1

Blockchain and the Future of the Internet:

A Comprehensive Review
Fakhar ul Hassan1 , Anwaar Ali2 , Mohamed Rahouti3 , Siddique Latif4 , Salil Kanhere5 , Jatinder Singh6 , Ala
Al-Fuqaha7 , Umar Janjua8 , Adnan Noor Mian9 , Junaid Qadir10 , and Jon Crowcroft11
1,8,9,10
Information Technology University (ITU), Punjab, Pakistan
2,6,11
Computer Laboratory, University of Cambridge, United Kingdom
3
Computer & Information Science Dept., Fordham University, NY USA
4
University of Southern Queensland, Australia
arXiv:1904.00733v2 [cs.CR] 13 Nov 2020

5
University of New South Wales, Australia
7
Hamad Bin Khalifa University, Qatar; Western Michigan University, USA

Abstract—Blockchain is challenging the status quo of the can benefit from blockchain as it creates transparency and trust
central trust infrastructure currently prevalent in the Internet in interactions among the stakeholders without involving any
towards a design principle that is underscored by decentral- third party. That is the reason why industries such as transport,
ization, transparency, and trusted auditability. In ideal terms,
blockchain advocates a decentralized, transparent, and more energy sector, insurance, finance, and logistics have started to
democratic version of the Internet. Essentially being a trusted and show their interest in blockchain technology to automate their
decentralized database, blockchain finds its applications in fields solutions [2]–[5].
as varied as the energy sector, forestry, fisheries, mining, material It can be observed that although the onset of the Internet
recycling, air pollution monitoring, supply chain management, revolution heightened the societal collaboration among people,
and their associated operations. In this paper, we present a
survey of blockchain-based network applications. Our goal is to communities, and businesses [6] many of the Internet appli-
cover the evolution of blockchain-based systems that are trying cations, however, such as email and Domain Name Systems
to bring in a renaissance in the existing, mostly centralized, (DNS), largely remain centralized as far as their management
space of network applications. While re-imagining the space with and core development are concerned. The centralized govern-
blockchain, we highlight various common challenges, pitfalls, and ing bodies are usually behind the trust guarantees associated
shortcomings that can occur. Our aim is to make this work as
a guiding reference manual for someone interested in shifting with such online applications. Similarly, the issue of trust in
towards a blockchain-based solution for one’s existing use case cloud-hosted data storage is another contemporary challenge
or automating one from the ground up. predicated on the inherent centralized nature of the Internet
[1]. The clients of such online and cloud-based services, such
as cloud storage and computation, usually put their trust in
I. I NTRODUCTION the claims put forward by the third party cloud providers. It
The paradigm shift entailed by blockchain’s premise of raises the pressing need for verifiability that the cloud is not
decentralization envisages an eventual migration from the end- tampering with a client’s stored data and is always returning
to-end principle to trust-to-trust principle [1]. According to this correct results in response to the requested computation. A
new design principle, a user should ideally always have com- single instance of a data breach in cloud storage or a faulty
plete control over the trust decisions particularly pertaining to execution of a requested set of computations can lead to
user’s data that powers a network application such as an online disastrous ramifications for such a business. As it has been
social network. This decentralization aspect forms the basis seen in a famous data breach that calls the trust in central
of the blockchain-based networks. This further paves the path management of online services such as Facebook (an online
for an era of distributed trust and consensus. This implies that social network) into question [7]. Blockchain, on the other
large networks, in a peer-to-peer configuration, will guarantee hand, with its premise of immutability, transparency, and peer-
the integrity of transactions (simply put interactions) among to-peer consensus can provide the means for a trusted audit
their peers without the involvement of any centrally trusted of networked systems while at the same time giving much of
mediating third party. The provision of verifiable trust guar- the control back to the edges of a network.
antees further entails that such networks can be audited in a
trusted and transparent manner. This audit ability is useful to
enforce the networked systems accountability over malfunc- A. Contribution of the survey
tioning or an activity of foul play. Moreover, any application In this paper we provide a broad ranging survey of the
that requires interactions among various stakeholders for its implications of blockchain on the future of the Internet with a
operations in a mutually non-trusting environment (where the comprehensive take on their legal and regulatory ramifications
stakeholders do not have to or do not want to trust one another) as well. Instead of limiting ourselves to one particular use case
 2

