Category Archives: Blockchain

Reveal block chain technology secret – he is the Genesis-of-Bible


Blockchain technology is the hottest topic last few years. Actually a similar of block technology already infiltrate into our world since genesis of the world. Do you still remember that in your student age attend chemistry lesson. A boring subject introduce the four principle orbitals (s, p, d, and f) which are filled according to the energy level and valence electrons of the element (see below for reference).  They are the block chain fundamental concept.

The genesis did not mentioned in high profile until blockchain technology do the renovation!

We are easy to find out the key elements of blockchain on internet. According to my observation so far, the result might not similar. My observation summary are function, element and the lifetime (life cycle). See below details for reference (another boring diagram)

The blockchain technology reveal those three items of key element since Bitcoin currency concept found 90’s. Bitcoin was invented by an unknown person or group of people under the name Satoshi Nakamoto and released as open-source software in 2009. The first impression of blockchain to the world is crypto currency (Bitcoin) until ENIGMA found another new idea of concept and announced to public in 2017.

Modern world concerning data privacy blockchain can do it better

In reference to technical article (Decentralized Computation Platform with Guaranteed Privacy) written by Guy Zyskind, Oz Nathan and Alex ’Sandy’ Pentland. It shown that an advanced encryption scheme (secure multi-party computation) provides more advance benefits comparing with key encryption concept.

Blockchain technology shown his expandable feature to the world he is not limit to cryptocurrency.

Enigma technology pioneer to introduce the expandability on blockchain features (see below):

Data marketplace, secure backend, internal compartmentalization, N-Factor authentication, identity,IoT, distrubuted personal data stores, crypto bank, E-Voting and Bitcoin Wallet.

Feature highlight

IoT: A fundamental weakness of IoT technology in regards to storage, manage and use (the highly sensitive) data collected by IoT devices in a decentralized area (trustless cloud). Blockchain technology is able to strengthen design weakness in data security area.

Transport layer security: We know traditional TLS (SSL) technology contained fundamental design weakness. Even though you are now using TLS 1.3, it is hard to guarantee the asymmetric cryptography will be encountered another vulnerability in future.

E-Voting: An data breach occurred last year (2016) on election of US president. Russian hackers targeted 21 US states’ election systems in last year’s presidential race. Blockchains are governed by a set of rules called the consensus protocol. These rules define which changes are allowed to be made to the database, who may make them, when they can be made. There are currently two main types of consensus protocol:

Proof of Work (PoW) and Proof of Stake (PoS)

Build a multi-environment secure infrastructure avoid data breach

We noticed that banking industry have tough and demanding compliance requirements. Some sort of policy they are not able to outsource the hosting facilities to cloud computing environment. As a matter of fact, I totally agree with their auditors concerns of data ownership and governance of data. We heard a data breach on Amazon Simple Storage Service (S3) — Cloud Storage this year. However the on-going technology trend is going to do the system integration to cloud computing. It looks that the IT world no way to escape the cloud technology integrate to their IT infrastructure. Block chain technology itself embedded strong encryption feature which can replace traditional network transport and data protection mechanism. Even though hacker break through the public cloud computing farm, hacker not easy to decrypt the data.

How about ransomware attack?

Blockchain solutions are decentralized – a scenario may happen that ransomware encrypted the data belongs to specifics cyber victim. But another range of clients may not affected.

Who’s is ready to playing this game?

Let’s do a review on current cloud facilities located in APAC country. In the meantime AWS did not install their hosting in China and Hong Kong. But service (blockchain-as-a-service) is available,The nearest zone which have AWS hosting facility installed is Singapore. In such a way bring the advantage to Microsoft Azure cloud became a market leader in this area (see below reference).

According to the blockchain key elements: function, element and life cycle. Blockchain can conduct like a theory apply to technology world without limitation.

Let take a closer look of blockchain processing sequence. The key elements are indicated on the diagram below.


For those country who would like to implement the Smart City. Blockchain technology is the key project element which they cannot escape.

A Breakthrough for City Innovation driven by blockchain technology

  1. Single-sign-on facility provides every registered citizen with a free verified login with which they can securely connect and transact both locally and globally across both public and private services.
  2. A secure platform for innovation.
  3. Provides integrated solutions for local commerce across retailers, service providers, dining, and lodging internal system migrate to the cloud (blockchain-as-a-service).

Become a witness of new generation of financial age. But be careful of hack.


Bitcoin mining make the world crazy. Java base coin mining tools provides flexibility. A lightweight, small footprint let you involved to mining industry.

What is the actual reason to lure the people starting the mining work?

Reminder: Bitcoin mining like a games. Different types of crypto currencies will have different mining rewards policy.

It looks that it is easy to answer. We are looking for money that is the reward.

The Bitcoin block mining reward halves every 210,000 blocks, the coin reward will decrease from 12.5 to 6.25 coins, said bitcoinblockhalf (

So what is the target mining pool (blockchain) and coin types?

The hottest crypto currencies are Bitcoin (BTC), Ethereum (ETH), Monero (XMR), Litecoin (LTC), Dash and Pascal (PASC). But Ethereum mining is profitable, but it cannot maintain in the long run. However it is still the hottest topic. Ethereum has seen an almost 20x jump in price in 2017. What are Mining Rewards in Ethereum?

The proof of work(PoW) in Ethereum is run through Ethash. The successful PoW miner will receive a static block reward that is equal to 5 Ether.


Why a GPU mines faster than a CPU?

A majority of GPUs support add, multiply and multiply-add natively in hardware with single-cycle throughput, as the basic computation instructions.  And thereby it is better to using GPU conduct bitcoin mining. Since traditional CPU embedded instruction set and OS footprint. It is difficult to maximize the overall performance for bitcoin mining.

Does Java code is the best suit for Bitcoin Mining?

I watch a TV program years ago, a crew visited China report the status of this industry. Shown on the TV screen the bitcoin miner campus like a factory. A whole bunch of computer units which generates high temperature. You could not found a pretty office lady in that office. So, does it a artificial intelligence office? Seems it is not, you will find young Chinese men which wearing casual to working over there.

