Uploaded byjzdc62vh2t
106 views

Blockchain-Nptel-Online-certification-course-Week-11.pdf

The document discusses Hyperledger Aries, a toolkit for creating and managing verifiable digital credentials using blockchain technology, detailing its architecture, installation, and agent frameworks. It also explores various blockchain security risks, including 51% attacks, private key security, and transaction privacy issues, alongside specific attack strategies like selfish mining and front-running attacks. Finally, it outlines criteria for identifying effective blockchain use cases in enterprises, focusing on business problems, participant roles, and asset management.

Embed presentation

Download to read offline
Blockchain and its applications Bishakh Chandra Ghosh Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 51: Hyperledger Aries
ā€¢ Aries Overview ā€¢ Aries Architecture ā€¢ Installation and usage
ā€¢ Digital Credentials ā€¢ Aries
Hyperledger Aries Hyperledger Aries provides a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials. It is infrastructure for blockchain-rooted, peer- to-peer interactions. Aries agent frameworks -. ā€¢ Aries Cloud Agent - Python (ACA-Py) ā€¢ For any non-mobile application. Has production deployments. ā€¢ Aries Framework - .NET ā€¢ Aries Static Agent - Python https://www.hyperledger.org/use/aries
Aries Architecture ACA-Py ā€¢ ACA-Py exposes a REST API to access Aries capabilities ā€¢ Write a ā€˜Controllerā€™ to implement application business logic. ā€¢ Controller sends HTTP requests (REST) to execute commands. Response events are fed back to the controller as webhooks.
Aries Architecture The agent - ā€¢ Configured via command line parameters ā€¢ Interacts with other agents via pluggable transports ā€¢ Manages storage, ledger with pluggable implementations ā€¢ Manages messages and protocol state ā€¢ Invokes protocols (configurable set) ā€¢ Driven by a controller ā€¢ Sends events to controller ā€¢ Exposes an HTTP JSON administrative API to controller
Installation ā€¢ Install libindy and indy-cli ā€¢ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 ā€¢ apt-add-repository "deb https://repo.sovrin.org/sdk/deb bionic master" -y ā€¢ apt-get update ā€¢ apt-get install -y libindy indy-cli ā€¢ Install python3-indy ā€¢ python3 -m pip install python3-indy ā€¢ Install aries-cloudagent ā€¢ python3 -m pip install aries-cloudagent
Installation If you installed the PyPi package, the executable aca-py should be available on your PATH. Use the following commands to check the version, list the available modes of operation, and see all of the command line parameters: ā€¢ aca-py --version ā€¢ aca-py --help ā€¢ aca-py provision --help ā€¢ aca-py start --help
Starting Aries Agent Provisioning a Wallet It is possible to provision an Indy wallet before running an agent: aca-py provision --wallet-type indy --seed $SEED Use the SEED to configure existing nodes in the indy pool, e.g. Stewards.
Starting Aries Agent When starting an agent instance, at least one inbound and one outbound transport MUST be specified. For example: aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http More Parameters: ā€¢ Transports: inbound, outbound, endpoint ā€¢ Logging/debugging settings ā€¢ Label: self-attested agent name ā€¢ Wallet implementation and related info ā€¢ For controller: Admin API configuration ā€¢ URL ā€¢ Security selection ā€¢ Protocol automation flags ā€¢ Ledger parameters (e.g. genesis URL, etc.) ā€¢ Add timing information to messaging ā€¢ Optional protocols to load ā€¢ From controller: Event webhook URL
Using Aries with Indy aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http --admin-insecure-mode --admin 0.0.0.0 8001 --seed 000000000000000000000000Steward1 --replace-public-did --wallet-type indy --genesis-file /home/bishakh/Documents/TA/Blockchain/indytutorial/pool1.txn --wallet-name agent1 --wallet-key agent1 --log-level debug --log-file /tmp/arieslog.txt --admin-insecure-mode --admin 0.0.0.0 8001 For experimentation and debugging only
Aries Admin OpenAPI Interface
Conclusion ā€¢ Aries ā€¢ Communication between participants ā€¢ Digital Credentials
Blockchain and its applications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 52: Blockchain Security - I
ā€¢ Risks in Blockchain ā€¢ Common Risks and Specific Risks
ā€¢ 51% Vulnerability ā€¢ Private Key Security ā€¢ Criminal Activities ā€¢ Double Spending ā€¢ Transaction Privacy
Risks in Blockchain Risks Common Risks Specific Risks Blockchain operation mechanism (Blockchain 1.0, 2.0) Development, deployment and execution of smart contract (Blockchain 2.0) "A Survey on the Security of Blockchain Systems", Xiaoqi Li, Peng Jiang, Ting Chen, Xiapu Luo and Qiaoyan Wen, Future Generation Computer Systems
Risks in Blockchain Risk Blockchain operation mechanism Smart contract execution 51% vulnerability Private key security Criminal activity Double spending Transaction privacy leakage Criminal smart contract Vulnerabilities in smart contract Under-optimized smart contract Under-priced operations
Common Risk: 51% Vulnerability Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Hashing power Hashing power
Common Risk: 51% Vulnerability Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Coins Coins
Common Risk: Private Key Security Alice Bob Alice's private key to sign the message Alice's public key to verify the message Steal Alice's private key
