Showing posts with label blockchain. Show all posts
Showing posts with label blockchain. Show all posts

Monday, June 6, 2022

distributed ledger technologies (DLTs)

  •  What are distributed ledger technologies (DLTs)?


In a traditional marketplace, middlemen oversee the exchange of assets. When you receive your paycheck, for example, a bank controls the transaction. The bank validates the check, verifies that the employer holds the required funds in their account, and records the exchange. This record, or ledger, documents the transaction and the resulting change in wealth


Imagine, for instance, that your employer owned the ledger instead of the bank. Your employer could falsely claim that they paid you and manipulate the records to back up their lie. Because of this security risk, neither participant in the exchange should be given sole control of the ledger.


For most of history, the best way to avoid this kind of fraud was to entrust an unbiased intermediary with the ledger and hope that this middleman would faithfully maintain the ledger. In other words, traditionally, two parties who agreed upon a transaction relied on a third-party institution to carry out and record the exchange


Blockchains & distributed ledgers explained


Distributed ledger technologies, like blockchain, are peer-to-peer networks that enable multiple members to maintain their own identical copy of a shared ledger. Rather than requiring a central authority to update and communicate records to all participants, DLTs allow their members to securely verify, execute, and record their own transactions without relying on a middleman.


While there are a wide variety of DLTs on the market, they are all comprised of the same building blocks: a public or private / permissioned / permissionless distributed ledger, a consensus algorithm (to ensure all copies of the ledger are identical), and a framework for incentivizing and rewarding network participatio


Public vs. private and permissioned vs. permissionless


Distributed ledgers are categorized as “private” or “public” and “permissioned” or “permissionless” — they can be any combination of any of the two.

To achieve full decentralization, Hedera believes distributed ledgers must be public permissionless networks.


Private / Permissioned: 

This type of network offers no decentralization

The applications and the network nodes running those application must both be invited to join the network and meet certain criteria or provide a form of identification


Private / Permissionless: Requires that applications deployed in production be invited to join the network and can be removed without warning at any time. The nodes which constitute the network and run said applications can freely and anonymously join and contribute, typically in exchange for a network’s native cryptocurrency. 


Public / Permissioned: Allows applications to be deployed in production or removed, without having to notify anyone, reveal their identity, or meet any application criteria requirements. The nodes which constitute the network and run said applications must be invited to join the network.


Public / Permissionless: This type of network is the most decentralized. Applications can be deployed in production or removed, without having to notify anyone, reveal their identity, or meet any application criteria requirements. Additionally, the nodes which constitute the network can freely and anonymously join and contribute, typically in exchange for a network’s native cryptocurrency.


Reaching consensus


Although every node on a permissioned or permissionless distributed ledger maintains and updates their own copy of the ledger, it is imperative that each of these ledgers remains identical. Imagine, for instance, that your copy of the ledger reveals that you have $100 in your account, while the cashier’s ledger holds that you have $1

Without identical ledgers, participants in the network could not make transactions.


In order to keep the distributed ledger consistent, DLTs must have a consensus algorithm, or a method of ensuring that all copies of the ledger agree

A consensus algorithm is a method of synchronizing the data across a distributed system. In the case of a DLT, the consensus algorithm ensures that all copies of the ledger are identical.


Perhaps the most intuitive algorithm is a simple vote. According to this algorithm, each node independently calculates how they think they should update their ledger based on the information available to them


Because DLTs become more secure and transparent when more nodes are added to the network, many other consensus algorithms have been developed to better suit the need for large, efficient, and reliable peer-to-peer networks


Just as DLTs distribute the responsibility of maintaining the ledger to each participant, so do they divide this computational burden. Every node must donate computing power to run the consensus algorithm and process transactions.


DLTs typically reward active membership with cryptocurrency. Cryptocurrency is a virtual, encrypted token which can be exchanged using across a decentralized network. These coins can be exchanged, purchased, or earned by participating in the network.


Therefore, participants have an incentive to contribute computational resources to the network. Not only is their work rewarded in cryptocurrency, the value of that currency may rise as the network grows and more build useful applications on the distributed ledger platform.


Distributed ledger technologies allow businesses and individuals alike to quickly carry out secure transactions without needing to rely on a middleman. By avoiding intermediaries, distributing control of the ledger, and providing a tamper-apparent network, DLTs present a more cost-efficient, accessible, and reliable transaction platform than centralized ledger systems.


Without a central agent, there is no need to pay a central agent. And, without the need for clunky bureaucracy, you can exchange assets directly and immediately. You no longer have to limit the speed of your transaction to the efficiency of expensive bankers, lawyers, or politicians


Moreover, you no longer have to trust bankers, lawyers, or politicians with the ledger and your assets.


Tamper-apparent


Traditional ledgers may provide fast and simple record-keeping, but they are vulnerable to corruption and hacking. Because only one central entity controls the ledger, a corrupt central agent can tamper with the records without the consent or knowledge of the affected members.


Distributed ledgers, however, are inherently resistant to tampering. While a malicious agent could compromise a central system by altering the single ledger, they would need to alter at least a plurality of ledgers to have an impact on a distributed system. 


Though DLTs are not tamper-proof, they are tamper-apparent. That is, if tampering does occur, the network’s transparency ensures that all members of the network will be aware of the change. Though a participant of a DLT cannot be completely certain that the ledger will remain unaltered, they can rest assured that they will know if tampering does occur.


Immutability and controlled mutability


Some distributed ledgers take security beyond tamper-apparent by establishing immutability, preventing any and all participants from changing established records for any reason.



Members of these immutable DLTs can only view the ledger and carry out new transactions. Even if all participants in the network wished to change the ledger, there would be no pathway within the system’s architecture for that change to occur. Therefore, participants of an immutable distributed ledger can be certain that their ledger is not only tamper-apparent, but tamper-proof


A distributed ledger technology is immutable if it does not provide any participant or group of participants the ability to alter or delete established records.


