BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER-01
INTRODUCTION
Blockchains are tamper evident and tamper resistant digital ledgers implemented in a distributed
fashion(i.e., without a central repository) and usually without a central authority (i.e., a bank,
company or government). At their basic level, they enable a community of users to record
transactions in a shared ledger within that community, such that under normal operation of the
blockchain network notransaction can be changed once published. In 2008, the blockchain idea
was combined with several other technologies and computing concepts to create modern
cryptocurrencies: electronic cash protected through cryptographic mechanisms instead of
acentral repository or authority.

This technology became widely known in 2009 with the launch of the Bitcoin network, the first
of many modern cryptocurrencies. In Bitcoin, and similar systems, the transfer of digital
information thatrepresents electronic cash takes place in a distributed system. Bitcoin users can
digitally sign and transfer their rights to that information to another user and the
Bitcoinblockchain records this transfer publicly, allowing all participants of the network
toindependently verify the validity of the transactions.The Bitcoin blockchain is independently
maintained and managed by a distributed group of participants. This, along with cryptographic
mechanisms, makes the blockchain resilient to attempts toalter the ledger later (modifying blocks
or forging transactions). Blockchain technology has enabled the development of many
cryptocurrency systems such as Bitcoin and Ethereum1. Because of this, blockchain
technologyisoften viewed as bound to Bitcoin or possibly cryptocurrency solutions in general.
However, the technology is available for a broader variety of applications and is being
investigated for a variety of sectors.

The numerous components of blockchain technology along with its reliance on cryptographic
primitives and distributed systems can make it challenging to understand. However, each
component can be described simply and used as a building block to understand the larger
complex system. Blockchains can be informally defined as:

Blockchains are distributed digital ledgers of cryptographically signed transactions that are
grouped into blocks. Each block is cryptographically linked to the previous one (making
ittamperevident) aftervalidation and undergoing a consensus decision. As new blocks are added,

1
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

older blocks become more difficult to modify (creating tamper resistance). New blocks are
replicated across copies of the ledger within the network, and any conflicts are resolved
automatically usingestablished rules.
1.1 Background and History
The core ideas behind blockchain technology emerged in the late 1980s and early 1990s. In 1989, Leslie
Lamport developed the Paxos protocol, and in 1990 submitted the paper The Part- Time Parliament [2]
to ACM Transactions on Computer Systems; the paper was finally published in a 1998 issue. The paper
describes a consensus model for reaching agreement on a result in a network of computers where the
computers or network itself may be unreliable. In 1991, a signed chain of information was used as an
electronic ledger for digitally signing documents in a way that could easily show none of the signed
documents in the collection had been changed [3]. These concepts were combined and applied to
electronic cash in 2008 and described in the paper, Bitcoin: A Peer to Peer Electronic Cash System [4],
which was published pseudonymously by Satoshi Nakamoto, and then later in 2009 with the
establishment of the Bitcoin cryptocurrency blockchain network. Nakamoto’s paper contained the
blueprint that mostmodern cryptocurrency schemes follow (although with variations and modifications).
Bitcoin was just the first of many blockchain applications.

Many electronic cash schemes existed prior to Bitcoin (e.g., e cash and Net Cash), but none of
them achieved widespread use. The use of a blockchain enabled Bitcoin to be implemented in a
distributed fashion such that no single user controlled the electronic cash and no single point of
failure existed; this promoted its use. Its primary benefit was to enable direct transactions
between users without the need for a trusted third party. It also enabled the issuance of new
cryptocurrency in a defined manner to those users who manage to publish new blocks and
maintain copies of the ledger; such users are called miners in Bitcoin. The automated payment
of the miners enabled distributed administration of the system without the need to organize. By
using a blockchain and consensus-based maintenance, a self-policing mechanism was created
that ensured that only valid transactions and blocks were added to the blockchain.

2
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CAHPTER-02

BLOCKCHAIN CATEGORIZATION

Blockchain networks can be categorized based on their permission model, which determines
who can maintain them (e.g., publish blocks). If anyone can publish a new block, it is permission
less. If only particular users can publish blocks, it is permissioned. In simple terms, a
permissioned blockchain network is like a corporate intranet that is controlled, while a
permission less blockchain network is like the public internet, where anyone can participate.
Permissioned blockchain networks are often deployed for a group of organizations and
individuals, typically referred to as a consortium. This distinction is necessary to understand as
it impacts some of the blockchain components discussed later in this document.

2.1 Permissionless

Permissionless blockchain networks are decentralized ledger platforms open to anyone

publishing blocks, without needing permission from any authority. Permissionless blockchain
platforms are often open source software, freely available to anyone who wishes to download
them. Since anyone has the right to publish blocks, this results in the property that anyone can
read the blockchain as well as issue transactions on the blockchain (through including those
transactions within published blocks). Any blockchain network user within a permissionless
blockchain network can read and write to the ledger. Since permissionless blockchain networks
are open to all to participate, malicious users may attempt to publish blocks in a way that subverts
the system (discussed in detail later). To prevent this, permissionless blockchain networks often
utilize a multiparty agreement or ‘consensus’ system (see Section 4) that requires users to expend
or maintain resources when attempting to publish blocks. This prevents malicious users from
easily subverting the system. Examples of such consensus models include proof of work (see
Section 4.1) and proof of stake (see Section 4.2) methods. The consensus systems in
permissionless blockchain networks usually promote non-malicious behavior through rewarding
the publishers of protocol-conforming blocks with a native cryptocurrency.

2.2 Permissioned

Permissioned blockchain networks are ones where users publishing blocks must be authorized
by some authority (be it centralized or decentralized). Since only authorized users are
maintaining the blockchain, it is possible to restrict read access and to restrict who can issue

3
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

transactions. Permissioned blockchain networks may thus allow anyone to read the blockchain
or they may restrict read access to authorized individuals. They also may allow anyone to submit
transactions to be included in the blockchain or, again, they may restrict this access only to
authorized individuals. Permissioned blockchain networks may be instantiated and maintained
using open source or closed source software. Permissioned blockchain networks can have the
same traceability of digital assets as they pass through the blockchain, as well as the same
distributed, resilient, and redundant data storage system as a permissionless blockchain
networks. They also use consensus models for publishing blocks, but these methods often do not
require the expense or maintenance of resources (as is the case with current permissionless
blockchain networks). This is because the establishment of one’s identity is required to
participate as a member of the permissioned blockchain network; those maintaining the
blockchain have a level of trust with each other, since they were all This publication is available
free of charge from: https://doi.org/10.6028/NIST.IR.8202BLOCKCHAIN TECHNOLOGY
OVERVIEW 6 authorized to publish blocks and since their authorization can be revoked if they
misbehave. Consensus models in permissioned blockchain networks are then usually faster and
less computationally expensive.

4
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CAHPTER-03

BLOCKCHIN COMPONENTS

Blockchain technology can seem complex; however, it can be simplified by examining each
component individually. At a high level, blockchain technology utilizes well-known computer
science mechanisms and cryptographic primitives (cryptographic hash functions, digital
signatures, asymmetric-key cryptography) mixed with record keeping concepts (such as append
only ledgers). This section discusses each individual main component: cryptographic hash
functions, transactions, asymmetric-key cryptography, addresses, ledgers, blocks, and how
blocks are chained together

3.1 Cryptographic Hash Functions

An important component of blockchain technology is the use of cryptographic hash functions

for many operations. Hashing is a method of applying a cryptographic hash function to data,
which calculates a relatively unique output (called a message digest, or just digest) for an input
of nearly any size (e.g., a file, text, or image). It allows individuals to independently take input
data, hash that data, and derive the same result – proving that there was no change in the data.
Even the smallest change to the input (e.g., changing a single bit) will result in a completely
different output digest. Table 1 shows simple examples of this.

