Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Blockchain Application

I need help with my coursework project. Let me know if you need any help from me. 

Lab 2: Blockchain-Based Academic Credentials Lab

Lastname: ______________ Firstname:________________

1. Overview

AETHELRED UNIVERSITY Registrar’s Office wants to start issuing a digital transcripts and diploma for graduating students. You are called to build the system to prevent grade tampering and fake records. Each student’s transcript and diploma is issued as a blockchain record where a cryptographic hash of the transcript is stored on-chain.

This lab would guide you through designing, implementing, and testing a prototype system that issues cryptographic proofs of academic transcripts on a blockchain.

We will:

· Develop a simple smart contract to record transcript and diploma hashes.

· Issue sample transcript entries for AETHELRED UNIVERSITY students.

· Issue sample diploma for AETHELRED UNIVERSITY students.

· Store transcript files off-chain (local file or IPFS) and store their cryptographic fingerprints on-chain.

· Simulate tampering and show how a hash mismatch detects modification.

· Explore a deliberate smart contract bug and demonstrate its consequences.

The User Roles and User Stories

· AETHELRED UNIVERSITY admin to add student profile, generate transcripts and diploma for students, encrypt and compute SHA-256 fingerprints issues on chain and manage keys

· Student that receives an encrypted credential file and a small proof token. Student posts a short public validation link or CeDiD on LinkedIn. Recruiter clicks/enters code to validate.

· Recruiter enter the student’s proof tokens and get an instant verification of the transcript/diploma

· Government simulate (A) modify an issued transcript, (B) create a fake student and issue a diploma outside AETHELRED UNIVERSITY, (C) create a diploma for an active (non-graduating) student.

By the end of the lab you’ll understand the architecture, attack surface, and tradeoffs for a blockchain-based credentialing system.

2. Lab Environment Setup

You will do everything in Google Colab. Make a copy of the notebook (



om/drive/1-68h_VKjSnJqbO55z4O7JKxQ5EgK0Gof?usp=sharing). I will reference the code using cell number as label. Below are the tools we would be using

· Node.js v16+ and npm

· Python 3.8+ and pip

· Ganache (CLI or GUI)
or access to an Ethereum testnet (Sepolia) and an API key (Infura/Alchemy)

· Remix IDE or Hardhat/Truffle for compiling and deploying contracts

· web3.py (Python) or ethers.js (Node)

3. Tasks (Lab Steps)

Task 0 – Environment & Setup

1. Open the Colab notebook (link above).

2. Run
Cells 1–3 to install dependencies, start Ganache

3. Run Cell 4 to Compile both contract for transcript and diploma.

Screenshot your compiled contract for transcript and diploma

4. Run Cell 5 to connect to a Ganache account

Screenshot or copy the owner address from Cell 5

5. Run cell 5b to deploy the contract

Screenshot or copy the address of your TranscriptRegistry and DiplomaRegistry

Task 1 – Adding Students and Issuing Credentials

1. Run cell 6 to create a test transcript and diploma for Jane Doe.

Whats the transcript SHA for the user

Screenshot or copy the Diploma SHA, CeDiD and Initails of this user.

2. Run cell 7 to issue the transcript and diploma on blockchain

Screenshot of the student key and issued transaction hash

3. Run cell 8 to verfiy the newly created transcript and diploma that we have on the chain

Screenshot of the verification, was this successful?

4. Run cell 9 to see how we can tamper with the transcript and diploma

Was your tempering successful? Screenshot of the tempering

If not successful, explain why it was not successful

Task 2 – Issue a Transcript and Diploma

We want to create a system for AETHELRED UNIVERSITY admin to use to add users to the DB, run cell 10 to create the DB. Here cell 10 adds a user to the DB and later adds the user to the same block chain that was created before

What DB was used in this example?

Pick a new DB of your own and update the code to use your own DB, which DB did you choose and why?

Add a new user to your own DB, screenshot of your DB with the new user you added

Transaction hash and event log, plus the transcript file and computed hash.

Try to change the blockchain account that the transcript is added, whats the new account that was used for this

Task 3 – Verification of Transcript and Diploma as a Recruiter

Here we run cell 11 to create the function that helps the recruiter verify that a students transcript or diploma is issued by AETHELRED UNIVERSITY.

Command output showing transcript and diploma verified as not tempeted

Update the code to check from your own DB, did this work?

Verify the users you have on your own DB, on the original blockchain account, what was your observation?

Change back to the 2nd blockchain account from Task 2 and verify the users, was this successful? If not, why? Include screenshots

Task 4 – Tamper Simulation

Based on the data on your DB, do the following tamper simulations

1. Edit the off-chain transcript (change a grade).

2. Edit the diploma, change the name, but let the name have the same initials

Was the diploma with the same initials on this tempered diploma, was the verification successful? Include screenshots

3. Recompute the SHA-256 of the edited file.

4. Re-run verification, show the on-chain hash does
not match (verification fails).

5. Explain why this prevents silent grade changes.

Two hashes (original and tampered), and verification result showing mismatch.

Change the issuer of the Diploma from AETHELRED UNIVERSITY to another school, try to use AETHELRED UNIVERSITY to verify the diploma, did it work?

What would you do to prevent AETHELRED UNIVERSITY from validating a diploma it did not issue?

Task 5 – Smart Contract Vulnerability

1. Modify the contract to remove the “prevent overwrite” check (comment out require(records[studentId].issuedAt == 0, “already issued”);) and re-deploy (or deploy a second broken version).

