1. Explain the growth of Block Chain Technology with network view block diagram.

• Blockchain was introduced with Bitcoin in 2008, marking the beginning of

decentralized ledger technology.
• Initially, its primary use case was cryptocurrency, but soon, research explored its
applications in various industries like finance, supply chain, and governance.
• Over the years, blockchain has evolved through multiple phases, from proof-of-
concept to full-scale implementations.
Evolution Phases of Blockchain
I. Early Exploration (2013-2014)
 Initial ideas about blockchain applications beyond Bitcoin emerged.
 Research and experimentation started.
II. Proof-of-Concept & Trials (2015-2017)
 Companies explored blockchain use cases through research and proof-of-
concept trials.
 Decentralized Finance (DeFi) began emerging as an alternative financial
system.
III. Real-World Implementations (2018-2020)
 Production systems using blockchain were developed.
 Example: Australian Securities Exchange (ASX) replacing its legacy system
with blockchain.
 Santander issued the first end-to-end blockchain bond.
IV. Regulation and Standardization (2020-2021)
 Increased focus on scalability, privacy, and decentralized identity.
 More research in blockchain regulation and standardization.
V. Maturity and Large-Scale Adoption (2022-2025)
 Blockchain expected to reach mainstream production-level adoption.
 Scalability solutions to handle large transactions like traditional networks.
 Decentralized web applications and privacy-focused blockchain solutions
expected.
 Expected to become user-friendly and widely accepted by 2025.
• Network View of Blockchain Technology

Blockchain operates as a peer-to-peer (P2P) network layered over the internet. The
structure consists of multiple layers:
  Network Layer: The base communication layer, typically using the internet for
data transmission.
 Peer-to-Peer Layer: Nodes communicate with each other directly using
protocols like gossip propagation.
 Cryptography Layer: Ensures security using cryptographic techniques,
including hash functions and digital signatures.
 Consensus Layer: Determines agreement among nodes using consensus
mechanisms like Proof of Work (PoW) or Proof of Stake (PoS).
 Execution Layer: Handles smart contracts, transactions, and block generation.
 Application Layer: Provides user-level functionalities like Decentralized
Applications (DApps).
Network View Block Diagram

• A
block is composed of multiple transactions and other elements, such as the previous
block hash (hash pointer), timestamp, and nonce.
• A block is composed of a block header and a selection of transactions bundled
together and organized logically.
• The structure of a block is also dependent on the type and design of a blockchain.
• A block contains several elements, as follows:
 A genesis block is the first block in the blockchain that is hardcoded at the time
the blockchain was first started.
 A nonce is a number that is generated and used only once. It is used in many
cryptographic operations to provide replay protection, authentication, and
encryption. In blockchain, it's used in PoW consensus algorithms and for
transaction replay protection.
 A timestamp is the creation time of the block.
 Merkle root is a hash of all of the nodes of a Merkle tree. In a block, it is the
combined hash of the transactions in the block. Merkle trees are commonly used
to allow efficient verification of transactions.
 A transaction is a record of an event. its size varies depending on the type and
design of the blockchain.
2. Explain with a neat diagram, the generic elements of Block chain.

Address: Addresses are unique identifiers used in a blockchain transaction to denote senders
and recipients. An address is usually a public key or derived from a public key.
Transaction: A transaction is the fundamental unit of a blockchain. A transaction represents a
transfer of value from one address to another.
Block: A block is composed of multiple transactions and other elements, such as the previous
block hash (hash pointer), timestamp, and nonce.
Peer-to-peer network: is a network topology wherein all peers can communicate with each
other and send and receive messages.
Smart Contracts: Self-executing contracts with predefined rules stored on the blockchain.
Used in applications like DeFi, supply chain, and identity management. These programs run
on top of the blockchain and encapsulate the business logic to be executed when certain
conditions are met.
 Scripting or programming language: Scripts or programs perform various operations
on a transaction in order to facilitate various functions.
Script is a limited language, however, in the sense that it only allows essential operations that
are necessary for executing transactions, but it does not allow for arbitrary program
development.
Virtual machine: This is an extension of the transaction script introduced earlier. A virtual
machine allows Turing complete code to be run on a blockchain (as smart contracts); whereas
a transaction script is limited in its operation. Various blockchains use virtual machines to run
programs such as Ethereum Virtual Machine (EVM) and Chain Virtual Machine (CVM).
EVM is used in Ethereum blockchain, while CVM is a virtual machine used in an enterprise-
grade blockchain called Chain Core.
State machine: A blockchain can be viewed as a state transition mechanism whereby a state
is modified from its initial form to the next one and eventually to a final form by nodes on the
blockchain network as a result of a transaction execution, validation, and finalization process.
Consensus Mechanisms: Methods to achieve agreement on transaction validity across the
network. Examples: Proof of Work (PoW), Proof of Stake (PoS), Byzantine Fault Tolerance
(BFT).
Nodes: Participants in the blockchain network that maintain copies of the ledger. Can be full
nodes (storing the entire blockchain) or lightweight nodes (storing only key information). A
node can propose and validate transactions and perform mining to facilitate consensus and
secure the blockchain. Transactions are first created by nodes and then also digitally signed
by nodes using private keys as proof.

3. Define Block chain. Explain different types of Block Chain.

Layman's definition: Blockchain is an ever-growing, secure, shared recordkeeping system
in which each user of the data holds a copy of the records, which can only be updated if all
parties involved in a transaction agree to update.
Technical definition: Blockchain is a peer-to-peer, distributed ledger that is
cryptographically secure, append-only, immutable (extremely hard to change), and
updateable only via consensus or agreement among peers.
Types of blockchain:
I. Distributed Ledger:
Definition: A distributed ledger is a decentralized database shared across multiple
participants. Blockchain is a type of distributed ledger that organizes data into
cryptographically linked blocks.
Key Differences: Blockchains use blocks and consensus mechanisms (PoW, PoS, BFT),
while distributed ledgers may not require blocks.
Examples:
  Blockchain-based: Bitcoin, Ethereum (block-based).
 Non-blockchain Ledger: R3 Corda (records agreements without blocks).
Types:
 Public Ledgers: Open networks (e.g., Bitcoin).
 Private Ledgers: Restricted access (e.g., Hyperledger, Corda).
Features: Provides decentralization, transparency, immutability, and efficiency in various
applications.
II. Distributed Ledger Technology:
Definition: DLT refers to decentralized databases used for secure, shared record-keeping.
DLT vs. Blockchain: Often used interchangeably, but DLT is broader; blockchains are a
subset of DLT.
Usage in Finance: Commonly used in permissioned blockchains for financial consortiums.
Key Features:
 Participants are known and verified.
 No need for cryptocurrency or mining.
 Used as a shared, secure database in finance.
III. Public blockchains
Definition: Open, decentralized networks where anyone can join and participate as a node.
Key Features:

 Not controlled by any single entity; maintained by a global network of participants.

 Uses permissionless methods like Proof of Work (PoW) or Proof of Stake (PoS).
 Every participant maintains a copy of the blockchain.
Examples: Bitcoin, Ethereum – widely used public blockchains.
IV. Private blockchains
Definition: Restricted-access blockchains open only to a specific group or consortium.
Key Features:
 Controlled by authorized organizations or entities.
 Uses permissioned methods, ensuring faster and more controlled transactions.
 Only verified participants can view and update the blockchain.
Examples: Kadena, Quorum – designed for private use but can operate in public mode if
needed.
 V. Semi-private blockchains
Definition: A hybrid blockchain model with both private and public components.
Private part: Managed by a specific group of individuals or organizations. Security and
consensus remain internal.
Public part: Open for participation by anyone. Security and consensus are maintained through
POW for validation.
Key Features:
 Provides controlled access while enabling public verification, making it a semi-
decentralized system.
 Consistency and Validation through PoW.