Cryptographic hash functions have these important security properties:

1. They are preimage resistant. This means that they are one-way; it is computationally infeasible
to compute the correct input value given some output value (e.g., given a digest, find x such that
hash(x) = digest).

2. They are second preimage resistant. This means one cannot find an input that hashes to a
specific output. More specifically, cryptographic hash functions are designed so that given a
specific input, it is computationally infeasible to find a second input which produces the same
output (e.g., given x, find y such that hash(x) = hash(y)). The only approach available is to
exhaustively search the input space, but this is computationally infeasible to do with any chance
of success.

3. They are collision resistant. This means that one cannot find two inputs that hash to the same
output. More specifically, it is computationally infeasible to find any two inputs that produce the
same digest (e.g., find an x and y which hash(x) = hash(y).

5
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

Input Text SHA-256 Digest Value

1 0x6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c
01e52ddb7875b4b

2 0xd4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90d
a3a666eec13ab35

Hello, World! 0xdffd6021bb2bd5b0af676290809ec3a53191dd81c7f70a4b2

8688a362182986f

Table 1: Examples of Input Text and Corresponding SHA-256 Digest Values

Since there are an infinite number of possible input values and a finite number of possible output
digest values, it is possible but highly unlikely to have a collision where hash(x) = hash(y) (i.e.,
the hash of two different inputs produces the same digest). SHA-256 is said to be collision
resistant, since to find a collision in SHA-256, one would have to execute the algorithm, on
average, about 2128 times (which is 340 undecillions, or more precisely
340,282,366,920,938,463,463,374,607,431,768,211,456; roughly 3.402 x 1038). To put this into
perspective, the hash rate (hashes per second) of the entire Bitcoin network in 2015 was 300
quadrillion hashes per second (300,000,000,000,000,000/s) [7]. At that rate, it would take the
entire Bitcoin network roughly 35,942,991,748,521 (roughly 3.6 x 1013) years2 to manufacture
a collision (note that the universe is estimated to be 1.37 x 1010 years old)3 . Even if any such
input x and y that produce the same digest, it would be also very unlikely for both inputs to be
valid in the context of the blockchain network (i.e., x and y are both valid transactions).

3.1.1 Cryptographic Nonce

A cryptographic nonce is an arbitrary number that is only used once. A cryptographic nonce can
be combined with data to produce different hash digests per nonce:

hash (data + nonce) = digest

3.2 Transactions

A transaction represents an interaction between parties. With cryptocurrencies, for example, a

transaction represents a transfer of the cryptocurrency between blockchain network users. For
business-to-business scenarios, a transaction could be a way of recording activities occurring on

6
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

digital or physical assets. Figure 1 shows a notional example of a cryptocurrency transaction.

Each block in a blockchain can contain zero or more transactions. For some blockchain
implementations, a constant supply of new blocks (even with zero transactions) is critical to
maintain the security of the blockchain network; by having a constant supply of new blocks
being published, it prevents malicious users from ever “catching up” and manufacturing a
longer,altered blockchain (see Section 4.7).

 Inputs : The inputs are usually a list of the digital assets to be transferred. A transaction will
reference the source of the digital asset (providing provenance) – either the previous transaction
where it was given to the sender, or for the case of new digital assets, the origin event.

 Outputs: – The outputs are usually the accounts that will be the recipients of the digital assets
along with how much digital asset they will receive. Each output specifies the number of digital
assets to be transferred to the new owner(s), the identifier of the newowner(s), and a set of
conditions the new owners must meet to spend that value.

Figure:1-Example cryptocurrency transaction

While primarily used to transfer digital assets, transactions can be more generally used to transfer
data. In a simple case, someone may simply want to permanently and publicly post data on the
blockchain. In the case of smart contract systems, transactions can be used to send data, process
that data, and store some result on the blockchain.

3.3 Asymmetric-Key Cryptograph

Blockchain technology uses asymmetric-key cryptography4 (also referred to as public key

cryptography). Asymmetric-key cryptography uses a pair of keys: a public key and a private key

7
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

that are mathematically related to each other. The public key is made public without reducing
the security of the process, but the private key must remain secret if the data is to retain its
cryptographic protection. Even though there is a relationship between the two keys, the private
key cannot efficiently be determined based on knowledge of the public key. One can encrypt
with a private key and then decrypt with the public key. Alternately, one can encrypt with a
public key and then decrypt with a private key.

3.4 Addresses and Address Derivation

Some blockchain networks make use of an address, which is a short, alphanumeric string of
characters derived from the blockchain network user’s public key using a cryptographic hash
function, along with some additional data (e.g., version number, checksums). Most blockchain
implementations make use of addresses as the “to” and “from” endpoints in a transaction.
Addresses are shorter than the public keys and are not secret. One method to generate an address
is to create a public key, applying a cryptographic hash function to it, and converting the hash to
text: public key  cryptographic hash function  address Each blockchain implementation may
implement a different method to derive an address. For permissionless blockchain networks,
which allow anonymous account creation, a blockchain network user can generate as many
asymmetric-key pairs, and therefore addresses as desired, allowing for a varying degree of
pseudo-anonymity. Addresses may act as the public-facing identifier in a blockchain network
for a user, and oftentimes an address will be converted into a QR code (Quick Response Code,
a 2-dimensional bar code which can contain arbitrary data) for easier use with mobile devices.

3.4.1 Private Key Storage

With some blockchain networks (especially with permissionless blockchain networks), users
must manage and securely store their own private keys. Instead of recording them manually, they
often use software to securely store them. This software is often referred to as a wallet. The
wallet can store private keys, public keys, and associated addresses. It may also perform other
functions, such as calculating the total number of digital assets a user may have. If a user loses a
private key, then any digital asset associated with that key is lost, because it is computationally
infeasible to regenerate the same private key. If a private key is stolen, the attacker will have full
access to all digital assets controlled by that private key. The security of private keys is so
important that many users use special secure hardware to store them; alternatively, users may
take advantage of an emerging industry of private key escrow services. These key escrow
services can also satisfy KYC laws in addition to storing private keys as users must provide proof

8
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

of their identity when creating an account. Private key storage is an extremely important aspect
of blockchain technology. When it is reported in the news that “Cryptocurrency XYZ was stolen
from…”, it almost certainly means some private keys were found and used to sign a transaction
sending the money to a new account, not that the blockchain network itself was compromised.
Note that because blockchain data cannot generally be changed, once a criminal steals a private
key and publicly transfers the associated funds to another account, that transaction generally
cannot be undone.

3.5 Ledgers

A ledger is a collection of transactions. Throughout history, pen and paper ledgers have been
used to keep track of the exchange of goods and services. In modern times, ledgers have been
stored digitally, often in large databases owned and operated by a centralized trusted third party
(i.e., the owner of the ledger) on behalf of a community of users. These ledgers with centralized
ownership can be implemented in a centralized or distributed fashion (i.e., just one server or a
coordinating cluster of servers). There is growing interest in exploring having distributed
ownership of the ledger. Blockchain technology enables such an approach using both distributed
ownership as well as a distributed physical architecture. The distributed physical architecture of
blockchain networks often involve a much larger set of computers than is typical for centrally
managed distributed physical architecture. The growing interest in distributed ownership of
ledgers is due to possible trust, security, and reliability concerns related to ledgers with
centralized ownership:

 Centrally owned ledgers may be lost or destroyed; a user must trust that the owner is properly
backing up the system.