Common Risk: Criminal Activities Ransomware Underground market Money laundering Valid coin Chaff coin
Common Risk: Double Spending 1. TXv is added to the wallet of the targeted vendor Attacker Mining Pool Vendor Bitcoin Network 2. TXa is mined as valid into the blockchain 3. The attacker gets TXv ā€™s output before the vendor detects misbehavior
Common Risk: Transaction Privacy Leakage A new transaction (the star) which spends an available coin (the second circle from the right) Transactions and tracing in Bitcoin Transactions and tracing in Cryptonote ļƒ¼ Each transaction input explicitly identifies the coin being spent, thus forming a linkage graph ļƒ¼ Each transaction input identifies a set of coins, including the real coin along with several chaff coins called ā€œmixins.ā€ ļƒ¼ Many mixins can be ruled out by deduction ļƒ¼ The real input is usually the ā€œnewestā€ one
ā€¢ Introduced the basic risk types in blockchain ā€¢ Discussed in detail some of the common risks
ā€¢ Web resources as mentioned from time to time
Blockchain and its applications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 53: Blockchain Security - II
ā€¢ Selfish Mining Attack ā€¢ Different Scenarios and Attackerā€™s Actions
ā€¢ Selfish Mining ā€¢ Attackerā€™s Pool ā€¢ Public Chain ā€¢ Block Suppression
Selfish Mining Attack Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Mining Pool Others "Majority Is Not Enough: Bitcoin Mining Is Vulnerable", Ittay Eyal and Emin Guen Sirer, Financial Cryptography, 2014
Selfish Mining Attack Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Mining Pool Others
Selfish Mining Attack Pool intentionally forking the chain for keeping discovered blocks private Discovering more blocks by pool develops a longer lead on the public chain, and continues to keep these new blocks private The honest nodes continue to mine on the public chain The pool mines on its own private branch When the public branch approaches the poolā€™s private branch in length, the selfish miners reveal blocks from their private chain to the public
Selfish Mining Attack 1. Any state but two branches of length 1, pools finds a block ļƒ¼ The pool appends one block to its private branch, increasing its lead on the public branch by one ļƒ¼ Revenue from this block will be determined later 1 0 11pub 11pool 12pool 13pool 14pool 15pool 10 11pub 11pool 12pool 13pool 14pool 10 11pool 10 Others' public chain Pool's private chain OR
Selfish Mining Attack 2. Was two branches of length 1, pool finds a block 10 11pub 11pool 12pool 10 11pub 11pool 12pool ļƒ¼ The pool publishes its secret branch of length two ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool
Selfish Mining Attack 3. Was two branches of length 1, others find a block after pool head 10 11pub 11pool 12pub ļƒ¼ The pool and the others obtain a revenue of one each - the others for the new head, the pool for its predecessor 10 11pub 11pool
Selfish Mining Attack 4. Was two branches of length 1, others find a block after othersā€™ head 10 11pub 11pool 12pub ļƒ¼ The others obtain a revenue of two 10 11pub 11pool
Selfish Mining Attack 5. No private branch, others find a block ļƒ¼ Both the pool and the others start mining on the new head ļƒ¼ The others obtain a revenue of one 10 10 11pub
Selfish Mining Attack 6. Lead was 1, others find a block ļƒ¼ There are two branches of length one, and the pool publishes its single secret block ļƒ¼ The revenue from this block cannot be determined yet 10 11pub 11pool 10 11pub 11pool 10 11pool
Selfish Mining Attack 7. Lead was 2, others find a block ļƒ¼ The pool publishes its secret blocks, causing everybody to start mining at the head of the previously private branch ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool 12pub
Selfish Mining Attack 7. Lead was 2, others find a block (Contd.) ļƒ¼ The pool publishes its secret blocks, causing everybody to start mining at the head of the previously private branch ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool 12pool 13pool 12pub 10 11pub 11pool 12pool 13pool 12pub
Selfish Mining Attack 8. Lead was more than 2, others win ļƒ¼ The pool now reveals its iā€™th block ļƒ¼ Pool obtains a revenue of one 10 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool
ā€¢ Discussed selfish mining attack in detail ā€¢ Decisions of the attacker under different conditions
ā€¢ Web resources as mentioned from time to time
Blockchain and its applications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 54: Blockchain Security - III
ā€¢ Eclipse Attack ā€¢ Front-running Attack
ā€¢ Eclipse Attack ā€¢ Peer-to-Peer Network ā€¢ Front-running Attack ā€¢ Displacement, Insertion, Suppression
Eclipse Attack To be victim node Normal nodes "Eclipse Attacks on Bitcoinā€™s Peer-to-Peer Network", Ethan Heilman, Alison Kendler, Aviv Zohar and Sharon Goldberg, 24th USENIX Security Symposium, 2015
Eclipse Attack Normal nodes Attacker node Victim node
Eclipse Attack Victim node Attacker nodes Normal nodes
Eclipse Attack Victim node Attacker node Rest of network Off-path attack - attacker controls end-hosts, but not key network infrastructure between the victim and the rest of the bitcoin network
Eclipse Attack 30% Hashing power 30% Hashing power 40% Hashing power Benefit: 51% attack with 40% mining power Attacker partitions miners so they can't build on each other blocks The attacker then outcompetes each partitioned miner 30% < 40% 40% >30%
