A Seminar Report

On

A Systematic Review on Blockchain Security

Attacks, Challenges, and Issues
By

Yewale Rushikesh Arjun( )

Under the guidance of

Prof. Pooja Pawar

T.E. (COMPUTER ENGINEERING)

2022-23 (Semester V)

DEPARTMENT OF COMPUTER ENGINEERING

SRTTC’s Suman Ramesh Tulsiani Technical Campus - Faculty of Engineering Old
Mumbai - Pune Hwy, Khamshet,
Pune, Maharashtra 410405

1
 SRTCT’s Suman Ramesh Tulsiani Technical Campus
Faculty of Engineering
Old Mumbai - Pune Hwy, Khamshet
Pune, Maharashtra 410405

DEPARTMENT OF COMPUTER ENGINEERING

Certificate
This is to certify that the seminar report entitled

A Systematic Review on Blockchain Security Attacks, Challenges, and Issues

Submitted by

Yewale Rushikesh Arjun

( )
is approved by Prof. Pooja Pawar for submission. It is certified further
that, to the best of my knowledge, the report represents work carried out by my students as the
partial fulfilment for T.E. Computer Engineering
(Semester I) Seminar and Technical communication Laboratory Work as prescribed by the
University of Pune for the academic year 2022-23.

[Prof.] [ Prof. Pooja Pawar] [Prof. A.M Dalvi ]

STCL Guide STCL Co-ordinator Head of Department

2
 Acknowledgement

We would like to express our gratitude to all those who helped us to complete this work. We
want to thank our guide Prof.Pooja V. Pawar for her continuous help and generous
assistance. He helped in a broad range of issues from giving us direction, helping to find
the solutions, outlining the requirements and always having the time to see us.

Candidate Name

Yewale Rushikesh

3
Contents
1. Introduction to Blockchain technologies ……………………………………………. 6

2. Problem Statement …………………………………………………………………….. 7-10

2.1 Security 7
2.2 Transparency 8
2.3 Scalability 8
2.4 Regulation 9
2.5 Transaction Speed 9
2.6 Energy Consumption 10

3. Scope of work ……………………………………………………………………………..11

4. Motivation ………………………………………………………………………………...11

5. Applications ………………………………………………………………………………12

5.1 Bitcoin 12
5.2 Banking 12
5.3 Blockchain in Healthcare 12
5.4 Internet Of Things 12

6. System Architecture ……………………………….............................................................13-14

6.1 Block 13
6.2 Hash 13
6.3 Merkle tree 13
6.4 Timestamp 14

7. Advantages And Limitations……………………………………………………………...15

8. Disadvantages……………………………………………………………………………...16

6. Conclusion ………………………………………………………………………………..17

7. Future Scope……………………………………………………………………………...18

9. References………………………………………………………………………………….19

4
Abstract

In this paper, we have discussed Blockchain technologies and their impact on businesses and
industries. Blockchain supports Decentralization, Immutable, Consistent, and Security Hashed
Algorithms. This systematic review helps us to understand the blockchain and cybersecurity space,
such as the security of blockchain on the Internet of Things (IoT), Sidechain security, and Security
of Blockchain for Artificial Intelligent Data. We have also discussed the Blockchain architecture
and its uses.

5
Introduction
he core ideas behind blockchain technology emerged in the late 1980s and early 1990s. It gained
momentum after a person or group called with a pseudo name Satoshi Nakamoto published a
whitepaper titled “Bitcoin: a peer-to- peer electronic cash system” in 2008. It eliminates
intermediary services, reduces the risk of fraud, speeds up transaction time, and lowers transaction
costs. Bitcoin is a digital currency used to trade for commodities on the internet as we do in real life.
After the huge success of bitcoin, blockchains are engaged in other fields including supply chain,
Digital IDs, Healthcare, Wills, Food safety, voting, real estate. But as the contribution of this
technology in our day-to-day life grew, cybercriminals also got new opportunities to get engage in
cybercrimes. For example, the 51% attack is one of the famous security issues that hackers try to
take advantage of to gain control of the machine.[1]

Blockchain is a distributed, decentralized, and immutable ledger secured by cryptographic.

hash algorithms. It contains cryptography, mathematics, Algorithm, and economic model,

combining peer-to-peer network (P-2-P) and using distributed consensus algorithm to solve
traditionally distributed database synchronize problem, it’s an integrated multi-field infrastructure
construction.

6
2. Problem Statement

2.1. Security

As safe as they may appear, blockchains are only as secure as their weakest link. For example, if
someone wanted access to data shared within an exclusive blockchain, they only need access to one
node in it.

That means the device that is the easiest to hack in a blockchain is a threat to the privacy of the
entire blockchain. Unfortunately, that is not the only problem with blockchains.