Mostly a theoretical concept with no major real-world implementations yet.

VI. Sidechains
Definition: A pegged sidechain allows coins or assets to move between different blockchains.
Types of Sidechains:
 One-way pegged: Coins are burnt (sent to an unspendable address) to create a new
currency or introduce scarcity.
 Two-way pegged: Coins can move back and forth between the main chain and the
sidechain.
Uses Proof of Burn (PoB) as an alternative to Proof of Work (PoW) and Proof of Stake (PoS).
Enhances blockchain scalability and interoperability, allowing the development of smart
contracts on networks like Bitcoin.
Example: Rootstock (RSK) – a sidechain enabling smart contract execution for Bitcoin with
improved transaction speed.
VII. Permissioned ledger
Definition: A blockchain where participants are pre-selected and trusted, ensuring controlled
access.
Uses an agreement protocol instead of mining, making transactions faster and more efficient.
 Can be private (restricted to a consortium or organization).
 Can also be public but with access control mechanisms.
Only authorized nodes can validate transactions, reducing computational overhead.
Used in Banking, supply chain, enterprise solutions where privacy and compliance are critical.
Example Networks: Hyperledger Fabric, R3 Corda, Quorum – widely used in enterprise
blockchain applications.
VIII. Shared Ledger:
This is a generic term that is used to describe any application or database that is shared by
the public or a consortium. All blockchains fall into the category of a shared ledger.
IX. Fully private and proprietary blockchains
Definition: A centralized blockchain used within an organization or government for data
sharing.
Key Features:
 No decentralisation as it is controlled by single entity.
 Uses State Machine Replication (SMR) and an agreement protocol, instead of
traditional blockchain consensus like PoW or PoS.
 Used by governments and internal enterprise solutions.
 Tokens: Not essential but can be used for value transfer or asset representation.

Limitations: Not widely adopted in mainstream applications due to its deviation from
decentralization principles.

X. Tokenized blockchains
These blockchains are standard blockchains that generate cryptocurrency as a result of a
consensus process via mining or initial distribution.
Bitcoin and Ethereum are prime examples of this type of blockchain.
XI. Tokenless blockchains
Definition: Blockchains that do not use tokens or cryptocurrency for value transfer.
Used primarily for data sharing among trusted participants rather than financial transactions.
Similar to fully private blockchains, but without token-based transactions.
Functions as a shared distributed ledger for secure and immutable record-keeping.
Key Features:

 Ensures security, immutability, and tamper-proofing.

 Uses consensus-driven updates without needing cryptocurrency incentives.
Examples: Hyperledger Fabric, Quorum – commonly used in enterprises for data integrity and
transparency.
 4. Explain the following i)CAP theorem ii)Zero knowledge proof system. Explain Byzantine
Generals problem
I. CAP theorem:
 The CAP theorem, also known as Brewer's theorem, was introduced by Eric Brewer
in 1998 as a conjecture. In 2002, it was proven as a theorem by Seth Gilbert and
Nancy Lynch.
 The theorem states that any distributed system cannot have consistency,
availability, and partition tolerance simultaneously.
 Consistency is a property that ensures that all nodes in a distributed system have a
single, current, and identical copy of the data.
 Availability means that the nodes in the system are up, accessible for use, and are
accepting incoming requests and responding with data without any failures as and
when required.
 Partition tolerance ensures that if a group of nodes is unable to communicate with
other nodes due to network failures, the distributed system continues to operate
correctly. This can occur due to network and node failures.

 The preceding diagram shows that only two properties at a time can be achieved.
Either AP, CA, or CP.
 1. If we opt for CP (consistency and partition tolerance), we sacrifice availability.
2. If we opt for AP (availability and partition tolerance), we sacrifice consistency.
3. If we opt for AC (availability and consistency), we sacrifice partition tolerance.
 Applying the three theorem properties on this smallest of possible distributed
systems only with two nodes:
• Consistency is achieved if both nodes have the same shared state; that is, they
have the same up-to-date copy of the data.
• Availability is achieved if both nodes are up and running and responding with
the latest copy of data.
• Partition tolerance is achieved if, despite communication failure or delay
between nodes, the network (distributed system) continues to operate.
 It seems that the CAP theorem is violated by blockchain, especially in its most
successful implementation, Bitcoin.
  In blockchains, consistency is sacrificed in favor of availability and partition
tolerance. In this scenario, Consistency (C) on the blockchain is not achieved
simultaneously with Partition tolerance (P) and Availability (A), but it is achieved
over time. This is called eventual consistency, where consistency is achieved as a
result of validation from multiple nodes over time.
II. Zero Knowledge proof system.
Definition: A cryptographic method allowing one party (prover) to prove to another
(verifier) that they know a value without revealing the value itself.
Zero-Knowledge Proofs (ZKPs) were introduced by Goldwasser, Micali, and Rackoff in
1985. These proofs are used to prove the validity of an assertion without revealing any
information whatsoever about the assertion.
Key Properties:
1. Completeness: If the statement is true, an honest verifier will be convinced.
2. Soundness: If the statement is false, a dishonest prover cannot convince the verifier.
3. Zero Knowledge: No additional information is revealed beyond the truth of the
statement.
A recent example of the successful implementation of a ZKP mechanism is the Zcash
cryptocurrency. In Zcash, a specific type of ZKP, known as Zero Knowledge Succinct
Non- Interactive Argument of Knowledge (ZK-SNARK), is implemented.
III. Byzantine Generals problem
Nodes can be honest,faulty, or malicious, and they have memory and a processor. A node
that exhibits irrational behavior is also known as a Byzantine node after the Byzantine
Generals Problem.
Definition: A thought experiment introduced in 1982 by Lamport et al., illustrating the
challenge of reaching consensus in a distributed system where some participants (nodes)
may act maliciously or fail.
Scenario: Byzantine army generals must agree on a common strategy (attack or retreat)
but face the risk of traitors sending false messages.
Analogy in Distributed Systems:
 Generals → Honest nodes
 Traitors → Byzantine (faulty/malicious) nodes
 Messenger → Communication channel
Challenge: Ensuring system-wide agreement despite malicious or faulty nodes causing
inconsistencies.
Solution – Practical Byzantine Fault Tolerance (PBFT)
 Developed by: Castro & Liskov (1999) to solve Byzantine faults in asynchronous
networks.
 Mechanism: Uses state machine replication to reach consensus even if some nodes
behave arbitrarily.
 Consensus Resilience: The network can function correctly even if up to 1/3 of nodes
are Byzantine.
 Example:

 This distributed system has six nodes, out of which one (N4) is a Byzantine node
leading to possible data inconsistency. L2 is a link that is broken or slow, and this
can lead to a partition in the network
 The primary challenge of a distributed system design is the coordination between
nodes and fault tolerance. Even if some (a certain threshold dictated by the
consensus protocol) of the nodes become faulty or network links break, the
distributed system should be able to tolerate this and continue to work to achieve
the desired result.
 Byzantine Fault Tolerance (BFT) is crucial for decentralized networks like
blockchain to prevent attacks.
 Various consensus mechanisms (e.g., PBFT, Proof of Work, Proof of Stake)
help maintain network reliability.
5. Explain two fundamental e-cash system issues need to be addressed. List and explain
different characteristics of block chain.
 Since the 1980s, e-cash protocols have existed that are based on a model proposed by
David Chaum.
 Two fundamental e-cash system issues need to be addressed: accountability and
anonymity.
 Accountability is required to ensure that cash is spendable only once (addressing the
double spending problem) and that it can only be spent by its rightful owner.
 Anonymity is required to protect users' privacy. Ensures user privacy, preventing
transactions from being traced to individuals.

