Illegal Content and the Blockchain

Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the botnet is rendered useless. But over the years, botnet designers have come up with ways to make this counterattack harder. Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger. Since the blockchain is globally accessible and hard to take down, the botnet’s operators appear to be safe.

It’s best to avoid explaining the mathematics of Bitcoin’s blockchain, but to understand the colossal implications here, you need to understand one concept. Blockchains are a type of “distributed ledger”: a record of all transactions since the beginning, and everyone using the blockchain needs to have access to — and reference — a copy of it. What if someone puts illegal material in the blockchain? Either everyone has a copy of it, or the blockchain’s security fails.

To be fair, not absolutely everyone who uses a blockchain holds a copy of the entire ledger. Many who buy cryptocurrencies like Bitcoin and Ethereum don’t bother using the ledger to verify their purchase. Many don’t actually hold the currency outright, and instead trust an exchange to do the transactions and hold the coins. But people need to continually verify the blockchain’s history on the ledger for the system to be secure. If they stopped, then it would be trivial to forge coins. That’s how the system works.

Some years ago, people started noticing all sorts of things embedded in the Bitcoin blockchain. There are digital images, including one of Nelson Mandela. There’s the Bitcoin logo, and the original paper describing Bitcoin by its alleged founder, the pseudonymous Satoshi Nakamoto. There are advertisements, and several prayers. There’s even illegal pornography and leaked classified documents. All of these were put in by anonymous Bitcoin users. But none of this, so far, appears to seriously threaten those in power in governments and corporations. Once someone adds something to the Bitcoin ledger, it becomes sacrosanct. Removing something requires a fork of the blockchain, in which Bitcoin fragments into multiple parallel cryptocurrencies (and associated blockchains). Forks happen, rarely, but never yet because of legal coercion. And repeated forking would destroy Bitcoin’s stature as a stable(ish) currency.

The botnet’s designers are using this idea to create an unblockable means of coordination, but the implications are much greater. Imagine someone using this idea to evade government censorship. Most Bitcoin mining happens in China. What if someone added a bunch of Chinese-censored Falun Gong texts to the blockchain?<

What if someone added a type of political speech that Singapore routinely censors? Or cartoons that Disney holds the copyright to?

In Bitcoin’s and most other public blockchains there are no central, trusted authorities. Anyone in the world can perform transactions or become a miner. Everyone is equal to the extent that they have the hardware and electricity to perform cryptographic computations.

This openness is also a vulnerability, one that opens the door to asymmetric threats and small-time malicious actors. Anyone can put information in the one and only Bitcoin blockchain. Again, that’s how the system works.

Over the last three decades, the world has witnessed the power of open networks: blockchains, social media, the very web itself. What makes them so powerful is that their value is related not just to the number of users, but the number of potential links between users. This is Metcalfe’s law — value in a network is quadratic, not linear, in the number of users — and every open network since has followed its prophecy.

As Bitcoin has grown, its monetary value has skyrocketed, even if its uses remain unclear. With no barrier to entry, the blockchain space has been a Wild West of innovation and lawlessness. But today, many prominent advocates suggest Bitcoin should become a global, universal currency. In this context, asymmetric threats like embedded illegal data become a major challenge.

The philosophy behind Bitcoin traces to the earliest days of the open internet. Articulated in John Perry Barlow’s 1996 Declaration of the Independence of Cyberspace, it was and is the ethos of tech startups: Code is more trustworthy than institutions. Information is meant to be free, and nobody has the right — and should not have the ability — to control it.

But information must reside somewhere. Code is written by and for people, stored on computers located within countries, and embedded within the institutions and societies we have created. To trust information is to trust its chain of custody and the social context it comes from. Neither code nor information is value-neutral, nor ever free of human context.

Today, Barlow’s vision is a mere shadow; every society controls the information its people can access. Some of this control is through overt censorship, as China controls information about Taiwan, Tiananmen Square, and the Uyghurs. Some of this is through civil laws designed by the powerful for their benefit, as with Disney and US copyright law, or UK libel law.

Bitcoin and blockchains like it are on a collision course with these laws. What happens when the interests of the powerful, with the law on their side, are pitted against an open blockchain? Let’s imagine how our various scenarios might play out.

