April 13, 2023 By C.J. Haughey 5 min read

Blockchain has transformed many industries, from healthcare to real estate to banking. But despite the “unhackable” hype, flaws in Blockchain technology undeniably weaken its goals of bringing greater security, transparency and privacy to the world.

Between January and November 2022, hackers stole $4.3 billion worth of cryptocurrency — marking a 37% increase from 2021. It was the worst year for crypto fraud, and the outlook still appears bleak.

For many years, experts have touted zero-knowledge cryptography as a potential game-changer for Blockchain applications. In 2023, that theory will be put to the test — but will it be enough?

How the crypto industry crumbled in 2022

Blockchain technology aims to solve problems associated with digital currencies. The immutable ledger of transactions is connected by digital cryptography and shared publicly across a decentralized network of computers around the world. It’s supposed to be uncrackable.

That’s the theory. But in reality, Blockchain is an imperfect system. Despite the system’s promise of virtually impenetrable security, hackers routinely steal millions from users of decentralized finance (DeFi) platforms through phishing scams, routing attacks and endpoint vulnerabilities.

Ironically, cyber criminals defraud lenders and investors by using the very anonymity that offered investors more control over their finances. The Federal Trade Commission (FTC) reports that cryptocurrency accounts for one out of every four dollars lost to online scams — more than any other payment method.

While Blockchain involves much more than digital coins, the technology’s flaws in the cryptocurrency market don’t inspire public confidence. In 2022, three of the biggest Blockchain hacks in history happened.

Back-to-back blockchain attacks

Wormhole Leaves Backdoor Open

In February 2022, hackers swooped in after an upgrade to the Wormhole’s GitHub repository wasn’t deployed to the live project. The $320 million theft included $47 million worth of Solana (SOL) — a major rival to Ethereum in the DeFi and NFT space.

A record-breaking hack hits Ronin network

The largest cryptocurrency hack in history happened in March 2022. Hackers stole $625 million worth of Ethereum and USDC stablecoin from the gaming-focused Ronin network. U.S. officials say a North Korean state-backed hacking collective, Lazarus Group, was responsible.

The long-awaited Binance hack

As the world’s largest cryptocurrency exchange by daily trading volume, the crypto industry feared a hack on Binance for years. In October 2022, that day finally came when hackers exploited a vulnerability to swipe 2 million BNB tokens worth $570 million.

Blockchain’s darkest hour: The collapse of FTX

While Binance is the biggest exchange, FTX was arguably the most important in terms of bringing cryptocurrency and Blockchain technologies to mainstream consciousness.

Alameda Research founder Sam Bankman-Fried was at the helm of a relentless marketing machine that promoted FTX as the safe, easy way to start crypto investing. Flashy TV ads and celebrity endorsements captured the trust — and money — of millions. But in November 2022, the $8 billion empire imploded.

The unraveling began with revelations that Alameda’s balance sheet was made up of the exchange’s own token, FTT. When Binance co-founder and CEO CZ Zhao announced he was selling over $500 million worth of FTT, the market panicked into a mass sell-off.

Within days, FTT’s value plummeted, Bankman-Fried resigned and the company filed for bankruptcy. To rub salt in the wounds, hackers hit the exchange the following day, compromising a further $415 million.

Can blockchain rise from the crypto winter?

Forbes reported that the crypto market’s value lost 60% since November 2021, plummeting from over $3 trillion to under $1 trillion.

The global hardware wallet market is projected to surge from $245 million in 2021 to more than $1.7 billion by 2030, suggesting the growing caution around online exchanges. With cooling prices, consumer trust in the security and privacy of digital currencies is at an all-time low.

If Blockchain is to live up to its billing as the technology that offers greater transparency, security and privacy, security teams and software developers must revisit its underlying technologies.

Somewhat ironically, the savior that could secure the future of one of the most innovative technologies in the world may come from an old cryptographic method that predates the modern internet: zero-knowledge proofs.

What is zero-knowledge proof?

A zero-knowledge proof (ZKP) is a cryptographic verification method where one party proves to another party that specific information is true without sharing any of the information itself. MIT researchers invented this protocol in the 1980s.

Here’s how it works:

  • Zero-knowledge proof revolves around two main parties: a prover and a verifier
  • A prover is a person or entity that wants to prove the information is accurate and true — without revealing any underlying information
  • A verifier is a person or entity that confirms whether the information is accurate — without ever accessing the underlying data
  • To confirm the validity of the information, the verifier must perform a specific action repeatedly. As the prover continues to deliver the correct result each time, the verifier gains confidence that the data is accurate.
  • Once enough repetitions have convinced the verifier beyond all doubt that the data is accurate, the zero-knowledge protocol is complete.

