Parallel Processing of Blockchain Transactions

Parallel Processing of Blockchain Transactions

Analysis of Important Concepts

Transaction: Basic operations on the blockchain, such as asset transfer.

Mining: The process of verifying transactions, packaging transactions into blocks, and adding them to the blockchain.

Consensus Mechanism: A mechanism that ensures that all nodes agree on the state of the blockchain, such as Proof of Work (PoW).

State Tree: A data structure that stores the status of all accounts in a blockchain system, such as the Merkle Patricia Tree (MPT).

State Root Node: The top node of the state tree, whose hash value represents the state of the entire state tree.

Independent Transaction Group: A group of transactions that do not affect each other and can be processed in parallel.

Parallel Processing: A technology that processes multiple tasks at the same time to improve efficiency.

Short Answer Questions

What is parallel processing of blockchain transactions and what problem does it try to solve?

In the technical documentation provided, how are candidate transactions grouped?

Explain the role of the state tree in parallel processing of blockchain transactions.

Describe the concept of independent transaction groups and their importance.

In the system mentioned in the document, how to create and use a copy of the state tree?

Explain the process of merging updated copies of the state tree.

Why do new blocks need to be broadcast to other blockchain nodes?

In the system mentioned in the document, how do multi-core processors improve transaction processing efficiency?

Describe the structure and advantages of the Merkle Patricia Tree (MPT).

Explain the role of the state root node in blockchain data security.

Knowledge point test answers

Short answer questions:

Parallel processing of blockchain transactions refers to the technology of processing multiple transactions at the same time, which aims to improve the transaction throughput (TPS) of the blockchain system and solve the problem of slow transaction speed of traditional blockchain systems.

The document groups candidate transactions into independent transaction groups. Candidate transactions involving at least one common transaction account are grouped into the same transaction group, while candidate transactions that do not involve any common transaction account are grouped into different transaction groups.

The state tree stores the status information of all accounts in the blockchain system. In parallel processing, copies of the state tree are used to independently process different transaction groups, thereby achieving parallelization.

Independent transaction groups refer to transaction groups that have no dependencies on each other and can be processed in parallel without affecting each other, thereby improving transaction processing efficiency.

The system creates a state tree copy for each independent transaction group. Each transaction group executes transactions on its own copy and updates the account status.

After all transaction groups have been processed, the system merges the updated state tree copies into a new state tree that reflects the latest state after all executed transactions.

The purpose of broadcasting new blocks to other blockchain nodes is to allow all nodes to obtain the latest blockchain data and reach a consensus on the state of the blockchain.

Multi-core processors can process multiple transaction groups at the same time, with each core responsible for one transaction group, thereby achieving parallel processing and improving efficiency.

Merkle Patricia Tree (MPT) is a cryptographically verified data structure that can store and update data efficiently. The structure of MPT allows the hash value of the state root node to be quickly calculated without traversing the entire tree, thereby improving efficiency.

The hash value of the state root node represents the state of the entire state tree. By comparing the hash value of the state root node, the integrity and tamper-proofness of the blockchain data can be verified.

Key Glossary

Transaction Basic operations on the blockchain, such as asset transfer. Mining The process of verifying transactions, packaging transactions into blocks, and adding them to the blockchain. Consensus Mechanism A mechanism that ensures that all nodes agree on the state of the blockchain. State Tree A data structure that stores the state of all accounts in a blockchain system. State Root Node A top-level node in the state tree whose hash value represents the state of the entire state tree. Independent Transaction Group A group of transactions that do not affect each other and can be processed in parallel. Parallel Processing A technique for processing multiple tasks simultaneously to improve efficiency. Merkle Patricia Tree (MPT) A cryptographically verified data structure that can efficiently store and update data. UTXO (Unspent Transaction Output) Unspent transaction output is the basis of the Bitcoin transaction model. Account/Balance Model An account-centric transaction model that tracks the balance of each account.

Decentralized Autonomous Entity System and Method

Glossary

Decentralized Autonomous Entity (DAE) An AI system that can operate autonomously without human intervention, for example, a DAE that implements unemployment insurance policies. Decentralized Autonomous Organization (DAO) A specific type of DAE that focuses on operating the organization in an autonomous manner. Smart Contract A piece of code stored on the blockchain that defines the rules and logic of the DAE, for example, determining how insurance policies are issued and claims are processed. Blockchain A decentralized, immutable transaction ledger that records all operations and transactions of the DAE. Ethereum A blockchain-based platform that allows the execution of smart contracts and cryptocurrency transactions. Artificial Intelligence Task (HIT) A task assigned by the DAE to human actors, for example, evaluating new policy applications or claims requests. Reputation System An external system used to verify the identity of a user and assess their trustworthiness, such as LinkedIn or Facebook. Sybil Attack A type of attack in which a person attempts to take control of a decentralized system by creating multiple false identities. Schelling Point A game theory concept in which parties may independently choose the same strategy without direct communication, used to make decisions in a DAE. Policy Pool A pool of resources held by the DAE that is used to pay claims and other expenses.

