This course introduces blockchain security, including a description of how the blockchain works at each level of the blockchain ecosystem. The instructor begins with the building blocks that create the structure of blockchain, the cryptography that it uses for security, and the role of hash functions in the blockchain and how they can be attacked. In the next module, the instructor describes what blockchain consensus is, why it’s needed, its underlying theory (Byzantine Fault Tolerance and Security via Scarcity), some of the common consensus algorithms, and the security issues inherent to each variant. The course progresses with a module that describes how blocks are created, the nodes and network that make up the blockchain ecosystem, and examples of various attacks that can be made on their security. Next the focus is on smart contracts and how their security can be compromised with vulnerabilities created by common programming errors during contract development, including in Ethereum, the most commonly used smart contract platform. Finally, the course wraps up with discussions of distributed ledger architectures that are alternatives to blockchain, second-level blockchain protocols, and advanced cryptography in blockchain.
Overview
Syllabus
- Fundamentals of Blockchain Security
- This module introduces blockchain and discusses the security of the cryptography that it uses. It describes how the components of the blockchain are put together, how cryptography is used in blockchain technology, and how public-key cryptography and hash functions are used in blockchain, as well as their security considerations.
- Consensus Algorithm Security
- This module introduces consensus algorithms and discusses the security of the most common variants. Consensus algorithms are essential to a distributed, decentralized ledger, where a network of nodes must agree on an official version of the ledger without a central authority. This course describes the underlying principles of consensus algorithms, how two of the primary consensus algorithms work under the hood and how they can be attacked.
- Blockchain in Action
- This module discusses the ecosystem where the blockchain runs (the nodes and network) and its security. After understanding the different components of the blockchain, it is possible to discuss its security as a whole. This course investigates how blocks are created in the blockchain (and how block creation can be attacked) as well as discussing attacks targeting blockchain nodes and the network that ties them together and enables communication.
- Smart Contract Security
- This module introduces smart contracts and discusses some of the most common programming errors made in smart contract development. Smart contract platforms are an extension of the original blockchain design, enabling fully functional programs to run “on the blockchain.” This course describes what a smart contract is and explores programming vulnerabilities that exist because a smart contract is a program, runs on a blockchain or is implemented on the Ethereum smart contract platform.
- Beyond the Basics
- This module goes beyond the basic blockchain to discuss other distributed ledger architectures, advanced cryptographic protections, and blockchain extensions like sidechains and second-layer protocols. It discusses how the blockchain protocol can be replaced (using different underlying architectures), expanded (with second-layer protocols) or improved (using advanced cryptographic primitives) to overcome some of the limitations of blockchain technology.
Taught by
Howard Poston