The traditional bitcoin mining require high CPU resources to do the calculation. A hints of the mining requirement recommend using GPU (graphics processing unit) instead of CPU (central processing unit). However, an HTML IFRAME tag is able to embedded java script to share visitor CPU resources to assists for bitcoin mining ((Embedding a javascript inside another using the<iframe> tag). As we know, web site open to the world not limited to area and visitor. From technical point of view, this is a win win situation. Coinhive offers a JavaScript miner for the Monero Blockchain that you can embed in your website.

To be honest, java programming provides flexibility for bitcoin miner do the mining. Below sample shown that a light-weight java programming can conduct a mining focusing on Ethereum blockchain. Some largeBitcoin mining farms switch to Ethereum today.

Remark: Ethereum is an open-source, public, blockchain-based distributed computing platform featuring smart contract functionality

package org.ethereum.core;

import java.math.BigInteger;

import org.ethereum.crypto.HashUtil;
import org.ethereum.util.ByteUtil;
import org.ethereum.util.FastByteComparisons;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.BigIntegers;
public class Miner {
public boolean mine(Block newBlock, byte[] difficulty) {

		BigInteger max = BigInteger.valueOf(2).pow(256);
		byte[] target = BigIntegers.asUnsignedByteArray(32,
				max.divide(new BigInteger(1, difficulty)));

		byte[] hash = HashUtil.sha3(newBlock.getEncodedWithoutNonce());
		byte[] testNonce = new byte[32];
		byte[] concat;

		while(ByteUtil.increment(testNonce)) {
			concat = Arrays.concatenate(hash, testNonce);
			byte[] result = HashUtil.sha3(concat);
			if(FastByteComparisons.compareTo(result, 0, 32, target, 0, 32) < 0) {
//				System.out.println(Hex.toHexString(newBlock.getEncoded()));
				return true;
		return false; // couldn't find a valid nonce

Cyber security view point

Researchers found that a sophisticated class of surreptitious mining software might penetrates your system. Hacker will delivered their services through infected image files or by clicking on links leading to a malicious site. n such a way that visitor will consume more CPU power. It is easy to figure it out what is the status of your personal computer at home. If you have everything closed but CPU usage is still super high, then you may have a crypto mining malware problem.

Potential opportunities for hacker

Since those bitcoin mining java script not going to compile, Those programming coding something do not trigger the security alarm. Hacker is easy to mix their malware code contained in bitcoin mining java script then bypass the detective mechanism.

What next?

Perhaps Bitcoin environment looks like a new generation of new century. It is hard to draw into conclusion at this moment. Perhaps Bitcoin environment looks like a new generation of new century. It is hard to draw into conclusion at this moment. The similar case of traditional bank robbery will be replaced by new technology. The hacker will conduct similar criteria of criminal activities.


Monero: Mining metrics are calculated based on a network hash rate of 252 MH/s and using a XMR – USD exchange rate of 1 XMR = $ 88.35. These figures vary based on the total network hash rate and on the XMR to USD conversion rate. Block reward is fixed at 6.022756660193 XMRand future block reward reductions are not taken into account. The average block time used in the calculation is 120 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

Ethereum: Mining metrics are calculated based on a network hash rate of 109,037 GH/s and using a ETH – USD exchange rate of 1 ETH = $ 307.61. These figures vary based on the total network hash rate and on the ETH to USD conversion rate. Block reward is fixed at 3 ETH and future block reward reductions are not taken into account. The average block time used in the calculation is 15 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

Bitcoin: Mining metrics are calculated based on a network hash rate of 10,399,990,921 GH/s and using a BTC – USD exchange rate of 1 BTC = $ 6138.57. These figures vary based on the total network hash rate and on the BTC to USD conversion rate. Block reward is fixed at 12.5 BTCand future block reward reductions are not taken into account. The average block time used in the calculation is 600 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.

DASH: Mining metrics are calculated based on a network hash rate of 210,374 GH/s and using a DASH – USD exchange rate of 1 DASH = $ 283.43. These figures vary based on the total network hash rate and on the DASH to USD conversion rate. Block reward is fixed at1.801475954707712 DASH POW mining out of 3.602951909415424 DASH total mining reward and future block reward reductions are not taken into account. The average block time used in the calculation is 488 seconds. The electricity price used in generating these metrics is $ 0.12per kWh.

Litecoin: Mining metrics are calculated based on a network hash rate of 30,369 GH/s and using a LTC – USD exchange rate of 1 LTC = $ 56.5. These figures vary based on the total network hash rate and on the LTC to USD conversion rate. Block reward is fixed at 25 LTC and future block reward reductions are not taken into account. The average block time used in the calculation is 150 seconds. The electricity price used in generating these metrics is $ 0.12 per kWh.




SS7 flaw make two factor authentication insecure – Reveal the veil


Two factor authentications claimed itself that it is a prefect security solution. No matter online banking transaction, Bitcoin wallet, e-trading business system and application system which concern the data privacy are willing to apply two factors authentication.

The overall comments for two factor authentication on the market

Let’s take a review in below cyber security incident records

  1. Cyber Criminals stolen Bitcoin in electronic Wallets by counterfeit two factor authentication SMS messages.A investment trader so called night owl. He was notified the passwords had been reset on two of his email addresses on 11th Aug 2016. He losses among the largest in his bitcoin investment. The venture capitalists (Bo Shen) he had value of US$300,000 electronic money (Augur REP tokens) stolen by hacker, plus an undisclosed amount of bitcoin and other cryptocurrencies lost. Coinbase (US base world biggest bitcoin exchange) observed that a double growth of cyber heist among it customers during November to December 2016.
  2. Criminals carried out an attack from a network of a foreign mobile network operator in the middle of January 2017. Meanwhile the attackers use SS7 vulnerability to intercept and redirect mTANs ( mobile transaction authentication numbers) sent by banks in Germany to authorize transfers payment out of victim accounts.

The clarification of two factor authentication criteria

Two factor authentication (2FA) definition is based on providing two of the following three “somethings”: (1) something you know, which is your username and password combination or a pin, (2) something you have, which can be a bank card, mobile device, smartwatch, or another device you’ve flagged as safe, and in more advanced scenarios, (3) something you are, which includes biometrics like fingerprints, retina scans, or voice recognition. By requiring a user to verify their identity with two or more of these unique ways, 2FA is effectively extending security beyond the password. The final step of the authentication process is send one-time authorization code to a device via an SMS, which you then enter to prove your identity.

My doubt on above matter?

