International blockchain security competition

1. Omer ozden, Evgeny Kosolapov, Lee Wilkins, chase freo, Yang Dong, Yu Hong, Liu Hui, Shen Dahai, Xu Jizhe, Wu Bo, Song Wei and other guests

2.

In 2017, blockchain technology is undoubtedly a new wave of technology after the mobile Internet. From the three dimensions of technology implementation, commercial application and commercial realization, blockchain is expected to become a new technology after the mobile Internet, which will once again subvert people's digital lifestyle. At present, the new technology wave of blockchain fascinates more and more developers. Therefore, Neo, a non-profit community blockchain project, joins hands with Microsoft to open the first domestic blockchain developer competition, aiming to proce more excellent applications based on Neo blockchain and Microsoft's development environment and tools, so as to form a strong application ecology for blockchain developers

"People are using blockchain technology in a more interesting way as the basis for 'decentralized applications' rather than just applications like financial technology and cryptocurrency," said Mike Mason, technical director of the office of chief technology officer of ThoughtWorks, a global software consulting firm. You know, "blue ocean" has never lacked players. Some Internet companies are trying their best to land on the beach, and have established the blockchain instry market as an inevitable choice for development. In China, netxin technology, a wholly-owned subsidiary of Xunlei, has used blockchain technology in the innovative cloud computing mode - "shared computing"

earlier, Xunlei implanted the concept of sharing economy into the field of cloud computing, and created an original" sharing computing "mode. By collecting users' idle computing resources, Xunlei transformed them into innovative cloud computing services for enterprises, On the one hand, it can effectively solve the social contradiction between the shortage of social computing resources and the high cost of computing, on the other hand, it can greatly rece the operating costs of enterprises. In August 2017, Xunlei launched a new sharing economy intelligent hardware player cloud. Its significance lies in that in the shared computing ecosystem, Xunlei joined the blockchain technology to issue player coins to users who share idle resources such as bandwidth, storage and computing power through the player cloud intelligent hardware

playcoin is a digital asset created based on blockchain technology in the thunderbolt shared computing ecosystem. With the launch of playcoin, Xunlei has become the pioneer of blockchain technology in China, and also has many advantages in its shared computing. Firstly, playcoin, based on shared computing and blockchain technology, ensures that the payment and income of users' shared computing resources and content are equal through smart contracts, which cannot be denied; Secondly, through decentralized accounting records, all transactions are true and transparent; Third, register users' right and modify records through blockchain to protect users' right from infringement

in fact, blockchain technology has strong advantages in network security, cross-border payment and other fields, and also has important value for building a community of destiny in cyberspace. On October 31, 2017, Chen Lei, CEO of Xunlei group and CEO of netxin technology, put forward the all in blockchain strategy and announced that Xunlei will increase investment in blockchain technology starting from the player cloud to explore the application of cloud computing and blockchain technology integration. On the day of the press conference, playmaker cloud also signed a right content distribution agreement with 4K garden, trying to integrate shared computing and blockchain technology to provide a platform for right distribution and content distribution. In the future, blockchain will generate more application scenarios in thunderbolt's shared computing ecosystem. Xunlei's innovative attempt may give more inspiration to developers of other blockchain technology applications

at the same time, as a leading enterprise in the blockchain application market, Xunlei is also actively guiding the healthy development of blockchain applications, insisting on not doing ICO, not going to the third-party trading platform, and severely cracking down on the third-party platform for illegal trading of customer coin, and cracking down on speculation and speculation through such measures as the real name system of customer Coin Wallet. Therefore, blockchain application developers should also abide by the law and avoid risks

based on the blockchain technology, Xunlei's "player cloud" takes the lead in building the C-end application of China's blockchain technology, which promotes China's blockchain technology to participate in the ecological development of global blockchain and creates important value in the development of digital economy“ The development history of the Internet is a history of innovation and Entrepreneurship of Internet talents. " The development of blockchain also needs a lot of talent support. We are looking forward to the birth of "blockchain +" Application in the first domestic blockchain developer competition

3. The world blockchain conference, a semiannual world instry event in the field of blockchain, aims to build an international platform for global blockchain related instries to interconnect, share and co govern, and create a win-win situation.

