Topics In Demand
Notification
New

No notification found.

Building AppChain for dApps: Security considerations and Best Practices
Building AppChain for dApps: Security considerations and Best Practices

July 13, 2023

62

0

 

Are you planning to create a dedicated AppChain for your dApp? Are you aware of the security considerations? Appchains or application-specific blockchains have recently grown in popularity with their ability to provide web3 organizations greater freedom over economic structure, governance, and consensus mechanism for dApps. Considering all the advantages, many enterprises are building AppChain for dApps. Talking about the web3 startups, who have not yet invested in AppChains, they are transitioning their applications to the AppChain ecosystem. However, for successful adoption, AppChain security is critical. If you don’t abide by the best AppChains security practices, your dApp security and integrity are always at stake, which can cause serious issues like data breach and hacking. Therefore, this guide talks about the security vulnerabilities and best practices of AppChains. Based on your use cases, you can choose relevant security implications to enforce on your custom blockchain. 

A Dive into Appchain’s advantages and Adoption

AppChains have unique advantages, such as enhanced customizability, performance, and ownership management. Within less time, AppChains has grown in popularity that has encouraged popular blockchains like Polkadot, Binance, Cosmos, Avalanche, and Polygon to build Polkadot Parachains, Binance Smart Chain, Cosmos Zones, Avalanche Subnets, and Polygon Supernets, respectively. These AppChains enable organizations to build application-specific blockchains with unparalleled AppChain security, custom features, functionalities, and performance, along with the freedom to do upgrades as required. There is much to learn about AppChains, AppChain security, use cases, and its working. Want to cover all those details?

Security concerns and best practices of top-four AppChains 

AppChains, like every other blockchain network, are prone to security risks. As we know, AppChains are custom blockchains that facilitate and manage every component, such as wallets, bridges, explorers, and various nodes, which demand reliable security and encryption. To date, many blockchains have suffered security challenges such as resource/energy inefficiency, poor performance, unauthorized access, and unsophisticated governance mechanisms. Hence, let’s look into the AppChains security implications of the previously discussed top four AppChains; Polkadot Parachains, Cosmos Zones, Avalanche Subnets, and Polygon Supernets, so that you can understand how you can conceal network security for your AppChains abiding by the best AppChain security practices of prominent AppChain networks.

Substrate Parachains

Parachains are built using the Substrate framework, hence let’s explore the security implications of Substrate and Parachains to understand how AppChains can avoid security threats:

Smart contract security

On Substrate, WebAssembly and Solidity contracts are the standard smart contract that provides reliable security. Regarding ideal libraries, use FRAME library and C++ (with support for C++17) compiler. For Solidity-based smart contracts, use the Solidity library and the Solang Solidity compiler.

Account and keys management 

Parachains allow you to build security into on-chain operations such as the security of funds through:

  • Cold- Stash account key
  • warm- Controller account key
  • Hot- Session keys. 

Likewise, this AppChain maintains security of offline devices to limit the permission of multi-signature accounts. Following are the components that Substrate Parachain uses for this:

  • Multi-signature accounts
  • Proxy accounts

Ledger hardware wallet management

Parachains use Ledger Hardware wallet to encrypt private keys and sign the desired transactions online, preventing the risks of threats and security shredding. You can use this hardware wallet to Ledger Live App to buy cryptos, invest in assets, and manage digital assets. With Ledger Live, you can easily collect rewards and parachain tokens from two ledger accounts; Legacy and Crowdloan.

Validators security

Validators are responsible for keeping the consensus secure and verifying the state transitions. Hence, validators should strictly fulfill the below criteria:

  • Must disable RPC access from external machines.
  • Must ensure high availability.
  • Must have enough stake from themselves and nominators.
  • Must have a powerful infrastructure setup to protect validators’ signing keys so that attackers cannot breach the network security to perform slashable activities.
  • Must control the reward wallet and its private key by themselves, even when third-party providers like Zeeve manage nodes. However, Zeeve offers a purely non-custodial wallet for transparency and privacy.