Short Answer Question

Briefly describe the concept of a decentralized autonomous entity (DAE). DAE is an AI system that operates autonomously and performs specific functions without human intervention. It relies on rules and logic defined in smart contracts and leverages blockchain technology to ensure transparency and security.

How does DAE use reputation systems to enhance security? DAEs verify user identities and assess trustworthiness by integrating reputation systems (e.g., LinkedIn, Facebook). This helps prevent fraudulent behavior, such as Sybil attacks, and improves the reliability of DAE decisions.

Explain the role of human task (HIT) in DAEs. HITs are tasks assigned by DAEs to human participants to perform actions that DAEs cannot complete, such as evaluating new policy applications or claims. HITs help integrate human judgment into the decision-making process of DAEs.

What is a Schelling point and how is it used in DAEs? Schelling points refer to the game theory concept that parties may independently choose the same strategy without direct communication. DAEs use the Schelling point mechanism to reach consensus among human participants, for example, to determine the fair amount of a claim.

Briefly describe the concept of "policy pool" in DAEs and its importance. The policy pool is a pool of resources held by the DAE to pay claims, pay HIT rewards, and pay other operating expenses. The health of the policy pool is critical to the sustainable development of the DAE.

How does the DAE use blockchain technology to ensure transparency and accountability? All operations and transactions of the DAE are recorded on the blockchain, an immutable public ledger. This transparency allows anyone to audit the activities of the DAE and ensure that it operates according to the rules defined in the smart contract.

Describe how the DAE handles uncompleted HITs. The DAE typically uses an auction mechanism to redistribute uncompleted HITs. Bids for uncompleted HITs will be submitted by other participants, and the winning bidder will receive a reward for completing the HIT.

How does the DAE incentivize users to participate and contribute to its operations? The DAE incentivizes user participation through a variety of mechanisms, such as paying rewards to users who complete HITs and distributing dividends to long-term participants.

What are the potential advantages of the DAE in the field of unemployment insurance? The DAE can automate unemployment insurance processes, such as processing applications, verifying eligibility, and paying benefits. This can reduce administrative costs, improve efficiency, and reduce the possibility of fraud.

In addition to unemployment insurance, what other areas can DAE be applied to? DAE can be applied to a variety of areas that require decentralized, transparent and automated decision-making, such as supply chain management, identity verification and voting systems.

Blockchain-based transferable equity instruments

Short answer questions

What is blockchain? How is it related to cryptocurrency?

What role do smart contracts play in blockchain securities issuance?

Briefly describe the system and method for issuing and purchasing tokenized securities using a blockchain platform.

In the issuance of tokenized securities, how is investor authentication carried out?

What role do "whitelists" and "blacklists" play on the tokenized securities issuance platform?

Explain the four main stages in the life cycle of the BITE token.

What is a blockchain oracle? How does it play a role in the issuance of tokenized securities?

What is the functional difference between proxy contracts, escrow contracts and aggregation contracts?

Explain how the tokenized securities issuance platform ensures compliance with the regulations of the U.S. Securities and Exchange Commission (SEC).

What are the main advantages of tokenized securities issuance compared to traditional securities issuance?

Answer to the short answer question

Blockchain is a decentralized database used to record transactions in a peer-to-peer network. It secures transactions through encryption technology and ensures that records cannot be tampered with through timestamps and hash links. Cryptocurrency is a digital medium of exchange that uses cryptography to protect transactions and control the creation of new currency units, and blockchain technology is the underlying technology of cryptocurrency.

Smart contracts are automatically executed codes on the blockchain to implement the terms of the agreement between the two parties. In blockchain securities issuance, smart contracts are used to create, issue and manage tokens representing securities and automatically execute terms and conditions related to securities issuance, such as investor certification, payment processing and securities transfer.

The system includes user devices for investors and servers for tokenized securities issuing entities, both of which communicate with the blockchain platform. The server creates tokenized securities and deploys tokenized securities contracts on the blockchain platform, and the user device interacts with the server through a graphical user interface to register, pass certification, review documents, accept terms and ultimately purchase tokenized securities.

Investor certification can be completed through a third-party certification agency or a self-certification function provided by the platform. For third-party certification, the user device will communicate with the certification agency's server to obtain a certification certificate. For self-certification, the user device will submit the certification documents to the platform's server for verification.