China first: In response to Falun Gong texts in the blockchain, the People’s Republic decrees that any miners processing blocks with banned content will be taken offline — their IPs will be blacklisted. This causes a hard fork of the blockchain at the point just before the banned content. China might do this under the guise of a “patriotic” messaging campaign, publicly stating that it’s merely maintaining financial sovereignty from Western banks. Then it uses paid influencers and moderators on social media to pump the China Bitcoin fork, through both partisan comments and transactions. Two distinct forks would soon emerge, one behind China’s Great Firewall and one outside. Other countries with similar governmental and media ecosystems — Russia, Singapore, Myanmar — might consider following suit, creating multiple national Bitcoin forks. These would operate independently, under mandates to censor unacceptable transactions from then on.

Disney’s approach would play out differently. Imagine the company announces it will sue any ISP that hosts copyrighted content, starting with networks hosting the biggest miners. (Disney has sued to enforce its intellectual property rights in China before.) After some legal pressure, the networks cut the miners off. The miners reestablish themselves on another network, but Disney keeps the pressure on. Eventually miners get pushed further and further off of mainstream network providers, and resort to tunneling their traffic through an anonymity service like Tor. That causes a major slowdown in the already slow (because of the mathematics) Bitcoin network. Disney might issue takedown requests for Tor exit nodes, causing the network to slow to a crawl. It could persist like this for a long time without a fork. Or the slowdown could cause people to jump ship, either by forking Bitcoin or switching to another cryptocurrency without the copyrighted content.

And then there’s illegal pornographic content and leaked classified data. These have been on the Bitcoin blockchain for over five years, and nothing has been done about it. Just like the botnet example, it may be that these do not threaten existing power structures enough to warrant takedowns. This could easily change if Bitcoin becomes a popular way to share child sexual abuse material. Simply having these illegal images on your hard drive is a felony, which could have significant repercussions for anyone involved in Bitcoin.

Whichever scenario plays out, this may be the Achilles heel of Bitcoin as a global currency.

If an open network such as a blockchain were threatened by a powerful organization — China’s censors, Disney’s lawyers, or the FBI trying to take down a more dangerous botnet — it could fragment into multiple networks. That’s not just a nuisance, but an existential risk to Bitcoin.

Suppose Bitcoin were fragmented into 10 smaller blockchains, perhaps by geography: one in China, another in the US, and so on. These fragments might retain their original users, and by ordinary logic, nothing would have changed. But Metcalfe’s law implies that the overall value of these blockchain fragments combined would be a mere tenth of the original. That is because the value of an open network relates to how many others you can communicate with — and, in a blockchain, transact with. Since the security of bitcoin currency is achieved through expensive computations, fragmented blockchains are also easier to attack in a conventional manner — through a 51 percent attack — by an organized attacker. This is especially the case if the smaller blockchains all use the same hash function, as they would here.

Traditional currencies are generally not vulnerable to these sorts of asymmetric threats. There are no viable small-scale attacks against the US dollar, or almost any other fiat currency. The institutions and beliefs that give money its value are deep-seated, despite instances of currency hyperinflation.

The only notable attacks against fiat currencies are in the form of counterfeiting. Even in the past, when counterfeit bills were common, attacks could be thwarted. Counterfeiters require specialized equipment and are vulnerable to law enforcement discovery and arrest. Furthermore, most money today — even if it’s nominally in a fiat currency — doesn’t exist in paper form.

Bitcoin attracted a following for its openness and immunity from government control. Its goal is to create a world that replaces cultural power with cryptographic power: verification in code, not trust in people. But there is no such world. And today, that feature is a vulnerability. We really don’t know what will happen when the human systems of trust come into conflict with the trustless verification that make blockchain currencies unique. Just last week we saw this exact attack on smaller blockchains — not Bitcoin yet. We are watching a public socio-technical experiment in the making, and we will witness its success or failure in the not-too-distant future.

This essay was written with Barath Raghavan, and previously appeared on Wired.com.

Tags: , , , , , , ,

Posted on March 17, 2021 at 6:10 AM25 Comments

Comments

Winter March 17, 2021 7:53 AM

There are two avenues for states to thwart the introduction of illegal content on the ledger:

1: Bitcoin owners are not really anonymous, just pseudonymous, as many criminals have discovered. And work is underway to separate really anonymous bitcoin users from those who have supplied Know-Your-Customer data. The upshot is, that any bitcoin not declared with KYC info will not be usable with any Western (or Chinese) customer. There are already blacklists of bitcoins.