Challenges in Digital Currency

 Double-Spending Problem: Unlike physical cash, digital money can be easily

copied, making it vulnerable to duplicate use.
 Privacy vs. Security:
 • Traditional digital payment systems (e.g., credit cards) lack privacy, as
transactions can be traced and logged.
• Blockchain networks aim to provide both security and anonymity through
cryptographic techniques.

David Chaum’s Contributions (1980s)

 Solved accountability & anonymity issues using:

• Blind Signatures: Allows signing digital currency without revealing its details.
• Secret Sharing: Detects double-spending by splitting and verifying
transaction data.
 Bitcoin Evolution:
• In 2009, the first practical implementation of an e-cash system named Bitcoin
appeared, with concept of decentralized trust.
• Introduced public key cryptography and Proof of Work (PoW) for transaction
validation.
• The ordered list of cryptographically secured blocks prevents double-spending
in a trustless network.
• The term cryptocurrency emerged later to describe decentralized digital
currencies.
Characteristics of Blockchain
1. Decentralization – No central authority is needed; consensus mechanisms validate
transactions instead of intermediaries.
2. Transparency & Trust – Transactions are visible to all participants, promoting
accountability.
3. Immutability – Once data is recorded on the blockchain, altering it is nearly impossible.
4. High Availability – Data is replicated across multiple nodes in a peer-to-peer network,
ensuring redundancy and accessibility.
5. Security – Transactions are cryptographically secured, ensuring data integrity and
authentication.
6. Simplified Data Management – Blockchain eliminates multiple, separate records by
maintaining a single shared ledger.
7. Faster Transactions – Reduces settlement times in financial transactions by removing
intermediaries
6. Give the high-level diagram for block chain Architecture

Diagram shows a four-node blockchain network (top), each maintaining a chain of

blocks, virtual machine, state machine, and address. The blockchain is then further
magnified (middle) to show the structure of the chain of blocks, which is again magnified
(bottom) to show the structure of a transaction.
(add question 2 and 1 info)
7. Explain the working of Block chain.

I. Transaction is initiated:
• A node starts a transaction by first creating it and then digitally signing it with its
private key.
 • The transaction data structure usually consists of some logic of transfer of value,
relevant rules, source and destination addresses, and other validation information.
• Transactions are usually either a cryptocurrency transfer (transfer of value) or smart
contract invocation that can perform any desired operation.
• A transaction occurs between two or more parties.
II. Transaction is validated and broadcast:
• A transaction is propagated (broadcast) usually by using data-dissemination protocols, such
as Gossip protocol, to other peers that validate the transaction based on preset validity
criteria.
• Before a transaction is propagated, it is also verified to ensure that it is valid.
III. Find new block:
• . This process is also sometimes referred to as "finding a new block." Here, nodes
called miners race to finalize the block they've created by a process known as mining.
IV. New block found:
• Once a miner solves a mathematical puzzle (or fulfills the requirements of the
consensus mechanism implemented in a blockchain), the block is considered "found"
and finalized.
• At this point, the transaction is considered confirmed.
V. Add new block to the blockchain:
• The newly created block is validated, transactions or smart contracts within it are
executed, and it is propagated to other peers. Peers also validate and execute the block.
• It now becomes part of the blockchain (ledger), and the next block links itself
cryptographically back to this block. This link is called a hash pointer.

8. Discuss the benefits, features and limitations of block

chain. Benefits and features:
1. Decentralization:
• No single authority controls the network; transactions are validated through
consensus mechanisms like Proof of Work (PoW) or Proof of Stake (PoS).
• Reduces reliance on intermediaries, making transactions more secure and
censorship-resistant.
2. Transparency & Trust:
• A shared public ledger ensures that all transactions are visible to authorized
participants.
• Useful for sectors like finance, supply chain, and governance, where
accountability is critical.
3. Immutability:
• Once data is recorded, it cannot be easily altered or deleted, preventing fraud
and manipulation.
• Secured through cryptographic hashing and linked blocks, making it tamper-proof.
4. High Availability:
• The peer-to-peer (P2P) network replicates data across thousands of nodes,
ensuring the system remains operational even if some nodes fail.
• Enhances fault tolerance and provides continuous service availability.
5. Security:
• Transactions are cryptographically secured using hash functions, private keys,
and digital signatures.
• Provides authentication, data integrity, and non-repudiation, ensuring only valid
users can initiate transactions.
6. Simplification of Data Management:
• Eliminates the need for multiple, separate databases by providing a single
shared ledger among participants.
• Improves data consistency, reduces redundancy, and enhances efficiency in
industries like healthcare, banking, and logistics.
7. Faster Transactions:
• Eliminates time-consuming verification, reconciliation, and clearance processes.
• Useful in cross-border payments, where transactions settle in minutes instead
of days.
8. Cost Efficiency:
• Reduces operational costs by eliminating intermediaries (e.g., banks,
clearinghouses).
• Leads to lower transaction fees, especially in financial services.
9. Smart Contracts:
• Self-executing contracts that automatically enforce agreements when predefined
conditions are met.
• Used in Ethereum and other blockchain platforms for applications like
insurance claims, legal agreements, and automated payments.
10. Smart Property:
 Links physical or digital assets to the blockchain, ensuring secure ownership
and transferability.
 Prevents double ownership or fraud, making it useful for real estate,
intellectual property, and digital asset management.
11. Digital Rights Management (DRM):
  Prevents unauthorized duplication and piracy of digital content.
 Enforces ownership rights for music, movies, e-books, and software licenses.
12. Double-Spend Protection:
 Ensures that digital assets or cryptocurrencies cannot be duplicated or spent twice.
 Originally solved in Bitcoin through cryptographic validation and consensus
mechanisms like PoW.
Limitations:
1. Scalability:
 Blockchain networks struggle to handle large transaction volumes compared to
traditional financial systems.
 Requires ongoing research to improve speed and efficiency.
2. Adoption:
 Still considered a nascent technology, leading to slow mass adoption.
 Needs better usability and solutions to scalability issues for wider acceptance.
3. Regulation:
 Decentralization makes regulation difficult, which reduces consumer trust.
 Lack of accountability mechanisms is a barrier to adoption in financial and legal sectors.
4. Immaturity of Technology:
 Unlike traditional IT systems, blockchain is still evolving, requiring extensive research
for reliability and scalability.
5. Privacy & Confidentiality:
 Public blockchains (e.g., Bitcoin) expose transaction details, which is unsuitable for
industries like finance, law, and healthcare.
 Privacy solutions are being developed, but further research is needed for mainstream
adoption.
9. Explain Consensus mechanism. Explain the types of consensus mechanisms.

• Consensus is the backbone of a blockchain, as it provides the decentralization of