The whitelist contains a list of verified qualified investors who are allowed to participate in the tokenized securities issuance. The blacklist contains entities or individuals that are prohibited from participating, such as competitors, affiliates, or individuals marked by the U.S. Office of Foreign Assets Control (OFAC).

The life cycle of the BITE token includes: a pre-sale period, during which potential investors can register, review documents, and purchase BITE tokens at a discount; an issuance period, during which qualified investors can purchase BITE tokens; a silent period, during which the resale of BITE tokens is restricted to prevent insider trading; and a trading period, during which BITE tokens can be freely traded on the secondary market.

Blockchain oracles are agents that connect blockchains with data from the outside world. In the issuance of tokenized securities, oracles can automatically retrieve investor certification information from various sources (e.g., the database of a certification service agency) and update the qualified investor whitelist on the platform.

The proxy contract allows one party to act on the platform on behalf of another party, thereby achieving the transfer of ownership. The escrow contract encrypts the information and stores it securely, which can only be accessed by the owner. Aggregate contracts combine multiple participants into a single entity to facilitate transactions.

The platform ensures compliance by implementing SEC rules and guidelines in tokenized securities contracts, such as investor certification, anti-money laundering (AML), and know your customer (KYC) regulations. The platform also leverages smart contracts to automatically enforce these rules to reduce the risk of non-compliance.

Tokenized securities issuance provides greater accessibility, liquidity, and transparency. It also reduces costs and provides automated compliance compared to traditional methods, thereby reducing risk and increasing efficiency.

Glossary

Tokenized Securities: A digital token that represents ownership of real-world assets (such as stocks, bonds).

BITE Token (Blockchain Instrument for Transferable Equity): A tokenized security that represents transferable equity.

Proxy Contract: A smart contract that allows one party to act on the platform on behalf of another party.

Escrow Contract: A smart contract that encrypts and securely stores information that can only be accessed by the owner.

Aggregate Contract: A smart contract that combines multiple participants into a single entity to facilitate transactions.

Tokenized Securities Study Guide

Glossary

ICO (Initial Coin Offering) A popular way to crowdfund by issuing new cryptocurrencies. Tokenized Securities A form of digital securities issued and traded on a blockchain platform. Immutable Ledger A database that cannot be changed after data is added. BITE Tokens are blockchain instruments that represent transferable equity and are a form of tokenized securities. Qualification Authority An organization that verifies that a person or entity meets certain investment criteria. Whitelist A list of investors approved to participate in a tokenized securities offering. Blacklist A list of individuals or entities prohibited from participating in a tokenized securities offering. Escrow Account A third-party account that holds funds during a transaction until all necessary conditions are met. Private Placement Memorandum (PPM) A legal document provided to potential investors that outlines the terms of an investment opportunity. Subscription Agreement A legally binding agreement between an investor and the issuing entity that outlines the terms of a tokenized security purchase. Secondary Market A market in which investors can buy and sell tokenized securities after they have been issued. Trading Window A specific period of time during which tokenized securities can be bought and sold. Rights Bundle A collection of rights associated with a tokenized security that defines the rights and obligations of shareholders and issuers

. Rights Steps A sequence of steps that make up the entire workflow of a transaction (e.g. new issue, secondary transfer). First Refusal Right If a shareholder wishes to sell his or her shares, the company or other shareholders have the right of first refusal at the same price. Same Sale Right Gives an investor the right to sell some or all of his or her shares in the event that the company sells some or all of its shares. Valuation Estimator A tool used to estimate the value of a tokenized security based on various factors (e.g. current valuation, future valuation, time horizon). Vesting Schedule A mechanism that outlines the schedule for vesting ownership of a tokenized security over time.

Short Answer Questions

What are the key differences between tokenized and traditional securities?

Explain the role of escrow accounts in tokenized securities issuance.

How does the concept of an “immutable ledger” apply to tokenized securities?

Why should investors go through a qualification process before participating in a tokenized securities issuance?

What is the purpose of a PPM in the context of tokenized securities?

What role does the secondary market play in the tokenized securities ecosystem?

What is a trading window and why is it important for tokenized securities trading?

Give examples of rights bundles that a tokenized security can be associated with.

How does a valuation estimator help potential tokenized securities investors?

Describe the significance of the vesting schedule for tokenized securities.

Answer

Tokenized securities are forms of digital securities issued using blockchain technology, whereas traditional securities are held in physical certificates or electronically. This difference allows for greater transparency, automation, and access to liquidity.

The escrow account acts as a third party in the issuance of tokenized securities, holding investors’ funds and securities until all necessary conditions such as qualification and contractual agreements are met. This process ensures that transactions are secure and fair.

