Chapter 4 A critical review on using blockchain technology in education domain 105




                      • Perform transaction by spending their coins in their
                         privately mined chain.
                      • Create a private chain by not broadcasting the blocks to
                         the BC network
               (c) Smart contractebased attacks: If smart contracts have bugs,
                   then attacks can be launched. DAO attack is smart contract
                   based. Crowd funding of decentralized autonomous organiza-
                   tion was attacked. Here the attacker contributes a small amount
                   and without checking settlement of amount uses a recursive
                   withdraw function. Hard forks can overcome this attack.
                   a. The possibility of delegating control to untrusted functions
                      from other smart contracts results in reentrancy attack.
                      This has occurred in solidity. Developers should also
                      strengthen their smart contracts against overflow/under-
                      flow errors.
                   b. Ethereum Virtual Machine executes smart contracts. This
                      can result due to bugs in immutable smart contracts as
                      in DAO attack. Ethers can also be transferred to an
                      orphaned address without an owner. Ethereum address
                      can be modified with padding’s that enables the hackers
                      to send victim’s ethers to their address. This results in
                      short address attack as in Coindash. Some of the common
                      attacks include reentrancy, overflow, replay, short address,
                      cryptojacking and balance attacks. Cardano and Zilliqa are
                      more secure against these attacks.
               (d) Mining pool threats:A group of miners can share their re-
                   sources for mining. Some of the attacks include the following:
                   • Selfish mining attack: A selfish miner builds blocks secretly
                      on top of the existing BC. When he has more blocks then the
                      current longest chain, a private fork can be published by the
                      selfish miner as the new longest chain. Double spending
                      attack can be done by the miner to reverse his previous
                      spending before publishing the longest chain. This is also
                      called as block withholding attack.
                   • Block with holding (BWH): Here, adversary miner never
                      publishes the block to the chain. To prevent BWH, only
                      trusted miners should be present in the network to prevent
                      rogue miners.
                   • Parasite chain attack: This is very similar to selfish mining
                      attack. Here the attacker secretly builds a subchain of
                      blocks. He then performs a transaction1 on the main
                      chain. The secret subchain has a conflicting transaction2