# Implementing Security Measures for Blockchain and Bitcoin Wallet

Objective:

To understand and implement security measures for Blockchain technology and Bitcoin wallets, ensuring the safety and integrity of transactions and wallet data.

In [1]:
import hashlib
def sha256_hash(data):
    result = hashlib.sha256(data.encode()).hexdigest()
    print(f"SHA-256 Hash: {result}")

sha256_hash("BlockchainSecurity")


SHA-256 Hash: c092834352ae239d54a1e242bb167b57a73c72f4b9332a1379636b18928ac21c


In [2]:
from bitcoin import random_key, privtopub, pubtoaddr

private_key = random_key()
public_key = privtopub(private_key)
address = pubtoaddr(public_key)

print(f"Private Key: {private_key}")
print(f"Public Key: {public_key}")
print(f"Bitcoin Address: {address}")

Private Key: d3064516790c8e0cc937498f1824ab5f5a6f595f30ff5c1d1bc64144750c7b07
Public Key: 04130a4704b9e81df6d91f4d272d6eb9cb87e77a1b2d1c07c506ad3929244c62951006d119fca522b0f5b6c47daad64ba082f800effd7c64f9662bec7685aae1b6
Bitcoin Address: 1BVdYzXC2KxoidU1PPUdYGZ7xjxtzp7rMX


In [3]:
import hashlib

class Block:
    def __init__(self, index, previous_hash, data, nonce=0):
        self.index = index
        self.previous_hash = previous_hash
        self.data = data
        self.nonce = nonce
        
    def hash_block(self):
        return hashlib.sha256(f"{self.index}{self.previous_hash}{self.data}{self.nonce}".encode()).hexdigest()
    
def proof_of_work(block, difficulty):
    block.nonce = 0
    while not block.hash_block().startswith("0" * difficulty):
        block.nonce += 1
        
block = Block(1, "0", "First Block")
proof_of_work(block, 4)
print(f"Block Hash: {block.hash_block()}")


Block Hash: 000013f5f38ee7e5fa1e9a477ed98d367a6e8793fdec4a3fbc06b28c5d8204b4


In [5]:
from mnemonic import Mnemonic
from cryptography.fernet import Fernet
import os

# Generate a mnemonic seed phrase
mnemo = Mnemonic("english")
seed_phrase = mnemo.generate(strength=256)
print(f"Generated Seed Phrase: {seed_phrase}")

# Derive private key from the seed phrase
seed = mnemo.to_seed(seed_phrase)
private_key = os.urandom(32)  # Simulating private key
print(f"Private Key: {private_key.hex()}")

# Encrypting the private key with a passphrase
encryption_key = Fernet.generate_key()
cipher_suite = Fernet(encryption_key)
encrypted_private_key = cipher_suite.encrypt(private_key)
print(f"Encrypted Private Key: {encrypted_private_key}")

# Decryption (Wallet Recovery Process)
decrypted_private_key = cipher_suite.decrypt(encrypted_private_key)
print(f"Decrypted Private Key: {decrypted_private_key.hex()}")

# Test if decrypted private key matches the original
assert decrypted_private_key == private_key, "Decryption failed!"
print("Decryption successful, keys match.")


Generated Seed Phrase: fun people dragon arrange heart setup hover moral project dumb fox gown question syrup destroy noble useful museum alpha topic era spoon announce dolphin
Private Key: 5adc3fe728b0629c3d7c6f34dba4d0d2c141285be97f9a092392a05459822364
Encrypted Private Key: b'gAAAAABm9Cux1M5-OAG7KpwwNQRm76L7-ajDRLr_C-eiXGkY9V2AZsXndlZAGnpAgrgKbOFj5HxsW9iG4z_g6XC82rzxJ1ctTRWc1S7nYtfaemjn6t3ClMJdcjUiBz2pdb0HkMg9bAPv'
Decrypted Private Key: 5adc3fe728b0629c3d7c6f34dba4d0d2c141285be97f9a092392a05459822364
Decryption successful, keys match.


In [8]:
def simulate_phishing_email():
    print("\n=== Simulated Phishing Email ===\n")
    
    # Mock phishing email content
    phishing_email = """
    Subject: Urgent! Your Bitcoin Wallet Needs Verification

    Dear Customer,

    We detected unusual activity in your Ledger wallet. To protect your funds, we require immediate verification of your private key information.

    Failure to verify your wallet in the next 24 hours will result in the suspension of your account and possible loss of funds.

    Please click the link below and enter your private key information to restore access to your wallet:

    [FAKE LINK TO PHISHING SITE]
    
    If you do not respond in time, your Bitcoin funds may be compromised. Act now to secure your assets!

    Sincerely,
    Ledger Security Team
    """

    # Print the phishing email to analyze its structure
    print(phishing_email)
    
    # Key points of phishing attacks
    print("\n=== Phishing Analysis ===")
    print("1. **Urgency**: The email creates panic by claiming that your account or funds are at risk.")
    print("2. **Impersonation**: The email pretends to be from a trusted entity, like Ledger.")
    print("3. **Sensitive Information Request**: It asks for your private key, which no legitimate company would ever ask for.")
    print("4. **Fake Link**: The email contains a link to a phishing website that looks like a legitimate site.")
    print("5. **Grammar and Spelling**: Often, phishing emails contain subtle grammatical or spelling mistakes.")
    
simulate_phishing_email()



=== Simulated Phishing Email ===


    Subject: Urgent! Your Bitcoin Wallet Needs Verification

    Dear Customer,

    We detected unusual activity in your Ledger wallet. To protect your funds, we require immediate verification of your private key information.

    Failure to verify your wallet in the next 24 hours will result in the suspension of your account and possible loss of funds.

    Please click the link below and enter your private key information to restore access to your wallet:

    [FAKE LINK TO PHISHING SITE]
    
    If you do not respond in time, your Bitcoin funds may be compromised. Act now to secure your assets!

    Sincerely,
    Ledger Security Team
    

=== Phishing Analysis ===
1. **Urgency**: The email creates panic by claiming that your account or funds are at risk.
2. **Impersonation**: The email pretends to be from a trusted entity, like Ledger.
3. **Sensitive Information Request**: It asks for your private key, which no legitimate company would ever as