 A blockchain network is distributed by design, creating many backup copies all updating
and syncing to the same ledger data between peers. A key benefit to blockchain
technology is that every user can maintain their own copy of the ledger. Whenever new
full nodes join the blockchain network, they reach out to discover other full nodes and
request a full copy of the blockchain network’s ledger, making loss or destruction of the
ledger difficult. Note – certain blockchain implementations provide the capability to
support concepts such as private transactions or private channels. Private transactions
facilitate the delivery of information only to those nodes participating in a transaction
and not the entire network.

9
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

 Centrally owned ledgers may be on a homogeneous network, where all software,

hardware and network infrastructure may be the same. Because of this characteristic, the
overall system resiliency may be reduced since an attack on one part of the network will
work on everywhere.

 A blockchain network is a heterogeneous network, where the software, hardware and network
infrastructure are all different. Because of the many differences between nodes on the blockchain
network, an attack on one node is not guaranteed to work on other nodes.

 Centrally owned ledgers may be located entirely in specific geographic locations (e.g., all in one
country). If network outages were to occur in that location, the ledger and services which depend
on it may not be available.

 A blockchain network can be comprised of geographically diverse nodes which may be found
around the world. Because of this, and the blockchain network working in a peer-to-peer fashion,
it is resilient to the loss of any node, or even an entire region of nodes.

 The transactions on a centrally owned ledger are not made transparently and may not be valid;
a user must trust that the owner is validating each received transaction. o A blockchain network
must check that all transactions are valid; if a malicious node was transmitting invalid
transactions, others would detect and ignore them, preventing the invalid transactions from
propagating throughout the blockchain network

 The transaction list on a centrally owned ledger may not be complete; a user must trust that the
owner is including all valid transactions that have been received. o A blockchain network holds
all accepted transactions within its distributed ledger. To build a new block, a reference must be
made to a previous block – therefore building on top of it. If a publishing node did not include a
reference to the latest block, other nodes would reject it.
3.6 Blocks

Blockchain network users submit candidate transactions to the blockchain network via software
(desktop applications, smartphone applications, digital wallets, web services, etc.). The software
sends these transactions to a node or nodes within the blockchain network. The chosen nodes
may be non-publishing full nodes as well as publishing nodes.

The submitted transactions are then propagated to the other nodes in the network, but this by
itself does not place the transaction in the blockchain. For many blockchain implementations,
once a pending transaction has been distributed to nodes, it must then wait in a queue until it is
added to the blockchain by a publishing node. Transactions are added to the blockchain when a
publishing node publishes a block. A block contains a block header and block data. The block

10
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

header contains metadata for this block. The block data contains a list of validated and authentic
transactions which have been submitted to the blockchain network. Validity and authenticity is
ensured by checking that the transaction is correctly formatted and that the providers of digital
assets in each transaction (listed in the transaction’s ‘input’ values) have each cryptographically
signed the transaction. This verifies that the providers of digital assets for a transaction had
access to the private key which could sign over the available digital assets. The other full nodes
will check the validity and authenticity of all transactions in a published block and will not accept
a block if it contains invalid transactions.

It should be noted that every blockchain implementation can define its own data fields; however,
many blockchain implementations utilize data fields like the following:

 Block Header

o The block number, also known as block height in some blockchain networks.

o The previous block header’s hash value.

o A hash representation of the block data (different methods can be used to accomplish this, such
as a generating a Markel tree (defined in Appendix B), and storing the root hash, or by utilizing
a hash of all the combined block data).

o A timestamp.

o The size of the block.

11
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER -04

Consensus Models

A key aspect of blockchain technology is determining which user publishes the next block. This
is solved through implementing one of many possible consensus models. For permissionless
blockchain networks there are generally many publishing nodes competing at the same time to
publish the next block. They usually do this to win cryptocurrency and/or transaction fees. They
are generally mutually distrusting users that may only know each other by their public addresses.
Each publishing node is likely motivated by a desire for financial gain, not the well-being of the
other publishing nodes or even the network itself.

In such a situation, why would a user propagate a block that another user is attempting to publish?
Also, who resolves conflicts when multiple nodes publish a block at approximately the same
time? To make this work, blockchain technologies use consensus models to enable a group of
mutually distrusting users to work together.

When a user joins a blockchain network, they agree to the initial state of the system. This is
recorded in the only pre-configured block, the genesis block. Every blockchain network has a
published genesis block and every block must be added to the blockchain after it, based on the
agreed-upon consensus model. Regardless of the model, however, each block must be valid and
thus can be validated independently by each blockchain network user. By combining the initial
state and the ability to verify every block since then, users can independently agree on the current
state of the blockchain. Note that if there were ever two valid chains presented to a full node, the
default mechanism in most blockchain networks is that the ‘longer’ chain is viewed as the correct
one and will be adopted; this is because it has had the most amount of work put into it. This
happens frequently with some consensus models and will be discussed in detail.

The following properties are then in place:

 The initial state of the system is agreed upon (e.g., the genesis block).

 Users agree to the consensus model by which blocks are added to the system.

 Every block is linked to the previous block by including the previous block header’s hash
digest (except for the first ‘genesis’ block, which has no previous block and for which the hash
of the previous block header is usually set to all zeros).

12
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

 Users can verify every block independently.

In practice, software handles everything and the users do not need to be aware of these details.

A key feature of blockchain technology is that there is no need to have a trusted third party
provide the state of the system—every user within the system can verify the system’s integrity.
To add a new block to the blockchain, all nodes must come to a common agreement over time;
however, some temporary disagreement is permitted. For permissionless blockchain networks,
the consensus model must work even in the presence of possibly malicious users since these
users might attempt to disrupt or take over the blockchain. Note that for permissioned blockchain
networks legal remedies may be used if a user acts maliciously.

In some blockchain networks, such as permissioned, there may exist some level of trust between
publishing nodes. In this case, there may not be the need for a resource intensive (computation
time, investment, etc.) consensus model to determine which participant adds the next block to
the chain. Generally, as the level of trust increases, the need for resource usage as a measure of
generating trust decreases. For some permissioned blockchain implementations, the view of
consensus extends beyond ensuring validity and authenticity of the blocks but encompasses the
entire systems of checks and validations from the proposal of a transaction, to its final inclusion
on a block.

4.1 Proof of Work Consensus Model

In the proof of work (PoW) model, a user publishes the next block by being the first to solve a
computationally intensive puzzle. The solution to this puzzle is the “proof” they have performed work.
The puzzle is designed such that solving the puzzle is difficult but checking that a solution is valid is easy.
This enables all other full nodes to easily validate any proposed next blocks, and any proposed block
that did not satisfy the puzzle would be rejected.