2. From the
owner account (or vulnerability scenario: change the contract to allow any account to call issueTranscript), attempt to overwrite an existing record with a new hash (e.g., attacker issues a fake transcript hash).

3. Observe implications: if anyone can reissue, the system is broken. If only owner can reissue but owner account is compromised (simulate compromise), records can be changed.

How does “permissioned” vs “permissionless” blockchain change your threat model?

What happens if the private key of the Registrar is leaked?

Demonstration of successful overwrite and an explanation.

Question and answer

1. What is the purpose of using blockchain in this lab?

2. What specific, immediate outcome occurs during the verification process if the off-chain transcript file is modified even slightly?

3. What is the precise security purpose of this ‘require(records[studentId].issuedAt == 0, “already issued”);’ statement? How does its presence ensure the integrity of the academic record over time?

4. Describe the specific malicious action an attacker could take with the broken contract, and why this represents a catastrophic failure for an academic credentials system?

5. What are the security risk identified in this lab and what are the solution?

4. Extra Tasks (Lab Steps)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

LOREM, IPSUM

The ability to develop a risk register is a skill needed by all cybersecurity leaders when assessing cybersecurity risks. A risk register provides a detailed listing of known risks as well as quantitative or qualitative assessments of those risks, resulting in the prioritization of action.

Virtual LANs

  Questions: A VLAN allows different devices to be connected virtually to each other as if they were in a LAN sharing a single broadcast domain. 1. Why a network engineer would want to deploy VLANs? 2. How do VLANs improve network security?

compliance and rules to follow in cybersecurity.

Follow the attached instructions to complete this work. Note: Make sure to follows rubric or aligns with Rubric. Unit 8 Assignment Directions: Case Study Review the following hypothetical case study. Consider the big-picture ideas and the specific concerns. Make use of the key terms and concepts from the readings in

Discussion on data ( computer science)

Follow the attached direction to complete this work Unit 7 Discussion   Overview Consider this scenario: PQR Corporation provides facial recognition technology to customers. Its products include customer access to consumer electronics as well as mass surveillance capabilities through networked camera systems. While operating legally, PQR has maintained a low

Computer Science – Machine Learning Python Programming Assignment

Assignment Help. Please don’t forget to add comments in the code Page 1 of 3 NorQuest College – CMPT 1011: Lab Assignment 5 CMPT 1011: Introduction to Computing Lab Assignment 2: Variables, mathematical operations and data types Value This coding challenge is worth 3% of your final grade. Background In

Public safety Communications

Subscribe The Communications and Cyber Resiliency Toolkit provides guidance for establishing resiliency measures, public safety communications can better withstand potential disruptions to service. This toolkit, developed by CISA, describes networks and systems critical to successful communication and cyber resiliency and possible threats while providing many resources and additional links for

Case Study 4 o Data (computer)

Follow the attached instructions to complete this work Unit 4 Case Study Directions Review the following case study. Consider both the big-picture ideas and the specific concerns. Make use of the key terms and concepts from the readings in your written responses to the questions below. The case study paper

Discussion 5 and 6

Follow  the attached instructions to complete this work Unit 5 Discussion   Overview In this discussion, you will be considering the emphasis on aspects such as privacy and safety. You will reflect on the significance of the legal concerns and goals of public-private partnerships to address cybersecurity. You will also

SQL injection

Hey! ????  I need an expert in SQL injection, DDOS attack, Code injection attack, XSS attack! To talk further please contact me on discord at mara411 so we can talk more freely and then I will hire you on here! Thanks ???? 

Free CAD, FeniCS or paraview

I have attached the picture and sample work too, I need work as like sampl, but not the copypasted Make sure you can ask me multiple questions but not dont do rubbish work

database

2. Final Assignment – equivalent to 4,000 words The final module mark is based on two deliverables focused on the CarNow case study described below. – 50% of the final mark a. An advisory report – 50 % of the final mark Includes 5% (of the module grade) given for

Computer

Documentation Tabula Insurance Agency ENTER AND UPDATE COMPANY DATA Author: Ashanti Joyner Note: Do not edit this sheet. If your name does not appear in cell B6, please download a new copy of the file from the SAM website. Personnel Tabula Insurance Agency Personnel: April 4-10, 2024 Employee Name Salary

Computer class

All information is below Toronto converted a declining part of the city into a vibrant neighborhood using the smart city 1.0 approach when a local technology company introduced electric shuttle buses to replace private cars and intelligent traffic lights to regulate the flow of pedestrians, bicycles, and vehicles. From Frankl,

Week 15

Read attachments for assignments  Week 14 Feedback Overall Feedback Well done on this assignment You will have to refine your tables and figures for your final submission. Always introduce them to the reader in preceding paragraph, properly create APA table, and cite figures. See Video:   APA Tables and Figures

Prof Double R

  PowerPoint Presentation: Narrative Presentation to the Board of Trustees The Centers for Medicare & Medicaid Services (CMS) has taken on a more visible role in health care. A great deal of change has transpired to improve patient safety and implementation of additional quality metrics. The new health care reform

Week 14

Please read attachments for details  image1.png

Week 13

Read attachments for details  The Finishing Touches – Week 13 Instructions For this week’s assignment you will submit the material discussed in the lesson plan and summarized below: · A refined introduction (Mandatory) · Updated Title Page (Mandatory) · Copyright Page with Declaration (Mandatory) · Dedication Page (Optional) · Acknowledgement