Basic blockchain security

Blockchain technology produces a structure of data with inherent security qualities. It’s based on principles of cryptography, decentralization and consensus, which ensure trust in transactions. In most blockchains or distributed ledger technologies (DLT), the data is structured into blocks and each block contains a transaction or bundle of transactions. Each new block connects to all the blocks before it in a cryptographic chain in such a way that it’s nearly impossible to tamper with. All transactions within the blocks are validated and agreed upon by a consensus mechanism, ensuring that each transaction is true and correct.

Blockchain technology enables decentralization through the participation of members across a distributed network. There is no single point of failure and a single user cannot change the record of transactions. However, blockchain technologies differ in some critical security aspects.

How security differs by blockchain types

Blockchain networks can differ in who can participate and who has access to the data. Networks are typically labeled as either public or private, which describes who is allowed to participate, and permissioned or permissionless, which describes how participants gain access to the network.

Public and private blockchains
Public blockchain networks typically allow anyone to join and for participants to remain anonymous. A public blockchain uses internet-connected computers to validate transactions and achieve consensus. Bitcoin is probably the most well-known example of a public blockchain, and it achieves consensus through “bitcoin mining.” Computers on the bitcoin network, or “miners,” try to solve a complex cryptographic problem to create proof of work and thereby validate the transaction. Outside of public keys, there are few identity and access controls in this type of network.

Private blockchains use identity to confirm membership and access privileges and typically only permit known organizations to join. Together, the organizations form a private, members-only “business network.” A private blockchain in a permissioned network achieves consensus through a process called “selective endorsement,” where known users verify the transactions. Only members with special access and permissions can maintain the transaction ledger. This network type requires more identity and access controls.

When building a blockchain application, it’s critical to assess which type of network will best suit your business goals. Private and permissioned networks can be tightly controlled and preferable for compliance and regulatory reasons. However, public and permissionless networks can achieve greater decentralization and distribution.

Public blockchains are public, and anyone can join them and validate transactions.

Private blockchains are restricted and usually limited to business networks. A single entity, or consortium, controls membership.

Permissionless blockchains have no restrictions on processors.

Permissioned blockchains are limited to a select set of users who are granted identities using certificates.

Leave a comment