4. Security in blockchain comes from some attributes< Mining blocks need to use resources< Br > 2. Each block contains the hash value of the previous block< Br > imagine if the attacker wants to change the chain by changing the transaction five blocks ago. If they tamper with the block, the hash value of the block changes. Then the attacker must change the pointer from the next block to the changed block, and then change the hash value of the next block... This will continue until the end of the chain. This means that the farther the block is behind the chain, the greater the resistance to change. In fact, the attacker has to simulate the hash capability of the whole network up to the front end of the chain. However, when the attacker tries to attack, the chain continues to move forward. If the attacker's hash value is lower than the rest of the chain (< 50%), they will always chase and never proce the longest chain. Therefore, this type of blockchain can resist attacks, where the attacker's hash value is less than 50%< Br > when attackers have 51% hash value, they can rewrite the network history with a list of valid transactions. This is because they can recalculate the hash value of any block sort faster than the rest of the network, so they can ultimately guarantee a longer chain. The main danger of 51% attacks is the possibility of double spending. This simply means that an attacker can buy an item and show that they have paid with any number of confirmations on the blockchain. Once they receive the item, they can reorder the blockchain so that it doesn't include the send transaction and get a refund< Br > even if the attacker has more than 50% hash value, the attacker can only do so much damage. They can't do things like transfer money from the victim's account to their account or print more coins. This is because all transactions are recorded by the account?? Account owners sign, so even if they control the entire network, they cannot forge account signatures.

5. Because each block contains its own hash value and the hash value of the previous block, changing a hash value will invalidate the rest of the blockchain
if you have problems with blockchain, you are welcome to chat in private~~~~~

6. When it comes to the nature of blockchain, several key words are familiar. For example, decentralization, distrust, consensus mechanism, asymmetric encryption, distributed accounting, tamper proof, absolute transparency, openness and so on. At the same time, some teaching posts also list the structure of blockchain, such as data layer, network layer, consensus layer, incentive layer, contract layer and application layer
however, it's easy for people with an eye to see why there is no security layer? In fact, several key features of blockchain have already solved the security problem. First, the blockchain uses asymmetric encryption technology. In fact, encryption and decryption are different keys, namely public key and private key. In short, the public key is open to the public, while the private key is absolutely confidential
secondly, distributed bookkeeping is a way for blockchain to store data. It can also be understood as distributed storage, which is consistent with the concept of decentralization. In the form of ledger, there is no central ledger in the network, and the ledger is stored in each node. Each node is not only independent, but also can act as the central node. Therefore, the central node will not be attacked, leading to the loss of core books or data, and the whole network will not be paralyzed
moreover, tamper proof is the basic feature of blockchain. As long as the chain can not be modified, and can not be deleted. If it needs to be changed, based on the principle of transparency and openness, the whole network and all nodes need to be informed. Therefore, under the democratic mechanism, the possibility of tampering with data at will is very low. Therefore, blockchain technology is applied in various instries, such as finance, payment, traceability, games, etc., such as the network "universe", Tencent's "come together to catch the demon", and Zhongan Huanyu blockchain "Dr dragon hunt" are the safe and high-quality procts under the blockchain technology.

7. One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can only attack successfully when they hold more than 51% of the token, which is more difficult than 51% of the computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring great losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contracts, and the other is to follow the principles of smart contract security development
the security development principles of smart contract are: be prepared for possible errors to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
the second is to verify the hash value before software installation to ensure that the digital wallet software has not been tampered with
the third is to use cold wallets
the fourth is to back up the private key.

8. Most lovers go to Zhuang by car first. What do you think Fengshen has at present? Many students communicate with each other to create a space project. There are all kinds of absolute landscape risks. Therefore, the doubles project has been closed to the county. There are all kinds of creation competitions. The youth project is a landscape project. There are all kinds of illusions of College Students' competitions. It has been sent to the East landscape risk.