Fig. 1: Overview of the paper

or application (such as the Internet of Things (IoT) [8], [9]), II. BACKGROUND
we cover a wide range of use cases and try to observe the
common patterns, differences, and technical limitations so that In this section, we provide the necessary background to un-
a more informed decision can be made by someone interested derstand what blockchain is and how it works. Our discussion
in deploying a use case from ground up or translating one’s use in this section follows an evolutionary approach which means
case to a blockchain-based solution. We provide a comparison we start with Bitcoin [39] (the first incarnation of a blockchain-
of our paper with other recent blockchain-based surveys in based financial application) and discuss how the technology
Table I. Apart from encompassing most of the issues covered evolved giving rise to other concepts and systems along the
by recent survey literature, a clear distinguishing feature of way.
this paper is that we also discuss a few of the most important
legal and regulatory challenges and ramifications of deploying
a blockchain-based solution. This is particularly important A. Blockchain and distributed ledger technology (DLT)
given the development of new data protection regulations
(such as the advent of the General Data Protection Regulation The original premise of blockchain is to establish trust
(GDPR) in Europe), and regular reports of data breaches and in a peer-to-peer (P2P) network circumventing the need for
government mass surveillance stories coming to light. any sort of third managing parties. As an example, Bitcoin
introduced a P2P monetary value transfer system where no
bank or any other financial institution is required to make
B. Structure of the survey a value-transfer transaction with anyone else on Bitcoin’s
blockchain network. Such a trust is in the form of verifiable
The rest of the paper is organized in three main sections mathematical evidence (more details on it follow in Section
as expressed in Figure 1. In the section titled Background II-D). The provision of this trust mechanism allows peers of
(Section II), we provide the necessary background to under- a P2P network to transact with each other without necessarily
stand the big picture of how blockchain works by introducing trusting one another. Sometimes this is referred to as the
distributed ledger technology, distributed consensus, smart trustless property of blockchain. This trustlessness further
contracts, and public and private blockchains. In the next implies that a party interested in transacting with another
section (Section III) titled Blockchain-based Network Applica- entity on blockchain does not necessarily have to know the
tions, we provide examples of how blockchain can be used to real identity of it. This enables users of a public blockchain
evolve trust mechanisms for the decentralized Internet, email, system (see Section II-F for more details on public and private
Internet of Things (IoT), content distribution, distributed cloud blockchains), such as Bitcoin, to remain anonymous. Further,
storage, online social networks, cybersecurity, public key a record of transactions among the peers are stored in a
infrastructure, and resource management in community net- chain of a series of a data structure called blocks, hence
works. Thereafter in the section titled Challenges and The the name blockchain. Each peer of a blockchain network
Road Ahead (Section IV), we discuss the current challenges maintains a copy of this record. Additionally, a consensus,
facing blockchain and their various technical, legal, and reg- taking into consideration the majority of the network peers, is
ulatory ramifications: in particular, we discuss governance, also established on the state of the blockchain that all the peers
operational, and regulatory issues, scalability issues, security of the network store. That is why, at times, blockchain is also
and privacy concerns, sustainability concerns, anonymity, the referred to as the distributed ledger technology (DLT). Each
use of artificial intelligence (AI) and machine learning (ML), instance of such a DLT, stored at each peer of the network,
and issues related to usability and key management. Finally gets updated at the same time with no provision for retroactive
the paper is concluded in Section V. mutations in the records.
 3

Papers/Books Blockchain Smart Blockchain Future Blockchain Blockchain Consensus

Year Challenges IoT RegulatoryIssues
(Author) Fundamentals Contracts Applications Trends Types Characteristics Algorithms
Zheng et al. [10] 2016 7 7 7 7
Ye et al. [11] 2016 7 7 7 7 7 7
Yli-Huumo et al. [12] 2016 7 7 7 7 7 7
Pilkington [13] 2016 7 7 7 7 7
Nofer et al. [14] 2017 7 7 7 7 7
Zheng et al. [15] 2017 7 7 7 7
Lin et al. [16] 2017 7 7 7 7
Miraz et al. [17] 2018 7 7 7 7 7
Yuan et al. [18] 2018 7 7 7 7 7 7 7 7
Ali et al. [8] 2018 7 7 7
Wust et al. [19] 2018 7 7 7 7 7
Salah et al. [20] 2019 7 7 7
Xie et al. [21] 2019 7 7 7
Wang et al. [22] 2019 7 7 7 7 7 7 7
Yang et al. [23] 2019 7 7 7 7
Yang et al. [24] 2019 7 7 7 7 7
Belotti et al. [25] 2019 7 7 7 7 7
Dai et al. [26] 2019 7 7 7
Wu et al. [27] 2019 7 7 7 7 7
Viriyasitavat et al. [28] 2019 7 7 7 7 7 7 7
Mollah et al. [29] 2020 7 7 7
Liu. [30] 2020 7 7 7 7 7
Neudecker et al. [31] 2019 7 7 7 7 7 7 7
Lao et al. [32] 2020 7 7 7 7
Kolb et al. [33] 2020 7 7 7 7
Monrat et al. [34] 2019 7 7 7
Zhang et al. [35] 2019 7 7 7 7
Xiao et al. [36] 2020 7 7 7 7 7 7 7
Bodkhe et al. [37] 2020 7 7 7 7
Al-Jaroodi et al. [38] 2019 7 7 7 7 7
Our Survey 2020 (distinguishing feature)

