Should security be immutable?

Blockchains were created with immutability as one of its fundamental principles and to many the thought of introducing limited mutability contradicts the very foundations on which blockchains were first created. While the immutability of blockchains is key to fortifying security and fostering trust, it must be emphasized that immutable blockchains are not faultless and recent exploits in 2023 have raised questions about the possibility of limited mutability.

Immutability only guarantees security when code is invulnerable

Immutability prevents many types of exploits as the inability to modify code or data prevents bad actors or attackers from manipulating a system. However, in situations where upgrades are not possible, challenges may arise, including the risk of encountering delayed updates when necessary modifications are required, or the potential for funds to be left in vulnerable contracts. This is what happened in the August attack against Curve Finance.

Curve’s Liquidity Providers (LPs) had a timelock embedded in the smart contracts, making it technically impossible to fix a coding vulnerability within Vyper. By forfeiting the ability to edit the state of the smart contract, the protocol was unprotected against an exploiter who was able to drain $62 million from Curve.

This highlighted that immutability can cause immense problems when codes are vulnerable. Although a comprehensive audit might have detected these exploitable functions, the nature of immutability would have made it impossible to fix.

Immutability is sufficient for the short-term but could cause long-term problems in mitigating emerging threats

While immediate risks to blockchain security may not be urgent enough to warrant a departure from immutability – even though most hacking incidents are not significantly linked to immutability – we still need to acknowledge some of the difficulties they currently cause.

For example, advancements in blockchain technology continue to take place rapidly. Consequently, when essential changes are required and updates become impractical, protocols are currently compelled to transition to newer versions. Looking ahead, this scenario is a challenge for protocols and other businesses operating on blockchain platfo

Go to Source to See Full Article
Author: Brian Pak

Did you like this?
Tip BTC Newswire with Cryptocurrency