The immutable ledger means that the blockchain that records transactions cannot be altered after they are added. This ensures transparency and auditability of the ownership and trading history of tokenized securities.

The qualification process ensures that investors meet certain financial criteria, allowing them to withstand the risks associated with private securities. This process complies with securities regulations and protects inexperienced investors.

The PPM provides important information about the tokenized security offering and the issuing entity, including financial statements, management team, and risk factors. It acts as a due diligence document for potential investors, helping them make an informed decision.

The secondary market allows investors to buy and sell tokenized securities after the initial offering, thereby providing liquidity and exit strategies for investors. It also facilitates price discovery and enables a wider range of investors to participate.

A trading window is a specific time period during which buying and selling of a tokenized security is allowed. This mechanism helps manage liquidity, prevent market manipulation, and ensure compliance with regulatory requirements.

Tokenized securities can be associated with bundles of rights such as voting rights, dividend rights, or preemptive rights to purchase future securities offerings. These rights are defined by the issuing entity and embedded in the smart contract of the tokenized security.

The valuation estimator helps potential investors assess the potential value of a tokenized security by considering current market conditions, historical data, and security-specific factors. It provides a benchmark for making informed investment decisions.

The vesting schedule of a tokenized security specifies the granting of ownership rights over time. It is often used to incentivize employees or founders and tie their ownership to the success of the company over time.

Dynamic password authentication system based on blockchain

Glossary

DLT distributed ledger technology DLS distributed ledger system, such as blockchain system, DAG system URI uniform resource identifier, such as URL, URN wallet software manages private keys used in DLS, such as browser-based hardware wallet with password extension external device to store private keys, some of which can be used in conjunction with wallet software private key PRVA private key used on DLS user identifier A calculated from private key 101A according to DLS processing, such as using private key, public key, hash value or partial hash value of public key as user identifier UA user of terminal 1A UB user of terminal 1B UC user of terminal 1C UP user of terminal 4A BnTOTP dynamic password OWP calculated based on block number Bn on DLS and seed value KC inside the contract, etc., based on blockchain time changes by the contract administrator (Owner) at any time , modify the internal variables KC or BC of the DLS contract with any value to generate a password that simulates OTPBIOS basic input and output system, reads the operating system software from the terminal memory or external memory, records time information and other basic controlsEFI extensible firmware interface, is the latest BIOS standardROM read-only memory, data can only be read after writingRAM random access memory, memory that can erase and rewrite dataCPU central processing unit, is the central processing unit of the computer, integrating the controller and the operatorSoC system on a chip, integrates multiple functions such as CPU, graphics processor, GNSS wireless signal receiving modem, wireless communication modem, etc. into one chipMCU microcontroller unitNFC near field communicationNITZ network identification and time zoneGNSS global navigation satellite systemJYY Japan standard time signal transmitterShort answer question

Explain the main features of the dynamic password authentication system based on blockchain.

The dynamic password authentication system based on blockchain uses OTP tokens, and by generating and verifying OTP on the blockchain, it makes the ownership status of contracts and OTP tokens difficult to tamper with.

Distinguish between the two dynamic password generation methods of BnTOTP and OWP.

BnTOTP is generated based on the time changes on the blockchain, using the block number Bn and the seed value KC inside the contract, and is automatically updated over time. OWP is generated by the contract administrator manually modifying the contract internal variables KC or BC at any time, and remains valid before the administrator modifies it.

Explain the role of the contract administrator in the system.

The contract administrator is responsible for generating and deploying OTP generation and verification contracts, setting and updating the seed values ​​KC and BC inside the contract, and can also control the issuance and permissions of OTP tokens.

Describe how users use the system to log in to the website.

The user first uses the private key to access the DLS, generates a dynamic password BnTOTP based on the current block number, and then enters BnTOTP into the website login interface for verification.

Explain how the system is applied to access control systems in the real world.

The user's OWP, user identifier A, and token number TIDA are recorded in the NFC tag 19A. The user uses the NFC tag 19A to verify on the access control device 3D, and the access control device can be unlocked after verification.

Explain how the system ensures the security of OTP.

The system uses the tamper-proof characteristics of blockchain to protect the ownership information of contracts and OTP tokens, and enhances the randomness and unpredictability of OTP by using dynamic variables such as block numbers, timestamps, and user-defined seed values.

Describe how the system verifies OTP offline.

When obtaining OTP, the user records the block number Bnp at the time in the valuable note 18A or NFC tag 19A, and enters Bnp, TIDA, and BnTOTP together for verification.

Explain how the system prevents the theft of OTP after the user's private key is leaked.

The system can record the user's IP address, location information, device information, and sensor data, and monitor for abnormal login behavior. Once suspicious operations are found, the user is notified immediately.

