrin said it could never be hacked or compromised? Oh really? It’s not a matter of if, it’s only a matter of when. The fact is any system can be compromised. Blockchain distributed ledgers are just another way to build a mousetrap. They are no more or less secure than some contact database sitting behind a corporate firewall. Why? Because humans are involved. I would argue that distributed ledgers are even less secure because there is far more attack surface. Trust Networks are great…until someone in the Network can no longer be trusted. Bitcoin found that out the hard way.


#2

As far as I know, Sovrin has never claimed it could not be hacked. OF COURSE it can be hacked.

However, I disagree with your assertion that distributed ledgers are no more nor less secure than a database behind a firewall–or with your stronger statement that they are actually less secure. The thing that blockchains do differently is distribute trust. Instead of a centralized system where you have a single gate to the castle, with a moat around it and a drawbridge guarding the gate, distributed ledgers are like a giant sensor array that cooperates to produce a single coherent picture. Any individual sensor can be taken down, but the array keeps working. The overall array absolutely can be hacked–but it requires hacking a massive number of places concurrently, not a single place where the attack can be concentrated.

The hack you link is not a hack of bitcoin itself; it’s a hack of a company that uses bitcoin but didn’t control its bitcoin keys properly. The integrity of the company systems, not of the bitcoin network itself, is what was compromised. This is a hack of a single sensor in the overall grid, to reference my earlier metaphor.


#3

Thanks for your concern for the Sovrin network. I believe healthy scepticism is vital to keeping a system secure.

A couple of your points I would like to respond to:


Remember when Bitcoin said it could never be hacked because it was built on a distributed ledger? That was $70 Million dollars ago as of last week.

No one credible should have ever said that bitcoin is unhackable. The cryptographic algorithms and protocols of the system have yet to be broken, which means that as it stands the bitcoin system is still considered to be secure. However, this does not mean that bitcion impossible to break.

CNN is reporting the hack of a company called NiceHash, not Bitcoin itself. From the CNN article:

The hackers appear to have entered the NiceHash system using the credentials of one of the company’s engineers.

A company built on top of bitcoin was hacked not bitcoin itself.


Remember when Sovrin said it could never be hacked or compromised?

No, I actually don’t. Whoever said that misunderstood the difference between “unhackability” and security. Like bitcoin, the algorithms, protocols, and cryptography used by the Sovrin network have not been broken and are still publicly considered to be secure. Does that mean that the systems are truly unhackable? No, that would mean solving the P vs NP problem.


They are no more or less secure than some contact database sitting behind a corporate firewall. Why? Because humans are involved.

This is partially correct: humans are generally the weakest part in the security chain. However, a distributed ledger actually alleviates a lot of the problems with humans in comparison to a centralized service, like replacing passwords with cryptographic keys.

@danielh offers a good response to this part of your post too ^^


Trust Networks are great…until someone in the Network can no longer be trusted.

The Sovrin network was built with the knowledge and preparation for malicious nodes and activity. It is actually built to be resistant to multiple malicious actors in the system. To find more about how the Sovrin network does this, see here.


#4

@SteveGoob, good responses, and I recognize the difficult position. My primary point is that Sovrin is not impervious to vulnerability, which you have acknowledged.

Be careful positioning a line of messaging using rationale such as “A company built on top of bitcoin was hacked not bitcoin itself.” That actually does more damage to your credibility than not using it. Anyone can see right through that logic. That’s no different than saying “The company that built the faulty lock to my front door was broken into, not my house itself.”


#5

@danielh, good debate, but here’s the counter argument to distributed ledgers and blockchain technology. Instead of a centralized system where you have a single gate to the castle, which can be monitored and secured with more focus on only one entry point, as it were, distributed ledgers and blockchain technologies create numerous gates and doorways across the moat into the castle. More doors, more chance of vulnerability at each entry point.

And to my earlier point to Steve, be careful of relying too much on the line of rationale defending the notion that it was a company that was hacked, not bitcoin itself. “No officer, my house was’t broken into, just the lock to my front door was picked in the middle of the night. I don’t know what happened to all my stuff.” Sounds pretty silly, doesn’t it?


#6

@Lee, neither Daniel nor Steve acknowledged that Sovrin was impervious to vulnerability:

As far as I know, Sovrin has never claimed it could not be hacked. OF COURSE it can be hacked.

No, I actually don’t. Whoever said that misunderstood the difference between “unhackability” and security.

We’d really appreciate it if you could provide us the source of the incorrect messaging that states that Sovrin is unhackable, so that we can eliminate the confusion.

In response to the discussion of the castle and the moat, having a distributed ledger may seem like exposing more entry points and vulnerabilities; however, the nature of a distributed ledger is to distribute trust and risk, just like the principle of a diverse portfolio of stocks. You wouldn’t argue that investing in a mutual fund is riskier than in one single stock because “more stocks equates to more opportunity for a stock to fail.” It is true that the chance of one stock in the portfolio underperforming is greater when you have multiple stocks; however, the impact of this chance is greatly reduced.

Distributed ledgers do have “multiple entrances” (or nodes) but in order to successfully hack the ledger itself, enough nodes need to be compromised at the same time and in the same manner to compromise the ledger.

Now, what happened with Bitcoin and what Steve and Daniel were trying to communicate is that the Bitcoin ledger was not hacked. NiceHash was, and as a result, a lot of money was unfortunately lost. Going back to the house example, I would modify it to be more like “the company that was supposed to deliver my package didn’t; I don’t know what happened to all my stuff.” Your house was not compromised; a company that you trusted to work with your house was.

Ultimately, blockchain technology is not invulnerable. Distributed ledgers can be hacked. Hacking to change data is virtually impossible. Hacking to view data does nothing to public distributed ledgers like Bitcoin and Sovrin because anyone can view the data anyway. The data that will be stored on the Sovrin ledger will not be sensitive data.

We appreciate you rising these concerns, as we want to ensure that those who are using Sovrin are protected!


#7

Man, you guys have swallowed the Kool-Aid by the tank full. You’re vulnerable, end of story. Your $70M dollar day will come. It’s not a matter of if, it’s only a matter of when. If the company that I trusted to work with my house was compromised, and has all my data, what’s the difference? Spin, spin, spin.


#8

@Lee A better analogy is that you set up online access to your bank account, and you leave your username and password on a piece of paper. Someone else gets the paper, logs in to your computer sitting on the kitchen table, and makes an international wire xfer from your account, or an instant transfer to someone.

Every system has its weakness, and somewhere private keys are stored encrypted by some means. People are working on multiple points of security while trying to strike a balance for usability: for example bio-metrics + a passcode, local storage, etc.

Some chains might be hacked in the future through breaking of cryptographic proofs, or some kind of buffer overrun, etc. A malicious actor trying to destroy trust might try various ways to break consensus mechanisms through brute force attacks, or bugs, such as the recent proof that a hacker could take over the entire EOS network, and use the servers for whatever purpose desired. Fortunately, the design of that particular chain had baked in enforcement that any nodes participating in consensus must be using the latest fix (no fork required).

The aim is to make something better than what we have now, and to try to reflect possible things that could go wrong, and pre-empt them. This includes making the software as specific as possible in purpose, so as to reduce the attack vector. Having open conversations amongst people whose lives are devoted to this is a great start.

There is an alternative low tech solution, in that you just hide your cash under a mattress.