Eclipse Attack Attacker populates the victim node's peer tables with attacker's IP addresses The victim establishes all new outgoing connections to attacker IP addresses Victim node restarts and loses current outgoing connections
Eclipse Attack 1. Populating of IP addresses ļƒ¼ Each node picks its peers from IP addresses stored in two tables ļƒ˜ New table: IPs the node has heard about ļƒ˜ Tried table: IPs the node peered with some point ļƒ¼ The tables also store a timestamp for each IP ļƒ¼ Each table stores the IPs in buckets ļƒ¼ To find an IP to make an outgoing connection to: 1. Choose new or tired table to select from 2. Select an IP with newest timestamp 3. Attempt an outgoing connection to that IP Attacker populates tables with attacker IPs so that the victim node only connects to the attacker IPs Selection Bias: Attacker ensures its IPs are the newer one
Eclipse Attack 2. Restarting node event is natural? ļƒ¼ Software/security updates ļƒ¼ Packets of death/DoS attacks ļƒ¼ Power/network failures ļƒ¼ ISP outages
Eclipse Attack 3. Bucket eviction ļƒ¼ The bucket is full, and an IP is inserted into it 1. Randomly selects 4 IPs 2. Delete oldest IP 3. Insert new IP Eviction Bias: Attacker IPs will always have the most recent timestamps Try-Try-Again: If an attacker IP replaces another attacker IP, the evicted IP is resend and eventually replaced by honest IP
Front-running Attack Ethereum Network Attacker 2. Detects Buy (1000) Alice "SoK: Transparent Dishonesty: Front-Running Attacks on Blockchain", Shayan Eskandari, Seyedehmahsa Moosavi and Jeremy Clark, FC 2019 Workshops, 2020
Front-running Attack Front-running Attack Displacement Insertion Suppression After Attacker's run, Alice's function call is not important to the attacker After Attacker's run, the state of the contract is changed. Alice's function call is needed to run on this modified state After Attacker's run, she tries to delay Alice's function call. After the delay, Alice's function call is indifferent to the attacker
Front-running Attack Front-running Attack (Displacement / Insertion / Suppression) Asymmetric Bulk Alice is trying to cancel an offer, and Attacker is trying to fulfill it first Attacker is trying to run a large set of functions and Alice is trying to buy a limited set of shares offered by a firm on a blockchain
Front-running Attack Markets and Exchanges: Spotting a profitable cancellation transaction [ā€¦] Cancel (order 100) Breed (cryptokittie 1, cryptokittie 2) Buy (order 101) Bid (Bj) Register (Bi) [ā€¦] Ethereum Network (Unordered) mempool Block Height #N Register (Bi) Buy (order 100) Cancel (order 100) Buy (order 101) Bid (Bj) Breed (cryptokittie 1, cryptokittie 2) Reordered Block Adversarial miner mines a block with preferred order
Front-running Attack Gambling: Bribing miners for prioritizing themselves ļƒ¼ When the timer of Fomo3D game reached about 3 minutes, the winner bought 1 ticket and then sent multiple high gasPrice transactions to her own DApps ļƒ¼ Transactions congested the network ļƒ¼ Bribed miners to prioritize them ahead of any new ticket purchases in Fomo3D Attacker DApps Users
ā€¢ Described eclipse attack and front-running attack ā€¢ Importance of identifying attacks on blockchain and suggesting remedies ā€¢ Combining multiple attacks
ā€¢ Web resources as mentioned from time to time
Blockchain and its applications Prof. Sandip Chakraborty Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 55: Use Cases
ā€¢ Blockchain use cases ā€¢ What makes a good blockchain use case?
ā€¢ Use cases for enterprises ā€¢ Requirements for defining a blockchain ā€¢ Network ā€¢ People ā€¢ Assets ā€¢ Transactions
Simple Use Cases by Industry
What makes a good blockchain use case? ā€¢ Identifying a good blockchain use-case is not always easy! ā€¢ However, there should always be: 1. A business problem to be solved ā€¢ That cannot be more efficiently solved with other technologies 2. An identifiable business network ā€¢ With Participants, Assets and Transactions 3. A need for trust ā€¢ Consensus, Immutability, Finality or Provenance
Understanding the Business Problem 1. What is the specific business problem / challenge that the project will address? ā€¢ Scope the business challenge up front 2. What is the current way of solving this business problem? ā€¢ Understand current systems and areas for improvement 3. Assuming the business problem is large, what specific aspects of this business problem will be addressed?
Understanding the Participants 1. Who are the business network participants (organizations) involved and what are their roles? ā€¢ If there is no business network involved, then this is not a good use case 2. Who are the specific people within the organization and what are their job roles? ā€¢ Understand the key users in a business network.
Understanding the Participants ā€¢ Who are the participants? How many types of participants? ā€¢ How will they access and interact with the blockchain? ā€¢ Will they be peer nodes? ā€¢ Do you need web or mobile apps? ā€¢ Are gateways (such as exchanges or data providers) needed? ā€¢ Do you need to integrate to external data sources? ā€¢ Who will operate the blockchain? Who will govern/regulate the blockchain? ā€¢ What is the value/incentive for each participant to join the network?
