Professional Documents
Culture Documents
CHAPTER 1
INTRODUCTION
1
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
PAYMENTS
2
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
All transactions that occur on a blockchain leave a record. This means that this
technology has the potential to reduce fraud, the financing of terrorism and
money laundering thanks to transaction traceability, provided that anonymity is
prohibited. The first few years of blockchain technology did indeed see a number
of cryptoassets used for illicit purposes, as the authorities were not yet using
blockchain's traceability to pursue these crimes.
DATA LOG
INTELLECTUAL PROPERTY
Similar to the data log, blockchain's intellectual property log can easily and
securely protect the authorship of original works. The latest developments in this
regard revolve around NFTs – unique tokens that, when applied to art, can
guarantee paid royalties. For example, nowadays, if an artist paints a picture,
they only earn however much the painting first sells for. The lack of traceability
in subsequent transactions stops the artist from profiting from any subsequent
sales at a higher price. NFTs resolve this problem: NFTs can be treated as a
unique digital copy of that painting and, because this is recorded and transferred
through a blockchain, you can find out the exact moment of sale and its price.
3
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
EDUCATION
Business schools, universities and even certifying associations are issuing course
certificates and education certificates through blockchain. This application
prevents fraud in job candidates' CVs and can be verified quickly and easily.
FINANCIAL MARKETS
SMART CONTRACTS
They are one of the applications that, together with means of payment,
originated in blockchain. The Ethereum network is the foundation for smart
contracts that aim to simplify processes based on ITTT (if this... then that...)
clause programs. Smart contracts are already used in microinsurance,
crowdfunding systems or transactions that require a notary public.
4
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
1.1BLOCKCHAIN PROTOCOLS:
Protocols are a set of rules that allow data to be shared across the
network. They are a set of guidelines that facilitate the exchange of
information in a simple, efficient, and secure way. Different machines use
different hardware and software but protocols help in communication
irrespective of the difference. The protocols play a very important role as
they help to monitor and secure a computer network.
5
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
6
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The services such as transactions and payment for all services are handled
by protocols. Many protocols allow individuals to make financial
transactions without the involvement of banks. They also allow for
preventing double-spending.
Blockchains are evolving day by day and the protocols are also evolving
at a rapid rate. Every sector, including supply chain, health, finance, etc,
is using a protocol-based blockchain solution.
7
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Advantages:
Disadvantages:
Advantages:
8
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Advantages:
It provides enhanced security.
It is stable and scalable
Disadvantages: It is not very flexible as only parties involved in
the transaction can take part in the decision.
Advantages:
It is an enhanced version of Ethereum and hence supports more
privacy.
It is scalable.
Disadvantages:
It is volatile and has high transaction fees.
It is prone to online hacking.
9
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Advantages:
It helps to establish private blockchains that can be used by
certain organizations.
Multichain allows customizing rules for tokens, transaction
control, etc.
Disadvantages:
It does not support smart contracts.
10
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 2
BLOCKCHAIN TECHNOLOGY WORKING
11
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
4. Consensus Algorithm: The nodes that form a block will try to add the block to
the blockchain network to make it permanent. But if every node is allowed to add blocks
in this manner, then it will disrupt the working of the blockchain network. To solve this
problem, the nodes use a consensus mechanism to ensure that every new block that is
added to the Blockchain is the one and only version of the truth that is agreed upon by all
the nodes in the Blockchain, and only a valid block is securely attached to the
blockchain. The node that is selected to add a block to the blockchain will get a reward
and hence we call them “miners”. The consensus algorithm creates a hash code for that
block which is required to add the block to the blockchain.
5. Addition of the new block to the blockchain: After the newly created block
has got its hash value and is authenticated, now it is ready to be added to the blockchain.
In every block, there is a hash value of the previous block and that is how the blocks are
cryptographically linked to each other to form a blockchain. A new block gets added to
the open end of the blockchain.
12
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Let’s say Jack and Phil are two nodes on the bitcoin blockchain network who wants to
carry out a transaction between them.
Step 1: Facilitating the transaction: Jack wants to send 20 BTC to Phil via the
Blockchain network.
Step 2: Verification of transaction: The message for verification will be sent to all the
nodes on the network. All the nodes will check the important parameters related to the
transaction like Does Jack has sufficient balance i.e. at least 20BTC to perform the
transaction. Is Jack a registered node? Is Phil a registered node? After checking the
parameters the transaction is verified.
Step 4: Consensus algorithm: Since here we are talking about bitcoins so the Proof-of-
Work consensus algorithm will be used for block verification. In proof-of-work, the
system assigns the target hash value to a node, and according to this, it must come up
with a hash for the new block. The node has to calculate the hash value for the new block
that is less than the target value. If two or more miners mine the same block at the same
time, the block with more difficulty is selected. The others are known as stale blocks.
13
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Mining usually rewards miners with blockchain currency. In this case, the blockchain
currency is bitcoin.
Step 5: Addition of the new block in the blockchain: After the newly created block has
got the hash value and authentication through proof-of-work only then it will be added to
the network and the transaction will mark as complete. Phil will receive 20 BTC from
Jack.
The new block will be linked to the open end of the blockchain.
Step 6: Transaction complete: As soon as the block is added to the blockchain, the
transaction will take place and 20 BTCs will get transferred from Jack’s wallet to Phil’s
wallet. The details of the transaction are permanently secured on the blockchain.
Anyone on the network can fetch the information and confirm the transaction. This will
help to keep track of all the transactions and to verify whether any user is trying to
double spend. For example, if Jack tries to carry out a transaction in the future, the rest of
the nodes can check Jack’s past transaction records to check whether Jack has enough
balance to carry out the current transaction. If there is enough balance then the
transaction will be approved.
14
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
15
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
2.1. DATABASE
A database is an organized collection of data. Or, you can say, a data structure that stores
the data. Therefore, Blockchain is just a data structure that stores the data. Like the name
hinted, there will be a chain of blocks.
This basic blockchain has a linked list that is composed of blocks. Each block has the
following properties.
Index
Timestamp
Previous Hash
Hash
Data
16
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The first block is a special block: the genesis block. Genesis block is the only block that
has no previous blocks and does not contain data.
Fig 2.1 diagram of a basic blockchain, which on a base level – is like a spreadsheet with rows and
columns.
TERMS:
BLOCK
One spreadsheet is called a block. The whole family of blocks is the Blockchain.
Blockchain is a distributed ledger, which simply means that a ledger is spread across the
network among all peers (nodes) in the network. Every node has a copy of the Blockchain.
Once a block reaches a certain number of approved transactions then a new block is
formed.
The Blockchain updates itself every ten minutes. It does so automatically. No master or
central computer instruct the computers to do this.
NODE
17
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
WALLET
A wallet is a string of numbers and letters,
such as 18c177926650e5550973303c300e136f22673b74. This is an address that will
appear in various blocks within the Blockchain as transactions take place. No visible
records of who did what transaction with whom, only the number of a wallet. The address
of each particular wallet is also a public key.
DIGITAL SIGNATURE
To carry out a transaction you need two things: a wallet, which is basically an address, and
a private key. The private key is a string of random numbers, but unlike the address the
private key must be kept secret.
When someone decides to send coins to anyone else they must sign the message containing
the transaction with their private key. The system of two keys is at the heart of encryption
and cryptography, and its use long predates the existence of Blockchain. It was first
proposed in the 1970s.
Once the message is sent it is broadcast to the Blockchain network. The network of nodes
then works on the message to make sure that the transaction it contains is valid. If it
confirms the validity, the transaction is placed in a block and after that no information
about it can be changed.
IMPORTANT POINTS:
18
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
transactions.
d. Transactions are entered in the order in which they occurred. Order is very
important.
e. The hash depends not only on the transaction but the previous transaction’s hash.
g. The nodes check to make sure a transaction has not been changed by inspecting the
hash.
i. Each block refers to the previous block and together make the Blockchain.
19
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
A blockchain consists of programs called scripts that conduct the tasks you usually would
in a database: Entering and accessing information and saving and storing it somewhere . A
blockchain is distributed, which means multiple copies are saved on many machines, and
they must all match for it to be valid. The blockchain collects transaction information and
enters it into a block, like a cell in a spreadsheet containing information. Once it is full,
the information is run through an encryption algorithm, which creates a hexadecimal
number called the hash.The hash is then entered into the following block header and
encrypted with the other information in the block. This creates a series of blocks that are
chained together.