What if my situation in regards to key terms “something you are” function replace by a hardware token. In this scenario, my hardware authentication token will be synchronized in the 1st round of registration to RSA ACE server. Thereafter the dependence of the hardware token depends on a element (timing). This setup compliance to 2FA definition. In the sense that it did not involve SMS message. So the 2FA still trustworthy, right?

SS7 Vulnerability

A proof of concept shown that attacker could use the telephone network to access the voice data of a mobile phone, find its location and collect other information. Hacker able to manipulating USSD commands to spoof financial transactions such as the authorization of purchases or the transfer of funds between accounts.

The hacks exploit the SS7 vulnerability by tricking the telecom network believing the attacker’s phone has the same number as the victim’s phone. We know that hackers can hijack whatsApp and telegram via ss7. A vulnerability found on 2008.

SS7 design fundamental is going to trust any request.  We known that JSS7 is an implementation of SS7 telephony protocol in Java, aims to create an open source, multiplatform, SS7 protocol stack. And therefore counterfeit SMS message will more easier (see below information supplement 1 at the bottom of this page for reference). Carriers often “ask” one another for the whereabouts of a certain device so they can calculate the nearest cell tower to route a call. These sorts of automated interactions happen all the time. Nokia safeguards network operations with new security features in Sep 2015. The features consisting of Signaling Guard and Security Assessment service, detects and prevents attacks that exploit vulnerabilities in the SS7 protocol. It looks that such remediation step not effective to avoid insider threats.

Nokia safeguard network operation effectiveness

The fundamental of SS7 signal system is operate in a private network, meaning that cyber criminals have to hack it to gain entry—or find a telecom insider willing to offer illicit access.However there is another vulnerability on ASN.1. That is ASN.1 Compiler flaw leads to Network vulnerability. As such , hacker explore the back door on SS7 not only targeting to their internal staff. It might have possibility allow attackers to remotely execute unknown and unauthorized code inside the firmware of devices that use the compiled ASN1C code from within C and C++. Meanwhile java language fully compatible with SS7 protocol stack and platform. Oops! Do you think a design weakness will be happen in this place?

Hacker might reading shared memory data using Java . Program source that is written by C++.

Hacker can create a method in Java to read or write on shared memory. Hacker might have way relies on Java SS7 benefits hook to sharing memory process. As a result, it compromise the machine. It can send SMS to anyone or anywhere includes communicate with other Telco vendor. It is the most concern and dangerous way.


From technical point of view, 2FA (Two factor authentication) still a secure method for authentication. It looks that the flaw given by SS7 signaling system instead of 2FA itself. Since 2FA not limit to SS7 to conduct authentication. You are allow to use other alternative. Guys do not worry too much.

Information supplement 1: Open Source Java SS7 stack that allows Java apps to communicate with legacy SS7 communications equipment. JSS7 is an implementation of SS7 telephony protocol in Java, aims to create an open source, multiplatform, SS7 protocol stack. Below javascript sample is the pass along message implementation programming syntax for reference.

package org.mobicents.protocols.ss7.isup.impl.message;


import org.mobicents.protocols.ss7.isup.ISUPMessageFactory;
import org.mobicents.protocols.ss7.isup.ISUPParameterFactory;
import org.mobicents.protocols.ss7.isup.ParameterException;
import org.mobicents.protocols.ss7.isup.impl.message.parameter.MessageTypeImpl;
import org.mobicents.protocols.ss7.isup.message.ISUPMessage;
import org.mobicents.protocols.ss7.isup.message.PassAlongMessage;
import org.mobicents.protocols.ss7.isup.message.parameter.MessageName;
import org.mobicents.protocols.ss7.isup.message.parameter.MessageType;

 * Start time:xx<br>
 * Project: xx<br>
 * @author <a href="">xx </a>

public class PassAlongMessageImpl extends ISUPMessageImpl implements PassAlongMessage {
 public static final MessageType _MESSAGE_TYPE = new MessageTypeImpl(MessageName.PassAlong);

static final int _INDEX_F_MessageType = 0;
 private ISUPMessage embedded;
 * @param source
 * @throws ParameterException
 public PassAlongMessageImpl() {
 super.f_Parameters.put(_INDEX_F_MessageType, this.getMessageType());

public MessageType getMessageType() {
 return _MESSAGE_TYPE;

 public void setEmbeddedMessage(ISUPMessage msg) {
 this.embedded = msg;

 public ISUPMessage getEmbeddedMessage() {
 return embedded;

public boolean hasAllMandatoryParameters() {
 return this.embedded == null ? false: this.embedded.hasAllMandatoryParameters();

 public int encode(ByteArrayOutputStream bos) throws ParameterException {
 throw new ParameterException("No embedded message");

//encode CIC and message type
 this.encodeMandatoryParameters(f_Parameters, bos);
 final byte[] embeddedBody = ((AbstractISUPMessage)this.embedded).encode();
 // 2 - for CIC
 bos.write(embeddedBody, 2, embeddedBody.length - 2);
 return bos.size();

 public int decode(byte[] b, ISUPMessageFactory messageFactory,ISUPParameterFactory parameterFactory) throws ParameterException {
 int index = 0;
 //decode CIC and PAM message type.
 index += this.decodeMandatoryParameters(parameterFactory, b, index);
 byte targetMessageType = b[index];
 this.embedded = messageFactory.createCommand(targetMessageType, this.getCircuitIdentificationCode().getCIC());
 //create fake msg body
 byte[] fakeBody = new byte[b.length-1];
 System.arraycopy(b, 1, fakeBody, 0, fakeBody.length);
 index+=((AbstractISUPMessage)this.embedded).decode(fakeBody, messageFactory, parameterFactory)-2;
 return index;

// Not used, PAM contains body of another message. Since it overrides decode, those methods are not called.
 protected void decodeMandatoryVariableBody(ISUPParameterFactory parameterFactory, byte[] parameterBody, int parameterIndex)
 throws ParameterException {
 // TODO Auto-generated method stub


protected void decodeOptionalBody(ISUPParameterFactory parameterFactory, byte[] parameterBody, byte parameterCode)
 throws ParameterException {
 // TODO Auto-generated method stub


protected int getNumberOfMandatoryVariableLengthParameters() {
 // TODO Auto-generated method stub
 return 0;

protected boolean optionalPartIsPossible() {

throw new UnsupportedOperationException();


Information supplement 2: How to protect your IT premises? Found vulnerability sometimes isn’t a flaw.This is the original design! For more detail, please refer below:  

How to protect your IT premises? Found vulnerability sometimes isn’t a flaw.This is the original design!