Identities ā€¢ Do you need to know your users? ā€¢ Pseudo-anonymous blockchain like bitcoin does not require user identities to be verified
Identities ā€¢ In most business use-cases, some form of identity is required ā€¢ In public blockchains, an identity oracle (linked to a trusted database) could provide such information sources ā€¢ Sources can come from governments, financial institutions or utility providers ā€¢ In private blockchains, a gateway or controller ensures identity is verified before credentials are issued to the user ā€¢ Decentralized identity management is also possible ā€“ we have seen that ā€“ may be the preferred way for a blockchain application
Understanding the Assets and Transactions 1. What assets are involved and what is the key information associated with the assets? 2. What are the transactions involved, between whom, and what assets are associated with transactions? ā€¢ Understand under what business or contractual conditions assets are under, as they transfer from one owner to another.
Defining Transactions ā€¢ What types of processes need to take place in your blockchain network? ā€¢ Invoke actions ā€“ add, delete, change, transfer ā€¢ Query ā€¢ Do you need to control access to these functions based on participant types or roles?
Additional Points of Understanding 1. What are the main steps in the current workflow and how are these executed by the business network participants? 2. What is the expected benefit of applying blockchain technology to the business problem for each of the network participants? 3. What legacy systems are involved? What degree of integration with the legacy systems is needed?
Conclusion ā€¢ We need to think carefully before applying blockchain directly on a problem ā€¢ Do we really need to use blockchain? ā€¢ What are the pros and cons of using blockchain to solve the problem? ā€¢ Can there be a better technology? ā€¢ Can we define the entities? ā€¢ The business network ā€¢ The participants, assets, and transactions
Blockchain-Nptel-Online-certification-course-Week-11.pdf

More Related Content

PPTX
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
byBeau Bullock
Ā 
PDF
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
byBeau Bullock
Ā 
PPTX
Seattle Bitcoin Meetup
byEric Voskuil
Ā 
PDF
Introduction into blockchains and cryptocurrencies
bySergey Ivliev
Ā 
PPTX
Blockchain Security and Demonstration
byYao Yao
Ā 
PDF
Varieties of Blockchains
bySadegh Dorri N.
Ā 
PDF
An introduction to blockchain and hyperledger v ru
byLennartF
Ā 
PDF
Getting Started in Blockchain Security and Smart Contract Auditing
byBeau Bullock
Ā 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
byBeau Bullock
Ā 
A Look Into Emerging Security Issues Within Cryptocurrency Ecosystems
byBeau Bullock
Ā 
Seattle Bitcoin Meetup
byEric Voskuil
Ā 
Introduction into blockchains and cryptocurrencies
bySergey Ivliev
Ā 
Blockchain Security and Demonstration
byYao Yao
Ā 
Varieties of Blockchains
bySadegh Dorri N.
Ā 
An introduction to blockchain and hyperledger v ru
byLennartF
Ā 
Getting Started in Blockchain Security and Smart Contract Auditing
byBeau Bullock
Ā 

Similar to Blockchain-Nptel-Online-certification-course-Week-11.pdf

PDF
Brief Introduction to Blockchain Security
byJohnson, Chuan Zhang CISM CCSK OSCP
Ā 
PDF
2019 blockchain economy
byHeung-No Lee
Ā 
PDF
Bitcoin Transaction Malleability
bysrkedmi
Ā 
PDF
Blockchain Fundamental_KIPMI_2022.02.26.pdf
byadinugroho751867
Ā 
PPTX
A Quick Start To Blockchain by Seval Capraz
bySeval Ƈapraz
Ā 
PPTX
Block chain UNIT-5 part(1) and Blockchain Security.pptx
byssncsoundharya123
Ā 
PPTX
What is Blockchain Security is managed in order to protect some vital informa...
bycscprabh
Ā 
PDF
Blockchain and Cyber Defense Strategies in new genre times
byanupriti
Ā 
PDF
"How Blockchains and Bitcoins work" by Ricardo Ɓguas @ Pizza Talks Lisbon 201...
byEqual Experts
Ā 
PDF
Bitcoin and Ransomware Analysis
byinder_barara
Ā 
PDF
Bitcoin and Ransomware Analysis
byInderjeet Singh
Ā 
PDF
PPT Class Blockchain - Validation and CASE.pdf
byMohitVerma579684
Ā 
PDF
IDC - Blockchain Threat Model
byPeteLind
Ā 
PPTX
Understanding 51% Attacks on Blockchain: Vulnerabilities, Impacts, and Mitiga...
byDarshanaMchigari
Ā 
PPTX
Blockchain explained (Technology running Bitcoin)
byQais Ammari
Ā 
PPTX
Blockchain for Business Yale School of Management Dr John Maheswaran
byJohn M.
Ā 
PDF
Indjic fintech module 6
byDrago Indjic
Ā 
PDF
BlockChain Public
byMarie-Paule Odini
Ā 
PPTX
Blockchain Ecosystem and Cryptocurrency Regulations
byAmir Rafati
Ā 
PDF
Blockchain, bitcoin
bySathish VJ
Ā 
Brief Introduction to Blockchain Security
byJohnson, Chuan Zhang CISM CCSK OSCP
Ā 
2019 blockchain economy
byHeung-No Lee
Ā 
Bitcoin Transaction Malleability
bysrkedmi
Ā 
Blockchain Fundamental_KIPMI_2022.02.26.pdf
byadinugroho751867
Ā 
A Quick Start To Blockchain by Seval Capraz
bySeval Ƈapraz
Ā 
Block chain UNIT-5 part(1) and Blockchain Security.pptx
byssncsoundharya123
Ā 
What is Blockchain Security is managed in order to protect some vital informa...