It may be nearly impossible to forge a transaction in a blockchain, but it is possible to get a fraudulent
transaction approved.

Proof Of Identity

Blockchains are quite democratic. They use different methods of voting to reach a consensus. In this
case, each node that has an identity gets a vote. Majority wins! There are issues with proof of identity
consensus algorithms, such as minorities being sidelined or manipulating smaller blockchain
networks.

It's easier for groups of criminals to enter a blockchain with many different devices, consequently
buying more votes for themselves.

Once they form a majority, they can get any transaction approved.

Proof Of Stake

This one concerns the stakeholders in a blockchain. The weight of your vote is directly proportional
to the stake you hold in a blockchain. That means if you own a majority of the assets in a blockchain,
you rule!

If a group of people buys more than 50 percent of the assets in a blockchain, they control the
blockchain.

Both the proof of identity and the proof of stake methods can succumb to a 51 percent attack.

7
We'll talk about the third method, proof of work, in a moment. For now, let's talk about how
transparency can backfire.

2.2 Transparency

There has been a lot of discussion over the integration of blockchain technology in supply chains.
It looks like a great idea! After all, making supply chains transparent can provide the closure
everyone needs to make ethical choices.

However, public blockchain (the most prevalent form) in a commercial environment isn't always a
good idea. Why? Because if a supply chain becomes transparent, so will the data of all the customers
and partners dealing with that business.

When working in a commercial environment, complete transparency isn't ideal, as it allows the
participants to see what each member is doing in real-time.

There are private blockchains, which can restrict participants from viewing certain transactions, but
they have their disadvantages. Since a private blockchain can restrict who can participate as a node,
it isn't truly decentralized; thus reducing public trust in the product.

Just like customers wouldn't want all the businesses involved in supply chains getting any of their
data, a business wouldn't want their competition getting a whiff of their intellectual property, secrets,
and strategies.

2.3 Scalability

The larger a blockchain grows, the more vulnerable it gets. If that isn't enough to convince you,
there's more we need to talk about before you plan on introducing blockchain to your business.

The redundancy of blockchains makes them hard to scale. Every device in your network must have
a copy of every transaction made, right from the genesis block to the most recent transaction. That
means hundreds of copies of the same data!

It requires massive storage, and the bigger the blockchain, the more power the nodes need to process
everything.
8
And even if you have all the digital, software, and hardware needs met, regulating your blockchain
will be almost impossible.

2.4 Regulation

Decentralization of authority means there's no one power to enforce law and order in the network.
No moderators, no leaders, not even a regulatory body!

Not to mention how contracts made on a blockchain (known as smart contracts) are not legally
recognized as substantial agreements or proofs in most countries.

Moreover, since every user can be from a different country, and blockchain surpasses all borders,
which laws should apply to smart contracts, agreements, transactions, and cases?

The lack of universal standards opens up vulnerabilities and challenges for developers as they try to
create blockchain-based products on various platforms.

2.5 Transaction Speed

The unsolved problem of sluggish transaction speed is emerging as a major challenge in blockchain
adoption for practical applications. Due to the decentralized nature of blockchain, each transaction
must be verified by the nodes before it's accepted as a block. In centralized systems, trust is put in a
central governing body (government or bank), which allows them to process millions of transactions
per day.

For comparison, consider Bitcoin's transaction speed with businesses like Visa. Right now, Bitcoin
can only guarantee 4.6 transactions per second. Visa, on the other hand, handles around 1,736
transactions per second on average (calculations based on the official claim of 150 million
transactions per day).

There are several projects and startups working to expedite transaction speeds on blockchain, but
all these solutions come with limitations.

9
2.6 Energy Consumption

Blockchain technology consumes more energy than any centralized system. Not only does their
redundancy cause them to consume more power than an average centralized cloud-based system,
but their transaction validation method plays a great role too.

First, they require more storage than any other system. The electricity required is multiplied by the
number of nodes added to a blockchain. Each node stores and processes almost as much data as a
central body in any other system.

But that's not even our major concern here. Remember the third method of validation we were going
to talk about? It requires major resources to run.

Proof of Work

In proof of identity, every device has equal weight. In proof of stake, the largest stakeholders rule.
But proof of work requires effort on the part of the users and their devices.

When a miner uses proof of work to validate a transaction, they are given a complex mathematical
problem that requires a great amount of computational power to solve.

The complex mathematical problem has more to do with verifying the transaction through its hash.
Why is it hard? Because a hash is merged with another hash upon each transaction.

To make sure a transaction is authentic, one has to track the hash and its history all the way to its
origin. Cryptocurrency miners solve these complex algorithms and hash matches, receiving a
cryptocurrency reward for each block they validate.

