Blockchain’s Weak Spots Pose a Hidden Danger to Users

Will Knight | MIT Technology Review | April 18, 2017

An expert who is studying Bitcoin and blockchain technologies says those looking to commercialize them need to be aware of potentially dangerous technical issues.

Technologists, entrepreneurs, and some big companies are busy dreaming up new ways of using the core of Bitcoin—a distributed cryptographic ledger, or blockchain—to reinvent everything from business contracts and health records to carbon credits and new trading platforms (see “Why Bitcoin Could Be Much More Than a Currency”). However, one expert warns that they may be building their dreams on top of a precarious foundation. Emin Gün Sirer, an associate professor at Cornell University, has been researching ways in which Bitcoin and blockchains can fail.

“The Bitcoin client is about 30,000 lines of code,” Gün Sirer said Tuesday at Business of Blockchain, a conference organized by MIT Technology Review and the MIT Media Lab. “It’s amazing that we haven’t found as many mission-critical bugs as one would expect, and in fact that’s a testament to people who have worked behind the scenes on it.”

Bitcoin is meant to make financial transactions more accountable and secure, without the need for any central authority. The digital currency uses a distributed, cryptographically signed ledger to verify and track transactions. A record of every transfer is stored across many different machines, and the ledger is maintained through a process of “mining” that generates more bitcoins. Gün Sirer pointed to potential problems with the way blockchains are currently being designed, including the fact that all the clients in most networks run the same code, so one vulnerability can take down the entire system...