Explain how the system is applied to digital copyright protection.

Encrypt copyrighted digital content and store the decryption key in the OTP token. Only users with the corresponding OTP token can decrypt and access the content.

Explore the challenges that the system may face in long-term operation.

As the amount of blockchain data continues to grow, the system may face problems such as insufficient storage space and slow data retrieval speed, and technical solutions need to be continuously updated to meet challenges.

Supply Chain Platform System

The supply chain management system manages the process of goods, services and related information from the starting point to the consumption point

Blockchain database A decentralized and distributed database maintained by a blockchain network Blockchain network A network of multiple nodes that jointly maintain a shared, immutable transaction record Node Participants in a blockchain network, who have a copy of the blockchain database Token A digital asset representing a certain value or utility in a blockchain network Smart contract A piece of code stored on the blockchain that is automatically executed when preset conditions are met Ethereum An open source, public, blockchain-based distributed computing platform and operating system ERC-20 Smart contract technical standard for homogeneous tokens on the Ethereum blockchain ERC-721 Smart contract technical standard for non-homogeneous tokens on the Ethereum blockchain Decentralized application (DApp) An application built on a blockchain network that is not controlled by any centralized institution Token Generation Event (TGE) An activity that raises funds for a project by issuing tokens Know Your Customer/Anti-Money Laundering (KYC/AML)A procedure for verifying the identity of a customer in order to prevent financial crimeMatrix codeAn optical data representation that can be read by a machine, such as a QR codeGeographic waypoint dataData that describes the location of an object, such as geographic coordinates or an addressApplication programming interface (API)An interface that allows different software applications to interact with each otherSoftware development kit (SDK)A set of tools and libraries used to build software applicationsHashingAn algorithm that converts data of arbitrary length into a fixed-length stringEncryptionConverts information into an unintelligible form that can only be decrypted by authorized partiesEscrowA third party that holds funds or assets until preset conditions are metOracle nodeAn entity that provides external data to smart contractsMainnetA blockchain network’s main operating networkConsortium chainA semi-private blockchain network where only authorized nodes can participateDockerA containerized platform for building, sharing, and running software applications

Short answer questions

Briefly describe what a supply chain management system is and explain its importance in modern business.

How can blockchain technology be applied to supply chain management systems? List at least three advantages.

Explain the difference between ERC-20 and ERC-721 tokens and explain their potential uses in supply chain platforms.

What are smart contracts? Give examples of how smart contracts can be used in supply chain management.

Explain what a token generation event (TGE) is and describe its role in launching a blockchain-based supply chain platform.

Briefly describe the importance of Know Your Customer/Anti-Money Laundering (KYC/AML) procedures in a supply chain platform.

Explain how matrix codes and geographic waypoint data can be used to track goods in a supply chain.

Briefly describe the role of APIs and SDKs in a supply chain platform and give examples of how they can be integrated with other systems.

Explain what an oracle node is and describe its functionality in connecting blockchain and real-world data.

Compare and contrast public blockchains and consortium blockchains and discuss their pros and cons in supply chain management.

Answer

A supply chain management system is the process of managing goods, services, and related information from the point of origin to the point of consumption. It is essential in modern business because it increases efficiency, reduces costs, enhances transparency, and improves customer satisfaction.

Blockchain technology can be applied to supply chain management systems in a number of ways, including:

Enhanced transparency: All transactions on a blockchain are permanent and viewable by all participants, which increases visibility and traceability of the supply chain.

Reduce fraud: The immutability of blockchain makes it difficult to forge transactions, which reduces the risk of fraud and counterfeit products.

Improve efficiency: Smart contracts can automate processes in the supply chain, such as payments and goods handovers, reducing manual operations and delays.

ERC-20 tokens are fungible, meaning each token is the same as other tokens, such as the platform's universal currency. ERC-721 tokens are non-fungible, meaning each token is unique and can represent a specific commodity in the supply chain.

A smart contract is a piece of code stored on the blockchain that automatically executes when preset conditions are met. For example, a smart contract can be used to automatically pay a supplier when goods arrive at their destination.

A token generation event (TGE) is an event that raises funds for a project by issuing tokens. When launching a blockchain-based supply chain platform, a TGE can be used to raise development funds and build an initial community of token holders.

Know Your Customer/Anti-Money Laundering (KYC/AML) procedures are critical in supply chain platforms because they help prevent the platform from being used for money laundering, terrorist financing, and other illegal activities.

Matrix codes, such as QR codes, can be printed on goods and read using a scanner or smartphone to provide information about the goods' origin, destination, and other relevant information. Geographic waypoint data can be used to track the movement of goods through the supply chain.