Transactions follow a specific process, depending on the blockchain they are taking place
on. For example, on Bitcoin's blockchain, if you initiate a transaction using your
cryptocurrency wallet—the application that provides an interface for the blockchain it
starts a sequence of events. In Bitcoin, your transaction is sent to a memory pool, where it
is stored and queued until a miner or validator picks it up. Once it is entered into a block
and the block fills up with transactions, it is closed and encrypted using an encryption
algorithm. Then, the mining begins. The entire network works simultaneously, trying to
"solve" the hash. Each one generates a random hash except for the "nonce," short for
number used once. Every miner starts with a nonce of zero, which is appended to their
20
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
randomly-generated hash. If that number isn't equal to or less than the target hash, a value
of one is added to the nonce, and a new block hash is generated. This continues until a
miner generates a valid hash, winning the race and receiving the reward. Once a block is
closed, a transaction is complete. However, the block is not considered to be confirmed
until five other blocks have been validated. Confirmation takes the network about one
hour to complete because it averages just under 10 minutes per block (the first block with
your transaction and five following blocks multiplied by 10 equals about 60 minutes).
Not all blockchains follow this process. For instance, the Ethereum network
randomly chooses one validator from all users with ether staked to validate blocks,
which are then confirmed by the network. This is much faster and less energy
intensive than Bitcoin's process.
Because of this distribution—and the encrypted proof that work was done—the
information and history (like the transactions in cryptocurrency) are irreversible. Such a
record could be a list of transactions (such as with a cryptocurrency), but it also is possible
for a blockchain to hold a variety of other information like legal contracts, state
identifications, or a company’s inventory.
21
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Because of the decentralized nature of the Bitcoin blockchain, all transactions can be
transparently viewed by either having a personal node or using blockchain explorers that
allow anyone to see transactions occurring live. Each node has its own copy of the chain
that gets updated as fresh blocks are confirmed and added. This means that if you wanted
to, you could track a bitcoin wherever it goes.
For example, exchanges have been hacked in the past, resulting in the loss of large
amounts of cryptocurrency. While the hackers may have been anonymous—except for
their wallet address—the crypto they extracted are easily traceable because the wallet
addresses are published on the blockchain.
Of course, the records stored in the Bitcoin blockchain (as well as most others) are
encrypted. This means that only the person assigned an address can reveal their identity.
As a result, blockchain users can remain anonymous while preserving transparency.
Blockchain can be used to immutably record any number of data points. This could be in
the form of transactions, votes in an election, product inventories, state identifications,
deeds to homes, and much more.
The nature of blockchain’s immutability means that fraudulent voting would become far
more difficult. For example, a voting system could work such that each country's citizens
would be issued a single cryptocurrency or token.
Each candidate would then be given a specific wallet address, and the voters would send
their token or crypto to the address of whichever candidate for whom they wish to vote.
The transparent and traceable nature of blockchain would eliminate the need for human
vote counting and the ability of bad actors to tamper with physical ballots.
22
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
To sign a new block, a node needs to find an SHA-256 signature that matches specific
criteria. To do so, it will use the nonce field to brute force possible solutions. Any new
block needs to be validated with the majority of the validation nodes forming the
blockchain. Once the block has been validated, it is added to all the nodes of the
blockchain. This way of validating new blocks is called the proof of work (PoW) and was
very prevalent in the early days of blockchain technology. Nowadays, other methods for
validating have emerged, such as the proof of stake (PoS).
If any of the information in the data inside the block is altered, the signature becomes
invalid. To make the block valid again, this signature would need to change. To ensure that
the following blocks still work, a new signature would also need to be generated for each
of them. Even if a node could regenerate those signatures, the changes would need to be
accepted by a majority of the nodes hosting the blockchain.
For these reasons, blockchains are immutable. No information that is included in the data of
the blocks can be changed. They are also managed by a set of decentralized nodes,
removing the need for a central authority to control all the transactions. This immutability
is why blockchains have gained popularity in industries such as finances and real estate.
23
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Thanks to the way that blockchains work, they are ideal for storing asset information. In a
blockchain, one can create and transfer assets over to another entity. These movements are
referred to as transactions.
Blockchains can seem like a great solution to store information, but they do come with a
price. The main limitation is around the performance when it comes to querying the
database. Any new transactions need to be validated by all the nodes, and this can be a
lengthy process, depending on the size of the blockchain itself. Querying the data can also
be challenging, and the speed of read operations is nowhere near that of a database. This is
where blockchain databases come into play.
By combining the power of modern databases with the integrity of blockchains, blockchain
databases offer a way to securely store data while still providing easy ways to query the
data from the transactions.
24
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Blockchain Databases
Data Integrity
Data can only be read or added to the Data can be created, read, updated,
blockchain. or deleted (CRUD operations).
Transactions
Structure
25
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
When a blockchain is created, each block needs to be stored in a central location so that the
blockchain itself can be queried or add new blocks to the chain. MongoDB Atlas, the
database-as-a-service cloud solution from MongoDB, is perfect for storing a blockchain
ledger.
Its flexible schema makes it easy to store complex objects such as transactions.
It has graph chain capabilities with $graphLookup to help efficiently query the blockchain.
Drivers are available for popular languages used in blockchain development, such
as Go, JavaScript, and C++.
Automatic synchronization of databases is available for any mobile device with Atlas App
Services.
On-chain data: On-chain data is the data from the transactions in the blockchain.
Off-chain data: Off-chain data refers to information that is related to the blockchain, but
not stored directly within the blocks. Using MongoDB for off-chain data storage can
provide additional security and privacy.
Centralized ledger: MongoDB can be used to store all the information about the blocks.
This information is stored with cryptographic evidence to avoid any Tampering With The
Data.
Before building a blockchain database, there are some considerations to take into account.
Each deployment scenario is described in deeper detail in the Building Enterprise-Grade
Blockchain Databases with MongoDB whitepaper.
26
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Secondly, how will the data be used? Data used directly by the clients connecting to the
database is referred to as operational data. This is the case for cryptocurrencies. Anyone
can query and perform actions on the blockchain. Non-operational, on the other hand,
would be accessed via an intermediary.
Figure:2.4.1. The blockchain architecture depends on the deployment type and data type.
These two axes will decide which of the following four deployment models you will need
to create.
This blockchain database provides the enterprise with the immutability of the documents
created and the possibility to create and transfer assets.
27
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
This deployment scenario could be used inside an enterprise for data that later needs to be
audited. It can provide a third-party auditor with a solid track for asset transfers.
Just like in the previous scenario, the deployment, in this case, would be centralized and
maintained by a limited number of administrators. The main difference is that the data is
not accessed directly by the clients. Instead, the clients connect to database instances that
can connect and offload parts of the data to the blockchain.
This additional layer reduces the number of nodes needed to agree to accept a transaction,
increasing the overall performance of the database. It also adds more privacy since the data
is only accessible by a limited number of clients controlled by the enterprise.
28
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The use cases for this scenario are similar to the previous method, but where speed or privacy
is more important. Such would be the case for a system that manages customer credit status
across finance and sales systems.
In this scenario, a consortium is created, removing the need for a single entity to control the
database infrastructure. This decentralization increases the immutability of the data since
each member would own a node in the blockchain.
In a decentralized scenario, data privacy will need additional care. For example, a financial
institution client might only want to give read permissions to its data on an as-needed basis to
other consortium members.
This type of deployment can have multiple applications across various industries. Examples
of this type of deployment in the wild include the Open Music Initiative for musicians
and R3 for financial institutions.
This deployment scenario is similar to its centralized counterpart but with multiple
administrators from different consortium members controlling the blockchain.
29
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
This scenario provides the blockchain with the benefits of a decentralized operational data
scenario, with the increased speed and privacy resulting from the limited clients accessing
the blockchain.
A group of researchers wanted to create a tool to timestamp digital documents so that they
could not be backdated or changed. Further, the technique was adapted and reinvented by
Satoshi Nakamoto. In 2008, Nakamoto created the first cryptocurrency, the blockchain-
based project called Bitcoin. The blockchain is a chain of blocks which contain specific
information (database), but in a secure and genuine way that is grouped together in a
network (peer-to-peer). In other words, blockchain is a combination of computers linked to
each other instead of a central server, meaning that the whole network is decentralized.
BLOCKS: Basically, blocks are the backbone of blockchains. You can store data in blocks
permanently but cannot change or delete it after it is stored. Once a block is filled with the
data of transactions, then it will be linked with previous blocks. Every block will have
information such as block size, transaction counter, block header, the previous block's
hash, timestamp, and transaction data.
Know that blocks are linked based on cryptographic methodology. Generally, blocks
are identified with long numbers that will have information about previous blocks as
30
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
well as a new transaction. While creating new blocks, data inside a block is verified by
a blockchain network. After that, you can add new blocks to the blockchain.
▪ FULL NODES: Generally, a full node stores the complete copy of a blockchain. In
other words, once a full node joins a blockchain, it stores copies of all the blocks.
After the node is synchronized with all other nodes in the network, it can add new
31
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
blocks to the blockchain. Full nodes usually have more memory than light nodes.
They can accept, reject, and validate transactions.
▪ LIGHT NODES: They are also known as partial nodes. This is because they don't
copy all the blocks in the blockchain. Instead, they only store the recent blocks and
access older ones only when users request the same. They maintain the hash code
of transactions. You can access data only after solving the hash code. Unlike full
nodes, they have only low computing power and memory.