A common puzzle method is to require that the hash digest of a block header be less than a target
value. Publishing nodes make many small changes to their block header (e.g., changing the
nonce) trying to find a hash digest that meets the requirement. For each attempt, the publishing
node must compute the hash for the entire block header. Hashing the block header many times
becomes a computationally intensive process. The target value may be modified over time to
adjust the difficulty (up or down) to influence how often blocks are being published. For
example, Bitcoin, which uses the proof of work model, adjusts the puzzle difficulty every 2016
blocks to influence the block publication rate to be around once every ten minutes. The

13
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

adjustment is made to the difficulty level of the puzzle, and essentially either increases or
decreases the number of leading zeros required. By increasing the number of leading zeros, it
increases the difficulty of the puzzle, because any solution must be less than the difficulty level
– meaning there are fewer possible solutions. By decreasing the number of leading zeros, it
decreases the difficulty level, because there are more possible solutions. This adjustment is to
maintain the computational difficulty of the puzzle, and therefore maintain the core security
mechanism of the Bitcoin network. Available computing power increases over time, as does the
number of publishing nodes, so the puzzle difficulty is generally increasing. Adjustments to the
difficulty target aim to ensure that no entity can take over block production, but as a result the
puzzle solving computations require significant resource consumption. Due to the significant
resource consumption of some proof of work blockchain networks, there is a move to add
publishing nodes to areas where there is a surplus supply of cheap electricity.

An important aspect of this model is that the work put into a puzzle does not influence one’s
likelihood of solving the current or future puzzles because the puzzles are independent. This
means that when a user receives a completed and valid block from another user, they are

Incentivized to discard their current work and to start building off the newly received block
instead because they know the other publishing nodes will be building off it.

As an example, consider a puzzle where, using the SHA-256 algorithm, a computer must find a
hash value meeting the following target criteria (known as the difficulty level):

SHA256(“blockchain” + Nonce) = Hash Digest starting with “000000”

In this example, the text string “blockchain” is appended with a nonce value and then the hash
digest is calculated. The nonce values used will be numeric values only. This is a relatively easy
puzzle to solve and some sample output follows:

SHA256("blockchain0") =
0xbd4824d8ee63fc82392a6441444166d22ed84eaa6dab11d4923075975acab938 (not solved)
SHA256("blockchain1") =
0xdb0b9c1cb5e9c680dfff7482f1a8efad0e786f41b6b89a758fb26d9e223e0a10 (not solved) …
SHA256("blockchain10730895") =
0x000000ca1415e0bec568f6f605fcc83d18cac7a4e6c219a957c10c6879d67587 (solved)

To solve this puzzle, it took 10,730,896 guesses (completed in 54 seconds on relatively old
hardware, starting at 0 and testing one value at a time).

14
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

In this example, each additional “leading zero” value increases the difficulty. By increasing the
target by one additional leading zero (“0000000”), the same hardware took 934,224,175 guesses
to solve the puzzle (completed in 1 hour, 18 minutes, 12 seconds):

SHA256("blockchain934224174") =
0x0000000e2ae7e4240df80692b7e586ea7a977eacbd031819d0e603257edb3a81

There is currently no known shortcut to this process; publishing nodes must expend computation
effort, time, and resources to find the correct nonce value for the target. Often the publishing
nodes attempt to solve this computationally difficult puzzle to claim a reward of some sort
(usually in the form of a cryptocurrency offered by the blockchain network). The prospect of
being rewarded for extending and maintaining the blockchain is referred to as a reward system
or incentive model.

Once a publishing node has performed this work, they send their block with a valid nonce to
full nodes in the blockchain network. The recipient full nodes verify that the new block fulfills
the puzzle requirement, then add the block to their copy of the blockchain and resend the block
to their peer nodes. In this manner, the new block gets quickly distributed throughout the network
of participating nodes. Verification of the nonce is easy since only a single hash needs to be done
to check to see if it solves the puzzle.

This is possible because work can be distributed between two or more nodes across a collective to share
the workload and rewards. Splitting the example program into quarters, each node can take an equal
amount of the nonce value range to test:

 Node 1: check nonce 0000000000 to 0536870911

 Node 2: check nonce 0536870912 to 1073741823

 Node 3: check nonce 1073741824 to 1610612735

 Node 4: check nonce 1610612736 to 2147483647

This is a completely new nonce, but still one that solved the puzzle. It took 90,263,918 guesses
(completed in 10 minutes, 14 seconds). Dividing up the work amongst many more machines
yields much better results, as well as more consistent rewards in a proof of work model. The use
of a computationally difficult puzzle helps to combat the “Sybil Attack” – a computer security
attack (not limited to blockchain networks) where an attacker can create many nodes (i.e.,
creating multiple identities) to gain influence and exert control.

15
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

4.2 Proof of Stake Consensus Model

The proof of stake (PoS) model is based on the idea that the more stake a user has invested into
the system, the more likely they will want the system to succeed, and the less likely they will
want to subvert it. Stake is often an amount of cryptocurrency that the blockchain network user
has invested into the system (through various means, such as by locking it via a special
transaction type, or by sending it to a specific address, or holding it within special wallet
software). Once staked, the cryptocurrency is generally no longer able to be spent. Proof of stake
blockchain networks use the amount of stake a user has as a determining factor for publishing
new blocks. Thus, the likelihood of a blockchain network user publishing a new block is tied to
the ratio of their stake to the overall blockchain network amount of staked cryptocurrency.

With this consensus model, there is no need to perform resource intensive computations
(involving time, electricity, and processing power) as found in proof of work. Since this
consensus model utilizes fewer resources, some blockchain networks have decided to forego a
block creation reward; these systems are designed so that all the cryptocurrency is already
distributed among users rather than new cryptocurrency being generated at a constant pace. In
such systems, the reward for block publication is then usually the earning of user provided
transaction fees.

When the choice of block publisher is a random choice (sometimes referred to as chain-based
proof of stake), the blockchain network will look at all users with stake and choose amongst
them based on their ratio of stake to the overall amount of cryptocurrency staked. So, if a user
had 42 % of the entire blockchain network stake they would be chosen 42 % of the time; those
with 1 % would be chosen 1 % of the time.

When the choice of block publisher is a multi-round voting system (sometime referred to as
Byzantine fault tolerance proof of stake [12]) there is added complexity. The blockchain network
will select several staked users to create proposed blocks. Then all staked users will cast a vote
for a proposed block. Several rounds of voting may occur before a new block is decided upon.
This method allows all staked users to have a voice in the block selection process for every new
block.

It is worth noting that a problem known as “nothing at stake” may arise from some proof of stake
algorithms. If multiple competing blockchains were to exist at some point (because of a
temporary ledger conflict as discussed in Section 4.7), a staked user could act on every such

16
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

competing chain – since it is essentially free to do so. The staked user may do this as a way of
increasing their odds of earning a reward. This can cause multiple blockchain branches to
continue to grow without being reconciled into a singular branch for extended periods of time.

4.3 Round Robin Consensus Mode

Round Robin is a consensus model that is used by some permissioned blockchain networks.
Within this model of consensus, nodes take turns in creating blocks. Round Robin Consensus
has a long history grounded in distributed system architecture. To handle situations where a
publishing node is not available to publish a block on its turn, these systems may include a time
limit to enable available nodes to publish blocks so that unavailable nodes will not cause a halt
in block publication. This model ensures no one node creates the majority of the blocks. It
benefits from a straightforward approach, lacks cryptographic puzzles, and has low power
requirements.

Since there is a need for trust amongst nodes, round robin does not work well in the
permissionless blockchain networks used by most cryptocurrencies. This is because malicious
nodes could continuously add additional nodes to increase their odds of publishing new blocks.
In the worst case, they could use this to subvert the correct operation of the blockchain network.