 In some cases, changing past records could be beneficial. For instance, if a bug in the DLT’s code causes a transaction to be misrepresented in the ledger, immutability would prevent anyone from fixing that problem. The invalid transaction would forever be part of the official ledger. 

 

 Additionally, as laws change to catch up with technology, new government regulations may necessitate a change in record-keeping practices. Immutable systems would not be able to adapt to these changing legal conditions, and would therefore risk violating government standards.

 

 some DLTs opt for controlled mutability. DLTs with controlled mutability allow records to be changed, but place heavy restrictions upon that pathwa

 

 Controlled mutability is the best of both worlds: no malicious participant or group of participants can alter the records without everyone knowing (tamper-apparent), but the DLT can adapt to bugs and changing regulations.

 

 


https://hedera.com/learning/what-are-distributed-ledger-technologies-dlts?utm_term=distributed%20ledger&utm_campaign=Learning+Center+-+DLT&utm_source=adwords&utm_medium=ppc&hsa_acc=1782665900&hsa_cam=11155745237&hsa_grp=106221302541&hsa_ad=466328121346&hsa_src=g&hsa_tgt=kwd-328485320044&hsa_kw=distributed%20ledger&hsa_mt=b&hsa_net=adwords&hsa_ver=3&gclid=CjwKCAjwy_aUBhACEiwA2IHHQCKBLfq4-DlgFTVYEqJmdbgWBJ5IxP2klKiF6AlJ2rn7vnManyh9choCsS0QAvD_BwE



  • Distributed Ledger Technologies


All participants share a consistent copy of the database, there is no central server

 Some participants might not have a full copy

 Network connections are peer-to-peer

 Participants must comply with ledger rules

 permissionless ledger – anyone could join

 permissioned ledger – participation is subject to rules of the members

 Using a type of consensus protocol, to agree on validity of a given transaction

 Transactions – could be financial and/or exchanging of assets and/or services

 Rules for a transaction could be coded into what is called smart contracts

 Uses digital signatures (private/public key) to sign and/or encrypt transactions on the ledger

 Signatures could be linked to identity

 Represents a temporal order of how assets evolve over time


Miner

A miner is a participant in a Blockchain that participates in securing the network and validating new

transactions. The mining and validation process happens via either competitive, voting or luck-based

methods dependant on the consensus protocol chosen. Miners are incentivised to participate in a

Blockchain either because they receive mining rewards in the form of cryptocurrency (eg. Bitcoin) or

because they have a vested interest in accessing and exchanging data on that network (such as a business

that chooses to participate in an industry or market-specific Blockchain).


Consensus protocol

The core difference between a distributed ledger and a traditional database is the way in which datasets

evolve over time. The system allows multiple participants to submit new inputs to a distributed ledger.

Consensus is then used to determine over time which state of the database is considered as valid. This is in

contrast to a traditional database, where multiple participants submit new inputs and one counterparty is

relied on to provide the valid state of the database.


One of the key aspects of a distributed ledger is that the data held within it, is considered valid because all

parties agree to a single “true” version.


In the event that existing participants in a Blockchain decide to

include data in a non-compliant manner with established protocols, an event named a fork occurs.


Forks result in a split of the ledger and the consequent creation of two groups, each validating their

own version of the ledger. In order for participants to be able to continue to interact with each other,

they are required to follow the same fork of the ledger.


The following table gives a brief overview of main consensus protocols in use


Proof of Work

Uses computational power to validate new blocks of data.

To participate in this scheme, participants are required to collate transactions within a

single block and then apply a hash function with the use of some additional metadata.


Proof of Stake

Validators (special nodes) voting on valid blocks whilst posting collateral in order to be able

to participate in the validation process.

Unlike Proof of Work, Proof of Stake relies on proving the user is invested in the underlying

token of value of the network being mined rather than being the owner of a large amount

of computing power


Ripple Protocol

In order to validate new transactions, servers amalgamate outstanding transactions into a

“candidate list.”

All participants then vote on valid transactions to be included in the ledger.


Proof of Elapsed Time

As part of its Intelledger proposal, Intel has devised a means of establishing a validation

lottery that takes advantage of the capability of its CPUs to produce a timestamp

cryptographically signed by the hardware.

Whoever in the chain has the next soonest timestamp will be the one to decide which

transactions will be a part of the next block in the chain.

This consensus method is extremely energy efficient compared to Proof of Work and

therefore more adapted to IoT devices


Cryptography

Distributed ledger technology relies on the use of asymmetric cryptography to sign messages and encrypt

data through the use of a private/public key pair. 


Cryptography is also involved in some of the consensus protocols (e.g. Proof of Work) and is the primary

vehicle in achieving consensus.


The private keys, which allow a given entity to transact with the assets or virtual currency allocated to it in

the Blockchain are typically stored in what is called a wallet. 


Sidechains

The standard operation of a distributed ledger might allow thousands of transactions which in some cases,

might result in slow processing.


 These are the concept of running a separate distributed ledger off of the main chain but with

transactions able to take place in the same currency as the core system

 By performing transactions on a such specialized ledger, transactions should be processed faster

 Users who are able to see the content of a transaction, may also be restricted depending on that

sidechain’s implementation



Cybersecurity Challenges


4.1.1 Key Management


The methodology of the attacks seeking to gain unauthorised access to a system via stolen credentials

remains fundamentally the same- try to capture information, plant malware and/or use social engineering

to steal the private keys from the user’s machine


Potentially different private keys could be used for signing and encrypting messages across the distributed

ledger. An attacker who obtained encryption keys to a dataset would be able to read the underlying data.

However, if the signing key is secured, they will not be able to modify the data or interact with that smart

contract (providing it has been appropriately designed).


