Should security be immutable?
The balance between immutability and security in blockchain faces new tests from sophisticated exploits.
Blockchains were created with immutability as one of its fundamental principles and to many the thought of introducing limited mutability contradicts the very foundations on which blockchains were first created. While the immutability of blockchains is key to fortifying security and fostering trust, it must be emphasized that immutable blockchains are not faultless and recent exploits in 2023 have raised questions about the possibility of limited mutability.
Immutability only guarantees security when code is invulnerable
Immutability prevents many types of exploits as the inability to modify code or data prevents bad actors or attackers from manipulating a system. However, in situations where upgrades are not possible, challenges may arise, including the risk of encountering delayed updates when necessary modifications are required, or the potential for funds to be left in vulnerable contracts. This is what happened in the August attack against Curve Finance.
Curve’s Liquidity Providers (LPs) had a timelock embedded in the smart contracts, making it technically impossible to fix a coding vulnerability within Vyper. By forfeiting the ability to edit the state of the smart contract, the protocol was unprotected against an exploiter who was able to drain $62 million from Curve.
This highlighted that immutability can cause immense problems when codes are vulnerable. Although a comprehensive audit might have detected these exploitable functions, the nature of immutability would have made it impossible to fix.
Immutability is sufficient for the short-term but could cause long-term problems in mitigating emerging threats
While immediate risks to blockchain security may not be urgent enough to warrant a departure from immutability – even though most hacking incidents are not significantly linked to immutability – we still need to acknowledge some of the difficulties they currently cause.
For example, advancements in blockchain technology continue to take place rapidly. Consequently, when essential changes are required and updates become impractical, protocols are currently compelled to transition to newer versions. Looking ahead, this scenario is a challenge for protocols and other businesses operating on blockchain platforms.
What is crucial is acknowledging that technological advancements may create more problems in blockchain security and betting on blockchain’s immutability could potentially be risky when significant funds are at stake. Hackers and exploits continue to become more sophisticated and advancements such as quantum computing will increase vulnerability to exploits such as storage hacks and transit attacks. While developments such as quantum computers are not an immediate threat, there may come a time when upgrades are necessary for security to be preserved.
While networks such as Bitcoin are so far unharmed (largely due to its immutability), it is not out of the question that Bitcoin could be hacked. Furthermore, more complex blockchains that focus on programmability and end-user apps vastly differ from Bitcoin and would contain more attack vectors, leaving them at greater risk.
Immutability helps to build trust
While we have outlined some of the problems with immutability, it would be blinkered to disregard some of its unquestionable triumphs, the greatest being its ability to build trust, a fundamental principle behind the concept of blockchains.
Immutability helps to build a strong sense of trust amongst its users due to its unchangeable nature. The Bitcoin Network is the greatest example of immutability, whose unblemished track record has instilled trust in its users.
The success of immutability within the Bitcoin ecosystem has helped to create some of the strongest social consensus across the whole space. Users collectively recognize and value the unchangeable nature of Bitcoin and the incentive to maintain its integrity has helped it to succeed in creating the most resilient ecosystem in the web3 space.
The inherent risks of mutability remain notable
Equally mutability can lend itself to malicious activity whereby coding can be changed to benefit a minority. An example of this is the Multichain/AnySwap’s exploit. While there’s still little clarity over exactly what happened with this exploit, sources have said that Multichain/ AnySwap simply decided to siphon funds out of its protocol because it was possible to do so.
Critics of Multichain’s response claim that the project could have and should have ‘decentralized’ access to the protocol’s private keys as one individual reportedly held it. Mechanisms such as multi-signature vaults (‘multisigs’) are a viable solution to issues such as Multichain’s exploit as malicious actors within the multisig would be unable to manipulate the protocol as they are denied the consensus to do so.
Conclusion
Considering the upsides and downsides, immutability remains the ideal structural approach. It is one of the foundations on which Bitcoin was first created and has been instrumental in keeping it secure and creating such a strong sense of consensus. However, we must not forget that the Bitcoin ecosystem is by far the most simple.
More complex ecosystems and protocols will continue to emerge, requiring modifications to maintain security. As we move into the next bull run, liquidity will return to the DeFi ecosystem and more protocols will emerge. At the same time, this will create an opportunity for hackers and it is important to remember that blockchains are by no means perfect. If security is not a priority from the design phase, many will fall victim to the inevitable risks of hacks regardless of whether or not a protocol is immutable.