bycscprabh
Ā 
Blockchain and Cyber Defense Strategies in new genre times
byanupriti
Ā 
"How Blockchains and Bitcoins work" by Ricardo Ɓguas @ Pizza Talks Lisbon 201...
byEqual Experts
Ā 
Bitcoin and Ransomware Analysis
byinder_barara
Ā 
Bitcoin and Ransomware Analysis
byInderjeet Singh
Ā 
PPT Class Blockchain - Validation and CASE.pdf
byMohitVerma579684
Ā 
IDC - Blockchain Threat Model
byPeteLind
Ā 
Understanding 51% Attacks on Blockchain: Vulnerabilities, Impacts, and Mitiga...
byDarshanaMchigari
Ā 
Blockchain explained (Technology running Bitcoin)
byQais Ammari
Ā 
Blockchain for Business Yale School of Management Dr John Maheswaran
byJohn M.
Ā 
Indjic fintech module 6
byDrago Indjic
Ā 
BlockChain Public
byMarie-Paule Odini
Ā 
Blockchain Ecosystem and Cryptocurrency Regulations
byAmir Rafati
Ā 
Blockchain, bitcoin
bySathish VJ
Ā 

Recently uploaded

PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
Ā 
PDF
Designing a Blog Using Wordpress
bymarkzubi50
Ā 
PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
Ā 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
Ā 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
Ā 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
Ā 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
Ā 
PDF
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
Ā 
PDF
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
Ā 
PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
Ā 
PDF
Track Phone Location via Number (2026)_ What Actually Works, Whatā€™s a Scam, a...
byEmily Woods
Ā 
PDF
TravelTech Paris 2025 | The EU Digital Identity Wallet and itā€™s impact on Tra...
byapidays
Ā 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
Ā 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
Ā 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
Ā 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
Ā 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
Ā 
PPTX
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
Ā 
PDF
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
Ā 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
Ā 
Designing a Blog Using Wordpress
bymarkzubi50
Ā 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
Ā 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
Ā 
How to build hackthon projects from ZERO!
byishantyadav1111
Ā 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
Ā 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
Ā 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
Ā 
Why Many Smart Device Platforms Fail to Scale?
byPromeraki Developments
Ā 
BEP-20 Token on BNB Chain: From Concept to Deployment.pdf
byimoliviabennett
Ā 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
Ā 
Track Phone Location via Number (2026)_ What Actually Works, Whatā€™s a Scam, a...
byEmily Woods
Ā 
TravelTech Paris 2025 | The EU Digital Identity Wallet and itā€™s impact on Tra...
byapidays
Ā 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
Ā 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
Ā 
AI and Zero Trust: What it takes to do it right
byMark Simos
Ā 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
Ā 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
Ā 
How Does an ICO Launchpad Work Step-by-Step Breakdown.pptx
byTom Hardy S
Ā 
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
Ā 

Blockchain-Nptel-Online-certification-course-Week-11.pdf

  • 1.
    Blockchain and itsapplications Bishakh Chandra Ghosh Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 51: Hyperledger Aries
  • 2.
    ā€¢ Aries Overview ā€¢Aries Architecture ā€¢ Installation and usage
  • 3.
  • 4.
    Hyperledger Aries Hyperledger Ariesprovides a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials. It is infrastructure for blockchain-rooted, peer- to-peer interactions. Aries agent frameworks -. ā€¢ Aries Cloud Agent - Python (ACA-Py) ā€¢ For any non-mobile application. Has production deployments. ā€¢ Aries Framework - .NET ā€¢ Aries Static Agent - Python https://www.hyperledger.org/use/aries
  • 5.
    Aries Architecture ACA-Py ā€¢ ACA-Pyexposes a REST API to access Aries capabilities ā€¢ Write a ā€˜Controllerā€™ to implement application business logic. ā€¢ Controller sends HTTP requests (REST) to execute commands. Response events are fed back to the controller as webhooks.
  • 6.
    Aries Architecture The agent- ā€¢ Configured via command line parameters ā€¢ Interacts with other agents via pluggable transports ā€¢ Manages storage, ledger with pluggable implementations ā€¢ Manages messages and protocol state ā€¢ Invokes protocols (configurable set) ā€¢ Driven by a controller ā€¢ Sends events to controller ā€¢ Exposes an HTTP JSON administrative API to controller
  • 7.
    Installation ā€¢ Install libindyand indy-cli ā€¢ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 ā€¢ apt-add-repository "deb https://repo.sovrin.org/sdk/deb bionic master" -y ā€¢ apt-get update ā€¢ apt-get install -y libindy indy-cli ā€¢ Install python3-indy ā€¢ python3 -m pip install python3-indy ā€¢ Install aries-cloudagent ā€¢ python3 -m pip install aries-cloudagent
  • 8.
    Installation If you installedthe PyPi package, the executable aca-py should be available on your PATH. Use the following commands to check the version, list the available modes of operation, and see all of the command line parameters: ā€¢ aca-py --version ā€¢ aca-py --help ā€¢ aca-py provision --help ā€¢ aca-py start --help
  • 9.
    Starting Aries Agent Provisioninga Wallet It is possible to provision an Indy wallet before running an agent: aca-py provision --wallet-type indy --seed $SEED Use the SEED to configure existing nodes in the indy pool, e.g. Stewards.
