Blockchains are widely recognized as one of the most secure and robust forms of a database. This is largely due to the decentralized nature of blockchain networks, in addition to the use of public-private key cryptography.
Public-private key cryptography is a highly secure solution that enables a user on a blockchain to authorize a transaction from their wallet using a private key.
This key is kept secret while being linked to one or multiple public keys, which are essentially like email addresses that can be openly shared and are used for sending and receiving information.
Basically, the public key lets everyone know what your address is, while a private key allows you to verify that you own an address but without the need to reveal what the private key is.
The private key acts as a tool for decrypting encrypted messages that are only meant for the intended recipient of the message.
Data encryption is essentially the process of using mathematical computation to scramble an input of readable data into a seemingly random series of words, letters, and characters, which require a different type of mathematical computation to unscramble and recreate the readable data.
For example, if Bob wants to send a message that is only intended for Alice to see, then Bob will use his public key to encrypt the message before delivering it to Alice’s public key. Alice’s public key is linked to a private key that only she has access to.
In order to open the message, Alice must use her private key to decrypt the message, thus proving that she is the intended recipient of that message.
On a blockchain, this method of encrypting and decrypting messages using public-private key cryptography is how funds can be securely delivered to the right recipient knowing that they must hold the private keys in order to authorize those funds to be spent.
Decrypting a blockchain message without private keys is an extremely difficult task for even the most sophisticated hackers. Even with the help of today’s supercomputers, it would take thousands of years to crack the code of a blockchain such as the Bitcoin network.
However, with the advent of advanced technologies like Quantum Computing, the timeline for cracking the code that allows one to access another user’s private keys could shrink to a matter of minutes.
Blockchains Encryption Vulnerabilities
Bitcoin, which is widely regarded as the most secure blockchain, uses a hashing function and encryption algorithm to secure the chain.
The hashing function, SHA256, is used to store the hash of a previous block unto a new block, thereby forming a chain and ensuring the network’s immutability. The encryption algorithm is called the Elliptical Curve Digital Signature Algorithm (ECDSA) which is used to validate that a transaction was signed by a private key that corresponds to the same public key that was shared by the counterparty in a transaction.
While SHA256 is theorized to be more secure against attacks by quantum computers , ECDSA is not quantum-proof, meaning that with a Quantum computer, a hacker could reverse the elliptical curve algorithm to derive a private key simply by having access to the public key, allowing them to access the funds stored in that user’s digital wallet and decrypt any message sent to the wallet’s public key.
How does Quantum Computing work?
Quantum computing explores how to construct and manipulate data at a subatomic level, meaning structures that are smaller than atoms. When dealing with data at a subatomic level, the unit of measure is called a qubit (or quantum-bit).
Quantum computers are being designed to be powerful enough to manipulate data stored on qubits. While the current generation of quantum computers can achieve a maximum of 54 qubits of power, it is estimated that at 4,000 qubits, a quantum computer would be able to perform calculations fast enough to crack the Bitcoin network’s elliptical curve algorithm.
How does Accumulate overcome this challenge?
Thankfully, the solution to designing a quantum-proof blockchain does not require building a more powerful machine than a quantum computer. Instead, a simpler solution is to ensure that public keys are managed in such a way that makes it impossible for a quantum computer to reliably steal anything of value by attacking one or even a set of public keys.
As an example, imagine that you could store high-value items in a safety deposit box that also gives you the ability to constantly change the locks on a locker. You could require a different lock to access the same assets inside the locker, or a different set of keys for each new lock.
Even if a bad actor was able to confiscate one of your keys, they would not be able to know if it would allow them to open the current lock or the previous one, making their attempts to steal your assets ultimately futile.
This is essentially what Accumulate offers with its intricate and customizable system for managing wallet keys. Users have access to a set of key books which reference multiple keys within a Key Page.
Keys can be arranged based on a set priority. For example, you can create high-priority keys that are placed in cold storage for use in case your other keys are lost or compromised.
Beyond that, Accumulate’s key model could be upgraded with post-quantum cryptography when such technology becomes available and necessary. This would enable users to replace obsolete keys with keys that are quantum-proof.
Each account or sub-identity on the Accumulate network can be designated a specific key page. You can have a key page consisting of keys for highly important transactions such as moving funds on behalf of a DAO treasury of institutional clients and another key page for transactions of lower importance, such as testing newly deployed Defi smart contract.
Key Books can also allow ADIs to update their security settings to include multisig or other conditions without having to touch high-priority keys, thereby maintaining the highest possible security standards and minimizing vulnerabilities.
Ultimately, Accumulate is designing a new kind of address management system that makes blockchains quantum-proof. The process of assigning high-priority and low priority keys, while being able to update security settings from any address makes it significantly more difficult for a quantum computer to compromise a users wallet and steal their funds.
Security on the blockchain is not just about the strength of the network’s cryptography, but also about minimizing single points of failure. Key pages effectively duplicate permissions and distribute the entry points that one needs to take in order to access their funds and authorize transactions. thereby making the process less prone to being exploited by hackers.
As quantum computing continues to become more advanced, users who store their funds on Bitcoin, Ethereum, and other popular blockchains would benefit greatly from adopting key pages as a way to mitigate the risk of loss in the event that their private keys are broken into by a quantum computer.
The ability to alter what a specific private key is authorized to do on its own, or to effectively render a compromised private key useless by updating its security settings are important innovations developed by the Accumulate Network that will enable all blockchains to tackle any of the cybersecurity threats they may face down the road.