APIs allow supply chain platforms to exchange data with other systems, such as enterprise resource planning (ERP) systems or warehouse management systems. SDKs provide tools and libraries that enable developers to build applications that integrate with supply chain platforms.

Oracle nodes are entities that provide external data to smart contracts. For example, an oracle node can provide smart contracts with information about the location of goods, weather conditions, or market prices.

Public blockchains are open and anyone can participate, while consortium chains are semi-private and only authorized nodes can participate. Public blockchains provide greater transparency and security, but slower transaction speeds. Consortium chains provide faster transaction speeds and higher throughput, but less transparency and security.

Blockchain transferable equity instruments

Glossary

Tokenized securities: Digital representations of traditional securities issued and traded on a blockchain.

Smart contracts: Self-executing contracts that execute and enforce automatically on a blockchain.

Ethereum: A decentralized blockchain platform for running smart contracts and decentralized applications.

Accredited Investor: An investor who meets certain income or asset requirements defined by the U.S. Securities and Exchange Commission (SEC) to qualify to invest in certain securities that are not generally available to the public.

Private Placement Memorandum (PPM): A legal document provided to potential investors in a private placement that contains information about the offering, the securities, and the management team.

Escrow Account: A third-party account that holds one party's funds during a transaction until the terms of the contract are met.

Proxy Contract: A smart contract that allows one party to perform actions on the blockchain on behalf of another party.

Quiz

What are the main features of blockchain technology?

How are tokenized securities different from traditional securities?

What is the role of smart contracts in a tokenized securities offering?

Explain the concept of accredited investors in a tokenized securities offering.

What is the purpose of a private placement memorandum (PPM)?

How do escrow accounts provide security in tokenized securities transactions?

How are proxy contracts used in tokenized securities offerings?

Describe some of the advantages of blockchain tokenized securities platforms.

Explain the importance of secondary markets for tokenized securities.

What regulatory aspects need to be considered in the issuance of tokenized securities?

Answer

The main characteristics of blockchain technology are decentralization, transparency, security and immutability. It allows transparent and secure transactions between parties without the need for intermediaries.

Tokenized securities are digital representations of traditional securities that are

Issued and traded on the blockchain. They offer greater efficiency, transparency, and liquidity than traditional securities.

Smart contracts automatically execute the terms of a tokenized securities issuance. They define aspects such as issuance rules, investor qualifications, and distribution terms.

Qualified investors are individuals or entities that meet certain financial requirements that allow them to invest in securities that are not generally available to the public. Tokenized securities issuances are often targeted to accredited investors to meet regulatory standards.

PPM provides comprehensive information about the tokenized securities issuance, the issuing entity, and the associated risks. It acts as a disclosure document for potential investors.

Escrow accounts hold funds or securities between buyers and sellers until the terms of the transaction are met. This ensures that funds can be returned to the buyer if either party fails to meet its obligations.

Proxy contracts allow the issuing entity or its designated representative to perform actions on the blockchain on behalf of investors, such as token distribution or managing dividend payments.

The advantages of blockchain tokenized securities platforms include greater efficiency, reduced costs, greater transparency, and improved liquidity.

Secondary markets allow investors to buy and sell tokenized securities after the initial issuance. This provides liquidity and allows for a wider range of investor participation.

Tokenized securities issuance must comply with securities laws, anti-money laundering (AML) regulations, and know your customer (KYC) regulations. Compliance is essential to ensure a fair and transparent market.

Blockchain-based asset trading platform

Short answer questions

Please briefly describe the technical problem you are trying to solve.

What key role does the trading network play?

Explain the special significance of the genesis block and how it enhances the security of the system.

Describe how users can exchange assets in this system and explain the significance of atomic swaps.

Explain the concept of "token burning" and its role in asset redemption.

Briefly describe the cross-custodial net settlement process and explain its advantages.

Explain how the system implements pre-trade credit checks.

What types of orders does the system support? Give examples.

Briefly describe the functions of the virtual custody module and explain its relationship with atomic swaps.

Explain how the system integrates with decentralized exchanges.

Answer

Aims to solve the inefficiencies and security risks in the existing market infrastructure, especially when it comes to trading different types of assets (such as fiat currencies and cryptocurrencies). The system provides a secure, transparent and efficient asset trading solution by leveraging blockchain technology and atomic swap mechanisms.

The trading network plays a vital role in this system. It is responsible for signing the genesis block of each blockchain ledger, establishing an initial trust foundation for the system and acting as a barrier to prevent malicious nodes from entering. In addition, the trading network also acts as a customer trading platform to facilitate asset exchanges between customers.

The genesis block is the first block of each blockchain ledger. Its special feature is that it is signed by the trading network to ensure its authenticity. This signature mechanism effectively prevents malicious nodes from forging ledgers and enhances system security.