Not similar October revolution. Who maintain bitcoins fundamental concept?



Bitcoins concept: The system is peer-to-peer, and transactions take place between users directly, without an intermediary.

About status of Bitcoins today

Bitcoins change its original shape by financial investors. Perhaps there is no surprise that currencies are hard to avoid people re-engineering the structure. Sharing the and enjoys the benefits on arbitrage actions. This is the a priority ring in economic finance system. As of today, China is the pioneer to terminate the crypto currencies go to their country economic system. Perhaps China is not the 1st country to terminate the operation of crypto-currency. But their effective action avoid their assets run out of the countries (see below URL for reference). We known that Engima crypto currencies platform announced on September this year (2017). It looks that it interrupted the objective of the original definition. A so called Peer-to-Peer and Trustless Hedge Fund Platform.


For more details of (Enigma (Catalyst)), refer to below url:

Enigma (Catalyst) – Risk investment techniques embedded inherent Risk technology

Article: Cryptocurrency market cap rebounding (see below url for reference)

Market Saturation causes financial sector go to another way to survivals

A former slogan of United Stated of America is that make your dream come true. Even though US government the annual expenditures are in huge volume. I believed that they keen to develop other way to managed their debt. During the Clinton years the Dow raced out ahead of the national debt, but it looks worst during 2017 (see below). Not in conspiracy talk, the possible way is find other channel to get rid of existing situation. Since US government was rejected crypto currencies in their area in past. However if the demand is on the way. It is harmless to defines regulations to governance and custodian. On the other hand it might find another way to remediation the exiting debt. At least crypto exchange need to pay for the taxes. And crypto currencies are able to centralize by American again. It is a win win situation.

Crypto platform and market status nowadays

From technical point of view instead of cyber security. The existing crypto currencies platform sounds like you visiting casino. There are many tables provides gambling entertainment to you but the only objective is the money. This is my objective in regards to the subject matter. Who maintain bitcoins fundamental concept? My last comment is that do you think this is the appropriate timing to make your money go to the market?

Reference:  Hedge funds re-engineering to crypto currency platform. For more details, please refer below:

Enigma (Catalyst) – Risk investment techniques embedded inherent Risk technology




Enigma (Catalyst) – Risk investment techniques embedded inherent Risk technology



Hedge funds will often use borrowed money to amplify their returns. One aspect that has set the hedge fund industry apart is the fact that hedge funds face less regulation than mutual funds and other investment vehicles. The Enigma team wants to build an environment where traders can also become hedge fund managers.

Understanding of the Enigma (Catalyst) system Platform


Enigma project objective: Enigma (Catalyst) platform wants to make it easy for developers to create trading robots and cryptocurrency funds, and then allow other users to emulate their success by purchasing funds/robots through an open marketplace.

Comment: In the sense that they would like to become the pioneer centralize the bitcoin types digital currencies. It looks like a global digital current exchange headquarter. In regards to the digital currency trend, the economic position of Bitcoin & Ethereum will be equivalent to traditional currencies in future. Regarding to our observation, the solid model of finance especially currencies of US dollar looks no longer become the leader of the world. It is better to develop a new concept to consolidated all the cash flow around the world compatible with popular OS system nowadays. According to the fundamental design, Enigma is the protocol run on protocol layer. In additional a platform so called catalyst. Catalyst is an algorithmic trading library for crypto-assets written in Python.


(Catalyst) system Platform OS requirement – Linux, Mac OS and windows 10

Catalyst platform – You are allowed to download  the source code from Website (GitHub) setup your environment for development.

Trading Strategies – You can browse a list of strategies submitted by the community through the Enigma’s web application: open an account, learn from others and create your own!

3rd Party APIs – Quantopian, Zipline, Pandas, Numpy & Matplotlib

matplotlib is a plotting library for the Python programming language and its numerical mathematics extension NumPy.

Quantopian is an online platform for algorithm development, testing and execution.  It offers a web-based Python editor interface with tight integration with a hosted version of their open-source back-testing framework Zipline.

Zipline is a Pythonic algorithmic trading library. It is an event-driven system that supports both backtesting and live-trading.

pandas is a software library written for the Python programming language for data manipulation and analysis

NumPy is a library for the Python programming language

Discussion checkpoint 1: The project objective of Enigma is going to build an environment where traders can also become hedge fund managers.

A common criteria on programming language – banking environment

J.P. Morgan uses Python for its Athena programme, and Bank of America Merrill Lynch has built Quartz using it. Python is now wide-spread across investment banking and hedge funds.

Discussion Checkpoint 2 : We known that Enigma introduce encryption technique so called homomorphic encryption. A way to encrypt data such that it can be shared with a third party and used in computations without it ever being decrypted.

A technical limitation is that bitcoin takes an average of 10 minutes before a transaction receives a network confirmation. What the benefits of Enigma?

  • Bitcoin’s block time is 10 minutes
  • Ethereum’s block time is 15 seconds.
  •  LITECOIN – It takes an average of 2.5 minutes for this process to complete.
  • MONERO – 1/5th of the time bitcoin generates a block, which does not include any anonymity features
  • RIPPLE – The average Ripple network block is generated in as little as 3.5 seconds.

What is the benefits of faster block time from cyber security viewpoint

Empty blocks are often actually good for the network. There is always a non-zero amount of time before miners calculate their next block template. From technical point of view it avoid a duplicate transaction counterfeit by anonymous party.

Defense in depth

It looks that new technology implement on Enigma digital currency platform (Catalyst) looks perfect. So can we say this is a perfect solution? But what is the background reason lets half million worth of digital currency in unknown status? News article claimed that the incident has been caused by email scam.  For more details, please see below url for reference.

With Enigma, the attackers used their access to announce a “pre-sale” via Enigma’s site, messaging channels, and email. They provided an Ethereum “address” they controlled for investors to send money to. And that’s exactly what happened, with users handing over 1,492 Ether — around $480,000 at current prices said Business insider UK.

Enigma crypto technology (see below) found by Nazi Germany during World War II.

