IS4228: Information Technology and Financial Services

IS4302
Blockchain and Distributed
Ledger Technologies
Week 8

© Copyright National University of Singapore. All Rights Reserved.

Intended Learning Outcomes

1. NFTs: Define, use cases, creation, trading.

2. Smart Contract Security: Identify risks, implement
security patterns.
3. Blockchain Protocols: Compare models, understand
consensus.
4. Interoperability: Define, evaluate solutions, cross-chain
challenges.
5. Challenges: Recognize issues, plan for future
developments.

2
Overview

1. Non Fungible Tokens

2. Smart Contract Design Patterns (Security)
3. Blockchain Protocols Design Patterns
4. Interoperability

3
Overview

1. Non Fungible Tokens

2. Smart Contract Design Patterns (Security)
3. Blockchain Protocols Design Patterns
4. Interoperability

4
What Are NFTs?

Definition: NFTs are unique, non-interchangeable digital assets

stored on a blockchain.

• Each NFT is associated with a specific identifier, making it

different from any other token (unlike cryptocurrencies, which
are fungible).
• Represent ownership of digital or physical items (art, music,
collectibles, virtual real estate).

Key Blockchain: Most NFTs are created and traded on the

Ethereum blockchain using the ERC-721 standard.
5
Trading NFTs

Buying and Selling:

• NFTs are bought and sold on decentralized marketplaces (e.g.,
OpenSea, Rarible).
• Ownership transfer is secured by the blockchain, ensuring a
tamper-proof transaction history.

Smart Contracts in Trading: Smart contracts facilitate the

transaction by executing predefined terms (e.g., transfer of
ownership and payment).
Royalties: Some NFTs are programmed to pay creators royalties
every time the NFT is resold, providing ongoing revenue.
6
NFT Use Cases

• Art and Collectibles: Digital artists sell unique works directly

to buyers (e.g., Beeple’s $69M NFT sale).
• Gaming: Players own in-game assets (characters, weapons,
skins) and can trade or sell them on NFT marketplaces.
• Virtual Real Estate: Platforms like Decentraland and The
Sandbox allow users to buy, sell, and build on virtual land.
• Music and Entertainment: Musicians can release limited-
edition albums or concert tickets as NFTs.

7
NFTs

• CryptoPunks, one of the first NFT on Ethereum, has created

more than 10000 collectible punks (6039 males and 3840
females) and further promoted the ERC-721 standard to
become popular.
• CryptoKitties officially put NFTs on notice, and hit the
market in 2017 with the gamification of the breeding
mechanics. Participants fiercely competed at high prices to
auction the rare cats, and the highest price reaches more than
999 ETH (equally 3M USD).
• NBA Top Shot: an NFT trading platform used to buy/sell
digital short videos of NBA moments.
• …
8
An example workflow of NFT system

• NFT Digitize.
• An NFT owner checks that the file, title, description are
completely accurate. Then, s/he digitizes the raw data into a
proper format.
• NFT Store
• An NFT owner stores the raw data into an external database
outside the blockchain.
• S/he is also allowed to store the raw data inside a blockchain,
despite this operation is gas-consuming.
• NFT Sign
• The NFT owner signs a transaction, including the hash of NFT
data, and then sends the transaction to a smart contract.
9
An example workflow of NFT system

• NFT Mint&Trade
• After the smart contract receives the transaction with the
NFT data, the minting and trading process begins.
• NFT Confirm
• Once the transaction is confirmed, the minting process
completes.
• By this approach, NFTs will forever link to a unique
blockchain address as their persistence evidence.