TABLE I: Comparative analysis of our survey with the existing survey literature pool

Block# 1 Block# 2 Block# 3

Block header
Prev: 00000000000000 ... Prev: 0a2a55b65844af ... Prev: 72722cedc7f7d1 ...

Hash: 0a2a55b65844af ... Hash: 72722cedc7f7d1 ... Hash: 6540ea9f539f54 ...

Data: <Transaction data> Data: <Transaction data> Data: <Transaction data>

Genesis block

Fig. 2: Hashing chains the blocks together and renders them immutable

B. A clever use of hashing even so slightly changed then the output of the hash function
almost always changes completely and seemingly in a random
We now take a closer look at how hashing is used to chain fashion (there are, however, rare occasions where a collision
the blocks containing transaction records together and how occurs when two distinct inputs to a hash function map to
such records are rendered immutable. A hash is defined as a the same output) [40]. This way hash of a piece of data can
unidirectional cryptographic function. A hash function usually be used to verify the integrity of it. As an example, Secure
takes an arbitrary input of an arbitrary length and outputs a Hash Algorithm 256 (SHA256) is a member of the family of
seemingly random but fixed-length string of characters. Each SHA2 hash functions which is currently being deployed by
such output is unique to the input given to this function and many blockchain-based systems such as Bitcoin [41].
can be considered as the footprint for the input. If the input is Figure 2 shows a simple representation of an append-only
 4