▪ PUBLIC LEDGER: In this type, anyone can access ledgers since it is open to all
blockchain network participants. There is no central authority in this public ledger
type. And it allows transactions only after verifying the identity of users. At the
same time, participants' identities are hidden until they make any transaction.
▪ DISTRIBUTED LEDGER: In distributed type, all the nodes will have a copy of
databases. A group of nodes will manage the tasks, such as verifying transactions or
adding blocks to a blockchain. You can significantly reduce financial fraud and
cyberattacks by using this ledger. You can access all the information stored in this
ledger using cryptographic signatures and keys.
▪ DECENTRALIZED LEDGER: In this type, no participant needs to trust others
or know their identities. The stakeholders or partners can access real-time data from
the ledgers anytime. This ledger lessens reliance on specific authorities that manage
the network. It brings consistency and improves performance by decentralizing
resources.
32
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 3
The first of the four types of blockchain were introduced with bitcoin, which presented a
public blockchain, but there are various kinds of blockchain. The blockchain technology
used by bitcoin is also known as the first generation of blockchain technology at its
base, is a decentralized digital ledger that houses all types of data. Cryptocurrency
transactions, NFT ownership, or DeFi smart contracts can all be recorded on a
blockchain. A blockchain is a type of shared database, but in contrast to a traditional
database, blockchains store information in blocks linked together using cryptography.
Although this type of data can be stored in any traditional database, blockchain is
special in that it is completely decentralized. Imagine an Excel spreadsheet or a financial
database. Still, instead of being kept in one place by a single controller, a blockchain
database is held on numerous identical copies on numerous machines dispersed
throughout a network. Nodes are the collective name for these distinct computers, and
there are various types of nodes in the blockchain.
Fast: Without using any middlemen, transactions are sent directly from the source
to the recipient.
Consistent: Blockchain networks run seven days a week, twenty-four hours a day,
all over the world.
Cost-effective: Since blockchain networks do not have centralized, rent-seeking
middlemen, they are less expensive to run.
33
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Since there are numerous nodes to validate transactions, permissionless blockchains are
typically safer than permission blockchains since it would be challenging for malicious
actors to coordinate on the network. Yet, due to the high number of nodes and the
magnitude of the transactions, permissionless blockchains also frequently have slow
transaction processing rates.
As with so many other benefits, there are drawbacks, and permissioned blockchains'
faster processing times are no exception. Because permissioned blockchains are
controlled by a single entity, they are less secure and more vulnerable to hacking attacks
than decentralized systems. It could be a company, government, trade association, or
other organization.
34
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
malicious actors to work together. Learn from expert blockchain trainers and develop
blockchain-based applications to earn a good Blockchain professional salary.
35
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
36
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Blockchain is also useful when multiple copies of a ledger are maintained. In this
case, blockchain enables real-time reconciliation without have a third-party trusted
intermediary.
A public permissioned blockchain is one in which some trusted entities write to the
chain but public is allowed to verify. For example, a consumer might want to verify
the source of the fish she buys but only those involved in the supply chain have
permissions to write to the chain. In some applications, such as Cryptologic,
confidential transaction data is hashed before added to the public blockchain.
A private permissioned blockchain can be used when control rests with a single
trusted entity. If multiple organizations are involved, then a consortium blockchain
is preferred.
Cost: It's cost effective since there's no need to do spam control such as
dealing with infinite loops in smart contracts.
37
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Bitcoin and Ethereum are well-known examples of public blockchains but Ethereum can
also be used to create a private blockchain. Open Chain enables private blockchains. Chain
supports permissioned blockchains suited for financial applications. Patientory is a
permissioned blockchain for electronic health records. Ripple is a permissioned
blockchain.
Bitcoin Cash, Zilliqa and Cypherium are permissionless blockchains. Universa and Oracle
Network are permissioned blockchains.
Some platforms can be configured to manage either any type of blockchain. For
example, MultiChain and HydraChain can be used for private or permissioned
blockchains. Hyperledger can be used for private or public blockchains.
However, others argue that the use of cryptography and Merkle trees prevent non-
valid transactions from getting added to the chain. With shared databases, hack on a
single entity will corrupt the database for everyone. This isn't possible with private
blockchains when a consensus algorithm such as Juno is used
38
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
39
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
40
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
▪ HYBRID: It includes both private and public blockchains. So, specific users can
access some data, and all participants in this blockchain type can access the
remaining data. A single entity controls the hybrid blockchain but cannot change
any data. Besides, user identity is hidden until they make any transaction.
41
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
42
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The database is vulnerable to any of a number of potential snafus, included but not limited
to the following.
43
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Considering the security risks, Alice, Bob, Tom, and Hardy wisely opt to use blockchain
technology in their database. Now each partner has a copy of the records or the database. If
a record is entered into one database, it is broadcast to all the others, which must vet the
record before it is entered into the user’s record. Once it is vetted by all the participants,
then the record is entered into the user’s database and the new copy is sent to all of them in
the node.
1. Transparent
2. Secure
3. Immutable
4. Decentralized
Blockchain-based and traditional databases are similar in that they both store information
but differ in terms of functionality. A blockchain-based database complements the
functionalities and features of a traditional database.
Put simply, every blockchain is a database, but every database is not a blockchain. The
decentralized nature — and, of course, the underlying blockchain tech — is what separates
blockchain-based databases from traditional databases.
A blockchain is a digital ledger that stores data in blocks. These blocks are decentralized
and broadcast across all nodes in the network. A traditional database, whether an RDMS or
NoSQL databases, is also used to store data.
The obvious similarity here is that both blockchain-based and traditional databases are used
to store and hold information. They both can store any type of data, be it binary files,
media files, text files, and so on.
44
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
the administrator of the database, Twitter controls what we see; should Twitter decide to
shut down one day, we can kiss our tweets and files goodbye.
With blockchain, the database is not central and there is no administrator. It’s a peer-to-
peer network, just like Napster. Everyone is connected to the network and each node in the
network has a copy of the current database.
When a node in the network wants to write or create a new record in the database, the node
first creates the record and broadcasts it to all nodes in the network. All these nodes then
use a consensus algorithm to vet the new record.
If the vetting process by all nodes is successful, the node writes the record to its database
and broadcasts it. Then, each node in the network writes the record to its respective
database so the state and records are consistent and up to date.
This makes data stored in a blockchain very difficult to tamper with or duplicate. It’s
transparent because all nodes vet each record that is to be entered into the database.
To recap, blockchain-based and traditional databases are both used store information but
they differ in terms of functionality, as shown in the small table below:
Blockchain Database
Decentralised Centralised
Permissioned
Cost support
Cost is one of the most important things to consider when deciding which type of database
to use for your project.Because the old-school way of storing data is still very popular, the
cost of using a normal database is much lower than the costs associated with blockchain.
45
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The expense of building a blockchain and integrating it into your project is comparable to
that of normal software development.
Fault tolerance
If you decide to use blockchain, you’re about to experience the most robust and fault-
tolerant DB you can imagine. Because a traditional database is centralized, it can be hacked
and tampered with.
Blockchain, on the other hand, is very difficult, if not virtually impossible, to compromise.
So if you have sensitive data to store and require a database with high fault tolerance,
blockchain is your best bet.
Performance
Most modern databases have been designed to achieve high performance. SQL and
MongoDB, for example, are very fast off the shelf. Reads and writes are very performant
without any optimization by the administrator.
Blockchain is quite the opposite. Writing to records in the blockchain is relatively slow due
to the many checks and run-arounds that have to occur in the blockchain core before a
record can be written to the database.
Security
Fortunately, blockchain has evolved to the point that you can use the blockchain network
privately within your selected nodes. Traditional databases can also be both made and used
publicly and privately.
46
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Blockchain cryptographically hashes the transactions in its blocks and each block forms a
linked chain with one another. This gives it a high degree of transparency because no node
or client can fault or dispute a record.
BLOCKCHAIN-BASED DATABASES
1. BigchainDB
First announced to the world in February 2016, BigchainDB v0.1 was originally a
traditional database until the development team later added blockchain features. It had
some issues at first. Namely, it had a primary node that did all the writes and broadcasts to
other nodes. The other nodes just read from this primary or master node.
This primary node was the database’s single point of control, which violates the golden
rule of blockchain. When the database is altered, all other nodes see the unvetted changes.
Version 2.0 patched up all these holes and made BigchainDB the most sought-after
blockchain database in the world. BigchainDB’s superb features include the following:
Immutability
The records stored in BigchainDB are tamper-proof. The records are immutable, meaning
that once a record is verified and stored in the database, it can never be altered or changed.
Decentralization
The database is decentralized in a P2P network. There is no single point of command. Each
node in the Bigchain network has a local copy of the MongoDB database, and it
uses Tendermint for network and consensus protocols.
