Proponents of blockchain technology, a distributed data structure that enables peer-to-peer transactions without a central authority, often point to three characteristics as crucial to the technology's success. Transactions have to be valid, the system must maintain consensus and the distributed ledgers, such as bitcoin, must be immutable over time.
But, the truth is, "all three of these things have failed in practice before," Emin Gun Sirer, associate professor at Cornell University and co-director for the Initiative for Cryptocurrencies and Smart Contracts, said at the recent Business of Blockchain event in Cambridge, Mass.
In his talk, Sirer identified ways in which each of the characteristics of blockchain -- validity, consensus and immutability -- have broken down, but he advised attendees to embrace the failures as critical steps in blockchain's development. It will take a village to raise blockchain to maturity, he said. "It's not going to be done by any one group or any one entity. It's going to be all of us working collaboratively," he said. "We're going to have to learn to not make a big deal out of failures."
Indeed, failure isn't the metric by which to judge blockchain's wins or losses; what matters is how resilient blockchains are in the face of failure, he said. "When it happens, as long as you have a way to recover, as long as you've thought it through, that you've preplanned for this, you're OK," he said. "What is dangerous -- maybe fatally dangerous -- is adopting a bad narrative that restricts what you can do."
Here is a synopsis of blockchain's three characteristics and how they went wrong:
Validity and blockchain development
In 2010, a year after bitcoin's public debut, a vulnerability in the code led to the creation of approximately 184 billion bitcoins, greatly exceeding the cryptocurrency's established limit of 21 million bitcoins. The code had been written to prevent more bitcoins from flowing out than coming in. "So I couldn't take 100 bitcoins and send 101 bitcoins," Sirer explained.
When the vulnerability created the 184 billion bitcoins, the code added up the output, but it wasn't programmed to account for an integer overflow. Instead, when the sum of the output exceeded a certain size, it "rolled over in the finite space the computer has for representing numbers" and presented as a smaller total than it actually was, Sirer said.
Bitcoin Magazine provided a tangible example of integer overflow to explain the error: When a car exceeds the maximum number of miles its manual odometer can clock -- say 999,999 miles -- it doesn't stop working. Instead, it rolls over to zero.
The error was caught and corrected "by unrolling the bitcoin blockchain and rerolling it forward having applied the patch," Sirer said.
Consensus and blockchain development
To add a transaction to the distributed ledger, a majority of the end nodes, each with a copy of the data, has to agree that the transaction is valid. This is known as the consensus mechanism.
In 2013, bitcoin experienced what Sirer called a "fork," when the chain of transactions splits. Forks are a known quantity in blockchain. When a fork happens, those working to approve transactions follow a protocol of adding new blocks of transactions to the longest of the two prongs only, quickly stunting the shorter prong from growth. New transactions in the shorter prong are still tied to the blockchain and will eventually be validated.
But in March 2013, the miners couldn't distinguish between the longer and shorter prongs for several hours, according to Sirer. "People had to roll back quite a long stretch of the bitcoin blockchain ... because of a change in the consensus rules," he said.
Immutability and blockchain development
Immutability is considered a crucial characteristic for blockchain technology. "Yet, every currency has had to modify its semantics over time," Sirer said. "Every currency has faced situations where it might want to go back and undo what happened."
Sirer pointed to a recent example of this from a decentralized autonomous organization known as The DAO, which he described as "the crazy child of a VC fund like Andreessen Horowitz merged with Kickstarter."
The DAO is a crowdfunded business. It's built on the ethereum cryptocurrency blockchain. Members of the community purchased DAO tokens in May 2016, giving them voting rights on how to run the business. The DAO planned to take the funds collected and invest in project proposals (à la a VC fund), with the community voting on what to invest in (à la Kickstarter).
Three weeks into its token sale, The DAO amassed more than $100 million, and its seemingly overnight stardom piqued Sirer's interest. He and his colleagues began looking critically at the underlying code of The DAO's smart contract, an automated process that controls the transfer of digital assets and cannot be interfered with once it's set into motion.
"It was full of bugs," he said. "It was full of unintended side effects through which someone could essentially drive a truck and come out with a lot of ether."
The smart contract was set to automatically become operational 28 days from the start of the token sale. Ahead of that, Sirer and his colleagues made an unusual request: They called for a moratorium of The DAO to fix the known bugs. But to no avail.
Within a day of The DAO becoming active, someone exposed two vulnerabilities in the system -- one Sirer and his colleagues had identified and one they hadn't -- and stole about $52 million. The event led to a controversial and permanent split in the ethereum blockchain -- what is called a "hard fork" -- between those who agreed to rewrite the blockchain and reverse The DAO transactions and those who opposed sacrificing immutability.
Now, two versions of the ethereum blockchain exist -- ethereum classic and ethereum.
A blockchain tutorial for CIOs
Blockchain will have a profound impact on IT
Blockchain could be an answer to the IoT security problem