<a href="https://colab.research.google.com/github/samikshaa0604/cybersecurityassignment2/blob/main/cybersecurityassignment2.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>


# 🛡️ Blockchain Security Improvements (Python Colab Notebook)

This notebook demonstrates **research gaps** identified in blockchain security and provides **Python-based executable improvements** for:
1. Wallet Security (Multisig)
2. Smart Contract Safety (Static Analysis)
3. Consensus Performance (PoW vs PoS)
4. Data Privacy in IoT/Cloud (Zero-Knowledge Proofs)

---




##  GAP 1: Wallet Security
**Problem:** Single private key theft = permanent asset loss.  
**Improvement:** Multi-Signature Wallet (Multisig).


In [None]:

from hashlib import sha256

class MultiSigWallet:
    def __init__(self, owners, required):
        self.owners = owners
        self.required = required
        self.balance = 0
        self.transactions = []
        self.confirmations = {}

    def deposit(self, amount):
        self.balance += amount
        print(f"Deposited {amount}. Balance: {self.balance}")

    def submit_transaction(self, to, amount):
        if amount > self.balance:
            print("Not enough funds!")
            return None
        tx = {"to": to, "amount": amount}
        tx_id = sha256(str(tx).encode()).hexdigest()
        self.transactions.append(tx)
        self.confirmations[tx_id] = []
        print(f"Transaction submitted: {tx}, ID: {tx_id[:10]}")
        return tx_id

    def confirm_transaction(self, owner, tx_id):
        if owner not in self.owners:
            print("Not an owner!")
            return
        if owner in self.confirmations[tx_id]:
            print(f"{owner} already confirmed!")
            return
        self.confirmations[tx_id].append(owner)
        print(f"{owner} confirmed transaction {tx_id[:10]}")

    def execute_transaction(self, tx_id):
        if len(self.confirmations[tx_id]) >= self.required:
            tx = [t for t in self.transactions if sha256(str(t).encode()).hexdigest() == tx_id][0]
            self.balance -= tx["amount"]
            print(f"✅ Executed: Sent {tx['amount']} to {tx['to']}. New Balance: {self.balance}")
        else:
            print("Not enough confirmations yet!")

# Demo
wallet = MultiSigWallet(["Alice", "Bob", "Charlie"], required=2)
wallet.deposit(100)
tx_id = wallet.submit_transaction("Mallory", 50)
wallet.confirm_transaction("Alice", tx_id)
wallet.confirm_transaction("Bob", tx_id)
wallet.execute_transaction(tx_id)


Deposited 100. Balance: 100
Transaction submitted: {'to': 'Mallory', 'amount': 50}, ID: 71d01972cc
Alice confirmed transaction 71d01972cc
Bob confirmed transaction 71d01972cc
✅ Executed: Sent 50 to Mallory. New Balance: 50


## 🔹 GAP 2: Smart Contract Safety  
**Problem:** Poorly written contracts can cause irreversible asset loss.  
**Improvement:** Basic static vulnerability scanner.  

In [None]:

import re

def audit_smart_contract(code):
    issues = []
    if "tx.origin" in code:
        issues.append("⚠️ Insecure use of tx.origin (phishing risk).")
    if "call.value" in code:
        issues.append("⚠️ Use of call.value without checks (reentrancy risk).")
    if "delegatecall" in code:
        issues.append("⚠️ delegatecall detected (code execution risk).")
    if not issues:
        return "✅ No major vulnerabilities detected."
    return issues

# Example Solidity code (with vulnerabilities)
solidity_code = '''
contract Test {
    function pay(address to) public {
        to.call.value(1 ether)("");
    }
}
'''
print(audit_smart_contract(solidity_code))


['⚠️ Use of call.value without checks (reentrancy risk).']


## 🔹 GAP 3: Consensus Performance  
**Problem:** Proof-of-Work is slow and energy-hungry.  
**Improvement:** Compare PoW vs PoS simulation.  


In [None]:

import random, time
from hashlib import sha256

def proof_of_work(difficulty=4):
    prefix = "0"*difficulty
    nonce = 0
    while True:
        hash_val = sha256(f"{nonce}".encode()).hexdigest()
        if hash_val.startswith(prefix):
            return nonce, hash_val
        nonce += 1

def proof_of_stake(validators):
    return random.choice(validators)

# Simulate PoW
start = time.time()
nonce, hash_val = proof_of_work(difficulty=5)
end = time.time()
print(f"⛏️ PoW found nonce {nonce} in {end-start:.2f}s -> {hash_val[:10]}")

# Simulate PoS
validators = ["Alice", "Bob", "Charlie"]
chosen = proof_of_stake(validators)
print(f"🏆 PoS selected validator: {chosen}")


⛏️ PoW found nonce 596138 in 0.67s -> 0000069145
🏆 PoS selected validator: Charlie


## 🔹 GAP 4: Data Privacy in IoT/Cloud  
**Problem:** Sharing sensitive data risks privacy leaks.  
**Improvement:** Zero-Knowledge Proof demo.

In [None]:

def zero_knowledge_proof(secret, claim):
    hashed = sha256(secret.encode()).hexdigest()
    return hashed == sha256(claim.encode()).hexdigest()

# Example
real_password = "SuperSecret123"
claim = "SuperSecret123"   # Correct proof
print("ZKP Verified:", zero_knowledge_proof(real_password, claim))

claim = "WrongPassword"    # Wrong proof
print("ZKP Verified:", zero_knowledge_proof(real_password, claim))


ZKP Verified: True
ZKP Verified: False
