Hailed as the ultimate solution to fee-hungry, centralised payment systems and cyber criminals alike, blockchain technology has a somewhat stellar reputation in the payment solutions market.
But last month, the financial industry was rocked to the core when what appeared to be a lone hacker stole US$600mn from the international cryptocurrency exchange, Poly Network.
The event caused shock and consternation, not only because of the sheer size of the heist - the largest recorded event to date - but because the hacker had done the unthinkable, and exploited Poly Network’s formidable blockchain security.
Even more revealing was the fact that the hacker claimed to have carried out this feat after looking for system vulnerabilities for a mere ‘few hours’. In a seeming ‘thumb the nose’ gesture to the technocrats, the perpetrator then posted a Q&A guide to their hacking process on the social networking site, Twitter, just 24 hours after the event.
The funds (or most of them) were then returned, with the hacker (or hackers) admitting to carrying out the theft to prove a point and to highlight vulnerabilities in the DeFi (decentralised financial) system used by Poly Network.
Blockchain and security
What the Poly Network case highlighted is that a DeFi system using blockchain technology can have serious vulnerabilities. The case is also not the first to happen in 2021 - and data suggests cybercrime against blockchain entities is on the rise. Although the losses have been smaller in other breaches this year, the amounts stolen are far from pocket change. For example:
- February 2021, Year Finance had $11mn stolen by hackers.
- In the same month, Alpha Finance lost $37mn to cybercriminals.
- In March 2021, Meerkat Finance suffered a breach and had $32mn taken from its accounts.
No system is fail safe
Ultimately, the incident proved that no system being used today can claim to be ‘unhackable’. In fact, the spate of recent breaches have even prompted the Bank Of England to state their position on digital currencies and decentralised systems.
Karan Kapoor, Head of Regulatory Change and RegTech at Delta Capita, explains, “In terms of Central Bank Digital Currency (CBDC), the Bank of England has already suggested that a digital pound does not have to be necessarily built on blockchain technology, and that more centralised technologies can be used. However, we are seeing many other countries opting to use Distributed Ledger Technology (DLT) for the design of their digital currency, such as Sweden’s e-Krona that is currently in its pilot stage.”
Kapoor also suggests that the widespread uptake of blockchain is not necessarily guaranteed. He says, “Whether or not a central bank will adopt DLT/Blockchain technology will partly depend on the level of privacy that they want to provide to users, and partly on the purpose of the digital currency - whether it be for retail or wholesale.”
Advantages to blockchain
Regardless of the recent breaches, blockchain technology presents a wide range of advantages, which is why it’s considered such an important transactional solution. With the rise of popularity in cryptocurrency, there is a much higher demand for ledger-style transactions.
Pavel Matveev, CEO of Wirex, explains, “A (decentralised) blockchain solution certainly has many advantages, such as no single point of failure and no counterparty risk. What does this mean? In layman’s terms, transparency – of contracts and rules that live on the blockchain.”
He continues, “For mainstream providers, they simultaneously give an opportunity and a threat. If they can adapt their business models, they can also participate in using these platforms themselves.”
However, he points out if providers base their models on charging significant fees for ‘middleman’ actions such as processing and fulfilling contract transactions, they will be undercut by cheaper, more transparent, and potentially faster blockchain alternatives.
Better transparency on blockchain
One of the most important elements to consider when looking at blockchain is that not all technologies - or systems are made equal. Matveev explains. “The word ‘blockchain’ can be misleading to those not familiar with it because it suggests that all blockchains are the same and built with the same kind of code – this is not the case.”
He says that like cryptocurrencies, blockchains can be tailored to different levels of complexity. The vulnerability comes from the authentication and encryption – as in the case of Poly Network because the hacker managed to interact with a critical contract without proper authentication. “The immutability of hacking public and private keys and the quality of the code used are key focus areas for ensuring such attacks don’t succeed.”
Blockchain security for customers
The strongest asset blockchain offers against theft, is the trackability of the digital currencies that pass through it. The online leger system automatically tracks every action taken on the funds, and who owns or has moved them elsewhere.
Matveev says that in terms of prevention, it is this aspect that makes blockchain a popular option among traders. “The ability to track misappropriated funds is the best way to offer preventative security,” he explains.
“For example, at Wirex we work with partners such as Elliptic, a compliance firm known for its work with organisations like the FBI to track illicit funds. Because blockchain is decentralised, the current global and state structures and regulations don’t necessarily offer the same protections as say, the FSCS in the UK for fiat accounts.
“That doesn’t mean there’s no protection though – many crypto-friendly platforms such as Wirex will include a basic level of protection or give the option for extra security for additional insurance fees. Wirex also recently partnered with Fireblocks, which insures the platform for up to $30mn within its DeFi services.”
What the future holds for blockchain
As financial technology gallops forward firmly in the direction of DeFi systems and solutions, it looks likely that blockchain will maintain its popularity, simply because, in the main, it's fast, efficient, cost-effective, and secure.
Preventative measures, such as code security audits, which provide a comprehensive analysis of source code revealing bugs, security breaches, or violations of programming conventions, will become more commonplace. Security solutions will also tighten up as the cat and mouse game between hacker and organisation continues in the global, online space.
Decentralised systems are here to stay, Matveev says, and the consequences that accompany them do not outweigh the advantages. “Just as we see in the stock market and domestic centralised banks, zero risk does not exist, but mitigation is the best means to create a safer blockchain for everyone.”
Regulation will also play a key role in fortifying and streamlining blockchain systems, he points out. “In 2021 we’ve seen national regulators from the US, UK, and EU, and China take more interventions within cryptocurrencies and, in some ways, blockchain generally. While this might on one level be seen as bad, it might actually help bring blockchain payments to the mainstream.”
Matveev adds, “Banking and finance rely on stability, as well as on regulations. If we start to see a consensus in 2022 forming on how to regulate blockchain, we’ll see more mainstream participation. The full deployment of ETH2 and the consequent cheaper and faster transactions in every layer or the crypto economy will also be a topic to look out for in 2022.”
Blockchain in the market
One of the newest yet most popular financial technologies, blockchain is essentially, a decentralised ledger of end-to-end transactions. It helps users to avoid transaction and data manipulation because it automatically tracks every movement and change.
- Instant payments through process automation, shortening transactional processes to minutes rather than days.
- Reduces costs because its decentralised status means it cuts out the ‘middleman.
- Increases transparency: Transactions can be clearly regulated by financial regulators and all interactions between transactional parties are recorded.
- Cuts down on risks associated with counterparties due to the instant nature of the transactional technology.
- Audits are simplified due to the constant tracking of the transaction.
[End of box out 1]
Word count: 1,000 Max