Book Image

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

By : Alessandro Parisi
Book Image

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

By: Alessandro Parisi

Overview of this book

Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this. You’ll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you’ll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You’ll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You’ll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You’ll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you’ll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks. By the end of this book, you’ll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.

Related Content you might be interested in

Current Title:

Small book image
Securing Blockchain Networks like Ethereum and Hyperledger Fabric
Alessandro Parisi
Apr, 2020 | 244 pages
Small book image
Foundations of Blockchain
Koshik Raj
Jan, 2019 | 372 pages
Small book image
Learn Bitcoin and Blockchain
Kirankalyan Kulkarni
Aug, 2018 | 94 pages
Small book image
Blockchain Quick Reference
Paul Valencourt | Samanyu Chopra | Brenn Hill
Aug, 2018 | 350 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Section 1: Blockchain Security Core Concepts
Section 1: Blockchain Security Core Concepts
Free Chapter
2
Introducing Blockchain Security and Attack Vectors
Introducing Blockchain Security and Attack Vectors
An introduction to blockchain
The building blocks of blockchain
Blockchain network topology
Establishing trust through consensus algorithms
Potential threats that affect trust
Summary
3
Cryptography Essentials
Cryptography Essentials
Technical requirements
A glimpse into cryptography
Symmetric versus asymmetric cryptography
Elliptic cryptography in blockchain
SHA hashing and digital signatures in practice
Blockchain Merkle trees
Summary
4
Blockchain Security Assumptions
Blockchain Security Assumptions
Centralized models versus decentralized models
Advantages and disadvantages of blockchain
Blockchain versus DLT
Understanding transaction security
Attacking a blockchain
Understanding the quantum computing threat
Summary
Further Reading
5
Section 2: Architecting Blockchain Security
Section 2: Architecting Blockchain Security
6
Trustless Blockchain Networks
Trustless Blockchain Networks
Technical requirements
Network discovery with P2P
Block synchronization
Transaction management
Wallet key secure management
Summary
7
Securing Hyperledger Fabric
Securing Hyperledger Fabric
Permissioned blockchains and DLTs
Getting to know Hyperledger Fabric
Hyperledger strong identities
Hyperledger chaincode security
Preventing common threats with Hyperledger
Summary
8
Section 3: Securing Decentralized Apps and Smart Contracts
Section 3: Securing Decentralized Apps and Smart Contracts
9
Decentralized Apps and Smart Contracts
Decentralized Apps and Smart Contracts
Technical requirements
Introducing DApps
Introducing smart contract fundamentals
Creating secure smart contracts
Executing secure smart contracts
Summary
10
Preventing Threats for DApps and Smart Contracts
Preventing Threats for DApps and Smart Contracts
Technical requirements
Hacking smart contracts
Analyzing smart contract threats
Smart contract attack examples
Preventing smart contract attacks
Analyzing smart contracts for security
Summary
11
Section 4: Preserving Data Integrity and Privacy
Section 4: Preserving Data Integrity and Privacy
12
Exploiting Blockchain as an Attack Vector
Exploiting Blockchain as an Attack Vector
Storing illicit data in the blockchain
Preserving anonymity in the blockchain
Dealing with identity theft
Spreading malware with blockchain
Summary
13
Analyzing Privacy and GDPR Compliance Issues
Analyzing Privacy and GDPR Compliance Issues
Preserving sensitive data in a blockchain
Leveraging blockchain for healthcare
Improving IoT security with blockchain
Reconciling blockchain with the GDPR
Summary
14
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Preventing smart contract attacks

We have seen how many attacks on smart contracts are often due to bugs contained within the source code. To prevent the occurrence of these bugs, it is thus appropriate to use specialized library functions that help the developer in the safe implementation of the most common functions. One of these libraries is the SafeMath library of the OpenZeppelin package (available at https://github.com/OpenZeppelin/openzeppelin-solidity).

By using the SafeMath library, it is possible to prevent bugs such as integer overflows and underflows.

In the following example, we show an excerpt of the implementation of the add() function offered by the SafeMath library:

pragma solidity ^0.4.24;

library SafeMath {

...

 /**
 * @dev Function to add two numbers
 */
 function add(uint256 a, uint256 b) 
 internal pure returns (uint256 c) {
    c = a + b;
    assert(c >= a);
 ...
Previous Section
End of Section 6
Next Section