上QQ阅读APP看书，第一时间看更新

Unexpected security risks

Much like cryptocurrencies themselves, one thing that public blockchains have led to is black market trading (reference: https://lifehacker.com/what-to-know-about-monero-the-black-market-cryptocurre-1822558727). Everybody can read and write transactions, and they can do this anonymously. Because transactions are bound to an address and not a personal identity, it is hard to figure out who is actually trading. Public blockchains also increasingly attract the attention of cyber criminals who wish to steal cryptocurrencies or other available assets.

Another security risk associated with a public blockchain is that the commonly-used method of reaching consensus consumes a lot of energy. This may lead to centralization or possible attacks on the network due to collusion, as the majority of the network nodes will be run by countries offering cheap electricity or even a single country that can do so. Changes in electricity pricing policies, or even subsidies, can have a major impact on such networks. The following list shows the average costs to mine one bitcoin around the world (reference: https://www.investopedia.com/news/how-much-does-it-cost-mine-bitcoin-around-world/):

List of average cost to mine 1 bitcoin of some of the countries. The full list is available on https://www.investopedia.com.

A similar attack allows a pool with a sufficient number of nodes to obtain wealth larger than its actual solving power. This vulnerability allows the colluding group of nodes to force honest nodes into performing wasted computations in a stale fork or branch of the blockchain. During the attack, the honest nodes spend their computation cycles on blocks that eventually will not be part of the blockchain, because they are part of the stale or shortest branch of the blockchain. The colluding group does this by keeping the created blocks private and secretly performing bifurcation of the blockchain.

The colluding group finally reveals the blocks to the public. The honest nodes then need to switch to that branch because they're no longer producing blocks for the dominant/longest chain.

This does not mean that there are no security concerns when using a private blockchain. In a private blockchain, operators can control who is allowed to connect to the network and who can operate a node. One of the concerns of running a private node is that it can restrict the transmission of information, or even transmit incorrect information. Such nodes must be identifiable and bypassed to maintain the integrity of the system. Also, in a private blockchain, all nodes need to use the same method of consensus. Since different nodes can be operated by different parties, there needs to be consensus about the consensus method used by the network, which is commonly reached during a face-to-face meeting with all participating members.