Blockchain adoption has extended from niche research to everyday usage. However, despite the blockchain revolution, one of the key challenges faced in blockchain development is maintaining security, and this book will demonstrate the techniques for doing this.

You'll start with blockchain basics and explore various blockchain attacks on user wallets, and denial of service and pool mining attacks. Next, you'll learn cryptography concepts, consensus algorithms in blockchain security, and design principles while understanding and deploying security implementation guidelines. You'll not only cover architectural considerations, but also work on system and network security and operational configurations for your Ethereum and Hyperledger Fabric network. You'll later implement security at each level of blockchain app development, understanding how to secure various phases of a blockchain app using an example-based approach. You'll gradually learn to securely implement and develop decentralized apps, and follow deployment best practices. Finally, you'll explore the architectural components of Hyperledger Fabric, and how they can be configured to build secure private blockchain networks.

By the end of this book, you'll have learned blockchain security concepts and techniques that you can implement in real blockchain production environments.

This book is for blockchain developers, security professionals, and Ethereum and Hyperledger developers who are looking to implement security in blockchain platforms and ensure secure data management using an example-driven approach. Basic knowledge of blockchain concepts will be beneficial.

Chapter 1, Introducing Blockchain Security and Attack Vectors, illustrates the core concepts and fundamental elements of blockchain technology, such as distributed ledgers, peer-to-peer network topology, and consensus protocols.

Chapter 2, Cryptography Essentials, introduces cryptography primitives and their use in blockchain, looking at the differences between cryptography algorithms and hashing algorithms and how cryptography primitives fit into blockchain architecture.

Chapter 3, Blockchain Security Assumptions, focuses on the assumptions made about blockchain security and potential threats related to centralized and decentralized models. We will analyze different types of blockchains and distributed ledger technologies, such as permissioned and permissionless architectures.

Chapter 4, Trustless Blockchain Networks, looks at trustless blockchain networks, analyzing how blockchains achieve decentralization by leveraging peer-to-peer networking. We will also see how blockchains manage transactions and show how to protect wallets and private keys.

Chapter 5, Securing Hyperledger Fabric, is where we analyze the security aspects relating to Hyperledger Fabric, showing how Hyperledger provides protection against the most common security threats.

Chapter 6, Decentralized Apps and Smart Contracts, explores decentralized applications and the core concepts of smart contracts, dealing with central aspects such as developing, creating, and executing decentralized apps and smart contracts in the Ethereum environment.

Chapter 7, Preventing Threats for DApps and Smart Contracts, goes into the security aspects of decentralized applications and smart contracts, showing security best practices to prevent potential threats and attacks. We will also learn how to leverage pentesting tools to assess decentralized applications and potential flaws in smart contracts.

Chapter 8, Exploiting Blockchain as an Attack Vector, looks into how a blockchain can become an attack vector for data integrity compromises, identity theft, and malware.

Chapter 9, Analyzing Privacy and GDPR Compliance Issues, analyzes potential privacy issues for blockchain technology, particularly in terms of EU privacy law (GDPR) compliance.

No particular software or operating system is required to follow the book's content, apart from an up-to-date version of a web browser and an internet connection to download source code examples and the tools suggested in the book. A good understanding of the plaforms such as Hyperledger, Fabric, and Ethereum can be an added advantage. Previous knowledge of blockchain technology would be beneficial, but is not strictly necessary. To get the most out of the book, you are expected to be fluent in networking security core concepts and to have some exposure to a general-purpose programming language.

If you are using the digital version of this book, we advise you to type the code yourself or access the code via the GitHub repository (link available in the next section). Doing so will help you avoid any potential errors related to the copying and pasting of code.

You can download the example code files for this book from your account at www.packt.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

1. Log in or register at www.packt.com.
2. Select the Support tab.
3. Click on Code Downloads.
4. Enter the name of the book in the Search box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

• WinRAR/7-Zip for Windows
• Zipeg/iZip/UnRarX for Mac
• 7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/-Securing-Blockchain-Networks-like-Ethereum-and-Hyperledger-Fabric. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Code in Action videos for this book can be viewed at https://bit.ly/2xZyAoE.

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781838646486_ColorImages.pdf.

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "An example of a Bitcoin address follows: mwog86wxZsWf6KGufzwA69xbvzE9TGZ5vA."

A block of code is set as follows:

>>> import math
>>> print math.gcd (5, 72)
>>> 1

Any command-line input or output is written as follows:

bitcoin-cli getnewaddress

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at customercare@packtpub.com.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.