Can We Unchain the Blockchain? A Review of Attacks on Elliptic Curve Cryptography and Countermeasures

ABSTRACT

Elliptic curve cryptography ( ECC ) underpins the security of most blockchain systems, yet its practical implementations face numerous vulnerabilities. In this systematic literature review ( SLR ), we catalogue and analyze attacks on ECC in the context of blockchain security, including side‐channel attacks, nonce/ PRNG failures, cryptanalysis, and implementation flaws, and we survey proposed countermeasures. We follow rigorous SLR methodology with defined inclusion/exclusion criteria, search strategies across databases such as IEEE Xplore, ACM , Scopus, Web of Science, and clear data synthesis, ensuring replicability. Emphasizing empirical case studies and real‐world exploits, we discuss instances where ECC weaknesses led to blockchain breaches including biased elliptic curve digital signature algorithm nonces exposing Bitcoin/Ethereum private keys, smartphone power analysis revealing wallet keys, and Trezor hardware‐wallet key extraction via single‐trace side‐channel analysis ( SCA ). We tabulate known attack vectors versus affected systems, and similarly compare countermeasure techniques such as hybrid classical/quantum schemes, threshold signatures, and zero‐knowledge proofs, along with implementation trade‐offs. We evaluate advances such as Curve25519/ EdDSA and ARM SVE2 to mitigate side‐channel leakage. Our findings highlight that practical security of blockchain cryptosystems depends on correct ECC implementation and emerging cryptographic upgrades, not merely on the mathematical hardness of the elliptic curve discrete logarithm problem.