blockchain data structure making use of hashing. In this figure, blockchain network can perform mining (i.e., collection of a
the hash field of each block contains the hash value of all the set of transactions in a block to find the relevant nonce for it).
contents of a given block (i.e., block number, previous hash, PoW is a lottery-based consensus mechanism, which implies
shown as Prev in Figure 2, and data). In this illustration, the that in a given large network, the peer who finds a nonce at a
most important field is the Prev field. This field, in each block, given time is decided randomly. Once a miner finds a nonce
contains the hash value of the block that comes before it. This (or mines a block), the network awards such a node with a
chains the blocks together. Now, if the contents of a block are set number of cryptocurrency tokens (such as bitcoins). This
changed then this change is reflected, in addition to the hash of is how cryptocurrency is minted in cryptocurrency networks
the block under consideration, in the portion of the blockchain and is put into circulation in such networks.
that comes after the block being mutated. This way, hashing Furthermore, the mining process is based upon randomness,
and the distribution of blockchain copies among the peers of a which renders adversarial tampering with the stored data in
P2P network makes the records stored in a blockchain tamper blockchain difficult as long as the majority of a network (in
evident. It can be noted in Figure 2 that the first block in terms of computational resources) is honest. However, if an
a blockchain is sometimes referred to as the genesis block adversary (or a group of adversaries) gains more computational
indicated by its Prev field initialized to contain all zeros. power than the honest portion of the network then it can
potentially alter the records stored in a blockchain. Such an
C. A coin: Transaction chain attack is sometimes referred to as a 51% attack. Figure 4 shows
a chain of blocks with an extra field labeled as nonce. It should
A transaction chain is shown in Figure 3. It should be be noted in this figure that the hash of all the blocks (apart
observed here that there is a difference between a transaction from the genesis block) starts from a set number of zeros.
chain and a blockchain. Each block in a blockchain can contain
multiple transaction chains. Each transaction chain in turn 2) Proof-of-Stake (PoS): Blockchain-based systems, partic-
shows the value transferred from one peer of the network to ularly Ethereum1 , are considering an eventual shift to PoS-
another. Each such transaction chain is also sometimes referred from PoW-based consensus. This is because of high compu-
to as a digital coin or more generally as a token tation, and in turn high energy costs associated with finding a
A transaction chain makes use of digital signatures, in nonce through mining.
addition to hashing like the way it is described above, to track In the PoS-based mechanism, the nodes with the largest
the provenance of digital funds. stake (in monetary terms) in the underlying network have a
greater say when it comes to proposing a new block to be
appended to a blockchain. The monetary worth owned by such
D. Distributed consensus
nodes is put at stake in order for them to behave honestly.
Distributed consensus is a mechanism through which peers An example of a PoS-based blockchain platform is Algorand
of a distributed system collectively reach an agreement on [42], a permissionless blockchain platform (see Section II-F
the state of a collectively maintained record. In order to for a discussion on public and private blockchains) that reduces
uphold the premise of decentralization, different blockchain- the chances of forking (the undesirable process where two
based systems deploy a particular flavour of distributed con- chains originate from a same block that reflects a conflict).
sensus. In this section, we first discuss the most popular Unlike PoW-based implementations, Algorand requires an in-
and widely adopted consensus protocol called Proof-of-Work significant amount of computation and generates a transaction
(PoW) mainly popularised by Bitcoin. We then build upon history, which avoids forking with high probability. However,
this discussion to describe and compare subsequent consensus since PoS is still in its development phase, it does come
mechanisms that have been deployed as different blockchain- with its fair share of issues. Most notable is the mismatch
based systems evolved and proliferated. between the actual interest of nodes with the same stake in
1) Proof-of-Work (PoW): PoW-based consensus mechanism the underlying network2 .
was mainly popularized by Bitcoin [39]. PoW’s main goal is 3) Proof-of-Authority (PoA): Proof of authority (PoA) is
to prevent double spending of a digital asset by providing another blockchain consensus approach mainly used to en-
a verifiable trust guarantee to a payee. Such a guarantee is able a comparatively fast transaction rate mostly in private
provided in the form of publishing an integer called a nonce. blockchain settings [43], [44]. PoA is derived from Byzantine
Finding a nonce is a computationally intensive process and is Fault Tolerance based (BFT) consensus algorithms (see the
often referred to as mining. The peer of a blockchain network next Section II-D4 for details). Moreover, this PoA variant is
that finds a nonce is called a miner. Specifically, a nonce is mostly being used by the test networks mainly for experimen-
an integer which, when hashed together with the contents tation (such as Rinkeby and Ropsten Ethereum networks). The
of a block, outputs a hash matching a predefined pattern. idea of PoA is quite similar to PoS; in PoA it is the identity (or
Depending upon the underlying system, such a pattern is reputation) of nodes that is put at stake instead of the monetary
usually defined to start with a predefined number of zeros. The value owned by the nodes. This implies that PoA is mostly
larger the number of leading zeros the harder (in computational used to establish permissioned blockchains (see Section II-F)
terms) it is to find a nonce that produces a hash which matches
such a pre-defined pattern. Sometimes this is referred to as 1 https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQs

the difficulty of mining. In principle, any peer node of a 2 https://tinyurl.com/poa-network

 5

Transaction chain (a coin)

Hash of owner 1's PK Hash of owner 2's PK Hash of owner 3's PK

Verify Verify

Hash Hash Hash

Owner 0's signature Owner 1's signature Owner 2's signature

Sign Sign

Owner 1's SK Owner 2's SK Owner 3's SK

Fig. 3: Transaction chain or a coin. Figure adapted from [39]

Mined blocks

Block# 1 Block# 2 Block# 3

Block header
Nonce: 32154 Nonce: 9875 Nonce: 485

Prev: 00000000000000 ... Prev: 000005b65844af ... Prev: 00000cedc7f7d1 ...

Hash: 000005b65844af ... Hash: 00000cedc7f7d1 ... Hash: 00000a9f539f54 ...

Data: <Transaction data> Data: <Transaction data> Data: <Transaction data>

Note: The fields of Nonce, Prev, and Hash contain arbitrary  values

Fig. 4: Mined blocks in a blockchain. Hash in each block now starts with five zeros.

