Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Blockchain Application

I need help with my coursework project. Let me know if you need any help from me. 

Lab 2: Blockchain-Based Academic Credentials Lab

Lastname: ______________ Firstname:________________

1. Overview

AETHELRED UNIVERSITY Registrar’s Office wants to start issuing a digital transcripts and diploma for graduating students. You are called to build the system to prevent grade tampering and fake records. Each student’s transcript and diploma is issued as a blockchain record where a cryptographic hash of the transcript is stored on-chain.

This lab would guide you through designing, implementing, and testing a prototype system that issues cryptographic proofs of academic transcripts on a blockchain.

We will:

· Develop a simple smart contract to record transcript and diploma hashes.

· Issue sample transcript entries for AETHELRED UNIVERSITY students.

· Issue sample diploma for AETHELRED UNIVERSITY students.

· Store transcript files off-chain (local file or IPFS) and store their cryptographic fingerprints on-chain.

· Simulate tampering and show how a hash mismatch detects modification.

· Explore a deliberate smart contract bug and demonstrate its consequences.

The User Roles and User Stories

· AETHELRED UNIVERSITY admin to add student profile, generate transcripts and diploma for students, encrypt and compute SHA-256 fingerprints issues on chain and manage keys

· Student that receives an encrypted credential file and a small proof token. Student posts a short public validation link or CeDiD on LinkedIn. Recruiter clicks/enters code to validate.

· Recruiter enter the student’s proof tokens and get an instant verification of the transcript/diploma

· Government simulate (A) modify an issued transcript, (B) create a fake student and issue a diploma outside AETHELRED UNIVERSITY, (C) create a diploma for an active (non-graduating) student.

By the end of the lab you’ll understand the architecture, attack surface, and tradeoffs for a blockchain-based credentialing system.

2. Lab Environment Setup

You will do everything in Google Colab. Make a copy of the notebook (



om/drive/1-68h_VKjSnJqbO55z4O7JKxQ5EgK0Gof?usp=sharing). I will reference the code using cell number as label. Below are the tools we would be using

· Node.js v16+ and npm

· Python 3.8+ and pip

· Ganache (CLI or GUI)
or access to an Ethereum testnet (Sepolia) and an API key (Infura/Alchemy)

· Remix IDE or Hardhat/Truffle for compiling and deploying contracts

· web3.py (Python) or ethers.js (Node)

3. Tasks (Lab Steps)

Task 0 – Environment & Setup

1. Open the Colab notebook (link above).

2. Run
Cells 1–3 to install dependencies, start Ganache

3. Run Cell 4 to Compile both contract for transcript and diploma.

Screenshot your compiled contract for transcript and diploma

4. Run Cell 5 to connect to a Ganache account

Screenshot or copy the owner address from Cell 5

5. Run cell 5b to deploy the contract

Screenshot or copy the address of your TranscriptRegistry and DiplomaRegistry

Task 1 – Adding Students and Issuing Credentials

1. Run cell 6 to create a test transcript and diploma for Jane Doe.

Whats the transcript SHA for the user

Screenshot or copy the Diploma SHA, CeDiD and Initails of this user.

2. Run cell 7 to issue the transcript and diploma on blockchain

Screenshot of the student key and issued transaction hash

3. Run cell 8 to verfiy the newly created transcript and diploma that we have on the chain

Screenshot of the verification, was this successful?

4. Run cell 9 to see how we can tamper with the transcript and diploma

Was your tempering successful? Screenshot of the tempering

If not successful, explain why it was not successful

Task 2 – Issue a Transcript and Diploma

We want to create a system for AETHELRED UNIVERSITY admin to use to add users to the DB, run cell 10 to create the DB. Here cell 10 adds a user to the DB and later adds the user to the same block chain that was created before

What DB was used in this example?

Pick a new DB of your own and update the code to use your own DB, which DB did you choose and why?

Add a new user to your own DB, screenshot of your DB with the new user you added

Transaction hash and event log, plus the transcript file and computed hash.

Try to change the blockchain account that the transcript is added, whats the new account that was used for this

Task 3 – Verification of Transcript and Diploma as a Recruiter

Here we run cell 11 to create the function that helps the recruiter verify that a students transcript or diploma is issued by AETHELRED UNIVERSITY.

Command output showing transcript and diploma verified as not tempeted

Update the code to check from your own DB, did this work?

Verify the users you have on your own DB, on the original blockchain account, what was your observation?

Change back to the 2nd blockchain account from Task 2 and verify the users, was this successful? If not, why? Include screenshots

Task 4 – Tamper Simulation

Based on the data on your DB, do the following tamper simulations

1. Edit the off-chain transcript (change a grade).

2. Edit the diploma, change the name, but let the name have the same initials

Was the diploma with the same initials on this tempered diploma, was the verification successful? Include screenshots

3. Recompute the SHA-256 of the edited file.

4. Re-run verification, show the on-chain hash does
not match (verification fails).

5. Explain why this prevents silent grade changes.

Two hashes (original and tampered), and verification result showing mismatch.