Users reach a transaction agreement on the trading network and use the atomic swap mechanism to exchange assets. Atomic swaps ensure that both parties to the transaction transfer assets at the same time, avoiding the risk of default by either party and ensuring the fairness and security of the transaction.

Token burning refers to the process of permanently removing tokens from circulation. In asset redemption, token burning is used to update the corresponding blockchain ledger to reflect that the user has exchanged the token for the actual asset and no longer holds the token.

The cross-custodial net settlement process is a process that simplifies the settlement process by calculating the net amount payable for all users in each asset class in transactions involving multiple custodians. This process reduces the number of actual asset transfers, reduces transaction costs, and improves settlement efficiency.

The system implements pre-trade credit checks by accessing the user's unspent transaction output (UTXO) dataset and calculating the sum of their on-chain assets to ensure that the user has sufficient funds to trade.

The system supports multiple order types, including limit orders and market orders. For example, a user can submit a limit order to buy 1 Bitcoin, specifying a maximum purchase price, or submit a market order to buy it immediately at the current market price.

The virtual custody module acts as a bridge between smart contracts and the custody module, facilitating atomic swaps using smart contracts, allowing users to securely trade assets stored in smart contracts.

The system integrates with decentralized exchanges by injecting liquidity into decentralized exchanges and extracting liquidity from them. The system also supports atomic swaps between blockchain smart contracts and custodial distributed blockchain ledgers, ensuring that transactions are secure and efficient.

Glossary

Genesis Block The first block in a blockchain. Atomic swap A mechanism that ensures simultaneous asset transfers between parties. Token burning The process of permanently removing tokens from circulation. Custodian An entity responsible for the safekeeping and management of client assets. Cross-custodial net settlement Simplifies the settlement process by calculating the net amount to be settled in transactions involving multiple custodians. Blockchain node A participating computer in a blockchain network. Unspent transaction output (UTXO) An output in a blockchain transaction that has not been spent and can be used for future transactions. Decentralized exchange (DEX) A cryptocurrency exchange that does not rely on centralized institutions for transactions.

Smart Contract Security: Based on Control Flow Integrity

Glossary

Control Flow Integrity (CFI) A security mechanism used to ensure that a predefined control flow is followed during program execution to prevent malicious code injection. Control Flow Graph (CFG) A graphical representation used to describe all possible execution paths in a program. Basic Block (BBL) A node in a CFG that represents a set of instructions executed sequentially, with only one entry and one exit. opcode An operation code, a numerical code representing a computer instruction.

Short Answer Questions

What are smart contracts and how do they work?

Explain the concept of control flow integrity (CFI) and its role in software security.

How does Ethereum differ from traditional software programs in terms of smart contract execution?

Describe how the DAO attack exploited a smart contract vulnerability.

What role does Solidity play in smart contract development?

What is a fallback function and how can it be exploited in smart contracts?

Explain how control flow graphs (CFGs) can be used to enhance the security of smart contracts.

What information does a contract creator need to provide when deploying a smart contract?

How does a contract verifier verify the execution of a smart contract in the system described?

Briefly describe the challenges of applying CFI to a blockchain environment.

Answer

Smart contracts are self-executing contracts deployed on a blockchain whose terms are written directly into the code. When predefined conditions are met, the code is automatically executed without any middleman.

Control flow integrity (CFI) is a security mechanism used to ensure that program execution follows a predefined control flow. It improves software security by monitoring the control flow of a program and preventing malicious code injection or exploitation of vulnerabilities to change the expected execution path.

Ethereum's smart contract execution occurs in a decentralized network, with each node executing the same code. This is different from traditional software programs, which usually run on a single machine and are more vulnerable to attacks.

The DAO attack exploited a vulnerability in a smart contract that allowed an attacker to withdraw funds multiple times before the withdrawal was completed. The attacker created a recursive call that continuously extracted funds from the DAO contract until a large amount of Ether was exhausted.

Solidity is a high-level programming language used to write Ethereum smart contracts. It provides a syntax that is easier to understand and write, and can be compiled into bytecode executable by the EVM.

A fallback function is a default function executed when a smart contract receives funds that do not specify a function call. An attacker can use the fallback function to create a recursive call that drains the contract's funds.

A control flow graph (CFG) can be used to describe all possible execution paths of a smart contract. By restricting the execution of a smart contract to the path defined by the CFG, attackers can be prevented from exploiting vulnerabilities to execute malicious code.

Contract creators need to provide the smart contract code and the corresponding control flow graph (CFG) when deploying a smart contract.

In the described system, the contract verifier compares the execution path of the smart contract with the pre-provided CFG. If the execution path does not match the CFG, the execution is considered invalid.

