Introduction to Blockchain Layers 0, 1, and 2 Security

What Are Blockchains Layers 0, 1, and 2?

In addition to these various layers within a blockchain, there is now the concept of Layer 0, 1, and 2 blockchain solutions. Each of these “layers” is intended to describe a particular function that has been added to or abstracted from the blockchain.

In the Beginning, There Was Only Layer 1

Latter 1 blockchains are standalone solutions designed to maintain a distributed and decentralized digital ledger and potentially support smart contracts. To varying degrees, blockchains are based on the design of Bitcoin. Blockchains use a peer-to-peer network to communicate, organize transactions into blocks, use a consensus algorithm to achieve agreement on the contents of a particular block, and “chain” blocks together by including the hash of the previous block in the header of the next. The details of the various blockchains can differ significantly, but they all clearly have a common ancestor.

Layer 2 Solutions Address Layer 1 Limitations

Layer 2 blockchain solutions are designed to address some of the limitations of blockchain platforms without replacing these platforms entirely. Instead, Layer 2 blockchain solutions perform off-chain activities that are then recorded on-chain. Two common examples of Layer 2 blockchain solutions are state channels and sidechains.

State Channels

State channels provide the ability to make instantaneous transactions with near-infinite scalability. Since only the opening and closing transactions are recorded on-chain, there is no need to wait for intermediate transactions to be recorded in blocks, and the blockchain is not bloated with these transactions. State channels also enable indirect transactions by allowing value transfers between multiple point-to-point state channels.

Sidechains

Sidechains address these limitations by linking a blockchain like Bitcoin to another blockchain (called a sidechain). This is commonly accomplished using bridges like Binance Bridge, cBridge, or AnySwap. To transfer assets between chains, a user sends them to a particular address on one chain, and, after the transaction is approved, the corresponding assets are unlocked on the other chain.

Sidechains offer the potential to dramatically increase the scalability of a blockchain system by allowing transactions to be recorded on another chain. It also interconnects the ecosystem of blockchains, allowing blockchain users to take advantage of the various benefits of different blockchains by transferring their assets between them using blockchain bridges. For example, a user may store assets on Bitcoin for greater security but transfer them to other chains to use smart contracts deployed on those blockchains.

Layer 0 Increases Blockchain Interoperability

The problem with the creation of completely independent blockchain systems is interoperability. In the beginning, all smart contract platforms wanted to be “Ethereum killers”. Now, Ethereum’s longevity and market share have made interoperability the major goal. Other smart contract platforms are linking via Layer 2 solutions as well as attempting to develop support for the Ethereum Virtual Machine (EVM) to enable smart contracts developed for Ethereum to run on other platforms and vice versa.

Layer 0 blockchain platforms are intended to make it easier to build and integrate blockchains by providing the building blocks needed to do so. Layer 0 protocols like Cosmos and Polkadot provide tools for developing Layer 1 blockchains and enable integration and communication between various blockchains within their ecosystems. For example, blockchains built within the Polkadot Ecosystems (called parachains) can communicate internally via the Polkadot Relay Chain or use the Layer 2 protocol’s bridges to connect to non-Polkadot blockchains (such as Bitcoin or Ethereum).

Introduction to Layer 0, 1, and 2 Blockchain Security

Regardless of whether a blockchain is implemented independently (like Bitcoin) or via a Layer 0 protocol, certain security risks exist, including:

  • Cryptography: Blockchain security is heavily dependent on the security of hash functions and digital signatures. If a blockchain uses an insecure hash or digital signature algorithm or the algorithm that it uses is broken in the future, then the security of the entire blockchain ecosystem falls apart.
  • Consensus: Blockchain consensus algorithms are designed to ensure that all nodes in the blockchain network agree on the current state of the digital ledger while protecting against cheating. The relative security of different blockchain consensus algorithms (such as Proof of Work vs. Proof of Stake) is hotly debated.
  • Node Security: Blockchains are implemented as software running on a computer. If the blockchain software contains vulnerabilities or the host node is infected with malware, then these security risks can affect both the node and the blockchain network as a whole.
  • Network Security: Blockchain nodes communicate over a peer-to-peer network that is sparsely connected. If an attacker can intercept or block communications between nodes, they can perform a Denial of Service (DoS) attack on the blockchain or threaten consensus security.
  • Smart Contract Security: Many modern blockchains are designed to support the execution of Turing-complete programs on top of the blockchain (i.e. smart contracts). These smart contracts could have design errors or implementation flaws that place them and their users at risk. Most cyberattacks against the blockchain occur at the smart contract level.