Gas fee configuration

Parachain allows users to configure Gas or transaction fees by adjusting the WeightToFee calculation from the Pallet Transaction Payment Configuration.

Precompiled contracts security

Parachains (like Moonbeam) offers precompiled contracts to enhance developer experience, but it has some security concerns, including the following:

Whitelisting safe contracts: Controls what calls are safe and allow only whitelisted contracts to be safe.

Whitelisting safe function selectors:  Controls various functions and allows only safe functions to be executed.

Bypassing Sender vs Origin checks: Compares the addresses of the tx.origin and msg.sender and ensures that both are the same address to call the functions.

Blockchain metrics monitoring 

By putting a Blockchain Metrics Monitoring feature in place, AppChains can keep track of the real-time performance and health of the network. On top of that, the system should be able to produce alerts on the possible issues of AppChains, including downtime, high CPU usage, and memory running out to ensure high performance.

Cosmos Zones

Smart contracts security 

Comos Zones offers a reliable smart contract platform— CosmWasm, which focuses highly on security, performance, and inter-chain interoperability. CosmWasm’s architecture is optimized to prevent all the malicious activities and risks associated with WebAssembly smart contracts.

Validators security

Validators for Cosmos are allowed to participate in the consensus after they get authorized through broadcasting cryptographic signatures, which guarantees no bad actors join the Cosmos network’s validator set. 

Gas limit

Cosmos network uses Block Gas Meter to track gas usage and ensure that the block does not consume too much gas on a transaction. 

Forking

Cosmos Zones implements fork-accountability as a guarantee to identify the reason for consensus failure and to penalize the responsible parties i.e., validators or other participating nodes. Further, long rage attacks on Cosmos are eliminated through Tendermint Light Clients. 

Ledger hardware wallet management

Cosmos supports Ledger Nano — a hardware wallet to store private keys and allows transactions to be signed offline, preventing attacks and threats. The wallet can also be connected with Ledger Live App, allowing you to stake, earn passive income, track balance in real-time, transaction history, and more. 

Avalanche Subnets

Validators security

Subnets maintains AppChain security by only granting validation permission to nodes that meet the below criteria:

  1. Should Maintain online presence 100% of the time.
  2. Should frequently call API method – info.uptime to check node uptime and ensure it is close to 100%. Further validator node-related information is provided via Validator Health dashboard.
  3. Should specify essential information to the validator set- Node’s ID, Start and stop validation time, staking amount of AVAX tokens, wallet address, and delegation fee. 
  4. Should maintain a minimum of 80% uptime and weightage for validators.
  5. Should manage and secure their Staking Key, as losing this will jeopardize their validation reward.

Smart contract security

Smart contracts transactions on Avalanche Subnets are executed in line with the “optimistic rollup” feature, which ensures AppChain security. ORU further boosts the transaction speed, lowers the gas fee consumption, and thus boosts overall security for Subnets contracts. 

Precompiles

Subnets offer Subnet-EVM with custom functionalities in precompiled contracts. AppChains developers can activate their application-specific precompiles through ChainConfig while setting up Genesis or during upgrades. The following are five important precompile parameters to consider:

  1. Controlling who can deploy smart contracts: If you want to control who can deploy smart contracts on Subnet or your AppChain, use AllowList configuration with the genesis file, or you can also upgrade the file.
  2. Controlling who can submit transactions: To restrict which addresses can submit transactions, you need to activate precompile and provide AllowList configuration within the genesis file.
  3. Minting the native tokens: Precompiled contract allows you to activate the feature to mint native tokens (coins) by providing nativeMinterConfig within the genesis file.
  4. Configuring parameters of dynamic fee: You can activate the feature to configure the dynamic fee parameters by using FeeConfigManager within the genesis file. 
  5. Configuring fee reward mechanisms: You can configure the fee reward mechanism within the precompile contract– RewardManager. Configuration can be about burning fees, sending rewards to a predefined address, or allowing block producers to collect the fees.

