Factom to receive $192k from DHS for Beta Test Concept

The Department of Homeland Security gave Factom, a blockchain startup, $192,380 to start beta testing their concept to secure Internet of things (IoT) data
22 June 2018   1009

The $192,380 prize money was except for the final phase of the Silicon Valley Innovation Program (SVIP). Factom hopes that by combining critical infrastructure like sensors and cameras with blockchain technology, it can assist to protect the authenticity and continuity of the data. When the project leverages blockchain technology, it “does not require the creation of blockchain-specific technology.”

The early phases of Factom’s work has informed architecture choices and design decisions inherent in integrating blockchain with existing technology. In Phase IV, Factom will deploy this technology in a realistic field environment with Customs and Border Protection (CBP) to understand its operational impacts.
Anil Jon
S&T Identity Management Research and Development Program Manager

With the results of the beta test Factom will be able to access its impact in an outside environment. The idea is to imitate the conditions that US Border Patrol Agents conduct in that include limited internet connectivity and differing weather conditions. 
Factom is aimed to demonstrate that IoT devices can be highly dependable from ground sensors and cameras and that the data they capture cannot be modified, spoofed or disrupted. If Factom prevails, they will produce a more commercially viable product available to the market.

Factom is not the only firm that sees a great possibility to secure data from smart devices using blockchain. In January 2017, Cisco, Bosch, the Bank of New York Mellon, Foxconn, Gemalto, and several blockchain startup companies, decided to work together to establish a similar system that leverage blockchain technology and IoT.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   965

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.