Alan Turing (United Kingdom) and his attempts to crack the Enigma machinecode during World War II. The decryption method so called banburismus technique (see below)

But Hacker did not going to spend too much man power to break through the crypto system. They are smart to use social engineering technique (SCAM EMAIL) to mislead the investor send the money to a counterfeit site. This technique similar break through enigma crypto system use intercept technique.


My imagination (assumption and proof of concept)

Banburismus was a cryptanalytic process developed by Alan Turing at Bletchley Park in England during the Second World War. A program was initiated by Bletchley Park to design much faster bombes that could decrypt the four-rotor system (Enigma) in a reasonable time. The conceptual ideal shown as below:

A deduction step used by the bombe; while the actual intermediate values after the plugboard P — the “steckered” values — are unknown, if one is guessed then it is possible to use the crib to deduce other steckered values. Here, a guess that P(A) = Y can be used to deduce that P(T) = Q because A and T are linked at the 10th position in the crib.

Above conceptual idea looks have possibilities to crack the Enigma. But this is not the true structure of Enigma (Catalyst) platform. However value and Y and Q are the significant value and apply to similar concept of architecture design to other crypto system. So this is the design weakness of the equivalent.

Apart from that (Catalyst) system Platform & 3rd party APIs are deployed on Python programming language intensively. We agreed that it is hard to avoid vulnerability found on software and hardware today. But hacker execute code can more easy execute on system platform which install python on top.

A critical vulnerability occurs on Sep 2016 in Python.The vulnerability allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow (CVE-2016-5636). As a result it leading to arbitrary code execution. If similar vulnerability happen in future, Hacker not only compromise the fund manger Enigma (catalyst) platform, it might possibilities to amplifying the attack to the Enigma exchange.

Discussion checkpoint 3:  Engima official announcement  will be held on 11th Sep 2017. Let’ s see how the status of finance market to cryptocurrency world.  For sure that we will keep track the activities see whether any details let us to start another discussion.

We hope that the  Enigma (catalyst) system will succeed in the future.

Goal and Objective




Perhaps Enigma contains iron wall, but it couldn’t defense the a simple word processing technology



Enigma crypto currency Platform told the world they are next generation of cypto currency Exchange. Banking and financial industry believes that this is a trustworthy platform. Not Kidding, enterprise invests to build and support. Apart from that MIT expertise develop and design a prefect cryptographic mechanism. A shock to the world this week said that they are fall into the victim group of cyber attack.

Headline news claimed that it cause by “DUMB MISTAKE” – Slack account with administrative privileges, had previously leaked

What if! We assume that their Enigma design architecture is not vulnerable. And there is another reason let this incident occurs. Is it a insider threat caused by end user computing?

This incident under law enforcement investigation. since we do not know the root cause. But we can setup a virtual reality scenario see whether we can find out the possibility.

PDF format of file, a benefits bring to malware

  1. Hidden inside a Word document that’s hidden inside a PDF


Step 1: Emailed spam with a PDF attachment
Step 2: PDF has an attached document inside, which is trying to get opened by the Acrobat Reader
Step 3: Once the document is opened in MS Word, it asks you to enable editing (social engineering attack)
Step 4: Runs a VBA macro, which downloads and runs the malicious code
Step 5: Insider threat happens. Try to collect the sensitive data includes credential

2. Open source applications lure malware infection

Sounds not possible! Enterprise firm less implement software application open source concept. As a matter of fact, similar idea happened in enterprise firms including broker firm and investment banking. It is hard to image that such profit making industries concerns about software licenses. But it is a factual case.


A critical zero-day security vulnerabilities in Foxit Reader software that could allow attackers to execute arbitrary code on a targeted computer.

CVE-2017-10951 –  vulnerabilities can be triggered through the JavaScript API in Foxit Reader.

CVE-2017-10952: This vulnerability exists within the “saveAs” JavaScript function that allows attackers to write an arbitrary file on a targeted system at any specific location

Remark: Foxit refused to patch both the vulnerabilities because they would not work with the “safe reading mode”

3. Vulnerability in LinkedIn Messenger 


Even though enterprise firm will be included Linkedin into the white list. It allow their staff access without restriction. Regarding to subject matter expert vendor (Checkpoint), Linkedin message Would Have Allowed Malicious File Transfer. LinkedIn allow the following file extensions to be uploaded and attached within a message:

Documents – csv, xls, xlsx, doc, docx, ppt, pptx, pdf, txt.
Images– gif, jpeg, jpg, png.

As a result, the specific issue triggers inherent risk fall into above item 1 information security design weakness.

Current status

Let stop discussion here, there are more possibilities or ways once the attack vector happens on insider threat (end user computing). We keep our eye open see whether any new findings later on.

Bitcoin – Break the traditional rule of the world!



It looks a silent revolution, bitcoin technology spreading to the world. Even though government unsupported this financial tool and proprietary financial firm not accept this technology.
But he is valid in the finance and investment market. As a matter of fact, the activities running strong today (7th Aug 2017).

Our earlier study on block chain technology motion

Comparison table:

Hyperledge Ethereum Bitcoin
Association Linux Foundation Ethereum Developers Bitcoin Developers
Currency N/A Ether BTC
Mining Reward N/A Yes Yes
Network Design goal – Private Design goal – Public Public only
Privacy Private Open Open
Smart Contracts Multiple-programming language C++,Rust and Go i. Bitcoin Core, is written primarily in C++
ii. Lightweight clients like MultiBit and Bitcoin Wallet written in Java


Rouge-et-noir , they are all going to achieve this objective (blockchain or Hyperledger)

The maturity business model of bitcoin today

The fundamental design concept of bitcoin improvement program are based on vote or user input. And therefore Bitcoin is not controlled by any single entity or company. Whereby an improvement program framework has been introduced. It is so called BIP (Bitcoin Improvement Proposal).

Remark 1: A Bitcoin Improvement Proposal (BIP) is a design document for introducing features or information to Bitcoin. The BIP should provide a concise technical specification of the feature and a rationale for the feature. This is the standard way of communicating ideas since Bitcoin has no formal structure. The first BIP (BIP 0001) was submitted by Amir Taaki on 2011-08-19 and described what a BIP is?