Note: You can do configuration as per your use case requirements or upgrade it anytime.

In addition to Precompiled contract-based configurations, you can configure initial parameters like setting gas usage limits, custom fee tokens, and airdrops for your AppChains using the same Subnet-EVM, a fork of the Ethereum Virtual Machine. 

Ledger hardware wallet management

Subnets support a range of hardware wallets— Ledger Stax, Ledger Nano X, Ledger Nano S Plus which are encrypted ledger devices to store the AVAX tokens offline to protect the network against emerging malicious activities , data breach, and digital hacking. Also, you can manage the tokens like buy, send/receive, check transactions history, and more by connecting your hardware wallet to any Avalanche-compatible third-party wallet.

Polygon Supernets

Transactions and peers

Supernets’s PolyBFT consensus is based on a libp2p protocol that offers identity management, peer discovery, and peer routing to ensure only valid peers can deploy smart contracts for the Supernets and complete their purpose, like building decentralized applications or running validators. Subnets also implement a peer-to-peer messaging protocol called Gossipsub that broadcasts new and Relay (smart contract) transactions across the nodes for reliable propagation of messages while reading the network’s overall bandwidth requirements. 

Smart contracts 

EVM is the Subnets’ core infrastructure to deploy and manage smart contracts on AppChain and ensure AppChain security. As discussed, the smart contract transactions must be validated as per libp2p protocol’s security parameters. 

Validators

To become Polygon Supernets validator, participants must be authorized to set up signing nodes, synchronize the data, and stake their tokens on staking management contracts available on the Ethereum mainnet. 

Access control lists

Avalanche Supernets provide comprehensive access control lists to maintain security. ACLs allow the ‘Admin(s)’ and the ‘Enabled’ to manage and control AppChain-specific configurations, contracts, resources, and more. Let’s look at a few major ACLs that ensure a highly secure and controlled environment to run applications:

  • Contract Deployer Allow/Block Lists: Determines the ideal participants to deploy smart contracts on the Subnets.
  • Transactions Allow/Block Lists: Determines the eligible addresses that can send transactions on the Sunsets
  •  Bridge Allow/Block Lists: Manages and limits the access to the bridge and its various functionalities. 

Gas configuration

Gas amount/gas price, transaction fee, and network functionalities on Polygon Supernets are also controlled and managed as per the configurations of the ACL-enabled contract. As such, AppChain developers must build a pre-compiled alternative ACL-enabled contract with customized parameters to restrict gas usage and transaction after a certain usage threshold.

Ledger hardware wallet management

Supernets support Ledger Nano — a hardware ledger wallet that securely stores tokens and private keys and manages transactions regularly while encrypting the sensitive information against hackers. You can choose between Nano S plus and Nano X ledger wallet based on your requirements.

Bridge security

Supernets offer a built-in bridge that facilitates cross-chain interaction. As the bridge mechanism requires communication with multiple EVM networks, it can become an entry point for hackers if security is not in place. Therefore Subnets allocate a highly configured token contact on both the root and the target chain. The contract tracks the asset transfer, identifies users’ authorization, and authenticates that tokens are minted and burned as expected. Moreover, the users of bridges are required to be an expert in utilizing cross-chain bridges. 

A comparison of various AppChains’ security implications 

 

About The Author 

Author

Dr. Ravi Chamria is co-founder CEO of Zeeve Inc, an Enterprise Blockchain company. He has an experience of 18+ years in IT consulting spanning across Fintech, InsureTech, Supply Chain and eCommerce. He is an executive MBA from IIM, Lucknow and a prolific speaker on emerging technologies like Blockchain, IoT and AI/ML.

Passionate About: Blockchain, Supply Chain Management, Digital Lending, Digital Payments, AI/ML, IoT

Specialities: Strategic Management, Technology Innovation, Product Management


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


Zeeve is an enterprise-grade Blockchain Infrastructure Automation Platform. Join the growing list of clients that trust us with their Blockchain initiatives

© Copyright nasscom. All Rights Reserved.