10
An example workflow of NFT system

11
Value of NFT

• Liquidity

• Uniqueness

• Social value

• Speculation

• …

12
Challenges
• Usability Challenges
• Slow confirmation
• High gas prices
• Data inaccessibility
• A cryptographic hash as the identifier, instead of a copy
of the file, will be tagged with the token and then
recorded on the blockchain to save the gas.
• More generally, oracle problem
• Legal pitfalls
• Taxable property issues
• NFT Interoperability (cross-chain)
• …
13
NFTs Overview:

Unique Ownership: NFTs represent a groundbreaking way to

establish and verify ownership of digital assets.
Technological Foundation: Built on blockchain and smart
contracts, NFTs are evolving as a powerful tool for creators,
gamers, and businesses.
Challenges Ahead: High gas fees, environmental impact, and
legal ambiguities need to be addressed to ensure sustainable
growth.
Future Outlook: As blockchain technology evolves (Layer 2,
PoS), NFTs will likely expand into new industries, including
finance, identity, and virtual worlds.
14
Overview

1. Non Fungible Tokens

2. Smart Contract Design Patterns (Security)
3. Blockchain Protocols Design Patterns
4. Interoperability

15
Overview

• Some commonly used patterns in smart contracts

• Authorization
• Action and control
• Lifecycle
• Maintenance
• Security

16
Mutex (Mutual exclusion)

• Problem: Re-entrancy attack

• When a contract calls another contract, it hands over
control to that other contract. The called contract can
then, in turn, re-enter the contract by which it was called
and try to manipulate its state or hijack the control flow
through malicious code.

17
Mutex

• Example of an insecure contract

18
Mutex

• Attacking the insecure contract

19
Mutex

• Solution: Utilize a mutex to hinder an external call from re-

entering its caller function again.

20
Emergency Stop

• Problem: Since a deployed contract is executed autonomously

on the Ethereum network, there is no option to halt its
execution in case of a major bug or security issue.

• Solution: Incorporate an emergency stop functionality into the

contract that can be triggered by an authenticated party to
disable sensitive functions.

21
Emergency Stop

22
Speed Bump

• Problem: The simultaneous execution of sensitive tasks by a

huge number of parties can bring about the downfall of a
contract.

• Solution: Prolong the completion of sensitive tasks to take

steps against fraudulent activities.
• Contract sensitive tasks are slowed down on purpose, so
when malicious actions occur, the damage is restricted
and more time to counteract is available.

23
Speed Bump

24
Speed Bump

25
Rate limit

• Problem: A request rush on a certain task is not desired and

can hinder the correct operational performance of a contract.

• Solution: Regulate how often a task can be executed within a

period of time.

26
Rate limit

27
Balance limit

• Problem: There is always a risk that a contract gets

compromised due to bugs in the code or yet unknown security
issues within the contract platform.

• Solution: Limit the maximum amount of funds at risk held

within a contract.
• cannot prevent the admission of forcibly sent Ether, e.g.
as beneficiary of a selfdestruct(address) call, or as
recipient of a mining reward.

28
Balance limit

29
Overview

1. Non Fungible Tokens

2. Smart Contract Design Patterns (Security)
3. Blockchain Protocols Design Patterns
4. Interoperability

30
Design Taxonomy of Blockchain Systems

• Main Dimensions: Storage & Computation, Configuration,

Decentralization

• Storage & Computation:

• Item Data: Stored off-chain or on-chain (Bitcoin, Ethereum).
• Off-chain Options: Use of IPFS and Storj for efficient
storage.

• Architectural Configurations:
• Blockchain Scope: Public, Consortium, Private.
• Data Structures: GHOST, BlockDAG, Segregated Witness
(SegWit). 31
Design Taxonomy of Blockchain Systems

• Main Dimensions: Storage & Computation, Configuration,

Decentralization

• Storage & Computation:

• Item Data: Stored off-chain or on-chain (Bitcoin, Ethereum).
• Off-chain Options: Use of IPFS and Storj for efficient
storage.

• Architectural Configurations:
• Blockchain Scope: Public, Consortium, Private.
• Data Structures: GHOST, BlockDAG, Segregated Witness
(SegWit). 32
Storage and Computation

• Three main components

• Item Data
• Item Collection
• Computation

33
Item Data

• Where is the data is used for?

