Bitcoin's blockchain can be loaded with sensitive, unlawful or malicious data, raising potential legal problems in most of the world, according to boffins based in Germany.
In a paper [PDF] presented at the Financial Cryptography and Data Security conference on the Dutch Caribbean island of Curaçao – "A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin" – researchers from RWTH Aachen University and Goethe University identified 1,600 files added to the Bitcoin blockchain, 59 of which include links to unlawful images of child exploitation, politically sensitive content, or privacy violations.
The researchers suggest Bitcoin's blockchain can also be loaded with malware, something Interpol warned about three years ago but has not yet been documented in the wild.
"Despite potential benefits of data in the blockchain, insertion of objectionable content can put all participants of the Bitcoin network at risk, as such unwanted content is unchangeable and locally replicated by each peer of the Bitcoin network as benign data," researchers Roman Matzutt, Jens Hiller, Martin Henze, Jan Henrik Ziegeldorf, Dirk Müllmann, Oliver Hohlfeld, and Klaus Wehrle explain.
The Bitcoin blockchain is a distributed ledger or database that contains linked records of all Bitcoin transactions. These records or blocks hold batches of hashed transactions and are linked to preceding blocks by a cryptographic signature. The blocks also allow for additional data, and therein lies the issue.
In an email to The Register, Roman Matzutt, a researcher with RWTH Aachen University and one of the co-authors of the paper, said the problem exists with other blockchains that allow content to be inserted, such as Litecoin and Ethereum.
"We did not yet investigate more privacy-aware blockchain systems such as Monero or the upcoming Mimblewimble," he said. "Such blockchains need further investigation with respect to how easily identifiers that appear on the blockchain can be manipulated."
The paper identifies several mechanisms for adding arbitrary data to the Bitcoin blockchain. There's CryptoGraffiti, a web-based service to read and write data to the blockchain, as well as Satoshi Uploader, P2SH Injectors, and Apertus.
Augmenting transactions in this way allows for additional arguably useful Bitcoin-related services, such as digital notarization and digital rights management. But it also adds the possibility of abuse.
Break the Bitcoin!
At present, few Bitcoin blockchain transactions contain extra data – only 1.4 per cent of the roughly 251 million transactions in Bitcoin’s blockchain, the researchers say – and only a small portion of that fraction are objectionable or illegal.
Nonetheless, the presence of even a small amount illegal or objectionable content could pose problems for participants.
"Since all blockchain data is downloaded and persistently stored by users, they are liable for any objectionable content added to the blockchain by others," the paper says. "Consequently, it would be illegal to participate in a blockchain-based systems as soon as it contains illegal content."
The researchers acknowledge that there haven't yet been definitive court rulings on this specific issue but insist "However, considering legal texts we anticipate a high potential for illegal blockchain content to jeopardize blockchain-based system such as Bitcoin in the future," they state.
CryptoGraffiti anticipates the risk posed by objectionable content in policy statement for those who attempting to post data to the Bitcoin blockchain: "By using this service you agree not to save anything illegal on the blockchain. In case of abuse we may report your IP address to the police."
That's not necessarily much of a deterrent. While adding something like "Remember Tiananmen Square" or a picture of the Dalai Lama to the blockchain wouldn't be an issue in the US, it could cause Chinese authorities to take steps to prevent that content from being redistributed through Bitcoin nodes in China.
Adrian Colyer, a partner with VC firm Accel in London who wrote a blog post about the paper, suggests the ability to add arbitrary data to Bitcoin's blockchain could be used as a pretense for governments to harass political foes operating Bitcoin nodes.
"If a government wanted to clamp down on a given blockchain, all it has to do is anonymously post a transaction containing illegal or objectionable data, wait for it to propagate to all the miners in the country, and then go after them for possession," he mused.
Matzutt confirmed that an individual could "poison" the blockchain by inserting a politically contentious image. Using a ~21 KB image of Nelson Mandela that's is already on the blockchain as an example, he said it would cost about US$380 at today's market price of Bitcoin (~$8,400) to insert the data.
"I cannot judge whether authorities would then ban Bitcoin, but I believe that this is a theoretical possibility, especially in very oppressive and [opaque] jurisdictions," he said. "Really exploiting blockchain content to systematically prosecute users of blockchain content requires a certain arbitrariness of the respective government as there are also other ways to officially regulate (and also forbid) blockchains."
In an email to The Register, Bitcoin contributor Dave Harding said these concerns have been the subject of discussion in the Bitcoin technical community for years and have led to problems such as the 2014 DOS/STONED incident in which the signature of an old computer virus was added to the blockchain, causing Microsoft Security Essentials to interfere with Bitcoin network nodes as it attempted to remove the file.
Harding said fixes have been proposed, such Bitcoin Core developer Gregory Maxwell's P2SH².
"Ultimately, however, I don't believe it's entirely possible to prevent users from including arbitrary data in a decentralized blockchain," said Harding. "The best mitigations known are merely to make it very expensive to publish arbitrary data on a per-byte basis."
Matzutt echoed Harding's sentiments. "Our findings are that content inserters can always insert some bytes per transaction output by brute-forcing identifiers," he said. "Hence, the problem can only be mitigated but not entirely eliminated."
He pointed to an upcoming paper, to be presented in April, that deals with the issue.
"While there are technical countermeasures against (easy) content insertion, we believe the only viable countermeasure that can potentially find its way into Bitcoin would be to introduce mandatory minimum fees that penalize transactions with many outputs," he said. "This disincentives inserting large transactions, which are especially well-suited for content insertion and once the community reaches consensus on the exact fee model, it is easily deployable via one fork."
Matzutt argues that until countermeasures such as fees are formalized, the Bitcoin community could deploy a quick fix such as rejecting "suspicious" transactions.
"In our paper we consider transactions 'suspicious' if they have many outputs (at least 50, corresponding to ~1 KB of insertable data) that only spend very small amounts," he explained. "These transactions are not likely to be economically feasible transactions, but in the end this can lead to rejection of legitimate transactions and thus would only be a temporary fix." ®