control through an optional process known as mining.
• Consensus is a process of achieving agreement between distrusting nodes on the final
state of data. To achieve consensus, different algorithms are used.
• The process of attaining agreement on a common state or value among multiple nodes
despite the failure of some nodes is known as distributed consensus.
 • The choice of the consensus algorithm to utilize is governed by the type of blockchain
in use; that is, not all consensus mechanisms are suitable for all types of blockchains.
• A consensus mechanism is a set of steps that are taken by most or all nodes in a
blockchain to agree on a proposed state or value.
• There are various requirements for a consensus mechanism. The following describes
these requirements:
• Agreement: All honest nodes decide on the same value.
• Integrity: This is a requirement that no node can make the decision more than once
in a single consensus cycle.
• Validity: The value agreed upon by all honest nodes must be the same as the initial
value proposed by at least one honest node.
• Fault tolerant: The consensus algorithm should be able to run correctly in the
presence of faulty or malicious nodes (Byzantine nodes).
• Termination: All honest nodes terminate the execution of the consensus process
and eventually reach a decision
• There are two general categories of consensus mechanisms.
1. Proof-based consensus mechanisms: This arrangement requires nodes to compete in
a leader-election lottery, and the node that wins proposes the final value. The algorithm
works on the principle of providing proof of some work and the possession of some
authority or tokens to win the right of proposing the next block.
2. Traditional fault tolerance-based: With no compute-intensive operations, such as partial
hash inversion (as in Bitcoin PoW), this type of consensus mechanism relies on a
simple scheme of nodes that publish and verify signed messages in a number of phases.
Eventually, when a certain number of messages are received over a period of rounds
(phases), then an agreement is reached.
 To achieve fault tolerance, replication is used.
I. Fail-stop faults: This type of fault occurs when a node merely has crashed. Fail-
stop faults are the easier ones to deal with of the two fault types. Paxos or the
RAFT protocol are normally used to deal with this type of fault.
II. Byzantine faults: The second type of fault is one where the faulty node exhibits
malicious or inconsistent behavior arbitrarily. This type is difficult to handle since
it can create confusion due to misleading information. This can be a result of an
attack by adversaries, a software bug, or data corruption. SMR protocols such as
Practical Byzantine Fault Tolerance (PBFT) was developed to address this
second type of faults.
Many other implementations of consensus protocols have been proposed in traditional distributed
systems. Paxos is the most famous of these protocols. It was introduced by Leslie Lamport in
1989. With Paxos, nodes are assigned various roles such as Proposer, Acceptor, and Learner.
Nodes or processes are named replicas, and consensus is achieved in the presence of faulty
nodes by an agreement among a majority of nodes.
An alternative to Paxos is RAFT, which works by assigning any of three states; that is,
Follower, Candidate, or Leader to the nodes. A Leader is elected after a Candidate node
receives enough
 votes, and all changes then have to go through the Leader. The Leader commits the proposed
changes once replication on the majority of the follower nodes is completed.
10. Mention and explain different types of consensus mechanisms.

I. Proof of Work (PoW) is a consensus mechanism that requires computational resources

to validate transactions before a block is accepted by the network. It is used in Bitcoin,
Litecoin, and other cryptocurrencies and has proven highly secure against collusion attacks like
the Sybil attack.
II. Proof of Stake (PoS) relies on a user's stake in the system, meaning the more coins a user
holds and the longer they remain unspent (coin age), the higher their chances of validating
the next block. Originally introduced in Peercoin, PoS is also being implemented in
Ethereum's Serenity upgrade to improve scalability and energy efficiency.
III. Delegated Proof of Stake (DPoS): This is an innovation over standard PoS, whereby
each node that has a stake in the system can delegate the validation of a transaction to
other nodes by voting. It is used in the BitShares blockchain.
IV. Proof of Elapsed Time (PoET): Introduced by Intel in 2016, PoET uses a Trusted
Execution Environment (TEE) to provide randomness and safety in the leader election
process via a guaranteed wait time. It requires the Intel SGX (Software Guard Extensions)
processor to provide the security guarantee for it to be secure.
V. Proof of Deposit (PoD): In this case, nodes that wish to participate in the network have
to make a security deposit before they can mine and propose blocks. This mechanism is
used in the Tendermint blockchain.
VI. Proof of Importance (PoI): This idea is significant and different from PoS. PoI not only
relies on how large a stake a user has in the system, but it also monitors the usage and
movement of tokens by the user in order to establish a level of trust and importance. It is
used in the NEM coin blockchain.
VII. Federated consensus or federated Byzantine consensus: This mechanism is used in the
stellar consensus protocol. Nodes in this protocol retain a group of publicly-trusted peers
and propagate only those transactions that have been validated by the majority of trusted
nodes.
VIII. Reputation-based mechanisms: As the name suggests, a leader is elected by the reputation
it has built over time on the network. It is based on the votes of other members.
IX. Practical Byzantine Fault Tolerance (PBFT): This mechanism achieves SMR, which
provides tolerance against Byzantine nodes. Various other protocols, including PBFT, PAXOS,
RAFT, and Federated Byzantine Agreement (FBA), are also being used or have been
proposed for use in many different implementations of distributed systems and
blockchains.
X. Proof of Activity (PoA) is a hybrid consensus mechanism that combines elements of
both Proof of Work (PoW) and Proof of Stake (PoS) to ensure a pseudorandom yet uniform
selection of stakeholders. It introduces the "Follow the Satoshi" concept, where PoW is used
initially to validate transactions, but after the first stage, the system switches to PoS,
significantly reducing energy consumption. This approach enhances security and
efficiency, making it more sustainable compared to traditional PoW-based systems.
XI. Proof of Capacity (PoC): This scheme uses hard disk space as a resource to mine the
blocks. This is different from PoW, where CPU resources are used. In PoC, hard disk space
is utilized
 for mining and, as such, is also known as hard drive mining. This concept was first
introduced in the BurstCoin cryptocurrency.
XII. Proof of Storage: This scheme allows for the outsourcing of storage capacity. This scheme
is based on the concept that a particular piece of data is probably stored by a node, which
serves as a means to participate in the consensus mechanism.
XIII. Proof of Authority (PoA): This scheme utilizes the identity of the participants called
validators as a stake on the network. Validators are known and have the authority to propose
new blocks. Validators propose the new blocks and validate them as per blockchain rules.
Commonly used PoA algorithms are Clique and Aura.

11. Give the differences between centralized, Decentralized and distributed system.
Feature Centralized System Distributed System Decentralized System

Architecture Single controlShared processing,Fully distributed across all

entity different topologies users
Security Basic security,
More secure than
Highly secure with
vulnerable to centralized but still has cryptographic validation
central attacks vulnerabilities
High No redundancy, single Higher availability with Very high availability, as
Availability point of failure replication data is replicated across
nodes
Fault Minimal, failure of Better than centralized butHighly fault-tolerant as
Tolerance central server still dependent on core service continues even if
disrupts system infrastructure multiple nodes fail
Collusion Basic, since it's Some resistance but can Highly resistant, as
Resistance controlled by a be compromised consensus algorithms
single entity prevent manipulation
Application Single applicationDistributed applications Fully decentralized
Architecture managed centrally with some control applications run across
all nodes
Trust Consumers must trust More transparent but still Trustless system,
the service provider relies on intermediary governed by
nodes cryptographic consensus
Cost Cost paid to service Costs shared among Costs are distributed, and
provider nodes users pay for network
participation
Data Storage Stored on a single Data is distributed but Every node maintains a
central server may still have a centralfull or partial copy of the
control point ledger
Speed Fast but dependent on Faster than
Slower due to consensus
the central server's decentralized but can slow validation but ensures
capacity down with high load trust and security

Example Banks, Google

Cloud computing,
Bitcoin, Ethereum,
Drive, Facebook CDNs Blockchain networks
Centralized System: A system where a single entity or central authority controls all data,
decision-making, and operations. All transactions pass through a central server, making it a single
point of failure. Example: Traditional banking systems, Facebook, Google Drive.
Distributed System: A system where data and processing are spread across multiple nodes,
but there may still be some level of central control. Nodes work together to share tasks and
resources, improving efficiency and redundancy. Example: Cloud computing, content
delivery networks (CDNs).
Decentralized System: A system with no single controlling entity, where decision-making
and data are distributed among all nodes. Transactions rely on consensus mechanisms (e.g.,
Proof of Work, Proof of Stake), ensuring security and trust. Example: Bitcoin, Ethereum,
Blockchain networks.

12. Discuss the methods of Decentralization

Two methods can be used to achieve decentralization: disintermediation and competition.

