Page 36 - FIGI: Security Aspects of Distributed Ledger Technologies
P. 36

than relying solely on the nodes who offer the guar-  online 24/7 exposes their IP addresses and potential-
            antee of ledger integrity.                         ly also their online custody of staked assets.
                                  231
                                                                                                     236
               DLT-based solutions also intrinsically rely upon
            multiple  users  (and  nodes)  for  achieving  critical   Mitigation & Recommendations:
            mass: Nodes need more nodes to distribute the data,   At least for critical infrastructure, resilience of nodes
            to do the validation of the blocks in the process of   for a particular DLT required to prevent 51% attacks
            being added, and to do the processing itself.  Wide-  should be ensured. DLTs thus combines elements
                                                   234
            spread adoption then is essential for the positive net-  of the need for high availability (HA)  and disaster
                                                                                                237
            work effect of DLTs to be truly harnessed as a single   recovery (DR). Disaster recovery addresses multiple
            entity using blockchain could be seen as analogous   failures in a datacenter while HA typically accounts
            to a centralized database,  The more trusted parties   for a single predictable failure. HA infrastructure
            per node that are needed, so too does the com-     component or IT system must thus be “fault toler-
            promisable ‘surface area' of a distributed network   ant” or having the ability to “fail over.”  DR  is related
                                                                                                   238
            increase.                                          to the resources and activities needed to re-establish
                    235
                                                               IT services at an alternate site following a disruption
            Risks:                                             of IT services. This includes components such as
             Increased Reliance on Nodes May Increase Vulner-  infrastructure, telecommunications, people, systems,
            abilities                                          applications and data.
            The nascent DLT ecosystem also offers a rich attack
            source for directly stealing value – as tokens - from   8�5  General Concern: Safety of Funds and Informa-
            ‘wallets’, often stored in exchanges that use basic   tion
            security unrelated to the more robust DLT that
            spawned the tokens. DLTs in the current state of   8.5.1   Issue: Inability to distinguish between un/
            development are also resource-intensive with back-  authorized users
            end running the DLT needing to be secure end-to-end,   Dimensions Affected: Network, Consensus, External
            including uptime requirements for validation nodes   Nodes on the blockchain are – using current protocols
            required to implement consensus mechanisms in the   – said to be unable to distinguish between a transac-
            chosen DLT design. This creates challenges, espe-  tion by an authorized, actual user and a fake transac-
            cially in developing countries where communications   tion by someone who somehow has gained access
            networks may always not be robust or fast enough to   to the blockchain trusted party’s private key. This
            allow nodes to be available for these purposes. The   means that if a bad actor gains access to a compre-
            less nodes, the more a DLT could be subject to a ‘51%’   hensive banking blockchain that itself accesses all or
            attack. Similarly, POS and the need for ‘stakers’ to be   of part of a core banking network blockchain - or a




                Box 1:
                Network Resiliency - Sikka Nepal’s Digital Asset Wallet Using SMS

                Developmental Program ‘Sikka’: Sikka means “coin” in Nepali, which points at its use of an Ethereum
                token contract to manage the creation, distribution, and validation of all transactions within human-
                itarian aid programming. The system was devised by the Nepal Innovation Lab  to allow users to
                                                                                       232
                send and receive tokens by interacting with the Ethereum main network via SMS, where the user’s
                wallet is associated to their mobile number. Sikka though is not electronic money, nor a crypto-cur-
                rency though: it is a limited-use ‘digital asset’ token on an ERC-20 contract deployed to the Ethereum
                main network for the purpose of tokenizing and then tracking assets of value within humanitarian aid
                programs. It’ thus a digital asset transfer network
                Security Aspects: Because the tokens can be created to represent access rights to a variety of aid
                goods, including cash-based transfers and it can be deployed to distribute goods, including cash, to
                places where financial services are limited, and telecommunications networks are less than reliable.
                Beneficiaries thus do not need or use dApps: only SMS on basic phones is used to access value. 233






           34    Security Aspects of Distributed Ledger Technologies
   31   32   33   34   35   36   37   38   39   40   41