Blockstream’s Liquid Network Could Be Vulnerable to Hardware Backdoors
Bitcoin technology company Blockstream has conceded its flagship Liquid Network could be susceptible to hardware vulnerabilities. Following recent disclosures that certain Chinese-manufactured motherboards contain backdoors, Blockstream has authored a post conceding that such an exploit could allow an attacker to infiltrate their off-chain bitcoin transfer system.
Hardware Vulnerability Exposes New Risk Posed by Centralization
“During the Liquid functionary server design process, we knew that the threat of compromised hardware was a legitimate concern,” conceded Blockstream in a post authored on Thursday. In designing Liquid, a commercial second layer Bitcoin solution, the controversial company has had to assemble components that include a proprietary key module connected to a server. Should the private key data be leaked, potentially through a backdoored computer chip, huge losses could be incurred.
Once fully operational, Blockstream is planning for Liquid to be responsible for funneling huge amounts of BTC between cryptocurrency exchanges. Such transfers have always been performed on-chain, but the introduction of Blockstream’s own network could unwittingly expose the bitcoin ecosystem to a new attack vector. While such an attack would require sophistication to pull off, the rewards of successfully infiltrating the Liquid Network, such as through a hardware backdoor, could incentivize state-sponsored hackers to attempt such a feat. The company conceded:
While there is no indication that our motherboards were compromised, we cannot rule out this possibility.
Blockstream Initiates Third Party Security Audit
As a precautionary measure, Blockstream is to commission a security audit of its hardware modules to determine whether they are at risk from the so-called Supermicro vulnerability that might have exposed around 30 U.S. companies including Apple and Amazon, to Chinese spies. “We will ship a sample of our motherboards to a third-party security company for extensive examination,” wrote Blockstream. “Moving forward, we are continuing our risk mitigation strategy for hardware threats through a variety of techniques, including increasing our supplier diversity so that no single compromised vendor would adversely affect the Liquid Network.”
A Supermicro motherboard
Blockstream finished by asserting: “We believe that the Supermicro vulnerability, if independently confirmed and if present on our servers, is mitigated by other aspects of the Liquid security design.” While the company has every incentive to rigorously screen its hardware for threats and to take robust measures to mitigate these, the mere possibility of Bitcoin being compromised in such a fashion is a cause for concern.
Bitcoin was initially designed so that all transactions should be performed on-chain, making them fully auditable on a public ledger, with the transparency this provides ensures complete accountability for counterparties. In the event of one entity’s computer being compromised in some way, they could conceivably lose their coins, but the Bitcoin network would remain unaffected. Liquid, on the other hand, is intended to run on sidechains, “allowing traders and market markers to move their bitcoin holdings instantly within the network”.
Such a provision may be beneficial for participants, but a fatal hardware flaw could have ramifications that impact upon the entire Liquid ecosystem. Having been under development since 2015, Liquid is a complex and as yet unproven technology. With Blockstream exerting sole control over the project, its centralized nature makes the company a target for the same sort of backdoors that have afflicted some of America’s largest tech companies.