Disintermediation refers to the removal of intermediaries in transactions, allowing direct peer-

to- peer interactions.
• For example, in traditional banking, a bank acts as an intermediary when transferring
money internationally. However, with blockchain technology, funds can be sent directly
to a recipient’s blockchain address without a bank, eliminating the need for a central
authority.
• Although financial sector regulations make full decentralization challenging,
blockchain- driven disintermediation can be applied in other fields like healthcare,
law, and public services. Blockchain thus enables secure, direct data exchange between
multiple entities while maintaining privacy and trust.
Contest-driven decentralization introduces competition among service providers to prevent
monopolization while maintaining some level of decentralization.
• Instead of a single intermediary controlling a service, multiple providers compete based
on reputation, reviews, and quality of service.
• In blockchain technology, this concept can be applied using smart contracts, where
they dynamically select external data providers based on predefined criteria.
• Although this approach does not achieve complete decentralization, it ensures that no
single entity has absolute control over the system.
• Fully Centralized: A single central system controls the service.
 • Partially Decentralized: Competing service providers are chosen based on trust and
reputation.
• Fully Decentralized: Complete disintermediation, where all intermediaries are
removed.
• This model fosters competition while maintaining fair access to services, making it a
practical approach for real-world blockchain applications.
13. Explain Block chain Ecosystem.

• The blockchain is a distributed ledger that runs on top of conventional systems. These
elements include storage, communication, and computation.

I. STORAGE:
• Blockchain can store data directly, achieving decentralization, but it is not suitable for
large- scale storage due to its design limitations. While it can handle simple transactions
and small data, it cannot efficiently store large files like images or videos as traditional
databases do.
• A more efficient approach is Distributed Hash Tables (DHTs), initially used in peer-
to- peer file-sharing networks like BitTorrent, Napster, and Kazaa.

Decentralized Storage Solutions

• InterPlanetary File System (IPFS)

 Uses Kademlia DHT and Merkle Directed Acyclic Graphs (DAGs) for storage
and searching.
 Aims to replace HTTP with a decentralized web.
 Provides high availability and stable network links.
 Uses Filecoin incentives to reward nodes for storing data via the Bitswap
mechanism.
• Ethereum Swarm & Other Solutions
 Swarm: Ethereum’s decentralized storage system.
 Whisper: Ethereum’s protocol for secure messaging.
 Storj & MaidSafe: Other decentralized storage networks aiming to provide a
secure, censorship-resistant internet.
 • BigChainDB
 A decentralized database offering scalability, high speed, and linear scalability.
 Works alongside platforms like Ethereum and IPFS for efficient decentralized
data management.

II. COMMUNICATION

The Internet, which serves as the communication layer for blockchain, was originally
designed as a decentralized network. However, over time, centralized service providers like
Google, Amazon, and ISPs have gained control, limiting user autonomy.

Modern Internet services such as email and online storage rely on centralized entities, where
users trust providers to store and manage their data. This creates a dependency on third-party-
controlled systems, making users vulnerable to data privacy risks.

To counter this, decentralized communication alternatives are emerging:

1. Mesh Networks:
o Enable nodes to communicate without a central ISP.
o Useful in areas with government censorship or restricted Internet access.
o Provide a more resilient and censorship-resistant communication model.
2. Blockchain for Decentralized Communication:
o Revives the original vision of decentralization.
o Ensures privacy, security, and control over data.
o Prevents reliance on single entities for data access and communication.

Although large centralized service providers dominate today's Internet, blockchain

technology is fostering a shift toward self-sovereign communication, where users retain full
control over their data and interactions.

III. COMPUTING POWER:

Blockchain enables decentralized computing by allowing smart contracts and business logic
to run across a distributed network. Ethereum, for example, provides a processing layer
where smart contracts execute without centralized control. Other blockchain platforms offer
similar decentralized computation capabilities.

IV. IDENTITY & WEALTH LAYERS:

• Decentralized authentication and identification solutions like bitAuth and OpenID.

• Zooko’s Triangle suggests that a naming system can be secure, decentralized, or
human-readable—but achieving all three is challenging.
• Namecoin solved this issue, providing decentralized and secure domain naming.

14. Write short notes the following i)Smart contracts ii)Autonomous Agents(AA)

iii) DAO IV)DACs v)Dapps.

i) Smart Contracts:
• A smart contract is a software program that usually runs on a blockchain.
 • It do not neccesarily need a blockchain to run, due to security reasons we are using a
smart contracts.
• A smart contract usually contains some business logic and a limited amount of data.

ii) Autonomous agents:

• An Autonomous Agent (AA) is an artificially intelligent software entity that acts on
the behalf of its owner to achieve some desirable goals without requiring any or
minimal intervention from its owner.

iii) DAOs:
• A decentralized autonomous organization (DAO) is also a computer program that
runs on top of a blockchain, and embedded within it are governance and business
logic rules.
• DAOs are autonomous, which means that they are fully automated and contain
artificially intelligent logic.
• Ethereum blockchain led the way with the introduction of DAOs.
• The DAO project was an early attempt to create a decentralized venture capital fund,
but a hack exploited a vulnerability in its smart contract, leading to the theft of
millions of ETH. To reverse the hack, Ethereum underwent a hard fork, splitting into
Ethereum (ETH) and Ethereum Classic (ETC).
• Key Challenges of DAOs: Security Risks, lack of Legal Recognition and
Regulatory Uncertainty

iv) DACs:

• The definitions of DACs and DAOs may sometimes overlap

• DACs can run a business automatically without human intervention based on the
logic programmed into them.
• DAOs are usually considered to be nonprofit, whereas DACs can earn a profit via
shares offered to the participants and to whom they can pay dividends.

v) Dos:
• DOs are software programs that run on a blockchain and are based on the idea of
actual organizations with people and protocols.
• Once a DO is added to the blockchain in the form of a smart contract or a set of
smart contracts, it becomes decentralized and parties interact with each other based on
the code defined within the DO software.
vi) DASes:
• These are a concept whereby an entire society can function with the help of multiple
complex smart contracts and a combination of DAOs and Dapps.
vii) Dapps:
• Decentralized Applications (DApps) are blockchain-based applications that operate
without a central authority and use smart contracts to execute functions autonomously.
• They offer transparency, security, and censorship resistance, making them an essential
part of the blockchain ecosystem.

15. Explain Decentralized applications. Mention the platforms for Decentralization.

DApps at a fundamental level are software programs that execute using either of the following
methods. They are categorized as Type 1, Type 2, or Type 3 DApps:
• Type 1: Run on their own dedicated blockchain, for example, standard smart contract
based DApps running on Ethereum. If required, they make use of a native token, for
example, ETH on Ethereum blockchain.
• Type 2: Use an existing established blockchain. that is, make use of Type 1 blockchain
and bear custom protocols and tokens, for example, smart contract based tokenization
DApps running Ethereum blockchain.
Examples: DAI, Golam : which has its own token GNT and a transaction framework
built on top of Ethereum blockchain to provide a decentralized marketplace for
computing power where users share their computing power with each other in a peer-to-
peer network.
• Type 3: Use the protocols of Type 2 DApps; for example, the SAFE Network uses
the OMNI network protocol.
Requirements for Dapps:
According to the 2015 whitepaper by Johnston et al., a DApp must meet the following
conditions:
1. Open Source & Autonomous: No single entity should control most tokens, and
changes must be community-driven.
2. Decentralized & Secure Storage: All data and records must be stored on a public
blockchain to prevent central points of failure.
3. Cryptographic Token Usage: Tokens must be used for access, incentives, and
rewarding contributors.
4. Consensus-Based Token Generation: Tokens (if applicable) must be generated
through a cryptographic algorithm as proof of value.
DApps now power finance (DeFi), gaming, social media, and healthcare, offering decentralized
solutions across industries.
Operations of a DApp
• Establishment of consensus by a DApp can be achieved using consensus algorithms
such as PoW and Proof of Stake (PoS).
• A DApp can distribute tokens (coins) via mining, fundraising, and development.
Design of DApps:
Dapps Examples:
KYCchain: This application provides the facility to manage Know Your Customer
(KYC) data securely and conveniently based on smart contracts.
Open Bazaar: This is a decentralized peer-to-peer network that enables commercial
activities directly between sellers and buyers instead of relying on a central party, such as
eBay or Amazon.
Lazoos: This is the decentralized equivalent of Uber. It allows peer-to-peer ride sharing
and users to be incentivized by proof of movement, and they can earn Zooz coins.
Platforms for decentralisation:
Many organizations around the world have introduced platforms that promise to make
distributed application development easy, accessible, and secure.
I. ETHEREUM
• Ethereum is the first blockchain to introduce a Turing-complete language and a
virtual machine, enabling the development of smart contracts and decentralized
applications (DApps).
• Unlike Bitcoin’s limited scripting language, Ethereum’s Solidity programming
language allows for complex and flexible decentralized logic.
• First proposed in 2013 by Vitalik Buterin, Ethereum provides a public blockchain
where developers can deploy DApps and smart contracts.
• Its native currency token is called Ether (ETH), which is used for transaction fees,
computation, and network incentives.