The significance of protecting the private key is due to the fact that actions taking place on a hacker’s

machine, such as file decryption attempts or private key reproduction, are not subject to server imposed

query limits and are run without anyone else being able to notice


Unlike with traditional systems, where before a server administrator was capable of tracking attempts to

break into a customer or user account, the malicious users can keep trying limitlessly to decrypt or try to

reproduce a private key out of encrypted data from a given ledger. With Blockchain, there is no way of

knowing this is happening until after the hacker has succeeded.


4.1.2 Cryptography


Most Blockchain implementations rely on the cryptographically generated public and private keys to

operate


Usually, the user generates the private and public keys using software, such as the Blockchain client

software, or another available software. It has already been shown, that some programs are generating

keys that have been identified to be weak


weakened random number generators, from which a limited range of possible values can be produced.

Keys generated through these limited random number generators could be more easily brute forced


Popular security algorithms that are used for securing information through a complicated challenge (e.g.

RSA, ElGamal), may now be resolved in a shorter amounts of time through the use of quantum computing.


4.1.3 Privacy


In a permissionless ledger, all counterparties are able to download the ledger, which implies that they

might be able to explore the entire history of transactions, including those to which they were not

members of. The “right to be forgotten” where information needs to be removed from a ledger is

challenging to implement. Usually, many counterparties have the data from the ledger, and it would be

difficult to prove that all data has been deleted


Additionally, there is a challenge with smart contracts being able to access the data in order to process

transactions. Since this is possible, there is possibility that a smart contract might be able to leak

information on what is being processed


4.1.4 Code review


Whilst many skilled eyes may have reviewed the protocols, methods, and codebase of popular

implementations of distributed ledgers, it remains possible that unknown vulnerabilities exist.


The Distributed Ledger Specific Challenges


4.2.1 Consensus hijack


In decentralized, permissionless networks, where consensus is formed through majority, taking control of a

large enough portion of participating clients could allow an attacker to tamper the validation process


In the case of Bitcoin, this is referred to as a “51% attack9” where the majority (defined as the proportion

of all hashing power in the network) is compromised or controlled by the same entity or a coalition of

dishonest counterparties. An attacker would be able to produce new blocks faster than the rest of the

network (in proportion to their computing power) leading participants to consider that chain as valid.


The extent of a 51% attack will allow an attacker to refuse to process certain transactions as well as to

re-use an asset which has already been spen


There is possibility, that in a permissionless distributed ledger, the computational power required to hijack

the consensus might be cheap enough for a malicious attacker to buy (from a cloud provider for example)


Another consequence of such an attack is in the perspective of adoption. Any chain coming under attack

might see an outflow of participants, leading to the question of which chain should be considered as the

“main” one to follow as well as potentially crippling the value of that chain


Another challenge comes from consensus protocols that do not involve some way of penalty to the

participants. In this way for a malicious user would be easier to attack


4.2.2 Sidechains


sidechains are more at risk due to their more

specialised focus. Where a user has no interest in tracking the data and maintaining the operation of a

sidechain, they will not contribute the relevant mining power to secure that chain.


Another vulnerability of sidechains consists in the gateway used to transfer assets and messages between

chains. In the case of a Bitcoin sidechain, a user will “lock” Bitcoins in an address on the main Bitcoin

Blockchain and then issue proxy tokens for these on the sidechain. If users can also later exchange

sidechain tokens for the original token, this mechanism is called a 2-way peg. They can then transact with

others on that sidechain. If the initial “locking” transaction is later considered invalid, then subsequent

proxy-token transactions would also be affected. Additionally, owners of proxy tokens that had been

affected would not be able to convert these back to the original asset via the pegging mechanism


Fraudulent transactions or attacks on a sidechain do not affect the validity of data held on the parent

chain. However, in the event that a sidechain was to be put out of service, the parent chain might be

subjected to high stress levels as the sidechain users migrate their transaction volumes to the parent

chains


4.2.3 Exploiting Permissioned Blockchains


In a regulated, permissioned network, where consensus might be implemented under the regulator’s

direction, any exploitation of the regulator’s capabilities would be even more and immediately severe


All problems that had required hijacking of the majority consensus, a task that was a potentially

significant in undertaking, are now replaced by the hijacking of a single entity


4.2.4 Distributed Denial of Service


Distributed Denial of Service attacks coming out of the nature of the distribute ledger remain a concern.

For example, if rogue wallets decide to push large numbers of spam transactions to the network it could

create potentially a denial of service and increase the processing time, as the nodes will be checking the

validity of the fraudulent transactions.


Within a permissioned ledger, it would be possible for nodes to agree to ignore or even block the issuer of

such spam transactions. However, if an attacker is able to control a large number of clients, they might be

able to severely disrupt the network by pushing large volumes of irrelevant transactions


The distributed nature of Blockchain architecture introduces the prospect that it would be difficult to

shut down a malicious program


It would be possible to

store malicious data within the Blockchain network. Additionally, an attacker could reassign control of the

related smart contract at will, leveraging the trustless nature of the Blockchain to buy and sell malware

between anonymous cryptographic keys


4.2.5 Wallet Management


The wallet software would need to protect the keys from being accessed

without authorization, in both cases while stored, but also while in operation with the software.


Losing access to a given wallet might preclude a financial institution from authorising transactions or

moving assets. It might be difficult for an entity to be aware that a malicious user has access to the wallet,

because copying or stealing the keys might not leave any trace on a computer. By the time an entity

understands that the keys are compromised, because of a fraudulent transaction for example, it might be

too late for reversa


4.2.6 Scalability


Removing the need to reconcile counterparty data introduces a scalability problem. On one hand the

growth of the ledger size and on the other the speed at which transactions are processed.

The need to store all data pertaining to a specific distributed ledger, may grow to be unmanageable in

size for individual end-users


The speed at which a given transaction is processed, in some implementations of the ledger, may not be

sufficient or acceptable


Exposed to the high transaction volumes of financial institutions, a completely distributed ledger might

subject users to performance issues as their machines struggle to maintain an ever growing chain. The

transaction speed also depends on the consensus protocol.