4.4 Proof of Authority/Proof of Identity Consensus Model

The proof of authority (also referred to as proof of identity) consensus model relies on the partial
trust of publishing nodes through their known link to real world identities. Publishing nodes must
have their identities proven and verifiable within the blockchain network (e.g., identifying
documents which have been verified and notarized and included on the blockchain). The idea is
that the publishing node is staking its identity/reputation to publish new blocks. Blockchain
network users directly affect a publishing node’s reputation based on the publishing node’s
behavior. Publishing nodes can lose reputation by acting in a way that the blockchain network
users disagree with, just as they can gain reputation by acting in a manner that the blockchain
network users agree with. The lower the reputation, the less likelihood of being able to publish
a block. Therefore, it is in the interest of a publishing node to maintain a high reputation. This
algorithm only applies to permissioned blockchain networks with high levels of trust.

17
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

4.5 Proof of Elapsed Time Consensus Model

Within the proof of elapsed time (PoET) consensus model, each publishing node requests a wait
time from a secure hardware time source within their computer system. The secure hardware
time source will generate a random wait time and return it to the publishing node software.
Publishing nodes take the random time they are given and become idle for that duration. Once a
publishing node wakes up from the idle state, it creates and publishes a block to the blockchain
network, alerting the other nodes of the new block; any publishing node that is still idle will stop
waiting, and the entire process starts over.

This model requires ensuring that a random time was used, since if the time to wait was not
selected at random a malicious publishing node would just wait the minimum amount of time by
default to dominate the system.This model also requires ensuring that the publishing node waited
the actual time and did not start early. These requirements are being solved by executing software
in a trusted execution environment found on some computer processors (such as Intel’s Software
Guard Extensions5, or AMD’s Platform Security Processor6, or ARM’s TrustZone7).

Verified and trusted software can run in these secure execution environments and cannot be
altered by outside programs. A publishing node would query software running in this secure
environment for a random time and then wait for that time to pass. After waiting the assigned
time, the publishing node could request a signed certificate that the publishing node waited the
randomly assigned time. The publishing node then publishes the certificate along with the block.

4.6 Ledger Conflicts and Resolutions

As discussed previously, for some blockchain networks it is possible that multiple blocks will
be published at approximately the same time. This can cause differing versions of a blockchain
to exist at any given moment; these must be resolved quickly to have consistency in the
blockchain network. In this section, we discuss how these situations are generally handled.

With any distributed network, some systems within the network will be behind on information
or have alternative information. This depends on network latency between nodes and the
proximity of groups of nodes. Permissionless blockchain networks are more prone to have
conflicts due to their openness and number of competing publishing nodes. A major part of
agreeing on the state of the blockchain network (coming to consensus) is resolving conflicting
data.

18
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

For example:

 node A creates block(A)with transactions #1, 2 and 3. node A distributes it to some nodes.

 node_B creates block_n(B)with transactions #1, 2 and 4. node_B distributes it to some nodes.

onflicts temporarily generate different versions of the blockchain, which is depicted in Figure 4.
These differing versions are not “wrong”; rather, they were created with the information each
node had available. The competing blocks will likely contain different transactions, so those with
block_n(A) may see transfers of digital assets not present in block_n(B).

Figure 2:Ledger in Conflict

If the blockchain network deals with cryptocurrency, then a situation may occur where some
cryptocurrency may both be spent and unspent, depending on which version of the blockchain
is being viewed.

Conflicts are usually quickly resolved. Most blockchain networks will wait until the next block
is published and use that chain as the “official” blockchain, thus adopting the “longer
blockchain”. As in Figure 5, the blockchain containing block_n(B) becomes the “official” chain,
as it got the next valid block. Any transaction that was present in block_n(A), the orphaned block,
but not present in the block_n(B) chain, is returned to the pending transaction pool (which is
where all transactions which have not been included within a block reside). Note that this set of
pending transactions is maintained locally at each node as there is no central server in the
architecture.

19
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

Due to the possibility of blocks being overwritten, a transaction is not usually accepted as
confirmed until several additional blocks have been created on top of the block containing the
relevant transaction. The acceptance of a block is often probabilistic rather than deterministic
since blocks can be superseded. The more blocks that have been built on top of a published block,
the more likely it is that the initial block will not be overwritten.

Figure 3: The chain with block_n(B) adds the next block, the chain with block_n(A) is
now orphaned.

Hypothetically, a node in a proof of work blockchain network with enormous amounts of

computing power could start at the genesis block and create a longer chain than the currently
existing chain, thereby wiping out the entire blockchain history. This does not happen in practice
due to the prohibitively large amount of resources that this would require. Also, some blockchain
implementations lock specific older blocks within the blockchain software by creating
checkpoints to ensure that this can never happen.

The acceptance of a block is often probabilistic rather than deterministic since blocks can be
superseded. The more blocks that have been built on top of a published block, the more likely it
is that the initial block will not be overwritten.

This does not happen in practice due to the prohibitively large amount of resources that this
would require. Also, some blockchain implementations lock specific older blocks within the
blockchain software by creating checkpoints to ensure that this can never happen.

20
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER -05

Forking

Performing changes and updating technology can be difficult at the best of times. For
permissionless blockchain networks which are comprised of many users, distributed around the
world, and governed by the consensus of the users, it becomes extremely difficult. Changes to a
blockchain network’s protocol and data structures are called forks. They can be divided into two
categories: soft forks and hard forks. For a soft fork, these changes are backwards compatible
with nodes that have not been updated. For a hard fork, these changes are not backwards
compatible because the nodes that have not been updated will reject the blocks following the
changes. This can lead to a split in the blockchain network creating multiple versions of the same
blockchain. Permissioned blockchain networks, due to the publishing nodes and users being
known, can mitigate the issues of forking by requiring software updates. Note that the term fork
is also used by some blockchain networks to describe temporary ledger conflicts (e.g., two or
more blocks within the blockchain network with the same block number) as described in Section
4.7. While this is a fork in the ledger, it is temporary and does not stem from a software change.

5.1 Soft Forks

A soft fork is a change to a blockchain implementation that is backwards compatible. Non

updated nodes can continue to transact with updated nodes. If no (or very few) nodes upgrade,
then the updated rules will not be followed.

An example of a soft fork occurred on Bitcoin when a new rule was added to support escrow8
and time-locked refunds. In 2014, a proposal was made to repurpose an operation code that
performed no operation (OP_NOP2) to CHECKLOCKTIMEVERIFY, which allows a
transaction output to be made spendable at a point in the future [14]. For nodes that implement
this change, the node software will perform this new operation, but for nodes that do not support
the change, the transaction is still valid, and execution will continue as if a NOP 9 had been
executed.

A fictional example of a soft fork would be if a blockchain decided to reduce the size of blocks
(for example from 1.0 MB to 0.5 MB). Updated nodes would adjust the block size and continue
to transact as normal; non-updated nodes would see these blocks as valid – since the change
made does not violate their rules (i.e., the block size is under their maximum allowed). However,

21
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

if a non-updated node were to create a block with a size greater than 0.5 MB, updated nodes
would reject them as invalid.

5.2 Hard Forks

A hard fork is a change to a blockchain implementation that is not backwards compatible.

At a given point in time (usually at a specific block number), all publishing nodes will need to
switch to using the updated protocol. Additionally, all nodes will need to upgrade to the new
protocol so that they do not reject the newly formatted blocks. Non-updated nodes cannot
continue to transact on the updated blockchain because they are programmed to reject any block
that does not follow their version of the block specification.

Publishing nodes that do not update will continue to publish blocks using the old format. User
nodes that have not updated will reject the newly formatted blocks and only accept blocks with
the old format. This results in two versions of the blockchain existing simultaneously. Note that
users on different hard fork versions cannot interact with one another. It is important to note that
while most hard forks are intentional, software errors may produce unintentional hard forks.

