Is blockchain -- the network of global online ledgers -- really secure? Its proponents say yes, as it assigns transactions or smart contracts to an immutable ledger, verifiable by multiple parties. However, a recently published paper calls out some vulnerabilities that may subject blockchain entries to inefficiencies, hacking and other criminal activity.

building-metropolitan-museum-of-art-2-ny-cropped-photo-by-joe-mckendrick.jpg Photo: Joe McKendrick

The paper, published[1] by Xiaoqi Li, Peng Jiang and Xiapu Luo (all with Hong Kong Polytechnic University), Ting Chen (University of Electronic Science and Technology of China), and Qiaoyan Wen (Beijing University), asserts that blockchains have several points of vulnerabilities of which users need to be aware.

As blockchain increasingly becomes part of business operations, there needs to be a closer examination of the potential security liabilities that come with this emerging technology. With the growth of the number of decentalized applications, "the privacy leakage risk of blockchain will be more serious," Li and his co-authors state. "A decentralized application itself, as well as the process of communication between the app and Internet, are both faced with privacy leakage risks." They urge greater adoption of techniques to address the challenge: "code obfuscation, application hardening and execution trusted computing."

The researchers outline key known risk factors with blockchain:

Blockchain efficiency: For starters, he efficiency of blockchains themselves may become overloaded with complex consensus mechanisms and invalid data. Li and his co-authors note that the consensus mechanisms employed across the Internet are computing resource hogs. For instance, most popular consensus mechanism used in blockchain is Proof of Work, which the researchers call a "waste of computing resources." They say there are efforts to develop more efficient and hybrid consensus mechanisms that combine PoW and Proof of Stake (PoS). In addition, blockchains will produce a lot of data

Read more from our friends at ZDNet