bitcoin final

Recommendations

Info

Bitcoin: risk factors for insurance 12Institutions holding Bitcoin would suffer real lossesfrom any collateral drop in Bitcoin prices, butnominal Bitcoin holdings themselves would remainunthreatened.Additionally, the evidence of such an attack wouldbe manifest – newly mined blocks would not includerequested transactions – and steps could be taken toadjust the Bitcoin protocol so as to ignore the blocksmined by the attacker and return the network tonormal operation sufficiently quickly that the chanceof collateral consequences, like loss of faith in thecurrency, could hopefully be minimised 39 .4. Sybil attacksBitcoin, as discussed previously, is a peer-to-peernetwork. Rather than seeking to attack the entirenetwork, as with a 51% attack, a sybil attackerseeks to target one node on the network, say aparticular Bitcoin company’s known connectionpoint to the network. The sybil attacker createsa sufficient number of Bitcoin nodes adjacent tothe target node to become the victim’s only meansof connecting to the network as a whole. In otherwords, the attacker surrounds the victim withmalicious peers. It may appear to the victim thatthey are still accessing the network through manydifferent individual computers owned by various,honest individuals, but in reality their access islimited to a handful of peers that are all under thecontrol of the attacker.Once the attacker has her victim surrounded,she can refuse to relay the victim’s transactions,effectively disconnecting the victim from financialaccess. Alternatively, the attacker can feed the victimmis-information about the state of the network as awhole. Let us say the victim is an exchange and theattacker is a putative customer of that exchange.The attacker could claim that it transferred bitcoinsto the victim exchange hoping to trade thosecoins for dollars. To validate this transfer, thevictim expects the network to send it up-to-dateversions of the blockchain, the record of all validtransactions. The attacker can send fraudulentversions of this record. The fraudulent version couldindicate that the attacker has paid the victim evenif there is no such record on the genuine blockchainof the larger network. The victim believes theyhold new bitcoins and therefore credits the bankaccount of the attacker (presumably opened undera fraudulent name). If the attacker can continue todeceive the victim for long enough, they may be ableto withdraw from their bank account and walk awaywith cash before either the exchange or the bank isaware of the deception.The Bitcoin network, however, is inherently resilientagainst these attacks. In order to keep up thedeception, the attacker would need to continuouslyfeed the victim new fraudulent blocks that makeit appear as though the network is functioning asnormal. Each block, even a bogus block, is difficultto create, depending, as it must, upon the exertion ofscarce computing resources. An attacker with only10% of the computing power of the entire network(still a massive amount of power for any individualparticipant) would only be able to generate bogusblocks at 10% of the normal speed. A would-bevictim could monitor for such an attack by lookingfor notable decreases in the frequency of newblock generation. Should the network computingpower, referred to as the hash-rate, appear to dropprecipitously, the victim can be on guard that theymay be under attack. At this point the victim canblock the current nodes to which they connect andseek other, honest nodes within the peer-to-peerBitcoin network. The extreme difficulty of deceivingone’s victim in a sybil attack has led many in thedevelopment community, including lead developerGavin Andresen, to label the attack “theoreticallyworrisome, but practically not a high priority.” 40Exchanges and other large Bitcoin businesses should,nonetheless, take reasonable steps to mitigate againstsuch an attack. Automated processes should bedeveloped, if they have not been already, to monitorfor unusual network states, as when hash rate declinesprecipitously because of a sybil attack.5. Distributed denial of service attacksAs with any network, Bitcoin is potentiallyvulnerable to distributed denial of service (“DDoS”)attacks. Simply put, a DDoS attack is an effortto make a network resource unavailable byoverwhelming it with service requests. Given thatBitcoin is a peer-to-peer network, the resources onthat network (e.g. transaction relaying or validation)depend on the availability of peers. For the purposesof this network service, there are two classes of nodeon the Bitcoin peer-to-peer network: those thataccept incoming Transmission Control Protocol(“TCP”) connections, and all others. When aBitcoin wallet or Bitcoin node is attempting toconnect to the network, it must contact one or moreremote nodes that receive incoming connectionsfrom outsiders.There is no accepted technical term for thesenodes, but we can refer to them as “acceptor” nodes.Acceptor nodes are the linchpin of the network.There may be 100,000+ nodes out there withcopies of the blockchain. Without acceptor nodes,however, there is no network to relay copies of theblockchain to users. Estimates on acceptor nodecount are under 7,000, and falling 41 . A maliciousLloyd’s Emerging Risk Report – 2015
