Box 4:
                Wallet Security Approaches. Hyberbit DLT for Donations for Disaster Relief. The DLT controller secures
                the DLT from compromise by managing only one key out of four required.
                Program: The charity sector is often subject to reports of corruption, fraud and in addition the lack of
                transparency, inefficiency and unfair redistribution of funds.
                Security Aspects: To renew trust, a HelperBit has developed a decentralized, P2P donation system for
                natural hazard-related disasters, using a multi-signature, non-custodial and multi-signature Bitcoin-
                based wallet. The donor must write the passphrase each time they make a donation. With Helperbit
                managing only one key out of four. it has no decision-making power over use and transfer of any funds.
                This not only increases the security of the wallet, but also protecting it from mistakes such as loss of
                a passphrase or incorrect backup, as well as external attacks, while also providing the possibility of
                recovery.  Helperbit cannot access any funds: only the user can do that.
                        267

            to the storage of data and access thereto compared   transaction flows, since they are on the nodes and
            to centralized methods. That is, at least for public   - intrinsically to the distributed nature of blockchain
            DLTs, data stored on the DLT should in large measure   - would have to verify any transactions for that trans-
            be visible to everyone – the nodes  - on that block-  action to be placed on the block. 280
                                          268
            chain.  The ostensible reason for this is that to vali-
                 269
            date additions of data to the chain, nodes must have   Mitigation and Recommendations:
            visibility over the data they are validating.  In theory   Solutions to these issues are being developed, but
                                                270
            then, everyone could see everyone else’s data, at all   not yet mainstream. For example, ‘zero-knowledge
            times.                                             proofs’  are emerging, potentially enabling valida-
                                                                     281
               And, although access to a DLT requires a pri-   tion of data without visibility over the underlying
            vate key, not all of the information on a blockchain   data itself. This is being applied in the crypto curren-
            is encrypted.  For example, on the Bitcoin permis-  cy realm with Zcash, an emerging decentralized and
                        271
            sionless, public blockchain, data is pseudo-anony-  open-source crypto-currency that competes with
            mous: The user’s ID is self-asserted and encrypted,   Bitcoin and which purports to offer privacy and
            but transactional data is not.                     selective transparency of transactions.
                                                                                                282
               There is thus a tension between shared control of
            data on a ledger - the core of the DLT motif - and   8�7  General Concern: Consensus & Mining
            sharing of the data on a ledger.  Similarly, while the
                                        272
            flavors of blockchain are all addressing low scalabil-  8.7.1   Issue: Consensus Dominance and Mining
            ity  and low processing speed issues,  all these   Pools
                                                274
               273
            issues are related to the so-called blockchain ‘trilem-  This  section  discusses  consensus  mechanisms
            ma.’  This represents a widely held belief that the   and  the  problem  of  ‘consensus  dominance’  where
                275
            use of blockchain technology presents a tri-direc-  an attacker can negatively impact or control the
            tional compromise in efforts to increase scalability,   consensus mechanism present in DLT and block-
            security and decentralization  and that all three   chain protocols.
                                       276
            cannot be maximized at one time: increasing the lev-
            el of one factor results in the decrease of another.    Dimension Affected: Network, Consensus
                                                        277
            Risks:                                             Specific Threat: 51% Attack
            Lack of transactional privacy and loss of customer   This attack targets mining pools and consensus.
            funds: For financial institutions using permissioned,   Mining pools are popular, especially on Bitcoin
            private blockchains, the visibility of commercially   networks where smaller individual miners are at a
            sensitive information – customers, transactions etc.   substantial disadvantage against pools who unite
            – to everyone may be a serious barrier to adoption.    their hashing/computing power and enables the
                                                         278
            So, although a DLTs could potentially replace Soci-  group to mine at a more rapid pace and substantially
            ety for Worldwide Interbank Financial Telecommu-   greater chances for success.  On the transactional
                                                                                        283
            nication (SWIFT)  for value transfer or a bank for   blockchain level, large mining operations and consor-
                           279
            settlement, it also means that everyone could see the   tiums of miners have had the ability to take control


                                                                   Security Aspects of Distributed Ledger Technologies  39