How secure are large-scale mining and validation facilities?

in #security7 years ago (edited)

tl;dr: I don't know, but I suspect their processes are immature so security is sub-optimal. I also suspect that they will require guidance on how to secure their operations.

Not so long ago I was involved in suggesting a "blockchain" related to a work competition. One of my colleagues was actually the one who originally suggested the idea, but I took it and developed it further: blockchain companies need security advice. In particular: mining farms, POS validation faiclities, and exchanges.

While most people are desperate to put everything on to a blockchain it seems clear that in their haste they forget about security. I don't just mean chain security (part of which is "crypto-economics"), which is being looked at by a lot of smart people, but the operational security of the organisations working in blockchain. I was more specific in my proposal than looking at any organisation working within blockchain but rather the proposal concerned the security of mining and validation facilities.

This seems like an obvious idea for a "new" area of consultancy. In reality, there isn't really anything new with security here but rather a new use case. To my dismay the idea was misunderstood and didn't progress to the next round. Oddly, some people thought I was suggesting the design and construction of Bitcoin ASICs. I have NFI how they came to that conclusion. Hardware is sexy while business processes are boring?

"operational security is dull"

It may sound dull to talk about operational security while lots of people are talking about ICO moonshots. I appreciate that; however, your lambo rocket will never hit the moon if you've been robbed and left in the gutter. Organisations will have a hard time keeping their money if their security is poor. Numerous exchange hacks (too many to recall now) and coin thefts highlight that operational security is far from optimal in the blockchain space.

Despite the numerous exchange hacks what really spurred me on to write this piece is the recent theft of Bitcoin mining hardware in Iceland. It underscores the most explicit point which was made in my proposal for the competition: "the security of enterprise mining facilities is probably poor and these companies could probably do with advice and perhaps even better security devices."


Image Source: Ars Technica

Exhibit A: theft of mining equipment in Iceland

A recent Ars Technica article reported on a theft of a mining equipment from a from a large mining facility:

Bitcoin thirst spurs Icelandic heist—“Grand theft on a scale unseen before

600 mining computers were recently stolen from Icelandic data centers in four separate burglaries between December 2017 and January 2018.

Apparently, the specialized machines have not yet been located and are worth approximately $2 million.

While this piece underscores the notion that physical security is important and often forgotten about. A lot more time is spent thinking about the security of private keys, which also seems to be managed poorly. Both aspects need to be appropriately considered. It frustrates me that this was exactly what I suggested in the competition proposal.

The operational security problem won't go away with POS

The security model of the proposed future POS mechanisms (e.g. Ethereum's Casper release, Polkadot) is suggested to be more secure than current PoW mechanisms. However, this concerns the on-chain security, not the operational security of the organisations that use the chains.

The problem of operational security does not go away. GPU and ASIC mining farms will be replaced by servers: mining farms will become validation facilities. I suspect that while computation will be less intensive, the value of transactions processed by a single processor is likely to increase as blockchain's adoption grows. A private blockchain which is used by a consortium of banks could quite easily process trillions of dollars in transactions every day.

Why do I think trillions? The size of the foreign market is already valued at trillions per day. Single banks already process hundreds of billions of dollars every day. If we can imagine that those transactions could one day be settled on a blockchain then the number I suggest above is at least feasible.

Maybe, just maybe, it will be important to consider the operational security of such facilities. If banks are the stewards of future blockchains then we are fortunate in the sense that they already take security more seriously than many organisations and fortunately the processes for securing a server are well-known. Unfortunately, this vision of the future sees the concentration of money residing within traditional banks. One of the initial principles of blockchain was to move away from traditional banking. Banks already have a lot of money for development, better operational security than most organisations, and a customer base they can leverage for continued income and technology adoption.

One of the major concerns of a future which relies heavily on POS is the location of private keys: do these keys need to be held on the same server that validates transactions? I'm not sure. It isn't a concern for POW chains as miners can author blocks and receive their pay-out to an offline wallet (which can easily be physically and geographically separate). At the moment I don't know enough about how the relevant details of proposed POS schemes and whether the location of private keys is a problem or not. That said, private keys still need to reside somewhere and regardless of where that is: those keys still need to well protected.


How big could the consultancy market be?

Back to my suggestion: security consultancy for large-scale mining and validation facilities. I think there is definitely a business opportunity here, although the market here is fledgling. I suspect the companies may retain a security specialist and perhaps have paid for consultancy in the past: it is hard to imagine that Genesis Mining have not had a penetration test of their website. If so, they paid another company to do it.

I can't say how big the market is in terms of dollars (I haven't done rigorous research), but even taking rough estimates the indicated size of Genesis Mining and even from the hardware manufacturer Bitmain then it stands to reason that there ought to be companies with revenues in the millions of dollars. I would wager that they should be interested in apportioning a reasonable amount of their money for security products and advice. At the moment the market is probably tens of thousands as a bare minimum (tiny!), but that's probably overly conservative. Not too far in the future it should be worth millions.

I also suspect that no company has stepped forward to be the leader as a security consultancy in this area; hence, the organisations which require consultancy may not even know who to turn to. Consequently, I suspect mining companies will try to do a lot in-house problem solving.


Comments and suggestions welcome below!

Disclaimer: This article is all my own work. None of the opinions expressed in this blog are that of a past, present, or future employer.