The possibility that only specific transactions are to be verified by specific nodes (validators) is called

Sharding. Sharding could also introduce a significant fault (ie. reversion of subsequent transactions) if a

specific subset of validators were to wrongly validate transactions to which other members of that same

Blockchain refer to


The process of downloading block headers (which are a hashed version of past data) as well as the

underlying data for most recent blocks and then cross-reference this with other nodes (rather than

downloading the entire database) is called Blockchain pruning. Here, a challenge exists if an attacker were

to convince a user that the fraudulent block headers they verify, are genuine


4.2.7 Smart Contract Management


Smart contract management refers to the people, processes and technology used when creating a smart

contract.


Smart contracts are essentially programs that run on the distributed ledger. They are prone to any faults

associated with code


Generally, the function, and the security of smart contracts code depends on the author’s capabilities


4.2.8 Interoperability


Using different distributed ledgers will very likely bring the need of data sharing between them.

Exchanging data will require translation of formats and protocols, which currently are in very early

stages.


Key

challenges related to interoperability are:

 Who can transfer assets between distributed ledgers?

 Who can oppose to transferring assets?

 Should transfers allow for whole asset or just part of it?

 Should changes of ownership or asset (theft, loss) be also proliferated to the other chains?

https://www.enisa.europa.eu/publications/blockchain-security/@@download/fullReport


  • Distributed ledgers require maximum protection – even if they appear to be secure by default

Blockchain technology is becoming an integral part of the business process in large companies. In its customized form for enterprises, commonly called Distributed Ledger Technology (DLT), it is used to verify transactions, control deliveries, monitor workplace operations and more.

https://www.kaspersky.com/enterprise-security/dlt-cybersecurity


  • Overview nature of the risks and vulnerabilities

Distributed ledger technology (DLT) is a new type of

secure database or ledger that is replicated across

multiple sites, countries, or institutions with no

centralized controller. In essence, this is a new way

of keeping track, securely and reliably, of who owns a

financial, physical, or digital asset. The most popular

incarnation of DLT is called a blockchain, of which a

number of varieties have been developed

https://figi.itu.int/wp-content/uploads/2021/04/Security-Aspects-of-Distributed-Ledger-Technologies-1.pdf

Sunday, June 12, 2016

Blockchain

  • Design by contract

Design by contract (DbC), also known as contract programming, programming by contract and design-by-contract programming, is an approach to designing software.
It prescribes that software designers should define formal, precise and verifiable interface specifications for software components, which extend the ordinary definition of abstract data types with preconditions, postconditions, and invariants.

These specifications are referred to as "contracts", in accordance with a conceptual metaphor with the conditions and obligations of business contracts.
The DbC approach assumes all client components that invoke an operation on a server component will meet the preconditions specified as required for that operation. Where this assumption is considered too risky (as in multi-channel client-server or distributed computing) the opposite "defensive design" approach is taken, meaning that a server component tests (before or while processing a client's request) that all relevant preconditions hold true, and replies with a suitable error message if not.

The central idea of DbC is a metaphor on how elements of a software system collaborate with each other on the basis of mutual obligations and benefits. The metaphor comes from business life, where a "client" and a "supplier" agree on a "contract" that defines, for example, that:

    The supplier must provide a certain product (obligation) and is entitled to expect that the client has paid its fee (benefit).
    The client must pay the fee (obligation) and is entitled to get the product (benefit).
    Both parties must satisfy certain obligations, such as laws and regulations, applying to all contracts.


https://en.wikipedia.org/wiki/Design_by_contract



  • Cryptocurrency Tutorial


Cryptocurrency is a digital currency that functions as a medium of exchange, utilizing the process of cryptography enables users to transact securely using these digital coins.
Cryptocurrencies operate on a distributed ledger called a blockchain, where all transactions using a cryptocurrency is made public and permanently recorded.
Units of a cryptocurrency are produced through a process known as mining, where special computer software is used to solve mathematical problems in exchange for a unit or more of that cryptocurrency.
Due to the decentralized technology on which cryptocurrencies operate, the supply of a cryptocurrency is not subject to the control of a central authority; the total supply of a cryptocurrency is normally predetermined, which is made clear to all users.

Blockchain Technology
A blockchain is a public ledger of all cryptocurrency transactions.
Each group of transactions is referred to as a block, with each block then being combined chronologically into a chain.
Information that exists on the blockchain is shared and the public, therefore, every node connected to the network, possesses a copy of the blockchain.
Each node will be able to have access to all transactions that have ever taken place, or will take place on the blockchain.
The distributed nature of blockchain technology also means that the database cannot be controlled by a single entity, nor can it easily be hacked as there is not one single point of failure

Cryptocurrency Mining
Cryptocurrency mining is a process by which new coins are introduced into the existing circulating supply, as well as a process used to secure the network that the coins operate on.
The people who mine a coin, are known as miners.
Therefore, instead of having a central authority that produces and secures the money supply, this is spread out across the network.

The Mining Process
Transactions that occur on the network such as, “Alice sends 10 Bitcoins to Bob”, are collected by a miner and bundled up into a block.
The miner then verifies that all transactions in the block are valid.
If a miner attempts to submit a block with an invalid transaction, the block will be rejected.
An example of an invalid transaction would be, Alice, sending 10 Bitcoins to Bob, even though she does not have 10 Bitcoins to send.
After the miner has successfully verified that all transaction in the block is valid, he must then compute a cryptographic hash.
It is necessary for miners to perform this computation in-order to prevent just anyone from being able to create blocks, this, therefore, secures the network against fraudulent blocks.
Computing a cryptographic hash requires a large amount of computing power, as hundreds of millions of calculations are needed to be performed each second.
This process is known as proof-of-work.
Once the miner successfully solves the hash, the block is then relayed to the network to be checked against the consensus rules.
Once accepted, the block is then added to the blockchain network and the miner is rewarded with a set amount of the cryptocurrency.