  • 10.
    Starting Aries Agent Whenstarting an agent instance, at least one inbound and one outbound transport MUST be specified. For example: aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http More Parameters: ā€¢ Transports: inbound, outbound, endpoint ā€¢ Logging/debugging settings ā€¢ Label: self-attested agent name ā€¢ Wallet implementation and related info ā€¢ For controller: Admin API configuration ā€¢ URL ā€¢ Security selection ā€¢ Protocol automation flags ā€¢ Ledger parameters (e.g. genesis URL, etc.) ā€¢ Add timing information to messaging ā€¢ Optional protocols to load ā€¢ From controller: Event webhook URL
  • 11.
    Using Aries withIndy aca-py start --inbound-transport http 0.0.0.0 8000 --outbound-transport http --admin-insecure-mode --admin 0.0.0.0 8001 --seed 000000000000000000000000Steward1 --replace-public-did --wallet-type indy --genesis-file /home/bishakh/Documents/TA/Blockchain/indytutorial/pool1.txn --wallet-name agent1 --wallet-key agent1 --log-level debug --log-file /tmp/arieslog.txt --admin-insecure-mode --admin 0.0.0.0 8001 For experimentation and debugging only
  • 12.
  • 13.
    Conclusion ā€¢ Aries ā€¢ Communicationbetween participants ā€¢ Digital Credentials
  • 15.
    Blockchain and itsapplications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 52: Blockchain Security - I
  • 16.
    ā€¢ Risks inBlockchain ā€¢ Common Risks and Specific Risks
  • 17.
    ā€¢ 51% Vulnerability ā€¢Private Key Security ā€¢ Criminal Activities ā€¢ Double Spending ā€¢ Transaction Privacy
  • 18.
    Risks in Blockchain Risks CommonRisks Specific Risks Blockchain operation mechanism (Blockchain 1.0, 2.0) Development, deployment and execution of smart contract (Blockchain 2.0) "A Survey on the Security of Blockchain Systems", Xiaoqi Li, Peng Jiang, Ting Chen, Xiapu Luo and Qiaoyan Wen, Future Generation Computer Systems
  • 19.
    Risks in Blockchain Risk Blockchainoperation mechanism Smart contract execution 51% vulnerability Private key security Criminal activity Double spending Transaction privacy leakage Criminal smart contract Vulnerabilities in smart contract Under-optimized smart contract Under-priced operations
  • 20.
    Common Risk: 51%Vulnerability Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Hashing power Hashing power
  • 21.
    Common Risk: 51%Vulnerability Block 10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Coins Coins
  • 22.
    Common Risk: PrivateKey Security Alice Bob Alice's private key to sign the message Alice's public key to verify the message Steal Alice's private key
  • 23.
    Common Risk: CriminalActivities Ransomware Underground market Money laundering Valid coin Chaff coin
  • 24.
    Common Risk: DoubleSpending 1. TXv is added to the wallet of the targeted vendor Attacker Mining Pool Vendor Bitcoin Network 2. TXa is mined as valid into the blockchain 3. The attacker gets TXv ā€™s output before the vendor detects misbehavior
  • 25.
    Common Risk: TransactionPrivacy Leakage A new transaction (the star) which spends an available coin (the second circle from the right) Transactions and tracing in Bitcoin Transactions and tracing in Cryptonote ļƒ¼ Each transaction input explicitly identifies the coin being spent, thus forming a linkage graph ļƒ¼ Each transaction input identifies a set of coins, including the real coin along with several chaff coins called ā€œmixins.ā€ ļƒ¼ Many mixins can be ruled out by deduction ļƒ¼ The real input is usually the ā€œnewestā€ one
  • 26.
    ā€¢ Introduced thebasic risk types in blockchain ā€¢ Discussed in detail some of the common risks
  • 27.
    ā€¢ Web resourcesas mentioned from time to time
  • 29.
    Blockchain and itsapplications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 53: Blockchain Security - II
  • 30.
    ā€¢ Selfish MiningAttack ā€¢ Different Scenarios and Attackerā€™s Actions
  • 31.
    ā€¢ Selfish Mining ā€¢Attackerā€™s Pool ā€¢ Public Chain ā€¢ Block Suppression
  • 32.
    Selfish Mining Attack Block10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Mining Pool Others "Majority Is Not Enough: Bitcoin Mining Is Vulnerable", Ittay Eyal and Emin Guen Sirer, Financial Cryptography, 2014
  • 33.
    Selfish Mining Attack Block10 Block 11 Block 12 Block 13 Block 11' Block 12' Block 13' Block 14' Mining Pool Others
  • 34.
    Selfish Mining Attack Poolintentionally forking the chain for keeping discovered blocks private Discovering more blocks by pool develops a longer lead on the public chain, and continues to keep these new blocks private The honest nodes continue to mine on the public chain The pool mines on its own private branch When the public branch approaches the poolā€™s private branch in length, the selfish miners reveal blocks from their private chain to the public
  • 35.
    Selfish Mining Attack 1.Any state but two branches of length 1, pools finds a block ļƒ¼ The pool appends one block to its private branch, increasing its lead on the public branch by one ļƒ¼ Revenue from this block will be determined later 1 0 11pub 11pool 12pool 13pool 14pool 15pool 10 11pub 11pool 12pool 13pool 14pool 10 11pool 10 Others' public chain Pool's private chain OR
  • 36.
