[fastdev]

> Or some system gets hacked, and information or money gets leaked/lost.

I am not sure how blockchain/decentralized technologies allow protecting from hacks or money loss. They seem to be as susceptible to hacks as non-decentralized systems (e.g. the DAO) and lots of crypto money was lost in many different ways.

> its security (from the state, from bad actors, etc.)

This is right. Decentralized systems should give more security, but what about a cryptocurrency like NEO? It is significantly faster, but many criticize it because it is somewhat centralized (selected nodes voting for transactions instead of mining). Does it provide less security than Ethereum? If yes, in what cases is this difference critical?

> I think scaling solutions will make crypto much more practical.

This is true as well. But it seems that no-so-decentralized crypto (NEO, Ripple) can give practical benefits and provide higher performance. If Ethereum can scale, cryptocurrencies like NEO can scale as well. Are there any practical cases when using these solutions would be not enough, and developers would have to resort to a potentially slower but fully decentralized network?

[ploxiln]

The security situation is inverted.

For a typical bank account, the security is up to the Bank and the Government, and there's nothing you can do about it.

For a crypto-currency wallet, the security is up to you.

Some people are dismayed that the common person is enabled to fuck it up - gamble, invest in ponzi schemes, leave control of their wallet to a sketchy third-party. Some people are very excited that they're finally able to take control of their own accounts and make their own security guarantees, and not worry about identity theft, paypal policies, FBI or IRS freezing accounts due to a bureaucratic mix-up, etc.

[zaarn]

In a cryptocurrency wallet the security is up to you and the developers of the wallet and the developers of the blockchain.

If you run some chain like IOTA then chances are you get hacked despite doing the best security possible under the circumstances because the underlying chain sucks.

[coralreef]

RE: decentralized network security

The 51% attack, or control over the network by a state or group of actors, basically destroys the integrity of the blockchain, as this group can now decide to move money from any account, restrict transactions, etc.

The more likely a 51% attack can occur (via centralized systems) then the less secure we can call that network.

[hobofan]

> as this group can now decide to move money from any account

That's not accurate. They can double-spend, which can have equally bad effects, but without a way to forge transaction signatures (which is only possible with a broken cryptohash function), they can't just drain accounts.

[threeseed]

> They seem to be as susceptible to hacks as non-decentralized systems

Actually far more so.

Banks can afford to spend whatever it takes to secure their infrastructure. Open source projects can't. Likewise banks and other financial services are subject to (at least in most countries) stringent regulations. Open source projects aren't.

And in countries in Australia we have consumer protections which protect the consumer in the event of fraud, theft or security beach (irrespective of who is at fault). Unlike say Bitcoin where we have seen staggering amounts of money, "go missing".

[coralreef]

Banks can afford to spend whatever it takes to secure their infrastructure. Open source projects can't.

Isn't that a benefit of the blockchain? Since its inception in 2008, Bitcoin's database has never been hacked. They don't need to spend money on security, because mathematics is the security. The chain's integrity is powered by decentralized nodes and proof of work. At scale, while Proof of Work is increasing in cost, it is still probably cheaper and more secure than the aggregate cost of securing money at banks, servers, overhead, etc. And there are opportunities to make it cheaper through concepts like Proof of Stake.

[zaarn]

It was hacked atleast once and the hacker assigned themselves a couple million coins.

Last time I worked out the numbers, Proof of Work runs about the same cost as the average US state's bureaucracy. All of it. And the US state's paperwar machinery does a lot more than bitcoin.

Centralized systems have much better options at running efficiently, decentralization is necessarily inefficient.

>They don't need to spend money on security, because mathematics is the security

Everyone working on quantum computers disagrees. The security of current wallets hinges on QC not existing since the ciphers aren't QC-secure.

And until we find something that is provably NP-complete in QC and normal computers while also being easy to use for cryptography, there will always be the hovering Damocles Blade of "your crypto has been cracked".

[fastdev]

It seems like Bitcoin network has never been hacked, but distributed applications were hacked with spectacular monetary losses, for example, "The DAO": https://www.coindesk.com/understanding-dao-hack-journalists/

Blockchain technology has different attack vectors like:

* Bugs in smart contracts/DApps

* Bugs in a client software

* Incorrect handling of private keys by users/admins

All these vulnerabilities were exploited numerous times.

[fooker]

You are comparing apples to oranges.

Plenty (all?) bitcoin exchanges have been hacked and their coins never recovered. You do not need to 'hack' the blockchain to steal bitcoins.

[coralreef]

A bitcoin exchange is not a decentralized system. It is a centralized one.

We are discussing the security of decentralized systems, aka the blockchain.

[fooker]

If only such decentralized systems could exist in vacuum!

The thing about security is that you just need to exploit one weak link in the chain.

[coralreef]

Isn't that the exciting thing about Bitcoin/blockchain? In the future, it is theoretically possible to live life and to conduct all commerce through cryptocurrencies.

The thing about security is that you just need to exploit one weak link in the chain.

Again, we're talking about decentralized systems as a whole. Individuals can be targetted/phished/scammed in any system. What is the weak systematic link in Bitcoin that can be exploited?

[fastdev]

Hacking a crypto exchange is not the only way to steal coins. Decentralized applications/smart contracts on a blockchain can be attacked as well.

[jonny_eh]

Do we know for sure Bitcoin's blockchain has never been hacked? How do we know that some mysterious organization doesn't own a majority of nodes? (honest question)

[coralreef]

I suppose we don't. But if word ever got out that it could be under attack, the value of BTC would crash, and an emergency hard fork would occur. It would take a large investment to try and control/manipulate the hash power to do that, and so to throw away all that money to kill a blockchain that can be simply forked with a new hashing algorithm seems low probability?