Decentralized Applications
Typically associated with the Ethereum project, a decentralized application, or DApp, is an application that runs on a peer-to-peer network of computers, as opposed to a single computer.
The key benefit of this is, users of the network do not depend on a central computer in order to send and receive information.
let us consider some examples of centralized applications such as Facebook, Twitter, and YouTube. These are all examples of centralized applications because, in order to use them, the user is dependent on a network owned and operated by a central entity. This is in contrast with a decentralized application, where the user is not dependent on a central entity to send and receive information.
Even though a DApp does not necessarily require a blockchain from which to operate on top of, most DApps harness the power of blockchain technology using what is known as, smart contracts.
Smart contracts are self-executing contracts designed to enforce the terms of an agreement.
For example, if you want to purchase a house, this process would involve multiple third parties such as estate agents and lawyers, who would settle the purchase for you.
However, with the use of a smart contract, the process need only involve the buyer and the seller.

DApps rely on smart contracts in-order to access the blockchain and operate, much in the same way centralized applications rely on centralized servers to operate.

some common requirements of an application before it can be truly considered decentralized:
    The application must be open-source
    Application’s data must be stored on a decentralized blockchain
    The application must use a cryptographic token e.g. Bitcoin or one inherent to the application
    The application must generate tokens via a cryptographic algorithm, e.g. Proof-of-work

Smart Contracts
A smart contract is a self-executing contract that is designed to enforce the terms of an agreement created between two parties.
A well-known use of smart contracts can be found on the Ethereum blockchain, where they are integrated into decentralized applications (DApps).
The trustless and self-executing nature of smart contracts means that the operation of DApps need not depend on a centralized network.
However, the use of smart contracts does not come without risk. The code included in a smart contract may contain bugs and security holes that are exploitable.
This was the case when, in June of 2016, approximately $50 million worth of ETH was stolen from the Decentralized Autonomous Organization (DAO), due to an exploitable security hole in its smart contract

Initial Coin Offering (ICO)
An initial coin offering (ICO) is a means by which a start-up can raise capital by selling cryptocurrency inherent to their project, in exchange for a more valuable cryptocurrency, such as Bitcoin or Ethereum

The Whitepaper
In the cryptocurrency space, a whitepaper is a document presented by a start-up with the intention of informing and encouraging investors to participate in the start-up’s ICO.
A whitepaper contains more technical and in-depth discussions on the project that the start-up is building. This could include The consensus algorithm the project decides to use, how the nodes that operate on project’s platform would function, and the token system.

Hard Fork & Soft Fork
Hard Fork
A hard fork is a permanent divergence from the previous version of a blockchain; a new set of consensus rules are introduced into the network that is not compatible with the older network.
Under a hard fork, blocks (transactions) that are confirmed by nodes that are not yet upgraded to the latest version of the protocol software will be invalid. Nodes running the older version of the software will have to follow the new set of consensus rules for their blocks to be valid on the forked network
A hard fork can take place to augment the functionality of a blockchain, increase the security of operating on the network, or even to reverse transactions on the blockchain. With the latter scenario occurring for the Ethereum blockchain, where a hard fork was implemented in order to reverse transactions following a hack on the DAO (Decentralized Autonomous Organization).
Soft Fork
A soft fork is a backward compatible method of upgrading a blockchain. Soft forks do not require old nodes to upgrade to maintain consensus, because all blocks on the softforked blockchain follow the old set of consensus rules as well as their new ones. However, blocks produced by nodes conforming to the old set of consensus rules will violate the new set of consensus rules, and as a result, will likely be made stale by the upgrading mining majority. This is because for a soft fork to work, a majority of miners need to recognize and enforce the new set of consensus rules. If this majority is reached, then the older network will fall into disuse, with the newer blockchain gaining recognition as the ‘true’ blockchain

Proof-Of-Work & Proof-Of-Stake
Proof of Work
Proof-of-work (PoW) is a requirement that must be performed by a miner in order to add a block to the blockchain. PoW occurs in the mining process when a miner successfully solves a complex mathematical puzzle on the network. Answers to the problem are known as a hash; the hash that is produced must be valid, in that it must be lower than the target hash. A target hash is simply the hash value that has been determined by the network. A hash that is above the target hash will be invalid, and the puzzle will not be solved. As more of these puzzles are solved, the network will automatically increase its difficulty. What this means is that the target hash value will be lowered, so that the number of valid hash values capable of being produced is also lowered. This correspondingly makes it much more difficult for a miner to generate a valid hash and solve the network’s mathematical puzzle
PoW also serves as a security measure, it deters denial of service (DoS) attacks because the network requires the attacker to commit significant processing power to generate a valid hash value, which can be an extremely expensive process
Proof of Stake
A limitation to the PoW model is that a significant amount of electrical energy is wasted generating random guesses.
Proof-of-stake (PoS) aims to solve this energy problem by requiring miners to put up a stake or lock up a certain amount of their funds to validate a block, instead of having to generate hash values.
PoS miners are limited to mining a percentage of transactions that are reflective of their stake in the cryptocurrency.
For example, a miner who owns 5% of Bitcoin available may only mine 5% of blocks on the network.
Furthermore, there is no block reward in the PoS system, instead, miners are rewarded with transaction fees for the verification of a block.

https://www.mycryptopedia.com/cryptocurrency-tutorial/

  • Cryptocurrency
A cryptocurrency is a medium of exchange designed around securely exchanging information which is a process made possible by certain principles of cryptography.
Fundamentally, cryptocurrencies are specifications regarding the use of currency which seek to incorporate principles of cryptography to implement a distributed, decentralized and secure information economy.