    Selfish Mining Attack 2.Was two branches of length 1, pool finds a block 10 11pub 11pool 12pool 10 11pub 11pool 12pool ļƒ¼ The pool publishes its secret branch of length two ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool
  • 37.
    Selfish Mining Attack 3.Was two branches of length 1, others find a block after pool head 10 11pub 11pool 12pub ļƒ¼ The pool and the others obtain a revenue of one each - the others for the new head, the pool for its predecessor 10 11pub 11pool
  • 38.
    Selfish Mining Attack 4.Was two branches of length 1, others find a block after othersā€™ head 10 11pub 11pool 12pub ļƒ¼ The others obtain a revenue of two 10 11pub 11pool
  • 39.
    Selfish Mining Attack 5.No private branch, others find a block ļƒ¼ Both the pool and the others start mining on the new head ļƒ¼ The others obtain a revenue of one 10 10 11pub
  • 40.
    Selfish Mining Attack 6.Lead was 1, others find a block ļƒ¼ There are two branches of length one, and the pool publishes its single secret block ļƒ¼ The revenue from this block cannot be determined yet 10 11pub 11pool 10 11pub 11pool 10 11pool
  • 41.
    Selfish Mining Attack 7.Lead was 2, others find a block ļƒ¼ The pool publishes its secret blocks, causing everybody to start mining at the head of the previously private branch ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool 12pub
  • 42.
    Selfish Mining Attack 7.Lead was 2, others find a block (Contd.) ļƒ¼ The pool publishes its secret blocks, causing everybody to start mining at the head of the previously private branch ļƒ¼ Pool obtains a revenue of two 10 11pub 11pool 12pool 13pool 12pub 10 11pub 11pool 12pool 13pool 12pub
  • 43.
    Selfish Mining Attack 8.Lead was more than 2, others win ļƒ¼ The pool now reveals its iā€™th block ļƒ¼ Pool obtains a revenue of one 10 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool 10 11pub 11pool 12pool 13pool
  • 44.
    ā€¢ Discussed selfishmining attack in detail ā€¢ Decisions of the attacker under different conditions
  • 45.
    ā€¢ Web resourcesas mentioned from time to time
  • 47.
    Blockchain and itsapplications Prof. Shamik Sural Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 54: Blockchain Security - III
  • 48.
    ā€¢ Eclipse Attack ā€¢Front-running Attack
  • 49.
    ā€¢ Eclipse Attack ā€¢Peer-to-Peer Network ā€¢ Front-running Attack ā€¢ Displacement, Insertion, Suppression
  • 50.
    Eclipse Attack To bevictim node Normal nodes "Eclipse Attacks on Bitcoinā€™s Peer-to-Peer Network", Ethan Heilman, Alison Kendler, Aviv Zohar and Sharon Goldberg, 24th USENIX Security Symposium, 2015
  • 51.
  • 52.
  • 53.
    Eclipse Attack Victim node Attacker node Rest of network Off-pathattack - attacker controls end-hosts, but not key network infrastructure between the victim and the rest of the bitcoin network
  • 54.
    Eclipse Attack 30% Hashing power 30% Hashing power 40% Hashing power Benefit: 51%attack with 40% mining power Attacker partitions miners so they can't build on each other blocks The attacker then outcompetes each partitioned miner 30% < 40% 40% >30%
  • 55.
    Eclipse Attack Attacker populatesthe victim node's peer tables with attacker's IP addresses The victim establishes all new outgoing connections to attacker IP addresses Victim node restarts and loses current outgoing connections
  • 56.
    Eclipse Attack 1. Populatingof IP addresses ļƒ¼ Each node picks its peers from IP addresses stored in two tables ļƒ˜ New table: IPs the node has heard about ļƒ˜ Tried table: IPs the node peered with some point ļƒ¼ The tables also store a timestamp for each IP ļƒ¼ Each table stores the IPs in buckets ļƒ¼ To find an IP to make an outgoing connection to: 1. Choose new or tired table to select from 2. Select an IP with newest timestamp 3. Attempt an outgoing connection to that IP Attacker populates tables with attacker IPs so that the victim node only connects to the attacker IPs Selection Bias: Attacker ensures its IPs are the newer one
  • 57.
    Eclipse Attack 2. Restartingnode event is natural? ļƒ¼ Software/security updates ļƒ¼ Packets of death/DoS attacks ļƒ¼ Power/network failures ļƒ¼ ISP outages
  • 58.
    Eclipse Attack 3. Bucketeviction ļƒ¼ The bucket is full, and an IP is inserted into it 1. Randomly selects 4 IPs 2. Delete oldest IP 3. Insert new IP Eviction Bias: Attacker IPs will always have the most recent timestamps Try-Try-Again: If an attacker IP replaces another attacker IP, the evicted IP is resend and eventually replaced by honest IP
  • 59.
    Front-running Attack Ethereum Network Attacker 2.Detects Buy (1000) Alice "SoK: Transparent Dishonesty: Front-Running Attacks on Blockchain", Shayan Eskandari, Seyedehmahsa Moosavi and Jeremy Clark, FC 2019 Workshops, 2020
  • 60.
    Front-running Attack Front-running Attack Displacement Insertion Suppression AfterAttacker's run, Alice's function call is not important to the attacker After Attacker's run, the state of the contract is changed. Alice's function call is needed to run on this modified state After Attacker's run, she tries to delay Alice's function call. After the delay, Alice's function call is indifferent to the attacker
  • 61.