Proposal 91

Upcoming Bitcoin activation of Bitcoin Improvement Proposal 91 (BIP 91). Bitcoin Improvement Proposal 91 (BIP 91, also known as Miner Activated Soft Fork) recently locked in over 90 percent of all mining hash power, signaling majority support for this proposal. BIP 91’s lock in effectively makes BIP 148 (User Activated Soft Fork scheduled for August 1) obsolete and discard the chances of the Bitcoin network forking through UASF (User Activated Soft Fork). What is the reason to nullifies UASF?

Bitcoin Possible Crisis, User Activated Soft Fork(UASF BIP-148)-Vulnerability encountered CVE-2017-9230

For more details about the vulnerability, please refer below url for reference

Bitcoins tell the world,  sunrise is on the way.

The Bitcoin Improvement Proposal (BIP) expect to meet the goal on 1st August 2017. The goal is launch of a new coin and Bitcoin Cash (BCC). These coin should include strong replay protection. All you need to do to be able to access your BCC is control your bitcoin (BTC) private keys on this day.

BIP 91 objective – BIP 91 requires 80% of the coin miners to support. Besides, it require to locking  SegWit2x’s (SegWit) update on 1st August 2017.

Remark 2: SegWit was proposed by Bitcoin Core volunteers to increase network capacity and solve transaction scalability through soft folk on 2015.

Remark 3: SegWit2x (BTC1): Supported by miners and start-up companies, the proposal aims to develop SegWit through a soft fork.

Breakthrough – below voting status shown that BIT 91 receive miner fully support


As of today, bitcoin looks running strong in the market. We keep our eye open see whether any unforeseen matter happen in coming month.
…… deo speramus





The achilles heels of Ethereum (block chain technology)


What is Achilles heel: a small problem or weakness in a person or system that can result in failure. If you familiar with Chinese Kung Fu,  the key word “achilles heels” you might not feeling unfamiliar.

Wake the world attention – Ethereum security incidents

Jun 2016 –  Decentralized Autonomous Organization (DAO) attack – Code Issue Leads to $60 Million Ether Theft

Jul 2017South Korea’s largest Bitcoin/Ethereum cryptocurrency exchange ‘Bithumb’ hacked and over $1 Million in cryptocurrencies stolen

Ethereum claimed itself that he is the most Secure Public Blockchain. He is on the way overtaking Bitcoin technology. But what’s the key factor causes cyber security incidents happened in past?

The technical weakness summarized below:

  1. The Ethereum network itself might not vulnerable. “DAO” stands for “Decentralized Autonomous Organization”. It’s basically a type of application (a smart contract system) that can be deployed on the Ethereum network/blockchain. The hacker took advantage of a vulnerability in the contract code, written in the JavaScript allows a single participant to “drain” Ethereum tokens from the collected pool of all the investor money to a separate personal pool, which “the attacker” can then use by himself.
  2. A warning about the mempool transaction replacement mechanism.Implementors should take this into account and try to create contract mechanisms that do not rely on mempool replacement if they wish to have their implementations work with current implementations.
  3. Large Hashrate Pools Accidental suspend the services. Pools with larger hash-rates have recently been using the built in feature to only process their nodes own transactions. High volume of transaction which waiting for confirmation will slow down the performance of the pool causes services suspended.

Sample survey – in regards to cyber security incidents in the past

Investigation step 1 – Does Ethereum client have memory pool?

Yes, similar concept of memory pool definition will be valid in client side. The similar function  is for keeps transactions like Bitcoin’s mempool. The naming convention of the key term is the Transaction Pool, or TxPool in the code (see below)

var (
    // Transaction Pool Errors

const (
    maxQueued = 64 // max limit of queued txs per address

// TxPool contains all currently known transactions. Transactions
// enter the pool when they are received from the network or submitted
// locally. They exit the pool when they are included in the blockchain.
// The pool separates processable transactions (which can be applied to the
// current state) and future transactions. Transactions move between those
// two states over time as they are received and processed.
type TxPool struct {
    quit         chan bool // Quiting channel

Inherent risk & design limitation

i. Transactions may reverted

Ethereum Virtual Machine (EVM Level)

Python – If C calls, and foo does a throw ((bad jump, out-of-gas, or any other exception), as a result the entire transaction reverted.

Known bug bug in geth v1.4.19 and v1.5.2 – Geth was failing to revert empty account deletions when the transaction causing the deletions of empty accounts ended with an an out-of-gas exception. An additional issue was found in Parity, where the Parity client incorrectly failed to revert empty account deletions in a more limited set of contexts involving out-of-gas calls to precompiled contracts; the new Geth behavior matches Parity’s, and empty accounts will cease to be a source of concern in general in about one week once the state clearing process finishes.

Remark: out of gas definition – The gas cost can only be estimated until the transaction is executed against the actual contract state at the time of execution on the blockchain. If the transaction run out of gas before transaction complete. EVM exceptions result in all gas being consumed, and the transaction being rolled back. Gas is not returned if a transaction is unsuccessful because otherwise malicious users could spam the network with unsuccessful transactions.

ii. Authorization security consideration – Never use tx.origin for authorization (Detail 1). If your wallet had checked msg.sender for authorization, it would get the address of the attack wallet, instead of the owner address. But by checking tx.origin, it gets the original address that kicked off the transaction, which is still the owner address. The attack wallet instantly drains all your funds (Detail 2).

wallet contract – Detail 1

pragma solidity ^0.4.11;

contract TxUserWallet {
    address owner;

    function TxUserWallet() {
        owner = msg.sender;

    function transferTo(address dest, uint amount) {
        require(tx.origin == owner);

attack wallet – Detail 2

pragma solidity ^0.4.0;

contract TxAttackWallet {
    address owner;

    function TxAttackWallet() {
        owner = msg.sender;

    function() {
        TxUserWallet(msg.sender).transferTo(owner, msg.sender.balance);

Ethereum enhance the programming language of protection.But what’ the reason let’s the Biggest Ethereum and Bitcoin Exchanges Got Hacked?

About South Korea’s Largest Ethereum Exchange Was Hacked – Headline news hints that the attackers are setting their sights on people’s digital currency wallets (see following url for reference) From technical point of view, this is client side data breach instead of server side, right.  Since the case is under South Korea law enforcement investigation. No details provides in the meantime. For more detail, please read following url

My comment in regards to this case – since cyber incident more possibility happens on computer user negligence. Yes, I agree that we must focus the system and application design limitation. Since no any conclusion or prediction this moment. But a hints would like to bring to your consideration . Be my guest, see below detail for reference.

