Skip to main content

Particl’s Security Prevents Meltdown / Spectre From Affecting Proof-of-Stake Blockchain


Earlier this year, nearly every device with an Intel CPU was affected by the Meltdown and Spectre vulnerabilities. The two vulnerabilities allowed hackers and malicious actors to steal passwords and sensitive information from devices, by accessing the memory and secrets of programs on the operating system of devices.

Meltdown, easier to exploit than Spectre, breaks the basic isolation between user applications and the operating system of devices, leaving memory and private data vulnerable to attacks. Spectre, more difficult to exploit but also harder to detect, allows malicious actors to trick error-free programs to leak secrets, leading sensitive data to be released.

In January, Oleg Andreev, the protocol architect at blockchain company Chain, stated that proof-of-stake (PoS) is an "incompetent" idea because when major vulnerabilities like Meltdown and Spectre are exploited, private keys stored locally in memory are retrievable. When private keys are lost, attackers can easily reallocate massive amounts of funds, getting ahold of the stake and obtaining the ability to attack the PoS blockchain.

"Meltdown/Spectre is why Proof-of-Stake is an incompetent idea: PoS authors ask for an unforgivable amount of money to sit in the online wallets that actively generate signatures," said Andreev.

Last month, almost immediately after Meltdown / Spectre were discovered and utilized to exploit devices, Particl introduced its Cold Staking safeguards, that prevent locally stored private keys of being vulnerable to attacks.

"Particl Cold Staking safeguards your wallet's private keys, and thus your PART, by using a script (contract) between an online staking node and an offline wallet. Both wallets have unique private keys, meaning that if/when the online staking node is exploited by Meltdown/Spectre with a memory leak only the private keys of the node are stolen. If setup properly, the staking node should have 0 PART — thereby eliminating the threat of theft and protecting the PART in your wallet kept offline and secure," explained the Particl development team.

If Particl Cold Staking safeguards are activated and integrated, even when Meltdown / Spectre exploits successfully leave the operating system of devices vulnerable to attacks and the private key from memory is obtained, attackers cannot steal or reallocate funds because staking nodes carry a 0 PART balance. Which means, even if hackers gain access to the locally stored private keys, funds cannot be stolen and remain safe.

"If the Meltdown/Spectre exploit is used on a machine running a Particl Staking Node an attacker could retrieve the private key from memory but it would be of no use since staking nodes typically carry a 0 PART balance," the Particl development team added.

The Particl Cold Staking also prevents quantum computer attacks, disallowing attackers with a quantum computer to obtain a private key from a public key, due to the integration of multiple quantum-resistant one-way hash functions.

Conclusively, the security in Particl prevent two major attacks in Meltdown / Spectre and quantum computer attacks from affecting a PoS blockchain.

Comments

Post a Comment

Popular posts from this blog

What is TogaCoin?

TogaCoin is here to stay for a long time because this token sale is not only about cryptocurrencies but also about other important areas of the world economy. Yes, you heard it right and we will be telling you more interesting things about this token sale right away. Unique Selling Points You will be paid during the token sale. Yes, it is true and you should think about it right away. In fact, you could end up earning up to 20% of the invested money per month. Really? Yes, it is true and you should be happy with it. Explainer video Features These guys have a lot of experience in the world of IT and they will shine with this token sale. TogaCoin's staff will work on the important field of cryptocurrency mining and even in data management. These are amazing fields that could generate a lot of money down the road. Technical Analysis Well, TogaCoin will work hard to make money via these activities: -0Electricity is a very important part of the world econom...
Post a Comment
Read more

The Bitquence Liquidity Network

CryptoCurrency is gaining popularity, however with Bitcoin very user-unfriendly mass adoption is not coming. The Bitquence Platform is aiming to replace Bitcoin with it's many disadvantages with something better. A currency for the people. More and better usability, A wallet which is universal and support several coins, like Bitcoin but also Dash and Ethereum. Please read along to get the latest information about this project which can grow very large. Collection of abnormal pockets programs, With automated sources that oversee a large number of wallets for each and every of your financial paperwork making it exhausting to do. International Cryptocurrencies lately stay on experiencing an especially noteworthy increment, impulsively reaching colossal valuations. The have an effect on at the present economic system modified the psyches of people to take after enhancements within the time of Cryptocurrency. Virtual kinds of cash and blockchain innovation are lat...
Post a Comment
Read more

GrantShares DAO launching to support ecosystem growth and grassroots initiatives

The GrantShares DAO is launching on Neo N3 to distribute funding to grassroots developers and ecosystem beneficial projects. The DAO will manage an initial treasury funded by the Neo Foundation. As the first DAO to launch on Neo N3, GrantShares is designed to provide financial support to smaller initiatives that do not currently fit the scope of Neo's existing grant programs. Voting members of the organization include COZ, AxLabs, Red4Sec, NGD Enterprise, NeoResearch, NEXT, Neo SPCC, Neo Foundation, Neo Global Development, and Neo News Today. Anyone is encouraged to submit a proposal for the members of the DAO to discuss and vote. The initial funding limit for GrantShares is $50,000 per proposal, and can be used to fund local events, dApps, developer tools, education initiatives, and more. Projects seeking larger amounts should apply for grants through one of Neo's Eco Support tracks. The DAO's smart contracts are developed and maintained by AxLabs and have already been dep...
Post a Comment
Read more