47
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
One advantage of using Tendermint is that it uses Byzantine fault tolerance (BFT), which
enables the blockchain to agree on what the next block will be, even if up to half of the
nodes in the network are faulty. So if a hacker gains access to one of the node’s MongoDB
databases, the network can remove that particular database and still function.
Assets of various types can be stored in the database. The users in the nodes can issue any
assets in the Bigchain network.
According to BlockchainDB, an asset can characterize any physical or digital object that
you can think of, such as a car, a data set, an intellectual property right, etc.
High performance
BigchainDB was built with performance in mind. The use of Tendermint makes it possible
for BigchainDB to achieve high performance.
Tendermint takes only a few seconds to process large transactions and commit them to a
new block. This flies in the face of the notion that committing transactions in a blockchain
takes a whole lot of time.
BigchainDB works very well in many scenarios, notably in supply chain stores, where
there is a need to organize data and provide immutability and transparency.
Database Consensus
2. CASSANDRA
First released in 2008 and written in Java, Cassandra can handle large amounts of data
across many commodity servers, providing high availability with no single point of failure.
48
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Cassandra partitions rows, and each row contains tables that have a required primary key.
With this partitioning, Cassandra can distribute the rows across multiple networks and
devices. It adjusts across the network when rows and partitions are removed and added to
the network.
Cassandra has many notable features that make it a unique blockchain-based DB.
Distributed
There is no central node or single point of control in Cassandra. The rows and partitions
are distributed across the cluster. There is no master cluster because every cluster is both
client and server and identical.
Fault-tolerant
Query language
Cassandra’s structure is quite similar to SQL in that it has rows, tables, and columns.
However, Cassandra does not use the SQL language for querying data. Instead, it has its
own query language, Cassandra Query Language (CQL).
Database Consensus
NoSQL Paxos
49
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
3. CHAINIFYDB
Once a record is entered in one database, ChainifyDB communicates the addition to all
other database nodes. They agree on a certain consensus and the record is written to the
databases, so the records are decentralized, immutable, and transparent.
The difference between ChainifyDB and other blockchain-based DBs is that each block has
its own database/storage area. ChainfyDB does not have its own database; it uses the
databases provided to it and plugs a blockchain layer into them. In other words,
ChainifyDB provides a blockchain layer for already existing databases.
End-to-end encryption
Web frontend
The core vitals, components, and maintenance setup of chainifyDB can all be run from a
web frontend. Unlike other DB solutions, it does not require a lot of tools to set up.
Seamless invasive
The ChainifyDB can be seamlessly connected or plugged into any data stores or databases
without affecting the applications running on the databases.
Database Consensus
50
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
4. COVENANTSQL
As legend has it, co-founder Auxten Wang first conceived of CovenantSQL in 2017 on “a
cold windy day when Jing Mi came to have dinner with me in a BBQ restaurant. He
brought me an interesting idea to build a SQL database on Blockchain. I was excited about
this idea and decided immediately to quit my job and start this project.”
Decentralisation
Just like the blockchain tech it implements, CovenantSQL is largely decentralized across a
P2P network. This makes it fault-tolerant and ungovernable by a single entity.
SQL
SQL is the most widely used and popular database query language in the world.
CovenantSQL uses it because of its popularity and the possibility to add extra blockchain
leverage to it. SQL support makes CovenantSQL a blockchain-based DB to contend with.
Immutability
CovenantSQL’s blockchain makes the database to immutable. All records coming in must
be vetted by all nodes in the network before committing to the database.
51
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Database Consensus
SQL Raft
5. MODEX BCDB
Modex BCDB sits in the middle between the client application and its database. The
approach is different from other blockchain DBs. It plugs into the DBs and modifies their
connectors, providing a blockchain layer between them.
Modex BCDB has a wide range of features, which we’ll break down below.
Modex BCDB is flexible in that it can use other blockchain frameworks. It currently uses
the Hyperledger Sawtooth framework and using the Tendermint protocol in its network and
consensus protocols. Other frameworks Ethereum, and Hyperledger Fabric can be used too.
Modex BCDB supports multiple databases. A node can use MongoDB while another node
can use MySQL, Modex BCDB can seamlessly work and sync data with them without any
configuration any porting to a supported database.
Data management
Modex BCDB can manage data perfectly without any compromise to security. Modex
BCDB knows when and which node it can expose some or all data to. A full node in the
Modex BCDB network is exposed to the whole data, a partial node is only exposed to data
that its APIs requested, and a private node is exposed only data private to it and no one
else.
52
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Database Consensus
6. POSTCHAIN
Postchain stores this data in an SQL database, which is different from all other blockchain
frameworks. Also, Postchain’s transaction logic can be defined in SQL code. This is what
makes Postchain a blockchain-based database.
Transactions are not written to the database via SQL code. Postchain has validators that
work on every node in the Postchain network. Transactions are submitted via highly
encrypted and signed messages. The validators pick up the messages and run in sync to
validate the proof and source of the messages. This sync is done so that all the nodes in the
networks have the same state in their databases.
7. PROVENDB
53
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
A highly secured blockchain database you can use to store all kinds of sensitive
data, such as financial records that are resistant to alteration, intellectual property,
legal documents, public records, and more
ProvenDB is a good choice if you want to use MongoDB and also leverage blockchain in
your applications. ProvenDB provides a REST APIs you can use for making tamper-proof
transactions and storing documents.
ProvenDB provides a secure database for data engineers that is encrypted and tamper-
proof. No wonder it has been recognized by such a wide range of major companies,
including Toba Capital, Microsoft, RegTech, CRN, and more.
Database Consensus
MongoDB None
Blockchain is evolving rapidly. It started with the bitcoin craze and now the whole world is
starting to see the awesome power blockchain wields across a wide variety of industries.
There are so many blockchain-based databases, but the seven mentioned above stand apart
for their popularity and breadth of features.
54
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 4
Blockchain comes with a lot of capabilities. To understand it better, let’s read the below to
know the features of blockchain.
55
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
A blockchain is a chain of blocks that contains information. Most people think that
Blockchain is Bitcoin and vice-versa. But it’s not the case. In fact, Bitcoin is a digital
currency or cryptocurrency that works on Blockchain Technology. Blockchain was
invented by Satoshi Nakamoto. As the name suggests, Each block consists of a number
of transactions, and each transaction is recorded in the form of a Hash. Hash is a unique
address assigned to each block during its creation and any further modification in the block
will lead to a change in its hash.
56
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
1. Immutable
57
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Every node in the network has a copy of the digital ledger. To add a transaction every node
checks the validity of the transaction and if the majority of the nodes think that it is a valid
transaction then it is added to the network. This means that without the approval of a
majority of nodes no one can add any transaction blocks to the ledger.
Any validated records are irreversible and cannot be changed. This means that any user on
the network won’t be able to edit, change or delete it.
2. Distributed
All network participants have a copy of the ledger for complete transparency. A public
ledger will provide complete information about all the participants on the network and
transactions. The distributed computational power across the computers ensures a better
outcome.
In distributed ledger tracking what’s happening in the ledger is easy as changes propagate
really fast in a distributed ledger.
Every node on the blockchain network must maintain the ledger and participate in the
validation. Any change in the ledger will be updated in seconds or minutes and due to no
involvement of intermediaries in the blockchain, the validation for the change will be done
quickly. If a user wants to add a new block then other participating nodes have to verify the
transaction. For a new block to be added to the blockchain network it must be approved by
a majority of the nodes on the network. In a blockchain network, no node will get any sort
of special treatment or favors from the network. Everyone will have to follow the standard
procedure to add a new block to the network.
58
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
3. Decentralized
4. Secure
All the records in the blockchain are individually encrypted. Using encryption adds another
layer of security to the entire process on the blockchain network. Since there is no central
authority, it does not mean that one can simply add, update or delete data on the network.
Every information on the blockchain is hashed cryptographically which means that every
piece of data has a unique identity on the network. All the blocks contain a unique hash of
their own and the hash of the previous block. Due to this property, the blocks are
cryptographically linked with each other. Any attempt to modify the data means to change
all the hash IDs which is quite impossible.
59
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
5. Consensus
Every blockchain has a consensus to help the network to make quick and unbiased
decisions. Consensus is a decision-making algorithm for the group of nodes active on the
network to reach an agreement quickly and faster and for the smooth functioning of the
system. Nodes might not trust each other but they can trust the algorithm that runs at the
core of the network to make decisions. There are many consensus algorithms available
each with its pros and cons. Every blockchain must have a consensus algorithm otherwise
it will lose its value.
6. Unanimous
All the network participants agree to the validity of the records before they can be added to
the network. When a node wants to add a block to the network then it must get majority
voting otherwise the block cannot be added to the network. A node cannot simply add,
update, or delete information from the network. Every record is updated simultaneously
and the updations propagate quickly in the network. So it is not possible to make any
change without consent from the majority of nodes in the network.
7. Faster Settlement
Traditional banking systems are prone to many reasons for fallout like taking days to
process a transaction after finalizing all settlements, which can be corrupted easily. On the
other hand, blockchain offers a faster settlement compared to traditional banking systems.