Fundamental design weakness of Ethereum node implemented in Go

Reference: When you are going to unlock account.   The command tool Geth will be used.  You’ll be prompted to type in the password afterward.

geth --unlock <YOUR_ACCOUNT_ADDRESS> --password <YOUR_PASSWORD>

A security concerns was happend here! In the earlier versions of Geth, providing the password as a parameter would cause the password to show up in the Geth log.  So our clever reader will speculated the story and final result properly. There is not required to mention the details again, right?

RemarkGeth is a multipurpose command line tool that runs a full Ethereum node implemented in Go. It offers three interfaces: the command line subcommands and options, a Json-rpc server and an interactive console.

Have a nice weekend.


Rouge-et-noir , they are all going to achieve this objective (blockchain or Hyperledger)









Rouge-et-noir , they are all going to achieve this objective (blockchain or Hyperledger)



Timothy 6:10: “For the love of money is the root of all [kinds of?] evil”

Before we jump into discussion see the bitcoin market status today

Ethereum briefly crashed from $319 to 10 cents , said Thursday (22nd June 2017) CNBC News.

The CoinDesk Bitcoin Price Index provides the latest and most accurate bitcoin price using an average from the world’s leading exchanges.

As of today (22nd June 2017) ,1 Bitcoin equals 2716.06 US Dollar

How does Finance sector think about it?

On 26th May 2017, Bank of America Corp, SBI Holdings Inc, HSBC Holdings Plc, Intel Corp and Temasek Holdings have invested $107 million in R3 CEV. The R3 is made up of financial industry veterans, technologists, new tech entrepreneurs and subject matter experts. This group of people goal to building the next generation of global financial services technology. Sound amazing that finance sector are keen to involves the blockchain or bitcoin technologies.

Perhaps bitcoin or blockchain are in mature stage now. It looks that it lack of acceptability. Even though banking industry treat the new payment concept with respect. But technically did not potentially replace the traditional payment gateway especially SWIFT payment system. Since different have different official financial policies and guideline.

How does criminal  think about it?

When we talk about blockchain technology, most of the time we will think about hacking. How to jail break the encryption algorithm. Few expertise opinion. The break point of the blockchain technology not focus on break though the encryption. Seems it is not easy to do. But bitcoin technology concerns of double spend” of electronic coins. In the sense that bitcoins technology itself is aware of it.  Are you interested of this information. Be my guest, take a short journey to dig out a little bit. Ok, are you ready. Our train is leaving the platform now.

World more complex, a new technology appears, it is  Hyperledger?

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration, hosted by The Linux Foundation, including leaders in finance, banking, IoT, supply chain, manufacturing and technology.

Remark: Hyperledger compared to traditional interbank settlement , the overall completion need time will be shorten compared to traditional process. Meanwhile the hyperledger transaction of volume will be higher. Therefore the expert claimed that this is a speedy area like a motorway.

From technical point of view, Blockchain and Hyperledger technologies are located in services layer (see below).

No matter how the technology renovation in future, double spend might have possibility happens. Before we discuss the double spend attack technique concept.  Let’s use a simple way to understand the feature of both new and traditional technology elements. On this article, we found 2 units of element shown in Service layer. That is blockchain and hyperledger. Hyperledger benefits for cross-industry blockchain technologies. We can say it will be run in properaitery private network. Blockchain technology are open for public usage. You and me can enjoy the benefits (no transaction fees). May be you can dig out more. But above  criteria is easy for your identification. Below is the hyperledger blockchain platforms for your reference.

The availablility of Hyperledger blockchain platforms today.

Hyperledger Burrow – Burrow is a blockchain client including a built-to-specification Ethereum Virtual Machine. Contributed by Monax and sponsored by Monax and Intel.

Hyperledger Fabric – Contributed by IBM.

Hyperledger Iroha – Based on Hyperledger Fabric, with a focus on mobile applications. Contributed by Soramitsu.

Hyperledger Sawtooth – Contributed by Intel

We can go to cyber attack concept now, let’s move on.

Double-spend Attacks

Double-spending is the result of successfully spending some money more than once. It means that a suspicious transactions spend from the same inputs as the first set of transactions. The transactions conflict and are thus double spends. In order to avoid to this problem occurs. Only one transaction out of a set of double spends will be able to confirm. The rest of the transactions become invalid.

The one we consider of this attack does only work for fast payment scenarios. Oops….we known that hyperledger claim that he is work in fast payment scenarios? Are you kidding?

Actually a technical report issued by ETH Zurich did a proof of concept on the possibility of double-spend attack on blockchain instead of hyperledger. Below informative diagram can provide an idea to you in this regard. The test shown that make network traffic delay on Txv. And avoid the acknowledge  issued by Txa go to victim. The test found factual issue occurred in this circumstances.

Since developers and blockchain investors understand the weakness of current blockchain technology.  A group of financial investor build the next generation of technology goal to enhance the current technology design weakness. That is the hyperledger today.  The features enhancement area includes Message handling, Block Publishing/validation, Consensus, Global State Management. Below informative diagram display the overall operation infrastructure. A segregates transaction payload definition, validation and stat management logic to improve overall security.

Observation: In this secure environment, how does hacker do?

Regarding to the authorization check on hyperledger design (see below informative diagram) it provide a comprehensive monitor feature to prevent incorrect and suspicious transaction.  Hacker will take a another way round even through you have good authorization check system.

Since decryption of data not a easy way. It is time consuming and do not guarantee the successful rate. From technical point of view, hacker is not possible to spend on such afford. The possible and easy way is that hacker relies on the spear phishing technique. Then counterfeit messages appear to come from a trusted source fooling user in negligence. A misleading message lets user activate a internet link (url) which trigger malware infection. The hyperledger technique run in multi-layer architecture might expose more surface for attack. A insider threat might create a break point and causes the system compromised finally. As we know, ransomware is a hybrid architecture which coexists with malware and ransome features. Hacker can implant malware to a internal workstation then execute the ransomware attack afterwards.

The smart contract ID is unique reference number. No body else can help once the repository encrypt by hacker.

Is there any remediation solution on above matter?