2: The bitcoin miners are much more centralized than the users. States could go after the miners who validated the contaminated blocks. If miners and mining pools get hefty fines (or worse) when they validate transactions with illegal content, this would quickly stop.

Conrad Leonard March 17, 2021 8:33 AM

I found this fascinating. The blockchain is accumulating non-functional and even detrimental elements organisms’ genomes do – fossil viruses if you like. And if you want to stretch the analogy further, forking = speciation events.

Intriguing March 17, 2021 8:47 AM

The inclusion of illegal pornography or potentially classified information seems like it might be a malicious attack to discredit and destroy the blockchain.

We do know many governments (OECD and non-OECD) are none too thrilled with the existence of currency outside of their control.

Seth March 17, 2021 8:58 AM

Sounds like the bug here is supporting metadata in the ledger. Just support, you know, ledger data. I think people would complain but then get along just fine. Third party metadata services might pop up, allowing this “content” to be removed without forking.

tim March 17, 2021 9:22 AM

We do know many governments (OECD and non-OECD) are none too thrilled with the existence of currency outside of their control.

What else governments aren’t too thrilled about? That I can take a live chicken down to the farmers market and trade it for vegetables and wool socks. Making live chickens more of a currency than bitcoin will ever be.

David March 17, 2021 9:46 AM

So all manner of bloat and cruft gets permanently added to the blockchain, making update distribution bandwidth grow out of control?

Winter March 17, 2021 9:48 AM

I do not really understand the problem. As I tried to find the amount of data that can be stored on the Bitcoin ledger, the maximum I could find was 83 byte per transaction:
https://fc17.ifca.ai/bitcoin/papers/bitcoin17-final32.pdf

As Bitcoin transactions are not free of charge nowadays, it becomes rather expensive to store lots of data there.

So, the question becomes, how much data can actually be stored in a Bitcoin transaction? 83 bytes or more?

Chelloveck March 17, 2021 9:51 AM

Illegal content aside, does the blockchain have any defense against a flooding attack? Could someone dump enough random crap in there to render the blockchain useless for its intended purpose? It seems like any sort of ledger which must be world-writable and does not tolerate deletion would be wide open to this sort of attack.

tfb March 17, 2021 9:54 AM

@Seth: the trouble is that ‘ledger data’ is just, well, bits. And bits are famously capable of encoding anything. I could encode a series of transactions for 65, 32, 83, 69, 67, 82, 69 & 84 units of whatever currency I’m interested in. That’s a perfectly fine sequence of transactions … but it’s also something else.

Winter March 17, 2021 10:09 AM

I found the way the data is stored in the ledger, it abuses the bitcoin addresses.

The bits are cut up in bitcoin address size chunks and these are then entered as the outgoing addresses for a transaction. The limit is 100,000 bytes per transaction, which is considerable. A miner can use a complete block of 1 MB.

You collect all the (fake) addresses and can reconstruct the original file from the bits.

As the addresses are fake, the ingoing bitcoins become unspendable.

skippan March 17, 2021 10:27 AM

Techniques that ban “contaminated” blocks won’t work because data can be split up, so the “illegality” of each piece can’t be determined separately, and distributed arbitrarily deeply in the chain.

Second, the network always has the option of reaching consensus to remove arbitrary data by forking to make a new chain whose initial state is all the non-objectionable data and transactions. So the problem reduces to “what if the gov’t tries to make bitcoin illegal for reasons that the network doesn’t agree with”, which is not a new problem.

bruno March 17, 2021 10:29 AM

Question: Is there actually illegal pornography inside the blockchain, or are there just links? From what I found on the web (including some published papers) it sounded more like links.
Does anyone have a reliable source on this, not just a ‘news report’? Thanks!

David Rudling March 17, 2021 10:49 AM

@Bruce

You ask “What happens when the interests of the powerful, with the law on their side, are pitted against an open blockchain?”

You know the answer to that. All else is extraneous detail.

- March 17, 2021 12:23 PM

@Moderator:

1, Lidia

Is the wicked witch of the north back yet again. Pushing her Camelus proboscis in where not wanted way yet again. For an obviously desperate company so worthless that they have to commit unsolicited advertising

Vesselin Bontchev March 17, 2021 12:47 PM

This is nothing new. There is a log of shit stored just in the Bitcoin blockchain – probably some is stored in the others, too.

Here are some amusing examples of what’s there, including Wikileaks leaked cables:

http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html

And then, there is the not-so-amusing stuff…

Child pornography is stored there – yes, both links and images.