This blockchain feature helps make life easier.Blockchain technology is increasing and
improving day by day and has a really bright future in the upcoming years. The
transparency, trust, and temper proof characteristics have led to many applications of it like
bitcoin, Ethereum, etc. It is a pillar in making the business and governmental procedures
more secure, efficient, and effective.
60
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Smart Contracts – Blockchain technology enables the creation and execution of smart
contracts, which are self-executing contracts that automatically execute when certain
conditions are met. Smart contracts have the potential to revolutionize various industries by
providing a secure and transparent way to execute contracts.
Transparency – The blockchain ledger is public and transparent, which means that anyone
can access and view the transactions on the network. This makes it a highly transparent
system that is resistant to fraud and corruption.
61
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 5
REALTIME APPLICATIONS OF
BLOCKCHAIN
Healthcare: With blockchain technology, you can easily manage e-medical data, protect
genomic information, and track the history of diseases and outbreaks at a glance.
Blockchain can be used in precision medicine, the latest technology to drastically improve
health output by reducing side effects. You can enhance pharmaceutical products'
traceability from their origin in the supply chain.
62
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Banking: This is where blockchain technology is more highly required than any other
domain. Blockchain helps to speed up financial transactions and, at the same time, removes
friction in the process. Mainly, you can reduce fraud and enable multi-party monitoring in
real-time. In addition, blockchain simplifies calculation and reporting, funds traceability,
reconciliation, settlements, digitising assets, and many more.
Supply Chain: By using blockchain, you can track the movement of products seamlessly.
As a result, you can get visibility across the supply chain. Blockchain simplifies new
supplier onboarding. Not just that, it helps businesses from forgery and misuse of
resources. In short, blockchain ensures a resilient, confidential, trustful, and transparent
supply chain.
Media and Entertainment: Blockchain can play a crucial role in online ticketing, peer-to-
peer sales, rights management, and content distribution. It helps to eliminate fraud,
streamline bills and to invoice, and automate royalty payments. Using blockchain, you
support making micropayments and usage-based consumption models. Moreover, you can
monitor ad metrics to analyse how budgets are spent.
63
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
When talking about blockchains, we commonly think of its applications in the future.
“Blockchain will solve this, blockchain will achieve that”. It’s easy to forget that
blockchains are already deployed in the wild.Pick an industry, from automobiles to
artificial intelligence, and odds are you’ll find examples of blockchains in action. In all
quarters and all circles, blockchains are making their mark. Even the US Treasury is in on
the act, advocating for more pilot projects and test programs.The ‘World Economic Forum’
anticipates that 10% of global GDP will be stored on the blockchain by 2025. That means
the global executives out there are preparing for this seismic shift, and are ready to
completely back its implementation. The impact of distributed ledger technology could be
as grand as the internet revolution itself. The use cases differ, but the benefits derived from
using the technology remain unchanged: transparency, immutability, redundancy and
security. In 2018, new blockchain initiatives are launched every day. Here are 50 examples
of blockchains in use around the globe.
64
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Border Control: At present, passengers on the Eurostar train between the two countries
undergo border control checks at multiple points. Blockchain would provide a means of
ensuring that the data has not been tampered with and is verifiably accurate.
Healthcare: Medical records are notoriously scattered and erroneous, with inconsistent
data handling processes meaning hospitals and clinics are often forced to work with
incorrect or incomplete patient records. Healthcare projects such as MedRec are using the
blockchain as a means of facilitating data sharing while providing authentication and
maintaining confidentiality.
Enterprise: Clients of Microsoft Azure Enterprise can access the Ethereum Blockchain
as a Service. This provides businesses with access to smart contracts and blockchain
applications in a secure hosted environment. Google is also reported to be working on a
proprietary blockchain to support its cloud-based business. Parent company Alphabet is
developing a distributed ledger that third parties will be able to use to store data, believed
to be in regards to Google’s cloud services for enterprises, with a white label version for
companies also in the works.
Medical: Medical centers that have digitized their patient records don’t distribute their
data across multiple facilities, instead keeping them on-site on centralized servers. These
are a prime target for hackers, as evidenced by the ransomware attacks that struck NHS
hospitals in the UK. Even if security risks are overlooked, there is still the problem of
fragmentation. There are currently more than 50 different electronic healthcare record
(eHR) software systems that operate in different hospitals, often with dozens of different
65
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
packages within the same city. These centralized systems do not interoperate with one
other and patient data ends up scattered between disparate centers.
In life-and-death settings, the lack of reliable data and sluggish interfaces may prove
devastating. Patient privacy is maintained on a secure decentralized network where access
is granted to only those who are medically authorized and only for the duration needed.
Supply Chains: Supply chain management is seen as one of the most beneficial use
cases for blockchain, as it’s ideal for industries where goods are passed through various
pairs of hands, from beginning to end, or manufacturer to the store . IBM and Walmart
have teamed up to launch Blockchain Food Safety Alliance in China. The project, run in
conjunction with Fortune 500 company JD.com, is designed to improve food tracking and
safety, making it easier to verify that food is safe to consume. China is proving to be a ripe
test bed for blockchain projects, for it’s also home to the world’s first agricultural
commodity blockchain. Louis Dreyfus Co, a major food trader, has set up a project with
Dutch and French banks which are used for selling soybeans to China, with transactions
settled quicker than traditional methods thanks to the use of blockchain technology.
Diamonds: The De Beers Group, the world’s most famous diamond company, now has
its own blockchain up and running, designed to establish a “digital record for every
diamond registered on the platform”. Given concerns about the source of diamonds, and
the ethics concerning their country of origin, coupled with the risk of stones swapped for
66
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
less value ones along the line, blockchain is a natural fit. Because each record is indelible,
it will ensure that data for each stone lasts as long as the diamonds themselves.
Real Estate: Ukraine holds the honor of becoming the first nation to use blockchain to
facilitate a property deal. A property in Kiev was sold by prominent cryptocurrency
advocate and TechCrunch founder Michael Arrington. The deal was enabled with the aid
of smart contracts on the Ethereum blockchain, and is intended to be the first of many
completed by Propy, a startup specializing in blockchain-based real estate deals.
Fine Art: Similar to the diamond trade, the art industry is dependant on the provenance
and authenticity of artworks. While blockchain cannot authenticate a painting to determine
whether it is an original or forgery, it can be used to prove the piece’s previous owners. In
addition, blockchain is now used as a means of acquiring art. It’s another example of how
blockchain technology can be used to make tangible objects easily tradable and
exchangeable from anywhere in the world, without the need to physically transfer them
from secure storage.
67
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Land Registry: Blockchain once again proves that it’s not just applicable in the crypto
space and by small companies. The government of Georgia uses it to register land titles.
They have created a custom-designed blockchain system and integrated it into the digital
records system of the National Agency of Public Registry (NAPR). Georgia is now taking
advantage of the transparency and fraud reduction offered by blockchain technology.
68
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Computation: Amazon Web Services have collaborated with Digital Currency Group
(DCG) to improve their database security with the help of blockchain. They will provide a
platform for DCG’s startups to work, as well as technical support for their projects.
Insurance: Blockchain in the insurance industry is often talked about, but many don’t
know the technology has already been implemented. For instance, Insurer American
International Group Inc, in partnership with International Business Machines Corp, has
completed a pilot of a so-called “smart contract” multi-national policy for Standard
Chartered Bank PLC and plans to manage complex international coverage through
blockchain.
Journalism: Permanence is now a hot topic in the journalism trade. One wrong move
and years of hard work and research could go down the drain. Blockchain is one smart
solution to the problem. Civil, a decentralized journalism marketplace, apart from obvious
blockchain benefits, offers an economic incentive model for quality news content, coupled
with the ability to permanently archive content, which will remain accessible at any time in
perpetuity.
Smart Cities: Smart cities are not the stuff of science-fiction anymore. Taipei is
attempting to position itself as a city of the future with the help of Distributed Ledger
Technology. It has announced a partnership with IOTA and they are already working on
creating cards with light, temperature, humidity and pollution detection.
69
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Railways: In Russia, rail operator Novotrans is using blockchain technology with a goal
to improve the speed of its operations. The company, which is one of the largest rolling
stock operators in the country, will be using blockchain to record data pertaining to repair
requests, inventory and other matters pertaining to their operations. The idea is that
blockchain records will be more resistant to tampering and data corruption..
Gaming: One of the most influential companies in the gaming industry, Ubisoft, is
researching on how to implement blockchain into its video games. Specifically, it’s
focusing on the ownership and transfer of in-game items such as rewards and digital
collectibles. These have already been successfully demonstrated in action using the
Ethereum blockchain.