A well-known example of a hard fork is from Ethereum. In 2016, a smart contract was
constructed on Ethereum called the Decentralized Autonomous Organization (DAO). Due to
flaws in how the smart contract was constructed, an attacker extracted Ether, the cryptocurrency
used by Ethereum, resulting in the theft of $50 million [15]. A hard fork proposal was voted on
by Ether holders, and the clear majority of users agreed to hard fork and create a new version of
the blockchain, without the flaw, and that also returned the stolen funds.

With cryptocurrencies, if there is a hard fork and the blockchain splits then users will have
independent currency on both forks (having double the number of coins in total). If all the activity
moves to the new chain, the old one may eventually not be used since the two chains are not
compatible (they will be independent currency systems). In the case of the Ethereum hard fork,
the clear majority of support moved to the new fork, the old fork was renamed Ethereum Classic
and continued operating.

5.3 Cryptographic Changes and Forks

If flaws are found in the cryptographic technologies within a blockchain network, the only
solution may be to create a hard fork, depending on the significance of the flaw. For example, if
a flaw was found in the underlying algorithms, there could be a fork requiring all future clients

22
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

to use a stronger algorithm. Switching to a new hashing algorithm could pose a significant
practical problem because it could invalidate all existing specialized mining hardware.

Hypothetically, if SHA-256 were discovered to have a flaw, blockchain networks that utilize
SHA-256 would need a hard fork to migrate to a new hash algorithm. The block that switched
over to the new hash algorithm would “lock” all previous blocks into SHA-256 (for verification),
and all new blocks would need to utilize the new hashing algorithm. There are many
cryptographic hash algorithms, and blockchain networks can make use of whichever suits their
needs. For example, while Bitcoin uses SHA-256, Ethereum uses Keccak-256 [8].

One possibility for the need to change cryptographic features present in a blockchain network
would be the development of a practical quantum computer system, which would be capable of
greatly weakening (and in some cases, rendering useless) existing cryptographic algorithms.
NIST Internal Report (NISTIR) 8105, Report on Post-Quantum Cryptography [16] provides a
table describing the impact of quantum computing on common cryptographic algorithms. Table
2 replicates this table.

Cryptographic Algorithm Type Purpose Impact from Large-

ScaleQuantum
Computer
AES Symmetric key Encryption Larger key sizes
needed
SHA-2, SHA-3 N/A Hash functions Larger output needed
RSA Public key Signatures, key establishment No longer secure
ECDSA, ECDH (Elliptic Curve Public key Signatures, key exchange No longer secure
Cryptography)
DSA (Finite Field Public key Signatures, key exchange No longer secure
Cryptography)
Table 2: Impact of Quantum Computing on Common Cryptographic Algorithms

The cryptographic algorithms utilized within most blockchain technologies for asymmetric-key
pairs will need to be replaced if a powerful quantum computer becomes a reality. This is
because algorithms that rely on the computational complexity of integer factorization (such as
RSA) or work on solving discrete logarithms (such as DSA and Diffie-Hellman) are very
susceptible to being broken by quantum computing. The hashing algorithms used by
blockchain networks are much less susceptible to quantum computing attacks but are still
weakened.

23
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER-06

SMART CONTRACTS

The term smart contract dates to 1994, defined by Nick Szabo as “a computerized transaction
protocol that executes the terms of a contract. The general objectives of smart contract design
are to satisfy common contractual conditions (such as payment terms, liens, confidentiality,
and even enforcement), minimize exceptions both malicious and accidental, and minimize the
need for trusted intermediaries.” [17].

Smart contracts extend and leverage blockchain technology. A smart contract is a collection of
code and data (sometimes referred to as functions and state) that is deployed using
cryptographically signed transactions on the blockchain network (e.g., Ethereum’s smart
contracts, Hyperledger Fabric’s chaincode). The smart contract is executed by nodes within the
blockchain network; all nodes that execute the smart contract must derive the same results from
the execution, and the results of execution are recorded on the blockchain.

Blockchain network users can create transactions which send data to public functions offered by
a smart contract. The smart contract executes the appropriate method with the user provided data
to perform a service. The code, being on the blockchain, is also tamper evident and tamper
resistant and therefore can be used (among other purposes) as a trusted third party. A smart
contract can perform calculations, store information, expose properties to reflect a publicly
exposed state and, if appropriate, automatically send funds to other accounts. It does not
necessarily even have to perform a financial function. For example, the authors of this document
have created an Ethereum smart contract that publicly generate trustworthy random numbers
[18]. It is important to note that not every blockchain can run smart contracts.

The smart contract code can represent a multi-party transaction, typically in the context of a
business process. In a multi-party scenario, the benefit is that this can provide attestable data and
transparency that can foster trust, provide insight that can enable better business decisions,
reduce costs from reconciliation that exists in traditional business to business applications, and
reduce the time to complete a transaction.

Smart contracts must be deterministic, in that given an input they will always produce the same
output based on that input. Additionally, all the nodes executing the smart contract must agree
on the new state that is obtained after the execution.

24
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER-07

Blockchain Limitations and Misconceptions

There is a tendency to overhype and overuse most nascent technology. Many projects will
attempt to incorporate the technology, even if it is unnecessary. This stems from the technology
being relatively new and not well understood, the technology being surrounded by
misconceptions, and the fear of missing out. Blockchain technology has not been immune. This
section highlights some of the limitations and misconceptions of blockchain technology.

7.1 Immutability

Most publications on blockchain technology describe blockchain ledgers as being immutable.

However, this is not strictly true. They are tamper evident and tamper resistant which is a reason
they are trusted for financial transactions. They cannot be considered completely immutable,
because there are situations in which the blockchain can be modified. In this section we will look
at different ways in which the concept of immutability for blockchain ledgers can be violated.

The chain of blocks itself cannot be considered completely immutable. For some blockchain
implementations, the most recently published, or ‘tail’ blocks are subject to being replaced (by
a longer, alternative chain with different ‘tail’ blocks). As noted earlier, most blockchain
networks use the strategy of adopting the longest chain (the one with the most amount of work
put into it) as truth when there are multiple competing chains. If two chains are competing, but
each include their own unique sequence of tail blocks, whichever is longer will be adopted.
However, this does not mean that the transactions within the replaced blocks are lost – rather
they may have been included in a different block or returned to the pending transaction pool.
This degree of weak immutability for tail blocks is why most blockchain network users wait
several block creations before considering a transaction to be valid.

For permissionless blockchain networks, the adoption of a longer, alternate chain of blocks could
be the result of a form of attack known as a 51 % attack [19]. For this, the attacker simply garners
enough resources to outpace the block creation rate of rest of the blockchain network (holding
more than 51 % of the resources applied towards producing new blocks). Depending on the size
of the blockchain network, this could be a very cost prohibitive attack carried out by state level
actors [20]. The cost to perform this type of attack increases the further back in the blockchain
the attacker wishes to make a change. This attack is not technically difficult (e.g., it is just

25
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

repeating the normal process of the blockchain implementation, but with selected transactions
either included or omitted, and at a faster pace), it is just expensive.