• Smart contracts variables
• Data Storage
• Images
• Log data

34
Item Data – On Chain

• Bitcoin
• Originally Bitcoin allowed the storing of small amounts
of data (40-80 bytes) in “OP_Return script” for about $3-
8 each. This was later deprecated as the core devs felt that
it created confusion and bloated the Bitcoin UTXO
database

35
Item Data – On Chain

• Ethereum
• In smart contracts every transaction has a fixed cost of
21,000 gas, and every non-zero byte of data costs an
additional 68 gas.
• Data can also be stored as log events. Logged data is
stored in log topics which cost 21,375 gas, where every
byte costs an additional 8 gas.

36
Item Data – Off Chain

• Commonly Raw data is stored off-chain

• Only metadata, hashes of raw data, and small critical data is
stored on chain

37
Item Data – Off Chain

• Data can be stored in private clouds on

client’s infrastructure or in public storae.
• P2P data storage options: IPFS and Storj
• Designed to be friendly to blockchain
• IPFS usage is free if you provide storage
space for hosting data
• Storj costs US$0.015GB/month
• Data is replicated automatically or based on
how often users access it

38
Item Data – Off Chain

39
IPFS – Video

https://youtu.be/k1EQC7tdh70?si=LePqswFZYTw5bZA7&t=
22

40
Architectural Design Configurations

• Considerations
• Scope: Public, Consortium, Private
• Data Structure: Chains, DAGs, etc.
• Consensus Protocols: PoW, PoS, etc.

41
Blockchain Scope: Public, Consortium, or Private

42
Blockchain Scope: Public, Consortium, or Private

• Public:
• Free entry to use or validate/mine
• Consortium:
• Designated set of validators
• Used across multiple organizations or multiple divisions
in an organization
• Private
• One designated validator node

43
Blockchain Scope: Public, Consortium, or Private

44
Blockchain Scope: Public, Consortium, or Private

• Public:
• Free entry to use or validate/mine
• Consortium:
• Designated set of validators
• Used across multiple organizations or multiple divisions
in an organization
• Private
• One designated validator node

45
Public Blockchain

• Best for: Open and transparent applications where anyone can participate.

• Examples: Cryptocurrencies (like Bitcoin, Ethereum), decentralized finance

(DeFi) platforms.

• Use Cases:
• Decentralized Applications (DApps): Where transparency and immutability are
crucial.
• Public Data Sharing: When you want to enable broad access and visibility to
information.

• Pros: High transparency, strong security through decentralized consensus.

• Cons: Lower transaction speed, high energy consumption.

46
Consortium Blockchain

• Best for: Collaborative efforts between multiple organizations that require

shared control.
• Examples: Interbank payment systems, supply chain consortia, healthcare data
sharing.

• Use Cases:
• Business Partnerships: Where multiple entities need a secure and
private way to interact and share data.
• Governance: When controlled participation is needed but still benefits
from decentralized principles.

• Pros: Faster transactions than public blockchains, reduced energy

consumption, controlled access.
• Cons: Less decentralized than public blockchains, relies on the trust between
participants. 47
Private Blockchain

• Best for: Internal use within a single organization with specific needs for
control and privacy.
• Examples: Corporate data management, internal audit systems, logistics
tracking.

• Use Cases:
• Enterprise Solutions: Where data privacy and speed are essential, and
trust is not a major issue.
• Regulated Environments: Industries that must adhere to strict data
security and compliance standards.

• Pros: High transaction speed, low energy consumption, full control over
access and modifications.
• Cons: Less secure against external attacks, lacks the transparency of public
blockchains. 48
Scope Summary

• Public Blockchain: Best for transparency and open

participation.

• Consortium Blockchain: Ideal for collaboration between

trusted partners.

• Private Blockchain: Most suitable for secure, internal use

within a single organization.