Hundreds of cryptocurrency specifications now exist; most are similar to and derived from the first fully implemented cryptocurrency protocol, Bitcoin

cryptocurrency vs fiat money
When comparing cryptocurrencies to fiat money, the most notable difference is in how no group or individual may accelerate, stunt or in any other way significantly abuse the production of money
Instead, only a certain amount of cryptocurrency is produced by the entire cryptocurrency system collectively, at a rate which is bounded by a value both prior defined and publicly known

 In centralized economic systems such as the Federal Reserve System governments regulate the value of currency by simply printing units of fiat money or demanding additions to digital banking ledgers

 However, governments cannot produce units of cryptocurrency and as such, governments cannot provide backing for firms, banks or corporate entities which hold asset value measured in a decentralized cryptocurrency

 The underlying technical system upon which all cryptocurrencies are now based was created by the anonymous group or individual known as Satoshi Nakamoto for the purpose of creating an economy within which the practice of fractional reserve banking would be fundamentally impossible

 Within cryptocurrency systems the safety, integrity and balance of all ledgers is maintained by a swarm of mutually distrustful parties referred to as miners who are usually members of the public handling cryptocurrency transactions for a small fee

 Miners use resource-intensive computer software to help secure a particular cryptocurrencys network by increasing that networks ability to solve mathematic equations which the network directly uses to impede fraudulence.

 Subverting the underlying security of a cryptocurrency is mathematically possible, but the cost may be unfeasibly high
 Against Bitcoin's proof-of-work based system, an attacker would need computational power greater than that controlled by the entire swarm of miners in order to even have 1 / (2^(# authentication rounds for this cryptocurrency) - 1) of a chance

 Most cryptocurrencies are designed to gradually introduce new units of currency, placing an ultimate cap on the total amount of currency that will ever be in circulation. This is done both to mimic the scarcity (and value) of precious metals and to avoid hyperinflation.

 As a result, such cryptocurrencies tend to experience hyperdeflation as they grow in popularity and the amount of the currency in circulation approaches this finite cap.

 Compared with ordinary currencies held by financial institutions or kept as cash on hand, cryptocurrencies are less susceptible to seizure by law enforcement


 The first cryptocurrency, Bitcoin, was created in 2009 by pseudonymous developer Satoshi Nakamoto. It used SHA-256, a cryptographic hash function, as its proof-of-work scheme.
 Litecoin was released. It was the first cryptocurrency to use scrypt as its hash function instead of SHA-256
 Peercoin was the first to use a proof-of-work/proof-of-stake hybrid

http://en.wikipedia.org/wiki/Cryptocurrency

  • Cryptocurrency Storage

Hardware Wallets
These are special devices designed to hold a user’s private keys.
the cryptographic keys are stored in a special section of the device’s microcontroller
They feature a double-tiered protection system that comprises a PIN number and a password (seed).
The only drawback to these devices is that if you either lose it or forget both the PIN number and seed, there is no way to recover the funds held in the wallet.

Desktop Wallets
A desktop wallet is a software program
This implies that you can only access it from the computer on which it is installed. In most cases, a desktop wallet will only work with one cryptocurrency
However, they usually require a full install of the digital currency’s blockchain in order to function. The immobility of desktops and laptops also limit their functionality. And in case of a malware attack on the hard drive, your stored coins might be lost forever.

Paper Wallets
A paper wallet is one of the most secure storage options and is also referred to as cold storage.
It entails printing your private and public keys on paper for offline storage. These keys are then used for future access of your wallet using a specified software.
A paper wallet is impossible to attack using any digital tools because it is a physical storage option.
It is one of the best options for long-term storage and makes it easy to transfer cryptocurrency assets physically by simply handing over the paper.

Mobile Wallets
These are comparable to desktop wallets in that they require users to download and install an app only this time, it’s on a mobile device.

Online Wallets
An online wallet is one that is accessed by means of a web browser. It runs on the cloud which means that you can access it using any device in the world for as long as it has computing capabilities.
https://bitbounce.com/blog/types-cryptocurrency-storage-explained/


  • An initial coin offering (ICO) or initial currency offering is a type of funding using cryptocurrencies

In an ICO, a quantity of cryptocurrency is sold in the form of "tokens" ("coins") to speculators or investors, in exchange for legal tender or other cryptocurrencies such as Bitcoin or Ethereum
The tokens sold are promoted as future functional units of currency if or when the ICO's funding goal is met and the project launches.
In some cases like Ethereum the tokens are required to use the system for its purposes
An ICO can be a source of capital for startup companies
ICOs can allow startups to avoid regulatory compliance and intermediaries such as venture capitalists, banks and stock exchanges.
https://en.wikipedia.org/wiki/Initial_coin_offering



  • What is An Initial Coin Offering

The idea to presale coins of a cryptocurrency or token of a blockchain project has evolved in a crazy successful instrument to raise funds for the development of a new application
With the success of Ethereum ICO are more and more used to fund the development of a crypto project by releasing token which is somehow integrated into the project.

Maybe the first cryptocurrency distributed by an ICO was Ripple. In early 2013 Ripple Labs started to develop the Ripple called payment system and created around 100 billion XRP token. The company sold these token to fund the development of the Ripple platform.
https://blockgeeks.com/guides/initial-coin-offering/

  • Proof-of-stake
Proof-of-stake is a method of securing a cryptocurrency network through requesting users to show ownership of a certain amount of currency.
It is different from proof-of-work systems that run hashing algorithms to validate electronic transactions.
It is most commonly used as a supplement to proof-of-work in Peercoin

Peercoin's proof-of-stake system is based around the concept of "coin age," a measure of the product of the currency amount held times the amount of time it has been held for.