70
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
71
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
72
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
73
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
74
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 6
Blockchain is a list of blocks. Each block comprises information such as transactions and a
unique hash to identify each block. It is a distributed, decentralized ledger that is widely
becoming popular these days. Security is managed in order to protect some vital
information so that hackers or other unauthorized users do not get access to it. With the
increasing dependency on Blockchain networks, Blockchain security has become a prime
concern. Blockchain security is a risk management technique that aims to secure
transactions and hence the whole blockchain network. It is usually implemented with the
help of cybersecurity, authorized services, and ethical users.
For example, if someone altered a record, then they could steal a limitless amount
of
money. Or, if they merely read all the transactions, then they could gain access to sensitive
private information. In the blockchain, the ledger is decentralized. This means no single
computer or single system has control over the ledger at any one time. It would take an
75
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Another tenet of security is the chain itself. The ledger exists as a long chain of
cryptographically encrypted sequential blocks. Each chain represents another
piece of the overall puzzle. Structurally, these records date back all the way to the
system’s launch. This means anyone who tries to alter a transaction would first
have to alter all transactions leading up to that transaction, and do so accurately.
This makes the hypothetical tampering process much more complicated. Also, it
greatly increases the overall security of the system.
Unlike present payment systems, in a block chain model here are hundreds to
thousands of distinct nodes. Each node has a complete copy of the digital ledger.
These can independently work to verify the transaction. If the nodes don’t agree,
then the transaction is cancelled. This system keeps the ledger tidy. Additionally,
due to its complex mechanisms it is very difficult to commit a fraudulent
transaction.
The cryptographic keys along with two keys system used in block chain exchanges
are very long, complex and difficult to decipher unless one has authorization to
view the keys.
Blockchain has got very complex and rugged structure. In spite of this, in this technology
there exists following problems and challenges w.r.t to security. Apart from double
spending, which will always be possible in Bitcoin, the attack space includes a range of
wallet attacks (i.e., client-side security), network attacks (such as DDoS, sybil, and eclipse)
and mining attacks (such as 50%, block withholding, and bribery).
o Traditional Challenges:
76
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
The use of a distributed ledger implies that data is shared between all counterparties on the
network. On one side this could potentially have a negative impact on the confidentiality;
while on the other, it has a positive impact on availability with many nodes participating in
the Blockchain, making it more robust and resilient.
a. Key Management:
Private keys are the direct means of authorizing activities from an account, which in the
event they get accessed by an adversary, will compromise any wallets or assets secured
by these keys. Potentially different private keys could be used for signing and encrypting
messages across the distributed ledger. An attacker who obtained encryption keys to a
dataset
would be able to read the underlying data. A private key is usually generated using a secure
random function, meaning that reconstructing it is difficult, if not impossible. If a user
loses a private key, then any asset associated with that key is lost. If a private key is stolen,
the attacker will have full access to all assets controlled by that private key and once a
criminal steals the key and transfer funds to another account, it cannot be undone.
b. Cryptography:
c. Privacy:
Privacy is an additional issue that emerges from the use of Blockchain technology. In a
permissionless ledger, all counterparties are able to download the ledger, which implies
that they might be able to explore the entire history of transactions, including those to
which they are not members. In a permissioned ledger, exploitation of authorised agent’
or smart contract capabilities could lead severe exposure of privacy, according to the
access right of the agent or smart contract authors.
77
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
With Proof of Work, the probability of mining a block depends on the work done by the
miner (e.g. CPU/GPU cycles spent checking hashes). Because of this mechanism, people
will want to join together in order to mining more blocks, and become “mining pools", a
place where holding most computing power. Once it holds 51% computing power, it can
take control of this blockchain. This may create security issue in a chain.
If someone has more than 51% computing power, then he/she can find Nonce value
78
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
quicker than others, means he/she has authority to decide which block is permissible.
After this attacker can:
o Modify the transaction data, it may cause doublespending attack.
o To stop the block verifying transaction.
o To stop miner mining any available block.
Distributed Denial of Service attacks coming out of the nature of the distribute ledger
remain a concern. For example, if rogue wallets decide to push large numbers of spam
transactions to the network it could create potentially a denial of service and increase the
processing time, as the nodes will be checking the validity of the fraudulent transactions.
In March 2016, the Bitcoin network was slowed to a near halt. The cause was a Bitcoin
wallet pushing large volumes of spam transactions with a higher than average transaction
fee. This caused miners to prioritise these transactions when computing new blocks.
Within a permissioned ledger, it would be possible for nodes to agree to ignore or even
block the issuer of such spam transactions. However, if an attacker is able to control a
large number of clients, they might be able to severely disrupt the network by pushing
large volumes of irrelevant transactions.The distributed nature of Blockchain architecture
introduces the prospect that it wouldbe difficult to shut down a malicious program.
f. Wallet Management:
Wallet management represents the process and technology used with which a wallet
software operates with the keys assigned to it. The wallet software would need to protect
the keys from being accessed without authorization, in both cases while stored, but also
while in operation with the software.
Losing access to a given wallet might preclude a financial institution from authorising
transactions or moving assets. It might be difficult for an entity to be aware that a
malicious user has access to the wallet, because copying or stealing the keys might not
leave any trace on a computer.
g. Eclipse Attack:
An eclipse attack is when majority of peers are malicious and they prevent the user from
79
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
h. Sybil Attack:
This attack effects whole network. A Sybil attack is an attack where a single adversary is
controlling multiple nodes on a network. It is unknown to the network that the nodes are
controlled by the same adversarial entity. For example, an adversary can spawn up multiple
computers, virtual machines, and IP addresses. They can create multiple accounts with
different usernames and e-mail addresses and pretend that they all exist in different
countries.
i. Double Spending:
A client in the Bitcoin network achieves a double spend (i.e., send two conflicting
transactions in rapid succession) if she is able to simultaneously spend the same set of
bitcoins in two different transactions. Mainly, Double-Spending within BTC is the act of
using the same bitcoins (digital money files) more than once. somehow an attacker
captures 51% of the hash power of the network, double spending can happen. “Hash
power” means the computational power which verifies transactions and blocks. If an
attacker has this control, he/she can reverse any transaction and make a private blockchain
which everyone will consider as real. But so far, no such attack has happened because
controlling 51% of the network is highly cost intensive. It depends on the present difficulty
of mining, the hardware price, and the electricity cost, all of which is infeasible to acquire.
Blockchain network usually have the mechanism to prevent double spending. Suppose a
user have 1 BTC which he tries try to spend twice. He made the 1 BTC transaction to a
merchant. Now, he again signs and send the same 1 BTC on another Bitcoin address to try
and trick the merchant. Both transactions go into the unconfirmed pool of transactions. But
only his first transaction got confirmations and was verified by miners in the next block.
His second transaction could not get enough confirmations because the miners judged it as
invalid, so it was pulled from the network. But if both the transactions are taken
80
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
simultaneously by the miners? When miners pull the transactions simultaneously from the
pool, then whichever transaction gets the maximum number of confirmations from the
network will be included in the blockchain, and the other one will be discarded. However,
there is a possibility of unfair for the merchant, as the transaction might fail in getting
confirmations. That’s why it is recommended for merchants to wait for a minimum of 6
confirmations. Here, “6 confirmations” simply means that after a transaction was added to
the blockchain, 6 more blocks containing several other
transactions were added after it. “Confirmations” are nothing but more blocks
containingmore transactions being added to the blockchain. Each transaction and blocks
are
mathematically related to the previous one. All these confirmations and transactions are
time-stamped on the blockchain, making them irreversible and impossible to tamper with.
So if a merchant receives his/her minimum number of confirmations, he/she can be
positive it was not a double spend by the sender.
j. Routing attacks:
In this attack, set of nodes are isolated from the Bitcoin network, delaying block
propagation. In this attack, the adversary delays the delivery of a block by modifying the
content of specific messages. This is possible due to the lack of encryption and of secure
integrity checks of Bitcoin messages. In addition to these, the attacker leverages the fact
that nodes send block requests to the first peer that advertised each block and wait 20
minutes for its delivery, before requesting it from another peer.
In this section, we briefly present the existing real-world security breaches/incidents that
have affected adversely to Bitcoin and its associated technologies, such as blockchain and
PoW based consensus protocol.
a. One of the biggest attacks in the history of Bitcoin have targeted Mt. Gox, the largest
Bitcoin exchange, in which a year’s long hacking effort to get into Mt. Gox culminated
in the loss of 744,408 bitcoins. However, the legitimacy of attack was not completely
confirmed, but it was enough to make Mt. Gox to shut down and the value of bitcoins
81
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
b. Silk Road: In 2013, another attack called Silk Road, the world’s largest online
anonymous market famous for its wide collection of illicit drugs and its use of Tor and
Bitcoin to protect its user’s privacy, reports that it is currently being subjected to what
may be the most powerful distributed denial-of-service attack against the site to date.
As per initial investigations it was indicated that a vendor exploited a recently
discovered vulnerability in the Bitcoin protocol known as “transaction malleability”
to repeatedly withdraw coins from system until it was completely empty.