For permissioned blockchain networks, this attack can be mitigated. There is generally an owner
or consortium of blockchain network users who allow publishing nodes to join the blockchain
network and remove publishing nodes from the blockchain network, which gives them a great
amount of control. There is less likely to be competing chains since the owner or consortium can
force publishing nodes to collaborate fairly since non-cooperating publishing nodes can simply
have their privileges removed. There are likely additional legal contracts in place for the
blockchain network users which may include clauses for misconduct and the ability to take legal
action. While this control is useful to prevent misconduct, it means that any number of blocks
can be replaced through legitimate methods if desired by the owner or consortium.

7.2 Users Involved in Blockchain Governance

The governance of blockchain networks deals with the rules, practices and processes by which
the blockchain network is directed and controlled. A common misconception is that blockchain
networks are systems without control and ownership. The phrase “no one controls a blockchain!”
is often exclaimed. This is not strictly true. Permissioned blockchain networks are generally
setup and run by an owner or consortium, which governs the blockchain network. Permissionless
blockchain networks are often governed by blockchain network users, publishing nodes, and
software developers. Each group has a level of control that affects the direction of the blockchain
network’s advancement.

This example was an unintentional fork; however, developers can purposely design updates to
blockchain software to change the blockchain protocol or format. With enough user adoption, a
successful fork can be created. Such forks of blockchain software updates are often discussed at
length and coordinated with the involved users. For permissionless blockchain networks, this is
usually the publishing nodes. There is often a long discussion and adoption period before an
event occurs where all users must switch to the newly updated blockchain software at some
chosen block to continue recording transactions on the new “main” fork.

For permissionless blockchain networks, although the developers maintain a large degree of
influence, users can reject a change by the developers by refusing to install updated software. Of
the blockchain network users, the publishing nodes have significant control since they create and
publish new blocks. The user base usually adopts the blocks produced by the publishing nodes

26
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

but is not required to do so. An interesting side effect of this is that permissionless blockchain
networks are essentially ruled by the publishing nodes and may marginalize a segment of users
by forcing them to adopt changes they may disagree with to stay with the main fork.

7.3 Beyond the Digital

Blockchain networks work extremely well with the data within their own digital systems.
However, when they need to interact with the real world, there are some issues (often called the
Oracle Problem [22]). A blockchain network can be a place to record both human input data as
well as sensor input data from the real world, but there may be no method to determine if the
input data reflects real world events. A sensor could be malfunctioning and recording data that
is inaccurate. Humans could record false information (intentionally or unintentionally). These
issues are not specific to blockchain networks, but to digital systems overall. However, for
blockchain networks that are pseudonymous, dealing with data misrepresentation outside of the
digital network can be especially problematic.

For example, if a cryptocurrency transaction took place to purchase a real-world item there is no
way to determine within the blockchain network whether the shipment took place, without
relying on outside sensor or human input.

7.4 Blockchain Death

Traditional centralized systems are created and taken down constantly, and blockchain networks
will likely not be different. However, because they are decentralized, there is a chance that when
a blockchain network “shuts down” it will never be fully shut down, and that there may always
be some lingering blockchain nodes running. A defunct blockchain would not be suitable for a
historical record, since without many publishing nodes, a malicious user could easily overpower
the few publishing nodes left and redo and replace any number of blocks.

7.5 Cybersecurity

The use of blockchain technology does not remove inherent cybersecurity risks that require
thoughtful and proactive risk management. Many of these inherent risks involve a human
element. Therefore, a robust cybersecurity program remains vital to protecting the network and
participating organizations from cyber threats, particularly as hackers develop more knowledge
about blockchain networks and their vulnerabilities.

27
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

Existing cybersecurity standards and guidance remain highly relevant for ensuring the security
of systems that interface and/or rely on blockchain networks. Subject to certain adjustments to
consider specific attributes of blockchain technology, existing standards and guidance provide a
strong foundation for protecting blockchain networks from cyberattacks.

7.6 Malicious Users

While a blockchain network can enforce transaction rules and specifications, it cannot enforce a
user code of conduct. This is problematic in permissionless blockchain networks, since users are
pseudonymous and there is not a one-to-one mapping between blockchain network user
identifiers and users of the system. Permissionless blockchain networks often provide a reward
(e.g., a cryptocurrency) to motivate users to act fairly; however, some may choose to act
maliciously if that provides greater rewards. The largest problem for malicious users is getting
enough power (be it a stake in the system, processing power, etc.) to cause damage.

7.7 No Trust

Another common misinterpretation comes from people hearing that there is no “trusted third party” in
a blockchain and assuming blockchain networks are “trustless” environments. While there is no trusted
third party certifying transactions in permissionless blockchain networks (in permissioned systems it is
less clear, as administrators of those systems act as an administrator of trust by granting users admission
and permissions), there is still a great deal of trust needed to work within a blockchain network:

 There is trust in the cryptographic technologies utilized. For example, cryptographic

algorithms or implementations can have flaws.

 There is trust in the correct and bug free operation of smart contracts, which might have
unintended loopholes and flaws.

 There is trust in the developers of the software to produce software that is as bug-free as
possible.

7.8 Resource Usage

Blockchain technology has enabled a worldwide network where every transaction is verified and
the blockchain is kept in sync amongst a multitude of users. For blockchain networks utilizing
proof of work, there are many publishing nodes expending large amounts of processing time
and, more importantly, consuming a lot of electricity. A proof of work method is an effective
solution for “hard to solve, easy to verify” proofs; however, it generally requires significant
28
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

resource usage. Because of their different applications, and trust models, many permissioned
blockchain technologies do not use a resource intensive proof, but rather they utilize different
mechanisms to achieve consensus.

7.9 Inadequate Block Publishing Rewards

A potential limitation is the risk of inadequate rewards for publishing a block. The combination
of increased competition, increased computational resources needed to have meaningful
contributions to pools of publishing nodes, and highly volatile market prices in the
cryptocurrency market creates the risk that the expected return for any given cryptocurrency may
be less than the power costs needed to run publishing node software. Thus, the expected return
for other cryptocurrencies may be more attractive.

Cryptocurrencies that are not able to consistently and adequately reward publishing nodes risk
delays in publishing blocks and processing transactions. These delays could therefore reduce
confidence in the cryptocurrency, reducing its market value further. It could then become
increasingly less attractive for publishing nodes to contribute to that cryptocurrency’s publishing
efforts. Even worse, such weakened cryptocurrencies open themselves up to being attacked by
nodes with large amounts of resources that may maliciously alter the blockchain or deny service
to users attempting to submit transactions.

7.10 Public Key Infrastructure and Identity

When hearing that blockchain technology incorporates a public key infrastructure, some people
immediately believe it intrinsically supports identity. This is not the case, as there may not be a
one-to-one relationship of private key pairs to users (a user can have multiple private keys), nor
is there a one-to-one relationship between blockchain addresses and public keys (multiple
addresses can be derived from a single public key). Digital signatures are often used to prove
identity in the cybersecurity world, and this can lead to confusion about the potential application
of a blockchain to identity management. A blockchain’s transaction signature verification
process links transactions to the owners of private keys but provides no facility for associating
real-world identities with these owners.

29
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER-08

Application Considerations

Since blockchain technology is still new, a lot of organizations are looking at ways to incorporate
it into their businesses. The fear of missing out on this technology is quite high, and most
organizations approach the problem as “we want to use blockchain somewhere, where can we
do that?” which leads to frustrations with the technology as it cannot be applied universally. A
better approach would be to first understand blockchain technology, where it fits, and then
identify systems (new and old) that may fit the blockchain paradigm.

