Book Image

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

By : Alessandro Parisi
Book Image

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

By: Alessandro Parisi

Overview of this book

Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this. You’ll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you’ll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You’ll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You’ll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You’ll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you’ll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks. By the end of this book, you’ll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.
Table of Contents (15 chapters)
1
Section 1: Blockchain Security Core Concepts
5
Section 2: Architecting Blockchain Security
8
Section 3: Securing Decentralized Apps and Smart Contracts
11
Section 4: Preserving Data Integrity and Privacy

Analyzing smart contract threats

The main threats affecting smart contracts are usually attributable to weaknesses present within the source code. Over time, a register of such weaknesses, known as the Smart Contract Weakness Classification (SWC) Registry, has been drawn up, which can be consulted at https://swcregistry.io/docs/SWC-100.

The SWC Registry is released under the MIT License and is freely available at https://github.com/SmartContractSecurity/SWC-registry.

The main goals of the SWC Registry are as follows:

  • Classifying security issues in smart contracts
  • Describing security issues in smart contracts adopting a common language
  • Helping training and increasing performance for smart contract analysis tools

In the following sections, we will analyze the main weaknesses present within the source code of smart contracts developed using the Solidity programming language.

...