II. MAID SAFE:

• MaidSafe, introduced in 2006, is a decentralized and autonomous network, not a

blockchain, designed to create a decentralized Internet.
• It provides the SAFE (Secure Access for Everyone) network, utilizing unused
computing resources like storage, processing power, and data connections from its
users.
 • Key features include: Data Encryption & Distribution, Owner-Only Access,
Automatic Deduplication and Incentive Mechanism.

III. LISK

• Lisk is a blockchain application development platform that enables developers to

build decentralized applications (DApps) using JavaScript and host them on
sidechains.
• It uses the Delegated Proof of Stake (DPoS) consensus mechanism, where 101 elected
nodes secure the network and propose blocks.

IV. EOS:

• EOS is a blockchain protocol launched in January 2018 with its own cryptocurrency,
EOS.
• It raised an impressive $4 billion through its Initial Coin Offering (ICO) in 2018.
• The primary goal of EOS is to function as a decentralized operating system for
building scalable decentralized applications (DApps).
• EOS represents an evolution in blockchain scalability and performance, making it
suitable for enterprise and large-scale decentralized applications.

16. Write short notes on i)Merkle Trees ii) Message Digest iii)Secure Hash
algorithms iv) DhTs Digital Signatures, Elliptic Curve Digital signature algorithm.

Message Digest:
MD5 is a cryptographic hash function algorithm that takes the message as input of any
lrngth and changes it into a fixed length message of 16 bytes.
MD5 stands for Message-Digest algorithm.
It was developed by Ronald Rivest as an improvement of MD4, with advanced security
purposes.
The output of MD5 is always 128 bits.
It is the most commonly used message digest for non-cryptographic functions such as
used as a checksum to verify data integrity, compressing large files into smaller ones
securely, etc.
Working of MD5 Algorithm:

MD5 algorithm follows the following steps:

1. Append padding bits: in this step, we add padding bits in the original message in
such a way that the total length of the message is 64 bits less than the exact multiple of
512. Eg: suppose we are given a message of 1000 bits. Now we have to add padding
bits to the original message. Here we add 472 padding bits to the original message.
After adding the bits, the size of the original message will be 1472 i.e, 64 bits less
than anexact multiple of 512.

2. Append length bits: in this step we add the length bit in the output of the first step in
such a way that the total number of the bits is the perfect multiple of 512.

3. Initialise MD buffer: here, we use the 4 buffers i.e, A,B,C and D. the size of each
buffr is 32 bits.

4. Process Each 512-bit block: this is most important step. Here, a total 64 operations
are performed in 4 rounds. In each rounds 16 operations will be performed. We apply a
different function on each round ie, in 1st round we apply F function, for 2nd round G
function, 3rd round H function and 4th round I function.
Merkle Trees:

 Merkle tree also known as hash tree is a data structure used for data verification and
synchronization.
 It is a tree data structure where each non-leaf node is a hash of its child node. All leaf
nodes are at the same depth and are as far left as possible.
 It maintains data integrity and uses hash functions for this purpose.
 Has Functions: it maps an input to a fixed output and this output is called hash. The
output is unique for every input and this enables fingerprinting of data. So, huge
amounts of data can be easily identified through their hash.
 The concept of merkle tree was introduced by Ralph Merkle.
 Merkle tree enables secure and efficient verification of the large datasets.

A Merkle tree is a binary tree in which the inputs are first placed at the leaves and then the
values of pairs of child nodes are hashed together to produce a value for the parent node until
a single hash value known as Merkle Root is achieved.
  This structure if tree allows efficient mapping of huge data and small changes made to
data can be easily identified.
 If we want to know where data change has occurred then we can check if data is
consistent with root hash and we will not have to traverse the whole structure but only
a small part of the structure.
 The root hash is used as fingerprint to entire data.

Patricia tree:

 It is a digital tree, in an ordered tree data structure used to store a dataset.

 Patricia tree or prefix tree or radix tree is an ordered structured tree which takes the
applications of usually the data in stores.
 Each node has one prefix which is a string while other one is an empty string.
 Operations that can be performed are: insert, delete and search.

Distributed Hash Table

 A hash table is a data structure that is used to map keys to values.

 Internally hash function is used to calculate an index into an array of buckets from
which the required value can be found.
 Buckets have records stored in them using hash key and are organized into particular
order.
 DHT as a data structure where data is spread across various nodes, and nodes are
equivalent to buckets in p2p network.

 The above diagram shows how DHTs works.

 Data is passed through a hash function, which then generate a compact key.
  This key is then linked with the data on p2p network.
 When users on the network request the data, the filensame can be hashed again to
produce the same key, andany node on the network can be requested to find the
corresponding data.
 DHTs provide decentralisation, fault tolerance and scalability.

Digital Signatures:

Digital signature provides a means of associating a message with an entity from which the
message has originated.

 They are used to provide data origin authentication and non repudation.
 These are used in blockchain where transactions are digitally signed by senders using
their private key before broadcasting the transcation to the network. This digital
signing, proves they are the rightful owner of the asset.
 These transactions are verified again by node on the network to ensure that the funds
belong to the node who claims to be the owner.
 Properties:
i) Authenticity: The digital signatures are verifiable by a receiving party.
ii) Unforgeability: ensures that only the sender of the message can use the signing
functionality sing the private key.
iii) Non-reusability: the digital signature cannot be separated from a message and used
again for another message.

RSA Algorithm:

 It involves two steps:

i) Calculate the hash value of the data packet: this will provide the data integrity
guarantee as the hash can be computed at the receiver’s end again and matched
with the original hash to check whether the data has been modified in transit.
ii) Signs the hash value with the signer’s private key: as only the signer has the
private key, the authenticity of the signature and the signed data is ensured.
  Sign then encrypt: the sender digitally signs the data using the private key, appends
the signature to the data and then encrypts the data and the digital signature using the
receiver’s public key.
 Encrypt then sign: the sender encrypts the data using the receiver’s public key and
them digitally signs the encrypted data.

Elliptic curve digital signature algorithm:

In order to sign and verify using the ECDSA scheme, first key pair needs to be generated:

1. First, define an elliptic curve E:

 With modulus P
 Coefficients a and b
 Generator point A that forms a cyclic group of prime order q
2. An integer d is chosen randomly so that 0 < d < q.
3. Calculate public key B so that B = d A.
The public key is the sextuple in the form shown here:
Kpb = (p,a,b,q,A,B)
The private key, d is randomly chosen in step 2:
Kpr = d
Now the signature can be generated using the private and public key.
4. First, an ephemeral key Ke is chosen, where 0 < Ke < q. It should be ensured that Ke is
truly random and that no two signatures have the same key; otherwise, the private key
can be calculated.
5. Another value R is calculated using R = Ke A; that is, by multiplying A (the generator
point) and the random ephemeral key.
6. Initialize a variable r with the x coordinate value of point R so that r = xR.
7. The signature can be calculated as follows:

Here, m is the message for which the signature is being computed, and h(m) is the hash
of the message m.

