The whole point of using a blockchain is to let people—in particular, people who don’t trust one another—share valuable data in a secure, tamperproof way. That’s because blockchains store data using sophisticated math and innovative software rules that are extremely difficult for attackers to manipulate. But the security of even the best-designed blockchain systems can fail in places where the fancy math and software rules come into contact with humans, who are skilled cheaters, in the real world, where things can get messy.
To understand why, start with what makes blockchains “secure” in principle. Bitcoin is a good example. In Bitcoin’s blockchain, the shared data is the history of every Bitcoin transaction ever made: an accounting ledger. The ledger is stored in multiple copies on a network of computers, called “nodes.” Each time someone submits a transaction to the ledger, the nodes check to make sure the transaction is valid—that whoever spent a bitcoin had a bitcoin to spend. A subset of them compete to package valid transactions into “blocks” and add them to a chain of previous ones. The owners of these nodes are called miners. Miners who successfully add new blocks to the chain earn bitcoins as a reward.