When generating a proof-of-stake block, the user sends some money to themselves, consuming their coin age in exchange for a preset reward.
This minting transaction becomes more likely to succeed over time until a valid block is found, generating a new block on the blockchain and a payout for the proving user.
This process secures the network and gradually produces new coins over time without consuming significant computational power
http://en.wikipedia.org/wiki/Proof-of-stake
  • BGX has made a mark in the market of decentralization. They are a multifunctional organization providing a processing platform in the mobile gaming field

They stand out because they are backing games and software with artificial intelligence
BGX developed a blockchain algorithm which enables them to process almost up to 100,000 transactions/second.
These transactions although high in volume, are operated at a small cost, while at the same time maintaining at the same time unparallel security.
BGX’S algorithm works ideally for building a platform for financial processing.

Weak points:
   There is a loophole where they have no clue what to do when users use separate tokens to buy games and benefit from it
https://icoshock.com/bgx-ico-review-ai-powdered-mobile-gaming-platform/


  • a smart contract, or simply contract, as a piece of code created by a blockchain user and executed by a blockchain node. A smart contract language (SCL) is a programming language that is either used to write a smart contract directly or is compiled to it.

https://github.com/s-tikhomirov/smart-contract-languages



  • Eth-Tweet

Eth-Tweet is a decentralized blogging platform that provides functionality similar to Twitter. However, because Eth-Tweet operates on top of the decentralized Ethereum blockchain, no centralized entity can control what a user decides to publish.
decentralization means there is no company or central authority in control of what is being published
The system is censorship resistant in the sense that once a message is published, it can only be removed by the publisher.
All accounts can receive donations in Ethereum's Ether cryptocurrency. Being able to receive donations can be an incentive to run a decentralized microblogging feed.
If you want to edit the source files, you can use Ethereum's Mix IDE which can be found here.
https://github.com/yep/eth-tweet





  • Top 5 Blockchain Programming Languages –

There are several programming languages that can help you create applications for blockchain
    C++
    Java
    Python
    Simplicity
    Solidity

C++
This blockchain programming language allows for effective management of resources and offers greater control over memory. Blockchain requires many users and miners to interact and operate both systematically and simultaneously.
C++ creates applications that can not only coordinate between numerous endpoints but also process their interactions quickly. It’s why blockchain projects like Bitcoin, Ethereum, and Ripple were all written in C++.

Java
It is also now useful in making simple and immutable blockchains. Immutability makes it impossible for anyone to change the contents in a block after it has been verified or “hashed”.
Every new block, which is added to a blockchain includes the hash of the previous block along with a new hash for the new block. Once hashed, any change in its content will produce a new “previousHash”, which will deter the new block from being added to the chain till its contents match with the contents of the previous block, thereby maintaining immutability.

Python
His goal was to create a simple and minimalistic programming language. The syntax and logic of this blockchain programming language uses reflects this very ambition of the creator

Simplicity
Simplicity is a blockchain programming language that was designed for smart contracts.
Solidity is an attempt to improve basic cryptocurrency languages like Bitcoin Script and Ethereum Virtual Machine (EVM). It uses static analysis – a technique that enables a universal algorithm to determine the cost of running any Simplicity program – to prevent programs from “running out of gas” during analysis.

Solidity
This blockchain programming language is high-level and contract-based. Its script is similar to scripts of some of the languages listed above like Java, and it borrows concepts like variables, functions, and classes from them.

Conclusion
The blockchain is revolutionizing the way data and assets are traded.
A Blockchain Developer must know one of the modern programming languages like Java or C++. These languages don’t just help create applications for blockchain, but also help learn contract-based or blockchain-based languages like Simplicity or Solidity.
https://acadgild.com/blog/best-blockchain-programming-languages


  • What Are the Top Five Blockchain Programming Languages? 

Taking into consideration the name "blockchain," it can be defined as the block that contains digital information and does not allow the hackers to extract this information in any way possible.
The blockchain pattern was designed to keep Bitcoins data safe in every aspect of the word

C++
It basically packs the data in the form of objects and sends it across to the user only to be opened at their end. Since the principle use of blockchain is in a similar format, it is one of the most coveted languages for working this out in the blockchain

Java
Creating the relationship between the data and sending it across to the user is quite simple with the use of Java language.it can run on almost any format of computers with a small installation of JRE or the Java runtime environment.

Python
you can perform many tasks with a single command in this language. It makes the work of building the block with the relevant information and linking them together with a much easier one to accomplish.

Ruby
enables you to use a heady mix of languages to create the required blockchain

Solidity
Solidity is a contract-based language that is primarily used to enhance the use of EVM machines.
One of the reasons why programmers prefer using this language to build the blockchain is the fact that it can catch hold of any iteration at the time of coding
It saves you a lot of time while creating the message to send across to another user.


https://dzone.com/articles/what-are-the-top-5-blockchain-programming-language


  • Solidity Tutorials

Solidity is a high-level language whose syntax is similar to that of JavaScript and it is designed to compile to code for the Ethereum Virtual Machine.
You can start using Solidity in your browser, with no need to download or compile anything. This application only supports compilation - if you want to run the code or inject it into the blockchain, you have to use a client like AlethZero.

https://ethereumbuilders.gitbooks.io/guide/content/en/solidity_tutorials.html



  • Solidity is a statically typed, contract-oriented, high-level language for implementing smart contracts on the Ethereum platform.

To get started with Solidity, you can use Remix, which is a browser-based IDE. Here are some example contracts:
Solidity is a statically-typed curly-braces programming language designed for developing smart contracts that run on the Ethereum Virtual Machine. Smart contracts are programs that are executed inside a peer-to-peer network where nobody has special authority over the execution and thus they allow to implement tokens of value, ownership, voting and other kinds of logic.
When deploying contracts, you should use the latest released version of Solidity. This is because breaking changes, as well as new features and bug fixes, are introduced regularly
https://github.com/ethereum/solidity



  • Solidity is a statically typed, contract-oriented, high-level language for implementing smart contracts on the Ethereum platform.