Bitcoin: risk factors for insurance 13party could spam these nodes with phony requests,overwhelming their ability to respond to legitimaterequests from the network at large. This could makethe network slow or unresponsive for the durationof the attack.The resources necessary to sustain such an attackwould likely be costly. Nevertheless, it is widelybelieved that those costs are substantially less thanthe costs involved in a 51% attack 42 .To be clear, a DDoS attack would not threatenexisting Bitcoin holdings or enable theft. It wouldsimply make the network unavailable to process newtransactions. A prolonged attack would, however,significantly undermine confidence in the value ofthe currency, potentially leading to a large-scalesell-off once transactions resume.6. Consensus or fork riskAnother global risk is consensus or fork risk. In thiscontext, “consensus” means the Bitcoin network’sability to agree upon an authoritative ledger, orblockchain, that lists all current Bitcoin holdings.Miners continuously add to this chain by generatingnew blocks at a rate of roughly one block everyten minutes, network-wide. All miner software ispre-programmed to add blocks only to the largestcurrently broadcast chain. A “fork” occurs whensome miners work on one chain while others workon another. The danger of a fork is that it presentsBitcoin users with two alternative states of thetransaction record. One state has new blocks thatcould suggest that a transaction has occurred, whilethe other has blocks that could deny that fact oreven record that a different transaction, using thesame funds but paying another party, has occurred.Users are left wondering whether money has, orhas not, in fact changed hands. And malicioususers could purport to send the same money to twodifferent people on two different prongs of the fork.Brief forks are normal, and one or two block forkshappen on the network every day. These forksare quickly resolved as the network actively andautomatically seeks to identify the prong of the forkthat has the most computing effort dedicated to it,i.e. to reach consensus. Once that prong is clearly andcertainly identified, the new blocks in the rejectedprong will be abandoned. Because these forks onlylast some two blocks, transactions can only be lost ordouble spent within a short (~20 minute) window.As the network returns to consensus, thesediscrepancies will be resolved, and after an hourany transactions included in the now unified andauthoritative blockchain can be presumed trustworthy.Therefore, as with transaction malleability risk,losses can be avoided by refusing to take an action(e.g. credit an account, or resend a purportedly losttransaction) until the relevant transaction has beenconfirmed by some five or six blocks (i.e. existed inthe blockchain for roughly an hour).However, should a long-standing fork occur, thedamage to Bitcoin as a whole could be severe. Inthis situation, merchants and businesses cannot becertain which fork is accurate. The same bitcoinsmay be double-spent on each fork, violatingthe core Bitcoin security promise 43 . Such a forkwould be instantly recognisable by Bitcoin usersand observers owing to the public nature of theblockchain. An insurer, faced with this event, mightwell consider limiting insurable assets to those onthe books before the fork. In such a circumstance,all responsible, aware Bitcoin parties would stopprocessing transactions beyond the fork, and untilthe fork is resolved, to avoid being defrauded.Until that resolution is reached, all Bitcoinpayments stop. Bitcoin is essentially shut down, asone cannot trust any bitcoins received. The longerthis divergent state of affairs continues, the greaterthe likely erosion of faith in Bitcoin as money. ThisLloyd’s Emerging Risk Report – 2015
Page 1 and 2: Emerging Risk Report - 2015Innovati
Page 3 and 4: Contents1 Executive summary 022 Int
Page 5 and 6: Lloyd’s Emerging Risk Report - 20
Page 9 and 10: Bitcoin: risk factors for insurance
Page 13: Bitcoin: risk factors for insurance

bitcoin final

Create successful ePaper yourself

Delete template?

Save as template?