Many of these security risks could be considered as Layer 1 security risks since they exist in independent blockchains like Bitcoin and Ethereum as well as blockchains created using Layer 0 protocols. However, the introduction of Layer 0 and Layer 2 protocols can create additional threats to blockchain security.

Layer 0 Security

By using a Layer 0 protocol, blockchains accept certain security risks, such as:

  • Centralization: Blockchains implemented using Cosmos, Polkadot, or other Layer 0 protocols all depend on shared modules, infrastructure, etc. This centralizes significant power in the hands of the team behind the Layer 0 protocols, creating the potential for supply chain attacks, targeting by cyber threat actors, or internal abuse of this power.
  • Vulnerable Code: With a Layer 0 platform, many blockchains may be implemented using the same modules. If these modules contain design errors, implementation flaws, or exploitable vulnerabilities, they can affect multiple different blockchains. For example, an error in CosmWasm’s implementation of the Bech32 specification impacted the security of smart contracts hosted on 20+ blockchains.
  • Complexity: Layer 0 protocols are designed to create a complex ecosystem of interoperable blockchains. This makes security analysis more difficult and creates the potential for attacks that take advantage of undesirable and unintentional interactions between the various blockchains within the Layer 0 ecosystem.
  • Ease of Use: Layer 0 platforms make it possible to implement a blockchain with much less knowledge and understanding of the technology than is required to write one from scratch. This is good for expanding access to blockchain technology and encourages the use of well-tested, more secure modules rather than custom code. However, it also creates the potential that blockchain code will be cobbled together without a full understanding of how it actually works, resulting in code that insecure, inefficient, or otherwise less functional.

Layer 2 Security

Some of the security risks associated with state channels include:

  • Off-Chain Transactions: The transactions performed between the parties in a state channel are not recorded on the blockchain’s digital ledger. This means that they are only indirectly protected by blockchain immutability.
  • Denial of Service Attacks: A transaction can only be made between two parties if there is a path between them via state channels that have enough capacity for the transfer. An attacker that refuses transactions or sufficiently unbalances state channels could render a transaction impossible.
  • Blocked Disputes: When a state channel is closed by a single party, the other has the opportunity to dispute the final state of the channel. A DoS attack against that account could prevent a dispute transaction from being registed within the dispute window, allowing theft of some of the value stored within the channel.

Sidechains, implemented using blockchain bridges, can also create security risks, such as:

  • Centralization: Often, a blockchain bridge is implemented and managed by a small number of parties that approve transactions between chains. This centralization can be exploited by an attacker. For example, the Ronin Network was the victim of the largest hack in DeFi history to date due to an attacker compromising 5 of the bridge’s 9 validating nodes and using this power to approve fake transactions.
  • Cross-Bridge Effects: Blockchain bridges enable integration of multiple different blockchains, which can amplify the effects of an attack. For example, Hundred Finance lost $3.3 million when an attack on the Meter.io blockchain bridge locally depreciated BNB.bsc on Binance Smart Chain. Attackers acquired the tokens at a low price and use them as collateral for loans with Hundred Finance — which used the higher global Chainlink price — to extract more valuable assets.
  • Bridge-Focused Exploits: Bridges must be properly integrated into multiple blockchains to correctly read deposits on one blockchain and release funds on another. If an attacker can trick a bridge into accepting a fake deposit, they can drain value from the bridge contract. This occurred in the Wormhole hack where the attacker created a transaction that exploited a flaw in signature validation by the bridge to drain $326 million from the bridge with a fake deposit.

Taking a Holistic Approach to Blockchain Security

Securing the blockchain requires considering all layers of the blockchain ecosystem and their security. This includes taking into account the effects that Layer 0 and Layer 2 protocols can have on the security of a blockchain system.

Originally published at https://crypto.security on September 8, 2022.

--

--

Partner @PwC — Lead OT, IoT, 5G Security | 30y red teaming & protecting critical infrastructure, telcos, cyber-physical systems, emerging tech | 5x Global CISO

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Marin Ivezic

Partner @PwC — Lead OT, IoT, 5G Security | 30y red teaming & protecting critical infrastructure, telcos, cyber-physical systems, emerging tech | 5x Global CISO