Ethereum is the second-largest cryptocurrency in the world with very large use cases, from a stablecoin issuance to game operations. Due to its powerful Ethereum Virtual Machine (EVM), Ethereum is able to create various DApps that were not thinkable before its creation.
However, these various use cases also open new doubts and fear, especially among Ethereum's new users. They start asking whether Ethereum is safe to use and whether its security is proven. The problem with this type of question is that there are a lot of different answers, depending on what specific part of Ethereum security they want to know about.
For example, “is Ethereum blockchain safe” and “is Ethereum smart contract safe” would need different answers. This article explores all the security aspects of Ethereum. Before we continue, you might want to learn the basics of Ethereum from this article.
The Security of Ethereum Blockchain
The most common question asked about Ethereum security is its blockchain as a whole. Well, Ethereum blockchain works in a similar way to Bitcoin blockchain and other older gen of altcoins. As of today, Ethereum is still using Proof-of-Work (PoW) consensus algorithm, where the miners need to solve computationally complex puzzles to add new blocks to the chain.
The difference is that Ethereum is designed to operate smart contracts for its virtual machine (Ethereum Virtual Machine), while Bitcoin is only designed to confirm BTC transactions without any intermediary.
And I can confidently say that the structure of the Ethereum blockchain is very safe. It’s very hard to manipulate a blockchain system except if someone makes a 51% attack, which means the same individual or group of people collude to control more than 50% of the network’s mining hash rate.
The problem is that this type of attack is very hard to do on larger and more famous blockchains such as Ethereum because there are more participants and due to the higher amount of required hash power.
Many Ethereum miners are competing against each other, and it’s very unlikely that all big players would combine all of their hash rates to manipulate Ethereum blockchain as it would instantly destroy their long-term business (not to mention it’s much harder to coordinate a collusion like this with thousands of other participants).
The Security of Ethereum Smart Contracts
Now, this is quite a different scenario than Ethereum blockchain. Talking about smart contracts is like talking about a series of codes deployed by different developers. The analogy is like this, just because Android OS is generally safe, that doesn’t mean all applications inside Android would be safe. Why? Because the one who maintains Android OS and the one who maintains all these Android apps are not the same individuals.
The same analogy can be used to describe the security of Ethereum smart contracts. One Ethereum smart contract is written by a different programmer than another Ethereum smart contract. One might be secure, and another one might have some critical flaws in it.
The best way to protect yourself against flaws inside a specific Ethereum smart contract is to audit the codes. Each deployed smart contract is publicly trackable via Ethereum blockchain explorers. You can check the code and see for yourself if they are secure or have some loopholes.
If you are not into coding, you can try to analyze by knowing who’s the developer. If it’s a known company or developer, you might have much better peace of mind compared to if the smart contract is deployed by a new guy in town.
The Security of Ethereum Wallets And Exchanges
This is perhaps the most common mistake in the crypto space. With cryptocurrencies, the typical security problem comes from the wallet and exchanges. With popular crypto wallet apps, most of them connect directly to the blockchain without any centralized server storing sensitive information. It’s up to the users to properly save their wallet backup phrases and private keys.
The problem is, there are many users who refuse to save their backup information just because they are too lazy to do it. If you are afraid of potential remote hackers, you should get a hardware wallet because they require a hardware button to send your cryptocurrencies.
As for crypto exchanges, the problem comes from the fact that crypto exchange wallets are often pooled in one same account. So, if a hacker manages to get into one crypto exchange by exploiting (for example) its API, traders who use the same API to trade with bots inside that same crypto exchange could be affected, and the hacker could possibly withdraw those cryptocurrencies to his own crypto wallet outside the exchange.
This is usually what happens with exchange hacks.
Ethereum blockchain is very safe to use, Ethereum smart contracts depend on who deploys them, and Ethereum wallets (decentralized ones, at least) depend on the users to save their own backup phrase and to not get phished. As for crypto exchanges, you might be exposed if you use the exchange’s API. If you plan to HODL for long-term, better to withdraw your crypto coins from your exchange and just save it in your own wallet.
Ethereum is a powerful Dapp platform, as you can read the explanation from this article, and it’s wise to get the best security standard practice when you dive into its world.