How can zero-knowledge proofs improve the blockchain?

With the integrity of Blockchain technology under question, cryptocurrency platforms and other Web3 applications can use ZKP to win the trust of investors and customers.

Here are five benefits of zero-knowledge proofs for Blockchain:

Privacy

The most pressing problem for Blockchain is the vast number of people falling prey to financial fraud. With ZKP, users can prove their identity on public applications without revealing any sensitive data, such as their banking account login credentials or Social Security Number (SSN).

Simplicity

ZKP technology allows individuals, businesses and government bodies to verify data without any need for complicated encryption methods. Non-technical users can quickly and easily confirm their identity to access apps.

Security

Rather than using two-factor authentication that asks people to disclose their SSN, a ZKP algorithm can analyze and connect segments of the user’s information to verify their identity. By replacing ineffective authentication methods, ZKP protects sensitive user data and creates applications that are more resilient in the face of advanced cyberattacks.

Verifiable randomness

Zero-knowledge protocols can generate randomness that is backed by cryptographic proof — delivered and verified completely on the Blockchain. This innovation helps Blockchain games create unpredictable gameplay and allows NFT platforms to create provably fair mints.

Scalability

Whereas Visa can process 24,000 transactions per second, Bitcoin can only do seven. ZK-Rollups can solve the bottleneck in Blockchain by batching hundreds or thousands of token transfers into a single off-chain transaction. A Stanford team of researchers is working on Espresso, a program using rollups to improve privacy and scalability.

Use cases of zero-knowledge proofs on the blockchain

In the age of mobile apps and digital banking, ZKP offers increased opportunities to improve systems. Here are four use cases:

Election voting systems

One of the best applications for Blockchain is to solve the problem of election fraud. ZKP and Blockchain would ensure every registered voter can vote only once and provide immutable, mathematical proof that their vote will be included in the final tally.

Private transactions

The principle of transparency means that everyone can view every transaction that happens on public blockchains like Bitcoin and Ethereum. Naturally, many people have privacy concerns about this openness. ZKP allows people to perform private transactions on public blockchains, giving them greater confidentiality as a result.

Private messaging applications 

With traditional messaging applications such as Facebook or WhatsApp, you must verify your identity to a server. The end-to-end encryption of ZKP enables decentralized platforms to verify users without accessing any of the user’s personal information.

Document sharing

As the zero-knowledge protocol encrypts data in pieces, users can further control the visibility of their information. When you combine ZKP and Blockchain, users can share confidential data securely, giving access to some and restricting visibility for others.

ZKP can restore trust in blockchain

If Blockchain aims to shape the world’s future, the ailing health of its first major initiative is a worrying barometer. But while cryptocurrency remains a volatile project, Blockchain will prevail.

However, change is needed if we’re to unlock the full potential of this revolutionary technology. The transformation starts with rebuilding the foundational principle of Blockchain: trustworthy transactions.

Zero-knowledge proofs can introduce greater privacy to public blockchains without sacrificing their decentralized nature. While developers and security experts collaborate, industries can look forward to more secure digital ecosystems that offer users a proven guarantee of trust in every transaction.

Learn more about the future of Blockchain and cryptocurrency on the Security Intelligence blog.

More from Risk Management

What can businesses learn from the rise of cyber espionage?

4 min read - It’s not just government organizations that need to worry about cyber espionage campaigns — the entire business world is also a target.Multipolarity has been a defining trend in geopolitics in recent years. Rivalries between the world’s great powers continue to test the limits of globalism, resulting in growing disruption to international supply chains and economics. Global political risk has reached its highest level in decades, and even though corporate attention to geopolitics has dropped since peaking in 2022, the impact…

Cost of a data breach: Cost savings with law enforcement involvement

3 min read - For those working in the information security and cybersecurity industries, the technical impacts of a data breach are generally understood. But for those outside of these technical functions, such as executives, operators and business support functions, “explaining” the real impact of a breach can be difficult. Therefore, explaining impacts in terms of quantifiable financial figures and other simple metrics creates a relatively level playing field for most stakeholders, including law enforcement.IBM’s 2024 Cost of a Data Breach (“CODB”) Report helps…

How Paris Olympic authorities battled cyberattacks, and won gold

3 min read - The Olympic Games Paris 2024 was by most accounts a highly successful Olympics. Some 10,000 athletes from 204 nations competed in 329 events over 16 days. But before and during the event, authorities battled Olympic-size cybersecurity threats coming from multiple directions.In preparation for expected attacks, authorities took several proactive measures to ensure the security of the event.Cyber vigilance programThe Paris 2024 Olympics implemented advanced threat intelligence, real-time threat monitoring and incident response expertise. This program aimed to prepare Olympic-facing organizations…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today