Up to 10% of global GDP could be stored on blockchains by 2025, according to the World Economic Forum. From product identifiers, medical records to land registries, academic degrees and insurance contracts, blockchain and distributed ledger technologies (DLTs) are already functioning in many sectors.

What blockchain promises is no less than the technological backbone of the 21st century’s renaissance of the social commons, giving back power to the people. In this century more than ever, power comes from data. Blockchain promises to give control of data back to the people. But this requires one element: trust in the technology, trust that it does what it’s supposed to do.

The paradox here is that blockchain removes the need to trust the intermediary – i.e., notaries, insurers and bankers – by requiring us to trust the technology. But how likely are we to trust the technology if it is breached repeatedly?

Imagine the possibilities by 2050 when not 10%, but 50% of global GDP is on blockchain. Beyond the material consequences, what kind of societies will we live in, if we are devoid of trust the technology on which it is founded? It could be argued that if the technology proves too difficult to secure, blockchain will disappear into a digital abyss. But recent history tells us that poor security is no barrier to adoption.

A reputation to fix

In the famous Bitcoin hack in 2010, while only a happy few had invested in Bitcoin, a vulnerability in the code allowed someone to generate 184 billion bitcoins in one transaction, out of thin air. How? A vulnerability in the code, not in the logic of blockchain. The problem was quickly fixed.

In 2016, someone temporarily seized $75 million out of the DAO, leveraging yet again a vulnerability in the code, that time in a smart contract. Again, the logic of the underlying DLT was intact.

More recently, in 2019, the CEO of a crypto-asset management fund passed away, and with him the credentials to access the cryptocurrencies he was managing, worth over $150 million. Impossible to retrieve. Was blockchain at fault? No, the company failed to implement proper checks and balances to prevent such a scenario. It also turns out that the CEO had stolen the funds before passing.

Blockchain is a new technology and not the simplest one. It could take years for the blockchain community to converge on security standards that will reduce the frequencyofbreaches. Nevertheless, with the accelerating pace of these disruptions, does blockchain really have years to fix its reputation?

Is blockchain actually safe?

Blockchain as a conceptual technology is safe. That’s what MIT says. But blockchain on paper serves little purpose.

1. As with any technology, security issues arise when developers program requirements into products and services. The lines of code, consensus mechanisms, communication protocols, etc., all have the potential to host vulnerabilities that can be exploited for malicious use. But blockchain at the moment remains a divergent technology: multiple protocols and programming languages are being developed in parallel. As a result, it is difficult for developers to acquire the experience needed to secure their code, while most are under stringent time pressure to deliver.

2. Because blockchain relies heavily on cryptography, the practice of secure communication, it gives many the impression that it’s a self-secured technology. This could not be further from the truth, as blockchains are built on top of communication networks and equipment that need to be secured. Traditional information security challenges apply to blockchain, too. Furthermore, cryptography is, like any other security discipline, a changing field: quantum computers are already expected to break a number of cryptographic algorithms.

3. Third and last, poor security practices around key management, wallet hosting and node patching, among others, all lead to potential security issues that cast a shadow on the technology, when educating system managers and users would solve the grand majority of security issues.