How to ensure the security of digital currency

1.

One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future

of course, blockchain developers can also take some measures

one is to use professional code audit services,

the other is to understand the security coding specifications and take preventive measures

the security of cryptographic algorithm

with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks

of course, in addition to changing the algorithm, there is another way to improve the security:

refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked

security of consensus mechanism

the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc

POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)

in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow

in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction

for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene

security of smart contract

smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc

there are two aspects of the proposed measures:

one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development

the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully

security of digital wallet

there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones

there are four main countermeasures:

one is to ensure the randomness of the private key

The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with

The third is to use cold wallet

The fourth is to back up the private key

2. Bitflyer, the largest bitcoin exchange in foreign countries, is headquartered in Tokyo.

3. Don't put it on any electronics
record on paper
even if offline, data may be stolen, even if it is shut down, it may be turned on remotely

4. It's safer to use kushenleng wallet. When storing digital currency, it's not connected to the Internet at all, which avoids hacker attacks and greatly increases the security. The operation process is also very simple and safe.

5. Using kushenleng wallet can ensure the security. When I used to store digital currency, I bought kushenleng wallet, which is very safe and easy to use.

6. The preconditions for commercial banks to create deposit currency are as follows: first, complete credit currency circulation; The second is to implement the system of proportional deposit reserve; Third, non cash currency settlement is widely used. The restrictive factors are: 1) statutory deposit reserve ratio 2) withdrawal ratio 3) excess reserve ratio

7.

With the advent of digital currency, the encryption algorithm of currency is becoming more and more important. What are the types of passwords

classical cipher types mainly include transposition cipher and rearrangement of alphabetic order messages. For example, "Hello world" becomes "ehlol owrdl"

Diffie Hellman and RSA algorithms have been widely used except for the first public example of high quality public key algorithms. Other asymmetric key algorithms include Cramer schup cryptosystem, ElGamal encryption and various elliptic curve techniques

some well-known cryptosystems include RSA encryption, Schnorr Signature, El Gamal encryption, PGP and so on. More complex password systems include e-cash system, signcryption system, etc. Now more cryptosystems include interactive proof systems, such as zero knowledge proof, which is used for secret sharing

for a long time, information collection and law enforcement agencies have been interested in cryptography. The importance of secret communication is self-evident. Because cryptography promotes privacy protection, it also attracts great interest of cryptography supporters. Therefore, there is a history of controversial legal issues around cryptography, especially since the emergence of cheap computers makes it possible to widely use high-quality cryptography

nowadays, cryptocurrency transactions are semi anonymous, which makes them very suitable for a series of illegal activities, such as money laundering and tax evasion. However, the proponents of cryptocurrency often attach great importance to the anonymity of digital currency and think that it can protect the privacy of users. Some cryptocurrencies are more private than others

Cryptocurrency is a new type of digital asset, which is based on the network distributed on a large number of computers. This decentralized structure enables them to exist outside the control of the government and central authorities. The term "cryptocurrency" also comes from the encryption technology used to protect the network

blockchain is an organization method to ensure the integrity of digital currency transaction data, and it is an important part of many cryptocurrencies. Many experts believe that blockchain and related technologies will subvert many instries, including finance and law. Cryptocurrencies have been criticized for many reasons, including their use for illegal activities, exchange rate fluctuations and the vulnerability of the infrastructure that underpins them. However, digital currency is also praised for its portability, divisibility, anti inflation and transparency

8.

The contract transaction of digital currency is not safe. There are still many loopholes in the digital currency trading platform, for example, the most common ones are as follows:

1. Denial of service attack

denial of service attack is the most important attack against the digital currency trading platform at present. Through the denial of service attack, the attacker makes the trading platform unable to access normally, while the user cannot accurately distinguish the attack degree, It often leads to panic asset transfer, which brings some loss

9. It has been trading in shangya exchange. It's very good, but the app didn't come out