Signature verification is carried out by following this process:

1. Auxiliary value w is calculated as w = s-1 mod q.

2. Auxiliary value u1 = w. h(m) mod q.
3. Auxiliary value u2 = w. r mod q.
4. Calculate point P, P = u1A + u2B.
5. Verification is carried out as follows: r, s is accepted as a valid signature if the x
coordinate of point P calculated in step 4 has the same value as the signature parameter r
mod q; that is:
Xp = r mod q means valid signature
Xp != r mod q means invalid signature
SHA-256:

 SHA-256 has the input message size < 264-bits. Block size is 512-bits, and it has a
word size of 32-bits. The output is a 256-bit digest.
 The compression function processes a 512-bit message block and a 256-bit
intermediate hash value.
 There are two main components of this function: the compression function and a
message schedule.
 The algorithm works as follows, in eight steps:
1. Preprocessing:
I. Padding of the message is used to adjust the length of a block to 512
bits if it is smaller than the required block size of 512-bits.
II. Parsing the message into message blocks, which ensures that the
message and its padding is divided into equal blocks of 512-bits.
III. Setting up the initial hash value, which consists of the eight 32-bit
words obtained by taking the first 32-bits of the fractional parts of
the square roots of the first eight prime numbers. These initial
values are randomly chosen to initialize the process, and they
provide a level of
2. Hash computation:
VI. Each message block is then processed in a sequence, and it requires 64 rounds
to compute the full hash output. Each round uses slightly different constants to
ensure that no two rounds are the same.
V. The message schedule is prepared.
VI. Eight working variables are initialized.
VII. The intermediate hash value is calculated.
VIII. Finally, the message is processed, and the output hash is produced:

In the preceding diagram, a, b, c, d, e, f, g, and h are the registers. Maj and Ch are applied
bitwise. ∑0 and ∑1 performs bitwise rotation. Round constants are Wj and Kj , which are
added, mod 232.

SHA-3 Algorithm:

 The key idea behind SHA-3 is based on unkeyed permutations, as opposed to other
typical hash function constructions that used keyed permutations.
 Keccak also does not make use of the Merkle Damgard transformation that is
commonly used to handle arbitrary-length input messages in hash functions.
 A newer approach called sponge and squeeze construction is used in Keccak.
  It is a random permutation model. Different variants of SHA-3 have been
standardized, such as SHA-3-224, SHA-3-256, SHA-3-384, SHA-3-512, SHAKE-
128, and SHAKE-
256. SHAKE-128 and SHAKE-256 are Extendable Output Functions (XOFs), which
are also standardized by NIST.
 The following diagram shows the sponge and squeeze model, which is the basis of
SHA-3 or Keccak.
 Analogous to a sponge, the data is first absorbed into the sponge after applying
padding. There it is then changed into a subset of permutation state using XOR, and
then the output is squeezed out of the sponge function that represents the transformed
state. The rate is the input block size of a sponge function, while capacity determines
the general security level:

17. What are Public Key and Private Key. Explain How HASH functions are used
to compress arbitrary messages in to fixed length digest.

A private key is a randomly generated number that is kept secret and held privately by its
users.

• Private keys need to be protected and no unauthorized access should be granted to

that key.
• Private keys can be of various lengths depending on the type and class of algorithms
used.
• For example, in RSA, typically a key of 1024-bits or 2048-bits is used. The 1024-bit
key size is no longer considered secure, and at least a 2048-bit key size is
recommended.

A public key is freely available and published by the private key owner.

• Anyone who would then like to send the publisher of the public key an encrypted
message can do so by encrypting the message using the published public key and
sending it to the holder of the private key.
• No one else is able to decrypt the message because the corresponding private key is
held securely by the intended recipient.
• Once the public key encrypted message is received, the recipient can decrypt the
message using the private key.
 • There are a few concerns, however, regarding public keys, these include authenticity
and identification of the publisher of the public keys.

HASH FUNCTIONS:

• Hash functions are used to create fixed-length digests of arbitrarily-long input strings.
• Hash functions are keyless, and they provide the data integrity service.
• They are usually built using iterated and dedicated hash function construction
techniques.
• Hash functions are commonly used for digital signatures and Message Authentication
Codes (MACs), such as HMACs.
• They have three security properties, namely preimage resistance, second preimage
resistance, and collision resistance.
• Hash functions are also typically used to provide data integrity services.
• These can be used both as one-way functions and to construct other cryptographic
primitives, such as MACs and digital signatures.
• Some applications use hash functions as a means for generating Pseudo-random
Numbers Generator (PRNGs).

Compression of arbitrary messages into fixed-length digest

• This property relates to the fact that a hash function must be able to take an input text
of any length and output a fixed-length compressed message.
• Hash functions produce a compressed output in various bit sizes, usually between
128- bits and 512-bits.

Preimage resistance

• This property can be explained by using the simple equation shown as follows:
h(x) = y
• Here, h is the hash function, x is the input, and y is the hash.
• The first security property requires that y cannot be reverse-computed to x.
• x is considered a preimage of y, hence the name preimage resistance. This is also
called a one-way property.

Second preimage resistance

• The second preimage resistance property requires that given x and h(x), it is almost
impossible to find any other message m, where m != x and hash of m = hash of x or
h(m) = h(x). This property is also known as weak collision resistance.

Collision resistance

• The collision resistance property requires that two different input messages should not
hash to the same output. In other words, h(x) != h(z). This property is also known as
strong collision resistance.
 • Due to their very nature, hash functions will always have some collisions. This is
where two different messages hash to the same output. However, they should be
computationally impractical to find. A concept known as the avalanche effect is
desirable in all hash functions. The avalanche effect specifies that a small change,
even a single character change in the input text, will result in an entirely different hash
output.
• The input message is compressed in multiple rounds on a block-by-block basis in order
to produce the compressed output. A popular type of iterated hash function is Merkle-
Damgard construction. This construction is based on the idea of dividing the input
data into equal block sizes and then feeding them through the compression functions
in an iterative manner.
• Compression functions can be built using block ciphers. In addition to Merkle-
Damgard, there are various other constructions of compression functions proposed by
researchers, for example, Miyaguchi-Preneel and Davies-Meyer.

18. Explain Transaction Life cycle with transaction Data structures(program).

The following steps describe the transaction life cycle:

1. A user/sender sends a transaction using wallet software or some other interface.
2. The wallet software signs the transaction using the sender's private key.
3. The transaction is broadcasted to the Bitcoin network using a flooding algorithm.
4. Mining nodes (miners) who are listening for the transactions verify and
include this transaction in the next block to be mined. Just before the
transaction are placed in the block they are placed in a special memory buffer
called transaction pool. The purpose of the transaction pool is explained in the
next section.
5. Mining starts, which is a process by which the blockchain is secured and
new coins are generated as a reward for the miners who spend appropriate
computational resources. This concept is explained in more detail later in
this chapter.
6. Once a miner solves the PoW problem it broadcasts the newly mined block to the
 network. PoW is explained in detail later in this chapter.
7. The nodes verify the block and propagate the block further, and
confirmations start to generate.
8. Finally, the confirmations start to appear in the receiver's wallet and after
approximately three confirmations, the transaction is considered finalized and confirmed.
The transaction data structure
A transaction at a high level contains metadata, inputs, and outputs.
Transactions are combined to create a block. The transaction data structure is shown in the
following table:

A sample transaction is shown as follows.