L. Countermeasures:
In this section, the state of art security solutions that provide possible countermeasures
for the array of attacks as explained above on blockchain or its different applications:
13.1. No more double spending:
The transaction propagation and mining processes in Bitcoin provide an inherently high
level of protection against double spending. This is achieved by enforcing a simple rule
that only unspent outputs from the previous transaction may be used in the input of a
next transaction, and the order of transactions is specified by their chronological order
in the blockchain which is enforced using strong cryptography techniques. This boils
down to a distributed consensus algorithm and timestamping. The most effective yet
simple way to prevent a double spend is to wait for a multiple numbers of confirmations
before delivering goods or services to the payee. In particular, the possibility of a
successful double spend decreases with increase in the number of confirmations
received.
m. Securing wallets:
A wallet contains private keys, one for each account. These private keys are encrypted
using the master key which is a random key, and it is encrypted using AES-256-CBC with
a key derived from a passphrase using SHA-512 and OpenSSLs EVP BytesToKey. Private
key combined with the public key generates a digital signature which is used to transact
82
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
from peer-to-peer. Bitcoin already has a built-in function to increase the security of its
wallets called “multi-signature”, which tightens the security by employing the splitting
control technique. For instance, BitGo - an online wallet which provides 2-of-3
multisignature transactions to its clients. However, the drawback of using the
multisignature transactions is that it greatly compromises the privacy and anonymity of the
user.
A manual method of wallet protection was proposed by called “cold wallet”. A cold wallet
is another account that holds the excess of an amount by the user. This method uses two
computers (the second computer has to be disconnected from the Internet) and using the
Bitcoin wallet software a new private key is generated. The excess amount is sent to this
new wallet using the private key of a user. Authors in claim that if the computer is not
connected to the Internet, the hackers will not get to know the keys, hence the wallet
safety can be achieved.
83
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
(I) configure the network in a way that malicious packets and requests from unnecessary
ports will be prohibited,
(II) implement a third party DoS protection scheme which carefully monitors the network
and identify variations in the pattern.
enabling secure transactions without the need a central authority.technology will have a
profound impact for telecom users and industries including telecom service providers. This
can be major source in increasing the revenue of service providers. Hence, there is a need
for identifying the roles and responsibilities of telecom users, operators and service
provider with regards to security aspects in the DLT environment.
Sybil Attack: Hackers try to increase the traffic in the network like Sybil Attack. In
this, the malicious user floods the network with unnecessary packets to create
traffic in the network.
Eclipse Attack: Hackers try to make duplicates of the node. This is an eclipse
attack. The user eclipses(hides) the original node and broadcasts the fake node that
was created by the hacker.
51% Attack: Hackers try to control the network. They take control of 51% of the
mining and this attack is known as 51%Attack.
Finney Attack: In the Finney attack, the hacker hides the original block and
broadcasts the fake block. The transaction is performed. After that transaction for
the original block is performed. So a case of double expenditure happens.
Attack Wallet: In this hackers try to attack users’ wallets to perform unnecessary
transactions.
So security is of prime concern in blockchain as millions and millions of
transactions are involved and these are the reasons why Blockchain networks
should be secured.
Best Practices For Building Secure Blockchain Solutions
85
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Companies are using many ways to make a smooth secured network for users. But
users also have some responsibility so that the whole system gets secured. Some of
the ways are:
Use of Cold Wallet: Cold Wallets do not connect to the Internet, therefore users can
secure their private keys. The wallet is not prone to cyberattacks.
Secure the Internet: Often hackers try to hack Wifi. Users must avoid public wifi
networks at all costs as any hacker can use public networks and can use malware to
steal valuable information.
Avoid Phishing: Phishing attacks are common nowadays. Users should not click
malicious advertisements. They should remove all the spam emails.
Password: It is always advisable to use strong passwords with a combination of
alphabets, numbers, and special characters. Passwords should be changed regularly.
Security of personal devices: Personal devices should be up to date. The patches
should be fixed and the latest antiviruses should be installed to protect from virus
attacks.
Blockchain Penetration Testing: Those who create blockchain networks should get
penetration testing done by an ethical hacker to test the strength of the security
blockchain networks and find vulnerabilities if present.
Secure keys: Keys should be secured by the user. Strong cryptographic keys should
be used Users should not share the keys with other users.
Use private permissioned blockchain: Business entrepreneurs should use private
permissioned blockchain. The permission is necessary as each user is verified
before allowing them to enter the blockchain.
There are two different types of Blockchain and security is totally different in these two
types:
86
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
privacy, still it is more prone to hacks. The reason is that this network relies on third parties
so data can be manipulated and the network is also small.
Public Blockchain: This is also known as the open blockchain. Here no permission is
required. Anybody can take part in the network. Data on a public blockchain are secure as
it is immutable and the network is highly decentralized. This network is highly secured, but
privacy is a huge concern. Anybody can read the transactions and all the users are not
verified.
Although Blockchain is highly decentralized and we all know that decentralized networks
are more transparent and secured. Still, there are some loopholes that hackers take
advantage of. Some of them are:
There are many blockchain attacks like Finney attack, Race attack, 51% attack, eclipse
attack, Sybil attack, DDoS, routing attack, etc.They often flood the network with useless
blocks. They often target specific users and try to attack their wallets.Some hardware is
expensive, so hackers often target the hardware resources for their own selfish purposes.
Blockchain has become really handy for entrepreneurs as they can perform transactions
anytime, anywhere. It also allows a solution to rapidly size and scale, and many solutions
can be adapted for multiple tasks. So security is also required in these cases:
Each user should be verified before allowing them to access the blockchain.
All transactions within the blocks are validated by business users and are agreed upon by a
consensus mechanism.
The blocks should be immutable so that once a transaction is done, it cannot be reverted.
Businessmen should use strong cryptographic keys.
87
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
As we all know, blockchain is highly decentralized and many security features have also
been enhanced, still, it is becoming a challenge to apply the security rules. For a big
blockchain network, it is impossible to verify each user. Checking each user’s identity is
not possible as millions and millions of users are connected. Even if a centralized approach
is used, the administrator might take control of the whole network. Then they can illegally
perform mining for his /her own purposes. While blockchain is used for cryptocurrency
traders, it’s increasingly being used in other fields as well. So testers often do not test the
network properly, thus hackers can exploit the vulnerabilities.
Many companies are giving prime focus on blockchain security as millions of users are
dependent on blockchains. Some of them are:
6.6.BLOCKCHAIN IN TELECOM:
Service providers (SPs) have traditionally owned the end-to-end telecoms value chain for
voice and data connectivity, and related consumer services. However, in an environment
the top (OTT) players, together with decreasing revenues from voice and increasing costs
due to the high band-width demands, there is a need to both reduce costs and find new
sources of revenue. Following are the cases or scenarios where this technology can be
88
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
used:
roaming and in identity management. Identity fraud can occur when a person uses false
identification to obtain services such as a physical SIM card. Blockchains inherent public
key cryptography capability can be used to link a mobile device to the owner's identity.
Instead of broadcasting the IMSI to the network to identify the device, the phone
generated public key can be broadcasted. The device generates this public key from the
private key that is stored securely on it. Neither the carrier nor any other third party
blockchain between every pair of operators that have a roaming agreement. Every time
a subscriber triggers an event in a visiting network, a micro contract and the terms of the
roaming contract based on call/event data enables near instantaneous charging and
blockchain.
Currently, every time during signing up, proof of identity or credentials are required. PII
(Personal Identity Information) is required even though most of the information would
not be needed by every vendor; the vendor would only need a subset of that information.
or utilizing the services of third party providers (such as Google and Facebook) to use
their SSO (Single Sign On) functionalities. This leads to many challenges such as lack of
89
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
A blockchain can be used as the shared ledger that stores identity transactions. The SP’S
subscriber opens an account with a SP, it creates a digital identity. The private key
associated with this identity is stored safely on the eSIM. The SP creates a virtual identity,
using the public key from the digital identity and adds a set of standard fields (name,
address, etc.) as required. It then adds a digital signature using its own private key. A
pointer to this virtual identity along with necessary descriptors is then added to the
blockchain. If the subscriber now visits a partner website, say an e-commerce site, the
site will need to know their identity, so the merchant site starts running the
corresponding app on the phone to provide the identity. A copy of the ledger entry is sent
to the e-commerce site app. Now the e-commerce app can look at all entries for that same
virtual identity. Once the virtual identity is established, the e-commerce site needs to
know that the virtual identity belongs to the subscriber so its app takes the public key
from the virtual identity, encrypts a challenge and sends it to their app which decrypts it
(because it has the associated private key) and responds. Now the e-commerce site
generates an e-commerce virtual identity which is then stored in the ledger itself. The
next time the subscriber visits the same e-commerce site, he can be authenticated using
the same mechanism. Also, the ledger already holds his transaction history and hence
knows his preferences. The e-commerce site can use related insights for a
recommendation engine. The subscriber can also use the same e-commerce virtual
identity to login to a completely different e-commerce site using the same mechanism.