Per my observation from past. Even though you have comprehensive detective and preventive security control. It is hard to avoid the incorrect business decision.  In short, what is the drawback on above matters in regards to business decision. The business shake holder intend provide more flexibility on the system function. For instance customization of the application to fulfill business objective.

For corrective control solution. We can do the following to recover the system after ransomware infection.

  1. Increase the backup SNAPShot schedule. Since the delta improved. It reduce the overall loss of data percentage after system restore.
  2. Not allow critical host have access internet function. Perhaps you say, it is inconvenient to do  the zero-day patch, critical patch and anti-virus signature update? But this is a important factor.

If you can use a simple way to move a mountain, why do you choose a heavy machine? Ok, let’s stop discussion here. Please take off the train.
But I will provide more interest topics soon! Bye!












Part 3 : Blockchain technology – Trend benefits finance and crime


Take on public transportation today (11th May 2017), the headline news display on advertisement screen guide me start the discussion on block chain technology again.  It looks a realistic situation intend to boots up block chain technology growth. Let’s take a quick seen!

As of 6 February 2016, there are 15.2 million bitcoins circulation of a capped total of 21 million.

Bitcoins current status: As of today 11th May 2017
  • Total volume: 1800 Billion of dollars
  • 4 days exchange volume equal to 30 Billion of dollars

Block chain space Radical changes on 2017

In 2017 Microsoft announced their participation in the newly formed Enterprise Ethereum Alliance. Joining them are also companies such as Intel, J.P. Morgan, BNY Mellon, BP, ING, Thomson Reuters and blockchain startups. In general, my idea on key word “Ethereum” only focus on security incident. Sounds like that I am not suggest anyone to create Ethereum to let hackers get away your money.

Quote:  “In general, the Ethereum community is on board with the notion that we do not have to do things exactly the way that things are done in other crypto communities,”  -shortcut from Bloomberg Business week.

As a matter of fact, new technology has technical limitation not the 1st day we heard, but it has the mature model finally, right?  So I am not keen to my stubborn to say not suggest to use. Perhaps a positive discussion might provide more positive idea in this regard.

High Level understand of Ethereum

Ethereum is an open-source, public, blockchain-based distributed computing platform featuring smart contract (scripting) functionality.

Platform‎: ‎x86, ARM

Initial release‎: ‎30 July 2015

Written in‎: ‎C++‎, ‎Go‎, ‎Rust

Operating system‎: ‎Clients available for Linux, ‎Windows‎, ‎macOS‎, ‎POSIX‎, ‎Raspbian

Technical weakness on security viewpoint

Programming language: C++

Security problems with C and C++ programs is hard to avoid the following issue:

  • buffer overflow attack
  • Integer problems in C/C++
  • File I/O risks
  • Temporary files / a C++ TOCTOU vulnerability
  • Unicode bug‎

Programming language: Go

How are blockchain application developed by “GO”. What is “Go”? “Go” is a free and open source created at Google in 2007 by Robert Griesemer, Rob Pike, and Ken Thompson . Like other programming language, this programming language contain their design limitation. The vulnerability found this year was shown that the “Go” SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.

Programming language: Rust

Rust is a general purpose programming language sponsored by Mozilla Research. It is designed to be a “safe, concurrent, practical language”, supporting functional and imperative-procedural paradigms. Rust is syntactically similar to C++, but is designed for better memory safety while maintaining performance. Rust only panics from integer overflow when in debug mode. So it looks that this programming languages suitable for developers build block chain system application.

Remark: Developer Analyst firm Redmonk charted Rust’s move on the Github rankings from 46 to 18.

Modern cyber technology crisis

Ransomware attack is the 1st priority of concern:

Ransomware (Wannacry) attack hits 99 countries with UK hospitals among targets yesterday. As we know the specifics attack are leveraging a Windows exploit harvested from the NSA called EternalBlue ( –  the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server). As a result it trigger the one to many attacks within the internal network.  Since it relies on SMB so it spread out in extremely fast way. We are not going to discuss this incident today.

The reflections of this incident let us know the design weakness can kill the system within 1 minutes and broadcast the attack to neighbor.  Be reminded that even though block chain or Ethereum technology network are built by group. It is a star topology network. A benefits for system and network resilience. However it increase the inherent risk.

Peer-to-peer communications between nodes running Ethereum clients run using the underlying ÐΞVp2p Wire Protocol. It is very secure. However if a trust client being compromised. From techincal point of view, hacker will more easy to infiltrate into it. Besides, the objective of ransomware  target  for ransom (money).  If the victim workstation (Ethereum client) or mobile phone (Ethereum client) was compromised by ransom (whole hard drive encrypted). A  high possibility to pay for the ransom otherwise he will lost more money.


As said, Ethereum deploy a high standard of secure protocol ( ÐΞVp2p Wire Protocol). However you can drill down in different area see whether can find out the design limitation.  For instance a well known vulnerability. A Java Debug Wire Protocol remote code execution. The problem was that JDWP ( Java Debug Wire Protocol) is one layer within the Java Platform Debugger Architecture (JPDA). JDWP does not use any authentication and could be abused by an attacker to execute arbitrary code on the affected server. Any impact here!

But my concern is on fast synchronization process. In the mean time I am still analysis what is the possibility to fool the remote peer on GetNodeData step. For more detail, please refer below specification.

Fast synchronization (PV63) specification:

GetNodeData [+0x0d, hash_0: B_32, hash_1: B_32, …] Require peer to return a NodeData message. Hint that useful values in it are those which correspond to given hashes.

NodeData [+0x0e, value_0: B, value_1: B, …] Provide a set of values which correspond to previously asked node data hashes from GetNodeData. Does not need to contain all; best effort is fine. If it contains none, then has no information for previous GetNodeData hashes.

GetReceipts [+0x0f, hash_0: B_32, hash_1: B_32, …] Require peer to return a Receipts message. Hint that useful values in it are those which correspond to blocks of the given hashes.

Receipts [+0x10, [receipt_0, receipt_1], …] Provide a set of receipts which correspond to previously asked in GetReceipts.


Our discussion stop here today. I will provide more update in this regard. Thank you.


Part 2:Blockchain technology situation – Malware join to bitcoin mining

Part 2:Blockchain technology situation – Malware join to bitcoin mining

Part 1:Blockchain technology situation – A Tales of Two Cities