There are some challenges in applying CFI to blockchain environments, such as: the decentralized nature of smart contracts makes CFI deployment and maintenance more difficult; the computing resources on the blockchain are limited, and the CFI mechanism needs to be lightweight and efficient; the code of smart contracts is usually open and transparent, and attackers can more easily analyze and attack the CFI mechanism.

Double Encryption Key Splitting System

I. Short Answer Questions

What is double encryption? What is the significance of double encryption in a key splitting system?

Double encryption refers to encrypting data twice, usually using two different encryption algorithms or keys. In a key splitting system, double encryption can improve security. Even if an attacker obtains part of the encryption key or key shard, the final data cannot be decrypted because another key or key shard is required to complete the decryption.

What is Shamir Key Sharing? How does it apply to key splitting?

Shamir Key Sharing is an algorithm that splits a key into multiple shards, and the original key can only be reconstructed when a sufficient number of shards are collected. It uses the principle of polynomial interpolation to hide the key in a polynomial and generate multiple shards as points on the polynomial. Only when a sufficient number of points are obtained can the polynomial be reconstructed and the key be obtained.

Please explain the difference between "secret", "secret shard", "single encrypted secret shard" and "double encrypted secret shard".

Secret: refers to the key information that needs to be protected, such as the key used to encrypt data.

Secret shard: refers to the multiple shards after the "secret" is split using a key splitting algorithm (such as Shamir key sharing), each shard contains part of the secret information.

Single encrypted secret shard: refers to the result of encrypting the "secret shard" once, usually using a symmetric encryption algorithm and key.

Double encrypted secret shard: refers to the result of encrypting the "single encrypted secret shard" again, usually using an asymmetric encryption algorithm, such as using the public key corresponding to each shard holder for encryption.

What is an asset encryption key? How does it relate to the asset key?

Asset encryption key: A symmetric key used to encrypt and decrypt asset keys.

Asset key: Refers to important keys that need to be protected, such as private keys used to sign transactions, or encryption keys used to decrypt high-value data.

What encryption methods are used in the system? Please explain their functions respectively.

The system uses two methods: symmetric encryption and asymmetric encryption:

Symmetric encryption: Use the same key for encryption and decryption, such as using the AES algorithm to encrypt secret shards.

Asymmetric encryption: Use public key encryption and private key decryption, such as using the shard holder's public key to double-encrypt a single-encrypted secret shard.

What is key rotation? Why do we need to rotate keys?

Key rotation refers to the regular replacement of keys to reduce the risk of key leakage. Regular replacement of keys can effectively shorten the validity period of keys. Even if the key is leaked at a certain point in time, attackers cannot access subsequent data.

How are QR codes used in the system?

The system uses QR codes to store and transmit encrypted secret shards, such as generating QR codes from double-encrypted secret shards and distributing them to the corresponding shard holders.

What is an offline signing service? What role does it play in the system?

Offline signing service refers to a key management service that is not connected to the Internet and is used to securely store and use keys. In the system, the offline signing service is used to generate and store asset encryption keys and use keys to sign transactions.

How does the system ensure that only authorized users can reconstruct secrets?

The system ensures that only authorized users can reconstruct secrets by setting a threshold for key sharding. For example, if a secret is split into 10 shards and the threshold is set to 5, the secret can only be reconstructed after at least 5 shards are collected.

In addition to protecting keys, what other types of secret information can the system be used to protect?

In addition to protecting keys, the system can also be used to protect other types of secret information, such as passwords, account/routing numbers, etc. This information can be split into multiple shards, then encrypted with symmetric keys and distributed to multiple shard holders using asymmetric encryption.

III. Glossary

Term Definition Double encryption Encrypts data twice, usually using two different encryption algorithms or keys. Shamir key sharing An algorithm that splits a key into multiple shards, and the original key can only be reconstructed after a sufficient number of shards are collected. A secret is a key piece of information that needs to be protected, such as a key used to encrypt data. A secret shard is a secret that is split into multiple pieces using a key splitting algorithm (such as Shamir key sharing), each of which contains part of the secret information. A single encrypted secret shard is the result of encrypting a secret shard once, usually using a symmetric encryption algorithm and key. A double encrypted secret shard is the result of encrypting a single encrypted secret shard again, usually using an asymmetric encryption algorithm, such as using the public key corresponding to each shard holder. An asset encryption key is a symmetric key used to encrypt and decrypt asset keys. An asset key is an important key that needs to be protected, such as a private key used to sign transactions, or an encryption key used to decrypt high-value data. Key rotation refers to the periodic replacement of keys to reduce the risk of key leakage. An offline signing service is a key management service that is not connected to the Internet and is used to securely store and use keys.