The SP virtual identity can be used to help create further virtual identities similar to
theecommerce one (such as a travel virtual identity). This identity need not know all of the
details from the subscriber’s digital identity, only the ones that are relevant (such as his
90
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
home location) and add other attributes (such as his preferred mode of travel) to create
a travel virtual identity. The possibilities of such identity management are limited only
by the number of partner service providers that the SP can sign on to the blockchainbased
system.
IoT devices with cost-efficient self-managed networks. For example, machines within a
manufacturing plant will be able to communicate and authenticate themselves via the
will for example only be needed if individual machines require service on the basis of
various networks, SPs will need to handle heterogeneous access nodes and diverse access
mechanisms. Selecting the fastest access node for every user or machine will be a central
challenge in the future. Blockchain can enable a new generation of access technology
ANDSF, which stands for Access Network Discovery and Selection Function, is an entity
within the EPC (Evolved Packet Core) which helps in the discovery/selection of access
networks, such as Wi-Fi, WiMAX, and LTE, in the device vicinity, providing them with
rules policing the connection to these networks. It consists of a list of access networks,
such as Wi-Fi, that may be available in the vicinity of a device. This information is
received
in response to a device request which contains its location and capability, such as types
91
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
of supported interfaces, among others. The received information assists the device in
expediting connection to these networks. The ANDSF response the type of access
technology (Wi-Fi, WiMAX, etc.), the access network identifier, and technology-specific
information (such as one or more carrier frequencies). It mainly works on client server
model.
The 3GPP (LTE, GPRS) and non-3GPP (WiMAX, WLAN, Wi-Fi) access networks in a
given area can be networked via a blockchain where each access point (Wi-Fi router, SP
cell
tower, etc.) can serve as a node in the network monitoring the devices. Rules and
agreements between the various access providing networks can be coded as smart
contracts. These contracts can be dynamic in nature wherein any time a policy needs to
be changed, only the contract code needs to be changed. When a device broadcasts its
identity, it is accepted into the network by the corresponding SP cell. Once the device
broadcasts its location, the access node that can best provide service to the device is
called upon to do so. This also allows for seamless rating and charging of all services
92
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 7
Blockchain increases trust, security, transparency, and the traceability of data shared across
a business network — and delivers cost savings with new efficiencies.
Enhanced security
Your data is sensitive and crucial, and blockchain can significantly change how your
critical information is viewed. By creating a record that can’t be altered and is encrypted
end-to-end, blockchain helps prevent fraud and unauthorized activity. Privacy issues can
also be addressed on blockchain by anonymizing personal data and using permissions to
prevent access. Information is stored across a network of computers rather than a single
server, making it difficult for hackers to view data.
93
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Greater transparency
Without blockchain, each organization has to keep a separate database. Because blockchain
uses a distributed ledger, transactions and data are recorded identically in multiple
locations. All network participants with permissioned access see the same information at
the same time, providing full transparency. All transactions are immutability recorded, and
are time- and date-stamped. This enables members to view the entire history of a
transaction and virtually eliminates any opportunity for fraud.
Instant traceability
Blockchain creates an audit trail that documents the provenance of an asset at every step on
its journey. In industries where consumers are concerned about environmental or human
rights issues surrounding a product — or an industry troubled by counterfeiting and fraud
— this helps provide the proof. With blockchain, it is possible to share data about
provenance directly with customers. Traceability data can also expose weaknesses in any
supply chain — where goods might sit on a loading dock awaiting transit.
Automation
Transactions can even be automated with “smart contracts,” which increase your efficiency
and speed the process even further. Once pre-specified conditions are met, the next step in
transaction or process is automatically triggered. Smart contracts reduce human
intervention as well as reliance on third parties to verify that terms of a contract have been
met. In insurance, for example, once a customer has provided all necessary documentation
to file a claim, the claim can automatically be settled and paid.
94
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Moreover, the software code that powers the blockchain is free and open-source, meaning
that developers can use that code to build decentralized applications (dapps) on the
blockchain—and even to build dapps on top of dapps. This is a huge benefit to businesses,
as they can build on existing code to create new dapps that offer very specific business
solutions.
Over the past 12 years, thanks to fast-growing interest in blockchain technology and the
popularity of Bitcoin, crypto has exploded as an industry. Today, cryptocurrencies and
tokens are the foods that nourish blockchain-based ecosystems. They serve to address
different concerns across markets, and they function in very specific ways. The many
benefits of cryptocurrency for businesses and individuals highlight a blockchain’s unique
capabilities.The many benefits of cryptocurrency for businesses and individuals highlight a
blockchain’s unique capabilities.Cryptocurrencies and tokens nourish blockchain-based
ecosystems.
Bitcoin was first mined in 2009, just after the 2007-2008 world financial crisis, which
underscored the public’s growing frustration with dysfunctional centralized systems. The
dissolution or bailout of financial services companies once considered “too big to fail”
highlighted the harsh realities of counterparty risk. Lehman Brothers, for example, was the
fourth-largest US investment bank when it initiated bankruptcy proceedings in 2008. The
company’s closing sent shock waves through the entire financial industry, contributing to
95
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
96
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
97
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Blockchain benefits in supply chains and food chain ,Building trust between trading
partners, providing end-to-end visibility, streamlining processes, and resolving issues faster
with blockchain all add up to stronger, more resilient supply chains and better business
relationships. Plus, participants can act sooner in the event of disruptions. In the food
industry, blockchain can help ensure food safety and freshness, and reduce waste. In the
event of contamination, food can be traced back to its source in seconds rather than days.
When financial institutions replace old processes and paperwork with blockchain, the
benefits include removing friction and delays, and increasing operational efficiencies
across the industry, including global trade, trade finance, clearing and settlement, consumer
banking, lending, and other transactions.
payers and researchers. Control over access remains in the hands of the patient,
increasing trust.
As pharmaceutical products move through the supply chain, every action is recorded. The
resulting audit trail means an item can be traced from origin to pharmacy or retailer,
helping to prevent counterfeiting and enabling manufacturers to locate a recalled product in
seconds.
Blockchain can help governments work smarter and innovate faster. Secure sharing of data
between citizens and agencies can increase trust while providing an immutable audit trail
for regulatory compliance, contract management, identity management, and citizen
services.
Insurance companies are using blockchain and smart contracts to automate manual and
paper-intensive processes such as underwriting and claims settlement, increasing speed and
efficiency, and reducing costs. Blockchain’s faster, verifiable data exchanges help reduce
fraud and abuse.
99
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
It allows users to store their digital IDs in the encrypted digital wallet
No doubt blockchain has a few drawbacks as well. Let’s have a look at them below:
100
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Lack of Awareness
There is a lot of discussion about blockchain, but people do not know the true value
of blockchain and how they could implement it in different situations.
101
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Today, there are a lot of developers available who can do a lot of different things in
every field. But in the blockchain technology, there are not so many developers
available who have specialized expertise in blockchain technology. Hence, the lack
of developers is a hindrance to developing anything on the blockchain.
Immutable
Key Management
Scalability : Blockchain like bitcoin has consensus mechanisms which require every
participating node to verify the transaction. It limits the number of transactions a
blockchain network can process. So bitcoin was not developed to do the large scale
volumes of transactions that many of the other institutions are doing. Currently,
bitcoin can process a maximum of seven transactions per second.
102
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
103
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
104
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
CHAPTER 8
105
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
106
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
Blockchain in Cyber Security: Though the blockchain is a public ledger, the data is
verified and encrypted using innovative cryptography technology. In this manner,
the information or data is less likely to be attacked or altered without
authorizatGovernments will provide their digital currencies: It is confirmed that the
paper money at its last phase, but it is also found that the authorized currency is
facing a severe competition by cryptocurrencies. In 2017, it is observed that the
price of Bitcoin has flown which was never seen by any single service or money all
around the world. The currency is still one of the most appreciated properties
available in the market, and the nation took notice, due to the price of Bitcoin is
denied by the basic idea of demand and supply. The need for Bitcoin will again
climb at some point, with a fixed limit of twenty-one million units of Bitcoin.
Because of this, a few governments will get a chance to create their digital
107
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
108
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
REFERENCES
• Blockchain @ Wikipedia − Blockchain, its history and various other terms has been
explained in simple language.
Tutorials.
• "Mapping the Bitcoin Economy Could Reveal Users' Identities". MIT Technology
Review.
• "El Salvador's dangerous gamble on bitcoin". The editorial board. Financial Times. 7
September 2021. Retrieved 7 September 2021. On Tuesday, the small Central American
nation became the first in the world to adopt bitcoin as an official currency.
• S., L. (2 November 2015). "Who is Satoshi Nakamoto?". The Economist. The Economist
Newspaper Limited. Archived from the original on 21 August 2016.
109
THE STUDY ON SECURITY ASPECTS OF BLOCKCHAIN
110