As the number of competitor nodes increases on a blockchain, there is a fight for more computer
power, which consumes more energy. This subtle complex confirmation mechanism is extremely
inefficient as only one node wins the race to confirm the next block.

The point of all of that work is to secure the blockchain by making it harder and unfeasible for any
criminals to validate fraudulent transactions—all at the expense of high electricity bills and
enormous amounts of energy consumption.

It is estimated that Bitcoin alone consumes as much energy as whole countries like Malaysia and
Sweden.

10
3. Scope of work

We discuss performance issues of blockchain in terms of three aspects namely, resource and energy,
throughput and latency, and capacity. Resource, energy, throughput and latency are the biggest
issues for blockchain implementations. When blockchains are designed with a cost effective solution
that can reduce the energy consumption in the mining, the environmental
sustainability would be promoted. Capacity management is also very important, which helps in
avoiding congestion, thereby improving mining efficiency. Table 2 presents the description of these
issues along with our recommended solutions.

4. Motivation
Every new innovation is the result of an attempt to solve a problem. Blockchain technology is no
exception. It's quite evident after learning about the evolution of blockchain technology that it arose
because of a need to address the inevitability of uncertainty in the existing economy.

Uncertainty could never be eliminated, but only lowered: there have always been institutions that
have acted as third-party lawmakers to lower uncertainty, or lack of trust, whenever there was a
need for an agreement between parties. A typical example would be buying an item on eBay. You
would always need as much certainty as possible about the trade. One party expects fair goods, and
the other expects agreed money. Now, though the buyer and seller have no reason to trust each other,
they complete their trade as they trust the third party, which is eBay, who assures them both of a
legitimate trade. Again, there was a need to trust these "medium" institutions. Trusting an institution
requires a lot of research and knowledge. Blockchain promised to overcome these issues by
implementing applications in a decentralized and secure way, assuring some level of certainty. This
was one of the main reasons behind the widespread adoption of blockchain in a trustless society.

11
5. Applications

5.1 BITCOIN

Bitcoin is a cryptocurrency invented in 2008 by Satoshi Nakamoto. It was the first implementation
of blockchain technology. It enables peer-to-peer exchange of value in the digital realm using a
decentralized protocol, cryptography, and uses a Proof of work algorithm for the consensus on the
state of a public blockchain. The value of Bitcoin is directly proportional to its active users in the
network.[5]

The first genesis block of the bitcoin was generated by Satoshi Nakamoto when he sent ten
Bitcoins to the noted programmer Finney and completed the first transaction.

5.2 BANKING

Blockchain is now overtaking the current Baking system. Using blockchain transactions can be
made in seconds due to the validation process done by the cryptographic algorithms. It reduces the
need for expensive and time- consuming third-party verification along a payment processor fund
transfer, it is estimated that blockchain n technology saves $20bn over the transaction by
eliminating the third party.

5.3 BLOCKCHAIN IN HEALTHCARE

Blockchain can a big impact on healthcare using smart contracts. Smart contracts get executed
automatically when the contract conditions are met. Patients’ details can be stored in the
blockchain using smart contracts whose key is provided to the patient. Doctors can access the
details using this key which will boost the treatment process.

5.4 INTERNET OF THINGS

Internet of things is a network of interconnected devices that can interact with others and collect
data that can be used for gaining useful insights. The security of the network is determined by the
least secured device. The combination of the technologies could enhance secure communications
and strengthen privacy agreements.

12
6.System Architecture

Blockchain is the chain of ordered backlinked blocks linked using cryptography. Each block
comprises data, timestamp, a hash of the block and a hash of the parent block (previous block), and
a Merkel root. The first block is known as the genesis block. Transactions are first hashed and a
Merkle tree of these hashes is formed. The timestamp is associated with each transaction to maintain
the chronological order.

6.1 Block: A block can be considered as a page in the ledger it is a data structure that contains a
hash of itself, a hash of its parent block, transactions, Merkle root, timestamp, etc. The first block
in the blockchain is known as the genesis block. The previous block is known as the parent block.

6.2 Hash: A hash can be considered as a fingerprint as it is always unique for each block. A hash
can be performed using any complex function h(x). Any small change in the input x will drastically
change the output. To make a cryptographic secured hash, highly complex algorithms like SHA-
256 can be used. For example

6.3 Merkle tree: It is defined as a binary search tree in which tree nodes are linked to each other
using hash pointers. The blockchain transactions are arranged in a Merkle tree structure. The hashes
of all nodes are combined to create the Merkle Tree.[1] Each child's pair hash value is repeatedly
calculated until there is only one left. This hash is known as Merkel Root or the Root Hash. An
advantage of the Merkle tree is that it allows us to prove both integrity and validity of data.

13
6.4 Timestamp: It is the time when the block is generated this also helps in validating a
transaction.