    Front-running Attack Front-running Attack (Displacement/ Insertion / Suppression) Asymmetric Bulk Alice is trying to cancel an offer, and Attacker is trying to fulfill it first Attacker is trying to run a large set of functions and Alice is trying to buy a limited set of shares offered by a firm on a blockchain
  • 62.
    Front-running Attack Markets andExchanges: Spotting a profitable cancellation transaction [ā€¦] Cancel (order 100) Breed (cryptokittie 1, cryptokittie 2) Buy (order 101) Bid (Bj) Register (Bi) [ā€¦] Ethereum Network (Unordered) mempool Block Height #N Register (Bi) Buy (order 100) Cancel (order 100) Buy (order 101) Bid (Bj) Breed (cryptokittie 1, cryptokittie 2) Reordered Block Adversarial miner mines a block with preferred order
  • 63.
    Front-running Attack Gambling: Bribingminers for prioritizing themselves ļƒ¼ When the timer of Fomo3D game reached about 3 minutes, the winner bought 1 ticket and then sent multiple high gasPrice transactions to her own DApps ļƒ¼ Transactions congested the network ļƒ¼ Bribed miners to prioritize them ahead of any new ticket purchases in Fomo3D Attacker DApps Users
  • 64.
    ā€¢ Described eclipseattack and front-running attack ā€¢ Importance of identifying attacks on blockchain and suggesting remedies ā€¢ Combining multiple attacks
  • 65.
    ā€¢ Web resourcesas mentioned from time to time
  • 67.
    Blockchain and itsapplications Prof. Sandip Chakraborty Department of Computer Science & Engineering Indian Institute of Technology Kharagpur Lecture 55: Use Cases
  • 68.
    ā€¢ Blockchain usecases ā€¢ What makes a good blockchain use case?
  • 69.
    ā€¢ Use casesfor enterprises ā€¢ Requirements for defining a blockchain ā€¢ Network ā€¢ People ā€¢ Assets ā€¢ Transactions
  • 70.
    Simple Use Casesby Industry
  • 71.
    What makes agood blockchain use case? ā€¢ Identifying a good blockchain use-case is not always easy! ā€¢ However, there should always be: 1. A business problem to be solved ā€¢ That cannot be more efficiently solved with other technologies 2. An identifiable business network ā€¢ With Participants, Assets and Transactions 3. A need for trust ā€¢ Consensus, Immutability, Finality or Provenance
  • 72.
    Understanding the BusinessProblem 1. What is the specific business problem / challenge that the project will address? ā€¢ Scope the business challenge up front 2. What is the current way of solving this business problem? ā€¢ Understand current systems and areas for improvement 3. Assuming the business problem is large, what specific aspects of this business problem will be addressed?
  • 73.
    Understanding the Participants 1.Who are the business network participants (organizations) involved and what are their roles? ā€¢ If there is no business network involved, then this is not a good use case 2. Who are the specific people within the organization and what are their job roles? ā€¢ Understand the key users in a business network.
  • 74.
    Understanding the Participants ā€¢Who are the participants? How many types of participants? ā€¢ How will they access and interact with the blockchain? ā€¢ Will they be peer nodes? ā€¢ Do you need web or mobile apps? ā€¢ Are gateways (such as exchanges or data providers) needed? ā€¢ Do you need to integrate to external data sources? ā€¢ Who will operate the blockchain? Who will govern/regulate the blockchain? ā€¢ What is the value/incentive for each participant to join the network?
  • 75.
    Identities ā€¢ Do youneed to know your users? ā€¢ Pseudo-anonymous blockchain like bitcoin does not require user identities to be verified
  • 76.
    Identities ā€¢ In mostbusiness use-cases, some form of identity is required ā€¢ In public blockchains, an identity oracle (linked to a trusted database) could provide such information sources ā€¢ Sources can come from governments, financial institutions or utility providers ā€¢ In private blockchains, a gateway or controller ensures identity is verified before credentials are issued to the user ā€¢ Decentralized identity management is also possible ā€“ we have seen that ā€“ may be the preferred way for a blockchain application
  • 77.
    Understanding the Assetsand Transactions 1. What assets are involved and what is the key information associated with the assets? 2. What are the transactions involved, between whom, and what assets are associated with transactions? ā€¢ Understand under what business or contractual conditions assets are under, as they transfer from one owner to another.
  • 78.
    Defining Transactions ā€¢ Whattypes of processes need to take place in your blockchain network? ā€¢ Invoke actions ā€“ add, delete, change, transfer ā€¢ Query ā€¢ Do you need to control access to these functions based on participant types or roles?
  • 79.
    Additional Points ofUnderstanding 1. What are the main steps in the current workflow and how are these executed by the business network participants? 2. What is the expected benefit of applying blockchain technology to the business problem for each of the network participants? 3. What legacy systems are involved? What degree of integration with the legacy systems is needed?
  • 80.
    Conclusion ā€¢ We needto think carefully before applying blockchain directly on a problem ā€¢ Do we really need to use blockchain? ā€¢ What are the pros and cons of using blockchain to solve the problem? ā€¢ Can there be a better technology? ā€¢ Can we define the entities? ā€¢ The business network ā€¢ The participants, assets, and transactions