49
Data Structures

• Blockchains
• GHOST
• BlockDAG
• Segregated Witness

50
Blockchain – Original Design

• Consensus Guaranteed by Longest Chain heuristic

51
Blockchain Trilemma

52
Greedy Heaviest-Observed Sub-Tree (GHOST)

• Allows concurrent work to be performed, allowing shorter

inter-block times, thus increasing throughput
• Each block refers to 1-2 “uncle blocks”
• The “heaviest” branch is considered valid

53
Block Directed Acyclic Graph (DAG)

• Allows non-conflicting transactions from uncle blocks to be

incorporated into the main chain.
• Selection rules can decide to use heaviest subtree or longest
chain

54
Block Directed Acyclic Graph (DAG)

• Allows more concurrent processing and asynchronous

processing, increasing the throughput as more
miners/validators join.

55
Block Directed Acyclic Graph (DAG)

• Hedera hashgraph is one of the popular example of DAG

which uses gossip protocol which ensure the highest
standard of security to prevent any malicious attacks.

56
Block Directed Acyclic Graph (DAG)

• Hedera hashgraph is one of the popular example of DAG which uses

gossip protocol which ensure the highest standard of security to prevent
any malicious attacks.
• Gossip protocol: when an event occurs, the node transmits data to it to two
other random nodes, which transmit them to two other nodes (in the total
already four), and so on. This leads to an exponential spread of
information throughout the network.
• “Gossip about Gossip” consensus algorithm:
• Each node on the network shares all of its information about which
node, when and with whom it communicated
• Gets around the problem of asynchronous execution discussed in
FT5003 discussion on Distributed Systems.

57
Segregated Witness (SegWit)

• Signatures (witnesses) were separated from the input fields

of the blocks

58
Segregated Witness (SegWit)

• Signatures (witnesses) were separated from the input fields

of the blocks
• The first part of a transaction contains the wallet
addresses of the sender and receiver and the second part
contains the “witness data” containing transaction
signatures. SegWit removes the “witness data” from the
main block, therefore notably reducing transaction size.
• This allows more transactions per block
• Implemented as an upgrade to Bitcoin
• First implemented in Litecoin, and later Bitcoin
• Disagreements about such upgrades also pushed the hard
fork of Bitcoin Cash in 2018
59
Overview

1. Non Fungible Tokens

2. Smart Contract Design Patterns (Security)
3. Blockchain Protocols Design Patterns
4. Interoperability

60
Cross Chain Interoperability

• Importance
• Wide proliferation of various chains with different features
• Desire to move assets or information from one chain to
another
• Desire to interface with traditional web2 and company
databases
• Benefits
• Customizable Web3 Services
• Allows “mix and match” lego pieces
• Creates more decentralized overall ecosystem

61
Cross Chain Interoperability – Wide Ecosystem

62
Cross Chain Interoperability

• Layer 1s and Layer 2s

• Most Layer 1s lack features that support cross-chain
interoperability.
• Sidechains are separate networks that each have their own
consensus mechanisms, security parameters, and tokens
• Polkadot and Cosmos were designed from the ground up to be
comprehensive cross-chain infrastructure solutions to establish
a “network of networks”

63
Cosmos

https://youtu.be/jj299iVoKwc?si=xuajOiTihgc6v0qd&t=45

64
Cross Chain Interoperability

• Oracles
• Chainlink and API3 feed off-chian data into blockchain
enabled smart contracts to allow each chain to “see” what
is going on in other chains and ensure a common source
of truth

66
Cross Chain Interoperability

• Bridges and Swaps

• Bridges: enable ownership to be locked on one chain
while an identical asset is minted on another chain and
sent to an address owned by the original owner.
• Atomic swaps: use smart contracts to automatically
exchange tokens from different chains

67
Decentralized Exchanges

https://www.youtube.com/watch?v=2tTVJL4bpTU

68
Summary

Non-Fungible Tokens (NFTs) Blockchain Protocols

1. Unique digital assets on 1. Enhancing performance
blockchain. and transaction efficiency.
2. Use cases: art, gaming, 2. Models: GHOST, SegWit,
virtual real estate. BlockDAG.

Smart Contract Design Interoperability

1. Focus on security: Mutex, 1. Cross-chain solutions:
Emergency Stop. Polkadot, Cosmos.
2. Implement design patterns 2. Linking different
to prevent attacks. blockchains for a unified
ecosystem.
69
Thank you!

70