6.5 Difficulty: The difficulty is the value that decides the difficulty level to calculate a hash
threshold for a given target. The level of difficulty increases with the increase in the speed of block
formation. This acts as a protective layer from attackers or greedy miners.

Nonce: It is a pseudo-random number used only once during the mining process. A cryptographic
nonce can be combined with data to produce different hash digests per nonce:

6.6 Block Header: The block header contains block version, previous block hash, Hash root,
timestamp, difficulty, and nonce. A block contains a unique header that is used to identify the block
in the entire chain.

14
7. Advantages And Limitations

• Immutability. Blockchain supports immutability, meaning it is impossible to erase or replace

recorded data. Therefore, the blockchain prevents data tampering within the network

Traditional data do not exhibit immutability. The conventional database uses CRUD (create, read,
update and delete) at the primary level to ensure proper application operation, and the CRUD model
enables easy erasing and replacing of data. Such data can be prone to manipulation by rogue
administrators or third-party hacks.

• Transparency. Blockchain is decentralized, meaning any network member can verify data
recorded into the blockchain. Therefore, the public can trust the network.

On the other hand, a traditional database is centralized and does not support transparency. Users
cannot verify information whenever they want, and the administration makes a selected set of data
public. Still, however, individuals cannot verify the data.

• Censorship. Blockchain technology is free from censorship since it does not have control of any
single party. Therefore, no single authority (including governments) can interrupt the operation of
the network.

Meanwhile, traditional databases have central authorities regulating the operation of the network,
and the authority can exercise censorship. For instance, banks can suspend users' accounts.

• Traceability. Blockchain creates an irreversible audit trail, allowing easy tracing of changes on
the network.

The traditional database is neither transparent nor immutable; hence, no permanent trail is
guaranteed.

15
8. Disadvantages

• Speed and performance. Blockchain is considerably slower than the traditional database because
blockchain technology carries out more operations. First, it performs signature verification, which
involves signing transactions cryptographically. Blockchain also relies on a consensus mechanism
to validate transactions. Some consensus mechanisms, such as proof of work, have a low transaction
throughput. Finally, there is redundancy, where the network requires each node to play a crucial role
in verifying and storing each transaction.

• High implementation cost. Blockchain is costlier compared to a traditional database.

Additionally, businesses need proper planning and execution to integrate blockchain into their
process.

• Data modification. Blockchain technology does not allow easy modification of data once
recorded, and it requires rewriting the codes in all of the blocks, which is time-consuming and
expensive. The downside of this feature is that it is hard to correct a mistake or make any necessary
adjustments.

One solution doesn't fit all requirements, and this is the same with blockchain technology. There is
a lot of buzz in the industry about blockchain and Web3, and many organizations are looking to
move from Web 2.0 to Web3, but this is not a straightforward "lift-and-shift" type of solution.
Organizations should do their due diligence and conduct a deep dive analysis to see if the blockchain
technology fits their needs and then plan the development or migration to Web3 accordingly.

16
Conclusion

Blockchain is an evolving technology that will revolutionize the IT world. It can be applied to
various fields such as healthcare, IoT, management, etc. due to its decentralized nature and peer-to-
peer characteristics. Although there are some topics where improvement is required for better
adoption of the technology which are discussed in the paper. The technology is getting more mature
and stable as it is developing.

The blockchain technology provides many advantages including decentralization, transparency,

immutability. At the same time there are various attacks, challenges and issues which are discussed
in the paper. There is also need of laws for the regulation of the technology as there is no third party
involved. This will also stablish trust which will catalyse the adoption process.

17
Future scope

The demand for Blockchain techies, particularly Blockchain Developers in India is not only being
created by the BFSI sector, but also by healthcare, education, supply chain management, cloud
computing, stock trading, real estate, and even government agencies.

18
References

1. Sidra Aslam , Aleksandar Toši ́c and Michael Mrissa,” Secure and Privacy-Aware
Blockchain Design: Requirements, Challenges and Solutions,”in mdpi journal, 1, 164–
194, march 2021;

2. Saurabh Singh, A. S. M. Sanwar Hosen and Byungun Yoon, (senior member, IEEE),”
Blockchain Security Attacks, Challenges, and Solutions for the Future Distributed IoT
Network,” in IEEE access,2021 [3] Nils Amiet,” Blockchain Vulnerabilities in Practice”,
Digital Threats: Research and Practice, Vol. 2, No. 2, Article 8,March 2021

3. Erjon Hasanaj,”blockchain and its security issues and challenges, ” in Researchgate,

march 2019

4. Prasanth Varma Kakarlapudi and Qusay H. Mahmoud,” A Systematic Review of

Blockchain for Consent Management,” in mdpi journal , Healthcare 2021, 9, 137.

19