Blockchain has emerged as one of the most revolutionary technologies that has gained momentum in recent times. The technology has proven itself to be a robust mechanism for ensuring consensus, transparency, and immutability of data among various stakeholders in an ecosystem.
However, blockchain infrastructure is not immune to cyber threats, as it consists of various components such as network devices, operating systems (OS), applications and back-end databases that can all be vulnerable to attacks if not properly secured.
Blockdaemon takes security seriously. The Blockdaemon platform is secure-by-default.
To that end, we’ve written this post to share our top five recommended security considerations for crypto infrastructure security.
The Importance of Blockchain Infrastructure Security
The importance of blockchain infrastructure security is evident in the number of recent hacks, data breaches, and vulnerabilities reported by businesses that use blockchains.
Crypto infrastructure security is a critical aspect of an overall crypto solution, but it is often overlooked. Security is commonly the weakest link in the overall crypto industry amongst projects, and therefore must be considered as a potential risk to any blockchain project.
At Blockdaemon, we’re here to help.
Blockdaemon’s Top Five Security Considerations
Crypto infrastructure security encompasses all aspects of secure systems architecture, including hardware, software, data storage and protection from physical threats (e.g., fire), among other things. Here are our top five security considerations:
1. Ensure Code is Correctly Isolated
Crypto should be isolated from other code.
This is a security best practice for all software, but it’s especially important with crypto. If other parts of your application have access to the same key material or keys and shares as your crypto, then they can compromise any solution that involves those keys—even if they’re stored in an encrypted BIP38-protected file.
2. Implement Change Management Procedures
Identity management and authentication solutions should be used to ensure that only authorized users have access to the data or can interact with your systems.
You should also ensure that there are restrictions on what parts of the network they can access when they need to do so (e.g. locking down certain machines and preventing people from accessing live production environments).
At Blockdaemon, our team of engineers monitor all protocols we manage 24/7, ensuring our finger is constantly on the pulse of each and every protocol.
Our team of engineers also ensure protocol nodes remain up-to-date. As blockchains evolve, we here at Blockdaemon ensure each of our nodes on every network we manage are updated in line with all protocol changes. Only official updates published by the protocol’s network / foundation are actioned.
3. Develop Robust Access Controls & Plan for Business Continuity
A sound change control process must be implemented in order for organizations using crypto infrastructure, to avoid introducing security vulnerabilities during updates and changes.
This includes having an established patching schedule, performing regular audits against known vulnerabilities/threats, testing patches before deploying them as well as implementing procedures for handling emergency patches at short notice (e.g. emergencies).
In case something goes wrong with one part of your business or organization’s operations, you will need measures in place for how this will affect other areas so that all critical processes are still able (or at least minimally affected), even when one area goes offline temporarily due to an outage or disaster event such as flooding, fires, or something else.
4. Do Not Store Private Key Shares in SGX Enclave
The SGX enclave is a notoriously insecure methodology for cryptographic key management protection.
It is vulnerable to side channel attacks, which are a type of attack that exploits the unintended leakage of information from an otherwise secure system. One such side channel attack involves recovering private keys from public keys by measuring how long it takes for an attacker to guess it correctly over time.
A second side channel attack involves recovering private keys from public keys by measuring how much space a key takes up in memory. This can be done by observing the amount of physical memory used by all processes running on a machine (including those with or without access to sensitive data), then comparing it against the amount of physical memory used by those processes when running under normal conditions (i.e., not accessing any sensitive data).
Data is digital gold. Like gold, data can exist at rest (in a bunker), in transit (being moved from a bank to a secure storage facility) and in use (being melted for jewelry).
Securing data at rest and in transit is well understood with lots of good practices, known by many, but not necessarily implemented correctly.
However, securing data in use (while on disk or in-memory) is often ignored or not addressed.
Confidential computing is an umbrella term covering data-in-use protection.
The development of this technology started approximately 10 years ago to mitigate a problem in which companies had to trust third-parties including cloud service providers (CSPs) to handle their most sensitive data and workloads.
Confidential Computing allows certain sensitive information to be processed in an isolated environment, providing protection from unauthorized access or modification. This means that nothing about the computations performed on your server can be revealed even if someone has physical access to it.
The access to this special area, also called “secure enclave” or “trusted execution environment” (TEE), is authenticated, managed and enforced directly by the CPU. It is essentially any hardware or software component that can be used to ensure that cryptographic operations are performed in a tamper-resistant manner.
AWS Nitro is a technology from AWS that allows certain sensitive information to be processed in an isolated environment. It’s an example of a TEE.
TEEs are useful for secure key management and data protection, such as encrypting sensitive files and storing keys in an inaccessible manner.
5. Consider Using MPC
Multi party computation (MPC) is a tool for ensuring privacy in blockchain technology as well as other financial applications. It can enable secure blockchain applications, while maintaining user privacy.
The idea behind MPC is that the network of computers running the protocol must compute a function without revealing any information about each other’s inputs and output.
This means that no one can know who did what computation or what was their input and output, even if they saw all of these computations run by every single party inside their computer.
This property has significant implications for blockchains and cryptocurrencies, because it allows you to build systems where users don’t need to reveal their private information on-chain, which could otherwise be used against them by malicious actors.
Blockchains are great for ensuring the integrity of transactions and data. However, they fall short when it comes to protecting user privacy. MPC could be used to solve this problem by allowing multiple parties to compute over encrypted data without revealing their inputs or outputs (i.e. without leaking information about who is involved in a given transaction).
On-Chain Multisig vs. MPC
On-chain multisig is a blockchain feature that allows funds to be spent if a certain number of authorized parties sign transactions.
Multi-signature addresses are created by combining multiple public keys, each corresponding to one party in the transaction, and then generating a unique address from that information. Multi-signature transactions can be done either manually or automatically by using specialized software.
On-chain multisig has several limitations including wallet compatibility and information leaks. Some wallets do not support on-chain multisig, while others can only generate one transaction at a time. Furthermore, some wallets may only be able to sign transactions using their own private keys and not those of other parties in the multisig wallet. Therefore, it is important for users to carefully research the capabilities of their preferred wallet before using it with an application that uses on-chain multisig.
Information leaks occur when information from one party is revealed to another party; this can happen when signing transactions because each step in the process reveals more information about how many signatures are required for authentication and which addresses are involved in a given transaction.
This means that the full number of cosignatories will be exposed to anyone who cares enough about your wallet’s transactions to look up your public key. This may cause privacy concerns as well as security concerns (if an attacker wants access to more than one signature).
A better solution than on-chain multisig is secure multiparty computation. MPC allows any combination of co-signatories to sign transactions without exposing information to others.
With our MPC technology solution, you can securely take control of your digital assets.
As we have seen over 2022, crypto infrastructure security is a critical aspect of an overall crypto solution.
However, it is often overlooked by companies and individuals looking to enter the market. Companies need to make sure they are investing time and money into security measures that will help protect their customers from cyber attacks. This can be done by implementing strong key management systems, for example.
In addition, general controls should be put in place such as governance over providers of these services, so that businesses know what kind of service they’re getting when contracting with third parties or hiring employees who work remotely on company-owned hardware.