Change the issuer of the Diploma from AETHELRED UNIVERSITY to another school, try to use AETHELRED UNIVERSITY to verify the diploma, did it work?

What would you do to prevent AETHELRED UNIVERSITY from validating a diploma it did not issue?

Task 5 – Smart Contract Vulnerability

1. Modify the contract to remove the “prevent overwrite” check (comment out require(records[studentId].issuedAt == 0, “already issued”);) and re-deploy (or deploy a second broken version).

2. From the
owner account (or vulnerability scenario: change the contract to allow any account to call issueTranscript), attempt to overwrite an existing record with a new hash (e.g., attacker issues a fake transcript hash).

3. Observe implications: if anyone can reissue, the system is broken. If only owner can reissue but owner account is compromised (simulate compromise), records can be changed.

How does “permissioned” vs “permissionless” blockchain change your threat model?

What happens if the private key of the Registrar is leaked?

Demonstration of successful overwrite and an explanation.

Question and answer

1. What is the purpose of using blockchain in this lab?

2. What specific, immediate outcome occurs during the verification process if the off-chain transcript file is modified even slightly?

3. What is the precise security purpose of this ‘require(records[studentId].issuedAt == 0, “already issued”);’ statement? How does its presence ensure the integrity of the academic record over time?

4. Describe the specific malicious action an attacker could take with the broken contract, and why this represents a catastrophic failure for an academic credentials system?

5. What are the security risk identified in this lab and what are the solution?

4. Extra Tasks (Lab Steps)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

Effective security programs

Organizational policies define the direction for an organization and contribute to its overall security culture by setting the tone on what is and is not acceptable. 

The Equifax Data Breach

Briefly explain what the Equifax data breach was, why it happened, and why it was important. You should mention that Equifax failed to protect personal data, discuss the ethical and security issues involved, and explain what companies can learn from the incident. Please see attached documents. 

Reflection on Big Data and AI

please see attached DAT 260 Module Five Journal Guidelines and Rubric Overview In this journal assignment, you will reflect on key concepts covered in this module. This assignment directly supports your work in Project Two, which is due in Module Seven. Directions In a well-crafted journal entry, address the following:

Disaster Recovery

  Questions: Research the network and server outage problems experienced during a previous man-made or natural disaster and answer the following questions: What parts of the infrastructure was impacted? How were the networks recovered? How redundancy could have mitigated the impact of the disaster?

Network Design and Plan Purpose

Please review attachment Mod 4 Project: Network Design and Plan Purpose In this module, we will introduce a course design project that will be completed in four parts during the course. This project provides you an opportunity to solve a comprehensive problem in firewall and virtual private network (VPN) implementation

Memecoins & Stablecoins Development

Please take a look at the attachment. Lab #3: Blockchain-Based Ecosystems: Memecoins & Stablecoins Development, Attack Simulation, and Auditing Lastname: ______________ First name:____________Date_______ TA_Prove_ Yes/No 1. Overview This lab guides students through designing, implementing, deploying, testing, and auditing a simple memecoin (ERC‑20) and a minimal ecosystem around it (liquidity pool,

Blockchain Presentation

presentation about a blockchain Term Project CIS 5730- Blockchain Application Project Guideline Part ii–Presentation Along with the project you will present what you did to the class in a short presentation. If you want, you can demonstrate the project, or just present an overview of what you did. Presentations should

Network Threats

  Questions: Below is a list of common network attacks: Distributed Denial of Service (DDoS) DNS poisoning ARP poisoning Domain hijacking MAC flooding MAC cloning Man-in-the-Middle Explain two of these network attacks and discuss methods/techniques for protecting the network against them.

Best Practices for Role-Based Privilege Management in Databases

  Research the best practices for managing and securing role-based privileges in databases and address the following questions in your discussion post:  What are the key challenges in managing role-based privileges, and how do they impact database security? Can you provide a real-world scenario where poor role-based privilege management led

Computer Science Cloud Computing assignment

Please see attachment for details 4 [ Note: To complete this template, replace the bracketed text with your own content. Remove this note before you submit your paper.] Cloud Computing Evaluation Paper 1 Cloud Computing [Differentiate between cloud computing models and their uses. What are the different types of deployment

Computer Science- Python Python Programming Assignment

Computer Science Python Programming Lab assignment help. Design a Python program that calculates a credit card customer’s minimum payment based on their balance. Please use If Else and elif statements in your code. You must add comments in your code. Please round the minimum payment to two decimal places using

LOREM, IPSUM

The ability to develop a risk register is a skill needed by all cybersecurity leaders when assessing cybersecurity risks. A risk register provides a detailed listing of known risks as well as quantitative or qualitative assessments of those risks, resulting in the prioritization of action.

Virtual LANs

  Questions: A VLAN allows different devices to be connected virtually to each other as if they were in a LAN sharing a single broadcast domain. 1. Why a network engineer would want to deploy VLANs? 2. How do VLANs improve network security?