{
"lock_time":0,
"size":226,
"inputs":[

{
"prev_out":{
"index":139,
"hash":"40120e43f00ff96e098a9173f14f1371655b3478bc0a558d6dc17a4ab176387d"
},
"script":"483045022100de6fd8120d9f142a82d5da9389e271caa3a757b01757c8e4fa7af
bf92e74257c02202a78d4fbd52ae9f3a0083760d76f84643cf8ab80f5ef971e3f98ccba2c71
758d012102c16942555f5e633645895c9affcb994ea7910097b7734a6c2d25468622f25e12"
}
],
"version":1,
"vin_sz":1,
"hash":"d28ca5a59b2239864eac1c96d3fd1c23b747f0ded8f5af0161bae8a616b56a1d",
"vout_sz":2,
"out":[

{
"script_string":"OP_DUP OP_HASH160
c568ffeb46c6a9362e44a5a49deaa6eab05a619a OP_EQUALVERIFY OP_CHECKSIG",
"address":"1JzouJCVmMQBmTcd8K4Y5BP36gEFNn1ZJ3",
"value":33324,
"script":"76a914c568ffeb46c6a9362e44a5a49deaa6eab05a619a88ac"
},
{
"script_string":"OP_DUP OP_HASH160
9386c8c880488e80a6ce8f186f788f3585f74aee OP_EQUALVERIFY OP_CHECKSIG",
"address":"1ET3oBGf8JpunjytE7owyVtmBjmvcDycQe",
"value":93376,
"script":"76a9149386c8c880488e80a6ce8f186f788f3585f74aee88ac"
}
]
}
Metadata
This part of the transaction contains some values such as the size of the transaction, the number
of inputs and outputs, the hash of the transaction, and a lock_time field. Every transaction has a
prefix specifying the version number. These fields are shown in the preceding example:
lock_time, size, and version.
Inputs
Generally, each input spends a previous output. Each output is considered as Unspent
Transaction Output (UTXO) until an input consumes it. UTXO is an unspent transaction
output that can be spent as an input to a new transaction.

Outputs
Outputs have three fields, and they contain instructions for sending bitcoins. The first field contains
the amount of Satoshis whereas the second field contains the size of the locking script. Finally,
the third field contains a locking script that holds the conditions that need to be met in order
for the output to be spent.

19. Explain i)Transaction Pool ii)Transcation fee iii)Public keys in Bitcoin iv)Private keys in
Bit coin
Transaction Pool:
Also known as memory pools, these pools are basically created in local memory (computer
RAM) by nodes in order to maintain a temporary list of transactions that are not yet confirmed
in a block. Transactions are included in a block after passing verification and based on their
priority.
Transaction Fee:
• Transaction fees are charged by the miners.
• The fee charged is dependent upon the size and weight of the transaction.
• A simple formula can be used: fee = sum(inputs) - sum(outputs)
 • The fees are used as an incentive for miners to encourage them to include a user transaction
in the block the miners are creating.
• Transaction fees incentivize miners to include transactions in their blocks, with higher
fees ensuring quicker processing. While fees are not mandatory, transactions without fees
may face long delays. Due to high network activity, providing a fee is advisable to avoid
delays, as confirmation times range from 10 minutes to over 12 hours.
Public keys in Bitcoin:
• Public keys exist on the blockchain and all network participants can see it.
• Public keys are derived from private keys due to their special mathematical
relationship with the private keys.
• Once a transaction signed with the private key is broadcasted on the Bitcoin network,
public keys are used by the nodes to verify that the transaction has indeed been signed
with the corresponding private key. This process of verification proves the ownership of
the bitcoin.
• Bitcoin uses ECC (secp256k1) and ECDSA to secure transactions.
• Public keys can be uncompressed (65 bytes, prefix: 0x04) or compressed (33 bytes).
• Compressed keys store only the x-coordinate, with a prefix:
• 0x02 if y is even
• 0x03 if y is odd
• Bitcoin Core 0.6 adopted compressed keys, reducing storage by nearly 50%.
Private keys in Bitcoin
• Private keys are required to be kept safe and normally resides only on the owner's
side. Private keys are used to digitally sign the transactions proving the ownership of the
bitcoins.
• Private keys are fundamentally 256-bit numbers randomly chosen in the range specified by
the secp256k1 ECDSA curve recommendation. Any randomly chosen 256-bit number
from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48
A03B
BFD2 5E8C D036 4140 is a valid private key.
• Private keys are usually encoded using Wallet Import Format (WIF) in order to
make them easier to copy and use. It is a way to represent the full size private key in a
different format. WIF can be converted into a private key and vice versa.
• Also, mini private key format is sometimes used to create the private key with a
maximum of up to 30 characters in order to allow storage where physical space is limited,
for example, etching on physical coins or encoding in damage-resistant QR codes. The
QR code becomes more damage resistant because more dots can be used for error
correction and less for encoding the private key. The private key encoded using mini
private key format is also sometimes called minikey. The first character of mini private
key is always uppercase letter
S. A mini private key can be converted into a normal size private key but an existing
normal size private key cannot be converted into a mini private key. This format was
used in Casascius physical bitcoins.
20. Explain i) Sybill Attack ii)Double spending problem iii)vanity addresses iv)address
geenation in bitcoin

i) Sybill Attack:
A Sybil attack is a security threat in which an attacker creates multiple fake identities (nodes)
to manipulate a blockchain network. The goal is to gain undue control over the network,
allowing the attacker to disrupt consensus mechanisms, double-spend coins, censor
transactions, or perform majority attacks (like 51% attacks in PoW-based systems).
How Sybil Attacks Work:
1. Creating Fake Nodes: The attacker generates multiple fraudulent nodes to increase
their influence in the network.
2. Manipulating Consensus: If the attacker controls a significant portion of the network,
they can alter transaction verification, block approval, or even reverse confirmed
transactions (double-spending).
3. Disrupting the Network: The attacker can reject valid transactions, slow down
processing, or censor specific users.
Defenses Against Sybil Attacks:
 Proof-of-Work (PoW): Requires computational effort, making it costly to create
multiple nodes.
 Proof-of-Stake (PoS): Limits influence based on stake ownership, making attacks
expensive.
 Reputation Systems & Identity Verification: Some networks use trust-based
mechanisms to prevent fake nodes.
 Transaction Fees & Economic Barriers: Increasing participation costs deters attackers.
ii) Double spending problem:
The double spending problem occurs when a digital currency is fraudulently spent
more than once. Blockchain prevents this by using consensus mechanisms like Proof-
of-Work (PoW) and Proof-of-Stake (PoS) to verify and record transactions securely.
Once a transaction is confirmed in a block, it becomes immutable, preventing
duplication. Additional protections include timestamping, multiple confirmations, and
cryptographic hashing. These mechanisms ensure transaction integrity and prevent
fraudulent spending in decentralized networks.
iii) Vanity address

A vanity address in Bitcoin is a customized wallet address that contains specific user-defined
characters, making it more recognizable. It is generated using brute force algorithms like
Vanitygen.

• Example: 1JohnDoeXyz... instead of a random Bitcoin address.

 • Created using specialized software or online services (risk of key exposure).
• Computationally expensive—longer patterns require more processing power.
• No security benefits—purely for aesthetics and branding.

iv) Address Generation:

• A bitcoin address is created by taking the corresponding public key of a private
key and hashing it twice, first with the SHA-256 algorithm and then with
RIPEMD-
160. The resultant 160-bit hash is then prefixed with a version number and
finally encoded with a Base58Check encoding scheme. The bitcoin addresses
are 26-35 characters long and begin with digit 1 or 3.
• A typical bitcoin address looks like a string shown here:
1ANAguGG8bikEv2fYsTBnRUmx7QUcK58wt
• Currently, there are two types of addresses, the commonly used P2PKH and
another P2SH type, starting with number 1 and 3, respectively. In the early
days, Bitcoin used direct Pay to Pubkey, which is now superseded by P2PKH.
• Avoiding address reuse circumvents anonymity issues to an extent, Bitcoin
has some other security issues as well, such as transaction malleability, Sybil
attacks, race attacks and selfish mining which require different approaches to
resolve.