Solidity is an object-oriented, high-level language for implementing smart contracts. Smart contracts are programs which govern the behavior of accounts within the Ethereum state.
Solidity was influenced by C++, Python, and JavaScript and is designed to target the Ethereum Virtual Machine (EVM).
Solidity is statically typed, supports inheritance, libraries and complex user-defined types among other features.
https://solidity.readthedocs.io/en/v0.5.3/


  • Solidity lets you program on Ethereum, a blockchain-based virtual machine that allows the creation and execution of smart contracts, without requiring centralized or trusted parties.

Solidity is a statically typed, contract programming language that has similarities to Javascript and C. Like objects in OOP, each contract contains state variables, functions, and common data types. Contract-specific features include modifier (guard) clauses, event notifiers for listeners, and custom global variables

Some Ethereum contract examples include crowdfunding, voting, and blind auctions.

https://learnxinyminutes.com/docs/solidity/


  • Ethereum is a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third-party interference

These apps run on a custom built blockchain, an enormously powerful shared global infrastructure that can move value around and represent the ownership of property.

Smart money, smart wallet
The Ethereum Wallet is a gateway to decentralized applications on the Ethereum blockchain. It allows you to hold and secure ether and other crypto-assets built on Ethereum, as well as write, deploy and use smart contracts.

Build a new kind of decentralized application
Could your business be enhanced by operating on a cryptographically secure, decentralized, tamper-proof network?

https://ethereum.org/
  • Using Blockchain Technology for Secure Data Encryption

Similar to Bitcoin, Enigma removes the need for a trusted third party, enabling autonomous control of personal data. For the first time, users are able to share their data with cryptographic guarantees regarding their privacy.
http://www.newsbtc.com/2015/07/23/using-blockchain-technology-for-secure-data-encryption/

The blockchain is a way of storing all kinds of valuable data (like money and medical records) in the form of encrypted blocks, which are shared between thousands of random computers connected into a peer-to-peer network. Once recorded, the data in a block cannot be modified without altering the whole blockchain at once. With no centralized storage, corrupting Blockchain becomes literally impossible, since the only way to override the network is to get physical access to every computer in it.

https://expertise.jetruby.com/blockchain-technology-explained-1a07da48c187


Byzantine Fault Tolerance(BFT) algorithms
Understanding Blockchain Fundamentals, Part 1: Byzantine Fault Tolerance
Whenever a new transaction gets broadcasted to the network, nodes have the option to include that transaction to their copy of their ledger or to ignore it
When the majority of the actors which comprise the network decide on a single state, consensus is achieved.

A fundamental problem in distributed computing and multi-agent systems is to achieve overall system reliability in the presence of a number of faulty processes. This often requires processes to agree on some data value that is needed during computation

In order to create a secure consensus protocol, it must be fault tolerant.
the unsolvable Two Generals Problem.
the Byzantine Generals’ Problem
Byzantine Fault Tolerance

The Two generals Problem
describes a scenario where two generals are attacking a common enemy7
General 1 is considered the leader and the other is considered the follower.
Each general’s army on its own is not enough to defeat the enemy army successfully, thus they need to cooperate and attack at the same time
The Two Generals Problem has been proven to be unsolvable.

The Byzantine Generals Problem
a generalized version of the Two Generals Problem
describes the same scenario, where instead more than two generals need to agree on a time to attack their common enemy.
The leader-follower paradigm described in the Two Generals Problem is transformed to a commander-lieutenant setup.
In order to achieve consensus here, the commander and every lieutenant must agree on the same decision
if the commander is a traitor, consensus must still be achieved. As a result, all lieutenants take the majority vote.
The algorithm to reach consensus in this case is based on the value of majority of the decisions a lieutenant observes.

Theorem: For any m, Algorithm OM(m) reaches consensus if there are more than 3m generals and at most m traitors.
This implies that the algorithm can reach consensus as long as 2/3 of the actors are honest.
If the traitors are more than 1/3, consensus is not reached, the armies do not coordinate their attack and the enemy wins.

The important thing to remember is that the goal is for the majority of the lieutenants to choose the same decision, not a specific one.

Byzantine Fault Tolerance
Byzantine Fault Tolerance is the characteristic which defines a system that tolerates the class of failures that belong to the Byzantine Generals’ Problem.
The algorithm mentioned in the previous section is Byzantine Fault Tolerant as long as the number of traitors do not exceed one third of the generals.

How does this all relate to blockchain?
Blockchains are decentralized ledgers which, by definition, are not controlled by a central authority.
Due to the value stored in these ledgers, bad actors have huge economic incentives to try and cause faults.
Byzantine Fault Tolerance, and thus a solution to the Byzantine Generals’ Problem for blockchains is much needed.
In the absence of BFT, a peer is able to transmit and post false transactions effectively nullifying the blockchain’s reliability
To make things worse, there is no central authority to take over and repair the damage.

The big breakthrough when Bitcoin was invented, was the use of Proof-of-Work as a probabilistic solution to the Byzantine Generals Problem


https://medium.com/loom-network/understanding-blockchain-fundamentals-part-1-byzantine-fault-tolerance-245f46fe8419


  • Ethereum/Quorum

Quorum is an Ethereum-based distributed ledger protocol with transaction/contract privacy and new consensus mechanisms.
https://github.com/jpmorganchase/quorum


  • What is Quorum Blockchain?

The functioning of Quorum is similar to Ethereum but with a few differences. Here is how Quorum is different from Ethereum blockchain :

Network and peer permissions management
Enhanced transaction and contract privacy
Voting-based consensus mechanisms
Better performance
https://www.blockchain-council.org/blockchain/what-is-quorum-how-is-it-different-from-other-blockchain/


  • Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration, hosted by The Linux Foundation, including leaders in finance, banking, IoT, supply chain, manufacturing and technology.

https://www.hyperledger.org/


  • Interledger is an open protocol suite for sending payments across different ledgers. Like routers on the Internet, connectors route packets of money across independent payment networks. The open architecture and minimal protocol enable interoperability for any value transfer system. Interledger is not tied to any one company, blockchain, or currency. 

https://interledger.org/