Researchers from the RWTH Aachen University, Germany found that around 1,600 files were currently stored in bitcoin’s blockchain. Of the files least eight were of sexual content, including one thought to be an image of child abuse and two that contain 274 links to child abuse content, 142 of which link to dark web services.

https://www.theguardian.com/technology/2018/mar/20/child-abuse-imagery-bitcoin-blockchain-illegal-content

There are viruses stored in it, also the EICAR Test String (which isn’t malicious but it’s a standard string that scanners detect as malware to demonstrate safely how they react when detecting malware).

The use of blockchain for command-and-control purposes of malware has been considered for quite some time, here’s an article from a year ago:

https://medium.com/towardsblockchain/how-to-use-blockchains-for-spreading-viruses-690a5a4c65cf

Steven March 17, 2021 1:30 PM

Suppose Bitcoin were fragmented into 10 smaller blockchains, perhaps by geography: one in China, another in the US, and so on. [..] Metcalfe’s law implies that the overall value of these blockchain fragments combined would be a mere tenth of the original.

It’s worse than that.
One major use of bitcoin is to move money across national boundaries outside of government purview, e.g. CNY -> bitcoin -> CAD. National silos prevent that.

Arclight March 17, 2021 7:15 PM

Isn’t this just a logical extension of using the personals ads in the LA Times to distribute a covert message to a spy ring or similar? There is a persistent aspect that is different, but the command and control idea has been around a long time.

Clive Robinson March 17, 2021 9:29 PM

@ Arclight,

There is a persistent aspect that is different

Not realy, history shows that graffiti was sometimes done with a chisel. At over a millennium or four[1] that’s most definitely more permanent than the block chain 😉

Which realy emphasizes your first point, that people will put their message out any which way they can.

[1] Oh and do not forget “cave art” grinding red/orange ochre –haematite, iron(III) oxide, Fe2 O3 being the main pigment– into water that was then spat around a spread hand on a cave wall atlrast fifty millennia or more ago,

https://www.theguardian.com/science/2021/jan/13/worlds-oldest-known-cave-painting-found-in-indonesia

And could be sixty or more millennium ago (Man arived in Australia ~65,000 years ago and would have first migrated slowly through Indonesia, Papua New Guinea and the legandary Torres Strait[2] and into North Australia.

[2] The Torres Strait at just under a hundred miles wide at it’s narrowest, is legandary as being a hazardous place not just to shipping but as a place of islands and reefs fighting against nature and more recently climate change effects and now COVID. It’s also one of the few places in the world where an international trade route has “required pilotage”. The straits being relatively shallow and having a very large volume of water flow through it needs carefull timing not just daily but monthly and seasonally. Where exotically named lunar phases, such as super blue blood moon’s[3] create surging King tides that can surge upto 20ft above normal and annually inundate many of the Torres islands. At the best of times there are realy only three ways through the straits for ships that are designed for ocean going and only one of those for moderate to large size shipping transiting the region. The ferocity of the straits was known to Jules Vern who put it in his most famous book as a place where the all powerfull submarine of Capt Nemo floundered. For all it’s well deserved legendary ferocity it is actually one of the worlds major shipping routes.

[3] Super blue blood moon’s are actually very rare and may never happen in many peoples lives. It’s a combination of three events a “Super moon” where the moon is closest to the earth, a “Blood moon” that is when we have a total lunar eclipse and the moon is lit only by light reflected from the earth thus makes the moon look red or orange in colour, and the oddly named “Blue moon”. A “Blue moon” is an additional full moon in a season of the normal calander. It happens aproximately every 2.7 years or seven every 19years. It’s the third full moon in a season that has four new moons. It is possible for January and March to each have two full moons and Feburary none, but only the first in March would be the blue moon. It’s of mainly historical interest these days but less than a life time ago it was important to farmers due to growing cycles and days with longer light. It is however still of interest to those whos activities involve tidal waters and the migratory habits of some creatures like eels that are currently a subject of scientific research, that has been interupted by COVID.

mx9000 March 17, 2021 9:30 PM

Interesting, If I were rich, I could upload ( encrypted with a symmetric key ) all my data and music files.
My own personal Cloud backup system.

Then I could access it from any device I can run the specified JavaScript.

Or, to others, I get their public key, and send them encrypted data,
and it costs me just 10 cents?

Good for Spys.

And this may be cheaper than Azure!

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.