Blockchain technology solutions may be suitable if the activities or systems require features such
as:

 Many participants

 Distributed participants

 Want or need for lack of trusted third party

 Workflow is transactional in nature (e.g., transfer of digital assets/information between parties)

 A need for a globally scarce digital identifier (i.e., digital art, digital land, digital property)

 A need for a decentralized naming service or ordered registry

 A need for a cryptographically secure system of ownership

 A need to reduce or eliminate manual efforts of reconciliation and dispute resolutions

 A need to enable real time monitoring of activity between regulators and regulated entities

 A need for full provenance of digital assets and a full transactional history to be shared
amongst participants

30
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

Figure 4- DHS Science & Technology Directorate Flowchart

31
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

8.1 Additional Blockchain Considerations

When deciding whether to utilize a blockchain, one must take into consideration additional
factors and determine if these factors limit one’s ability to use a blockchain or a particular type
of blockchain:

 Data Visibility

Permissioned blockchain networks may or may not reveal blockchain data publicly. The data
may only be available to those within the blockchain network. Consider scenarios where data
may be governed by policy or regulations (such as Personally Identifiable Information (PII) or
General Data Protection Regulation (GDPR) regulations). Data such as this may or may not be
appropriate to store even within a permissioned blockchain network.

 Full transactional history

Some blockchain networks provide a full public history of a digital asset – from creation, to
every transaction it is included in.This feature may be beneficial for some solutions, and not
beneficial for others.

 Fake Data Input

Since multiple users are contributing to a blockchain, some could submit false data, mimicking
data from valid sources (such as sensor data). It is difficult to automate the verification of data
that enters a blockchain network.

 Tamper evident and tamper resistant data

Many applications follow the “CRUD” (create, read, update, delete) functions for data. With a
blockchain, there is only “CR” (create, read).

 Transactions Per Second

Transaction processing speed is highly dependent on the consensus model used. Currently
transactions on many permissionless blockchain networks are not executed at the same pace as
other information technology solutions due to a slow publication time for blocks (usually in
terms of seconds, but sometimes minutes).

32
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

 Compliance

The use of blockchain technology does not exclude a system from following any applicable laws
and regulations. For example, there are many compliance considerations with regards to
legislation and policies tied to PII or GDPR that identify that certain information should not be
placed on the blockchain. In addition, certain countries may limit the type of data that can be
transferred across its geographic boundary.

 Node Diversity

A blockchain network is only as strong as the aggregate of all the existing nodes participating
in the network. If all the nodes share similar hardware, software, geographic location, and
messaging schema then there exists a certain amount of risk associated with the possibility of
undiscovered security vulnerabilities. This risk is mitigated through the decentralization of the
network of heterogeneous devices, which may be defined as “the non-shared characteristics
between any one node and the generalized set”.

 Permissions

For permissioned blockchain networks, there are considerations around the permissions
themselves

o Granularity – do the permissions within the system allow for enough granularity for specific
roles that users may need (in a manner like Role-Based Access Control methods) to perform
actions within the system

o Administration – who can administer permissions? Once permissions are administered to a

user, can they easily be revoked.

33
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER-09

Conclusions

Blockchain technology is a new tool with potential applications for organizations, enabling
secure transactions without the need for a central authority. Starting in 200913, with Bitcoin
leveraging blockchain technology, there has been an increasing number of blockchain
technology-based solutions.

The first applications were electronic cash systems with the distribution of a global ledger
containing all transactions. These transactions are secured with cryptographic hashes, and
transactions are signed and verified using asymmetric-key pairs. The transaction history
efficiently and securely records a chain of events in a way that any attempt to edit or change a
past transaction will also require a recalculation of all subsequent blocks of transactions.

The use of blockchain technology is still in its early stages, but it is built on widely understood
and sound cryptographic principles. Currently, there is a lot of hype around the technology, and
many proposed uses for it. Moving forward, it is likely that the hype will die down, and
blockchain technology will become just another tool that can be used.

As detailed throughout this publication, a blockchain relies on existing network, cryptographic,

and recordkeeping technologies but uses them in a new manner. It will be important that
organizations are able to look at the technologies and both the advantages and disadvantages of
using them. Once a blockchain is implemented and widely adopted, it may become difficult to
change it. Once data is recorded in a blockchain, that data is usually there forever, even when
there is a mistake. Applications that utilize the blockchain as a data layer work around the fact
that the actual blockchain data cannot be altered by making later blocks and transactions act as
updates or modifications to earlier blocks and transactions. This software abstraction allows for
modifications to working data, while providing a full history of changes. For some organizations
these are desirable features. For others, these may be deal breakers preventing the adoption of
blockchain technology.

Blockchain technology is still new and organizations should treat blockchain technology like
they would any other technological solution at their disposal--use it only in appropriate
situations.

34
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI
BLOCKCHAIN TECHONOLOGY 2023-24

CHAPTER -10

REFERENCES

Appendix C—Ref ences

[1] Clarke, A.C., “Hazards of Prophecy: The Failure of Imagination,” from Profiles ofthe
Future: An Inquiry into the Limits of the Possible, 1962.
[2] Lamport, Leslie. “The Part-Time Parliament.” ACM Transactions on Computer
Systems, vol. 16, no. 2, Jan. 1998, pp. 133–169.,
https://dl.acm.org/citation.cfm?doid=279227.279229.
[3] Narayanan, A., Bonneau, J., Felten, E., Miller, A., and Goldfede, S., Bitcoin and
Cryptocurrency Technologies: A Comprehensive Introduction, Princeton University
Press, 2016.
[4] Nakamoto, S., “Bitcoin: A Peer-to-Peer Electronic Cash System,” 2008.
https://bitcoin.org/bitcoin.pdf
[5] National Institute of Standards and Technology, Secure Hash Standard (SHS),
Federal Information Processing Standards (FIPS) Publication 180-4, August 2015.
https://doi.org/10.6028/NIST.FIPS.180-4
[6] National Institute of Standards and Technology (NIST), Secure Hashing website,
https://csrc.nist.gov/projects/hash-functions
[7] “Hash per Second.” Bitcoin Wiki, http://en.bitcoin.it/wiki/Hash_per_second.
[8] National Institute of Standards and Technology, SHA-3 Standard: Permutation-
Based Hash and Extendable-Output Functions, Federal Information Processing
Standards (FIPS) Publication 202, August 2015.
https://doi.org/10.6028/NIST.FIPS.202
[9] National Institute of Standards and Technology (NIST), Digital Signature Standard,
Federal Information Processing Standards (FIPS) Publication 186-4, July 2013.
https://doi.org/10.6028/NIST.FIPS.186-4
[10] “LDAP.com.” LDAP.com, https://www.ldap.com.
[11] “How Is the Address of an Ethereum Contract Computed?” Ethereum Stack
Exchange, 29 Jan. 2016, 22:14,
https://ethereum.stackexchange.com/questions/760/how-is-the-address-of-an-
ethereum-contract-computed.
[12] Bahsoun, J.P., Guerraoui, R., and Shoker, A., “Making BFT Protocols Really
Adaptive,” 2015 IEEE International Parallel and Distributed Processing Symposium,
Hyderabad, India, pp. 904-913, 2015. https://doi.org/10.1109/IPDPS.2015.21

[13] Lamport, L. “Time, Clocks, and the Ordering of Events in a Distributed System.”
Communications of the ACM, vol. 21, no. 7, January 1978, pp. 558–565.,
doi:10.1145/359545.359563. https://amturing.acm.org/p558-lamport.pdf.

35
DEPARTMENT OF MECHANICAL ENGINEERING, GEC GANGAVATHI