Can Bitcoin be Hacked?
Every now and then, cryptocurrency exchanges and companies become subject to hacker attacks, during which the hackers can steal bitcoins ranging from a few hundred to hundreds of thousands.
Here is a list of some of the popular cases:
- • July 2014 – Cryptsy (13,000 BTC and 300,000 LTC – about $5,2 million)
- • January 2015 – Bitstamp (19,000 BTC – about $5 million)
- • April 2016 – ShapeShift (315 BTC – about $130,000)
- • May 2016 – Gatecoin (250 BTC – about $114,500, and 185,000 ETH – about $1,850,000)
- • August 2016 – Bitfinex (119,756 BTC – about $70 million)
- • July 2017 – Parity Wallet (153,000 ETH – about $32 million).
Keep in mind though, that hacking an exchange does not necessarily mean that Bitcoin and the blockchain are themselves hacked as a system.
This means only that the hackers gained access to a third-party storage system that contained private keys belonging to clients using the exchange.
Bitcoin, as a system, is not and cannot be responsible for the inappropriate storage of private keys for Bitcoin addresses.
Responsibility for this storage rests with the address’ owners themselves.
Therefore, the hacking of cryptocurrency exchanges, or other services on which the user’s private keys are temporarily stored, is in no way related to the hacking of the Bitcoin and blockchain system.
Here are three theoretical ways of compromising Bitcoin’s security:
1. 51% attack
This refers to a situation where more than half of the processing power of a Bitcoin network is controlled by one miner or a group of miners. Theoretically, this amount of computing power gives control over the network. This means that every client program on the network believes in the confirmed block of transactions issued by the hacker.
This allows the hacker to control the network, as well as do the following:
- • spend the same coins several times over;
- • stop the confirmation of someone else’s transaction;
- • prevent other miners from forming valid blocks;
- • create transactions that conflict with others.
Anyone with this much control and power over the blockchain could completely disrupt the system and spread chaos.
However, the insanely high cost of mining due to the use of PoW (proof of work done) serves as reliable protection against attempts to hack into the monetary network and exercise control over it, making it economically inexpedient to use the so-called 51% attack.
Nowadays, for such an attack to take place, you would need to purchase equipment worth approximately $5 billion. On top of that, you would incur electricity costs amounting to around $10 million each day. Theoretically, this is possible, but highly impractical and costly, so don’t expect to see the blockchain going down any time soon.
2. Exploiting errors in the system’s code
Bitcoin is a constantly evolving system. The code of its main software client Bitcoin Core has changed and improved several times since its inception.
Despite the fact that independent professional programmers from different parts of the world are working on this code, the final decision on making changes to the code is made after a thorough discussion of them, however, there is always a potential risk of unintended errors, bugs, and vulnerabilities.
This risk is miniscule, but it exists nonetheless and must be taken into account. So far, the only incident in Bitcoins history that matches this description is the value overflow incident that occurred on August 15, 2010.
More than 184 billion Bitcoins were transferred in a single transfer.
92,2 billion BTC’s were sent to two different addresses, as well as an additional 0.01 BTC to a third one, all of which didn’t even exist before the transaction took place.
After about an hour since the incident, the defective block N 74638 was replaced by a clean N 74691 block.
This was the only significant vulnerability found and used in the entire history of Bitcoin.
3. Hacking private keys
Bitcoin addresses are associated with private keys through a cryptographic hashing algorithm based on the SHA256 function.
The SHA256 hash function is irreversible, meaning that it is impossible to identify the private key knowing only the bitcoin address itself.
All you would need to do is to run through all the possible variants, which amounts to 2 to the 256th degree or 10 to the 77th degree. Basically one with 77 zeros. An absurdly big number.
It is impossible to go through all these options no matter how much spare time you have at the current level of development of computer hardware.
Even if we took all the computing power in the world and used for this purpose, it would literally take billions of years, unless you get lucky of course, but the odds of that happening are so infinitely small, it shouldn’t even be considered possible.
Nevertheless, computing power does not stand still and is constantly and rapidly developing.
It is entirely possible that the SHA256 hash function will be cracked at some point. Perhaps for this is a task for quantum computers, but they are still in their infancy.
Even if quantum computers become a reality for us, it is difficult to predict how many resources and energy will be required for this insane task.
The moral of the story then is that the idea of hacking SHA256 is currently from the realm of science fiction.