where the identities of the peer nodes are known and they are a program that executes on blockchain in a distributed manner
given specific permissions to mine new blocks. and possesses unique identification. It contains functions and
state variables. These functions receive input parameters of
4) Practical Byzantine Fault Tolerance: Practical Byzan-
the contract and get invoked when relevant transactions are
tine Fault Tolerance-based consensus algorithm was first in-
made. The values of state variables are dependent on the
troduced for asynchronous systems (such as the Internet) to
logic contained in the functions [47]. These functions are
combat Byzantine faults [45], such as arbitrary node behaviour
normally written in high-level languages (such as Solidity or
that could imply software bugs, malfunctioning of a node,
Python) [48]. Compilers convert these programs into bytecode
or an adversarial attack. Byzantine faults are particularly of
that is then deployed on a blockchain network. The functions
interest in the context of blockchain’s peer-to-peer network.
contained within the bytecode of smart contracts are invoked
Byzantine faults imply an arbitrary behavior by peers of such
when a node makes the relevant transaction aimed at the
networks due to adversarial malicious activities and software
particular smart contract [47]. Smart contracts help automate
bugs that remain undetected particularly given the size and
the logic of an arbitrary value transfer system in an immutable
complexity of the software’s (such as a set of smart contracts)
manner where conditional transactions are recorded, executed,
source code3 .
and distributed across the blockchain network. These contracts
have the potential to reduce the legal (up to a certain extent)
E. Smart contracts and enforcement costs while largely ruling out the need for
One important aspect of blockchains is its use in enabling central trusted or regulating authority [49]. Smart contracts
smart contracts [46]. Smart contracts can simply be viewed as can create an environment of trust among the members of
algorithmic enforcement of an agreement among, often, mutu- several contrasting and diverse communities [3].
ally non-trusting entities. More technically, a smart contract is Ethereum4 was the first blockchain project that introduced

3 https://tinyurl.com/the-dao-hack-explained 4 https://ethereum.org/
 6

and popularized the concept of smart contracts [50], [51]. in a digital-value transfer system such as blockchain-based
It is an open-source, blockchain-based platform that enables cryptocurrency networks. The use of digital assets is rising
one to develop and execute decentralized applications. One and evolving wave in the blockchain space. The potency
of Ethereum’s goals is to ease the process of developing the to represent assets within a digitized system and carry out
decentralized applications called dApps [52], [53]. Ethereum transactions via an open source blockchain technology is
can be considered as the next step, after Bitcoin, in the inspiring the creation of a whole new marketplace. The aim is
evolution of blockchain-based systems. Before Ethereum, most to reduce the cost, risk, constrainsts, and fraud associated with
of the blockchain-based systems, mainly cryptocurrency-based the traditional trading systems. Digital asset tokens and the
projects, revolved around expanding on Bitcoin’s core protocol associated set of smart contracts can exemplify an arbitrary
and focusing on one specific application. Ethereum, however, agreement among parties interested in a trade related to a
generalizes and allows multiple such projects to coexist on a digital asset. Such tokens further enhance efficacy in an end-
broader underlying blockchain-based compute resource. to-end trading, services, and settlements towards a single
Operations on Ethereum are performed by utilizing the coherent offering, and thus enable liquidity for previously
Ethereum Virtual Machine (EVM). EVM is the implemen- illiquid markets
tation of the Ethereum protocol responsible for handling An online blockchain-based game (developed on Ethereum
state transitions and carrying out computation tasks [54]. network) of breeding digital cats called Cryptokitties can be
EVM provides the runtime environment for the execution of considered to understand the concept of a blockchain-based
smart contracts [47]. The EVM generated binary comprises unique and tradeable digital asset. Cryptokitties is one of
smart contracts’ opcode that gets deployed on the underlying the earliest efforts to adopt blockchain technology for leisure
blockchain. and recreational activities. Most remarkably in December
2017, the popularity of the game congested the network of
F. Public and private blockchains Ethereum, resulting in an all-time high volume of transactions
The underlying blockchains of Bitcoin, Ethereum and, in CryptoKitties is an example of a non-fungible token (NFT)
general, of most cryptocurrencies are open and public. This on the Ethereum-enabled blockchain network. The underlying
implies that anyone can join the blockchain network and logic that renders a Cryptokitty a unique tradeable asset is
transact with any other peer of the network. Moreover, such based on a smart contract stadnard called ERC721. Cryptokit-
networks also encourage peers to stay anonymous. As an ties can be regarded as unique and tradable ERC721 tokens
example in Bitcoin’s network, peers are assigned addresses where the value of these tokens can depreciate or increase
based on the hash of their public keys instead of based on according to the market. Hence, these Cryptokitties are secure
their actual identities. against replication and cannot be transferred without the owner
On the other hand, there are permissioned and private permission, i.e., even by the game creators.
variants of blockchains as well. This concept was particularly In general, NFTs can be regarded as the tokenization (so that
popularized by Linux Foundation’s Hyperledger Fabric (HLF) they can be rendered tradable on top of a blockchain-platform)
platform 5 . This platform is proposed for business use cases of digital assets. Furthermore, ERC-721 provides a standard
where, in addition to data immutability and P2P consensus, interface for NFT, where tokens represent a subset of Ethereum
transaction confidentiality is also required. Permissioned and tokens. Since the initial publication of ERC-721 interface
private blockchain platforms such as HLF usually deploy a in 2017 as Ethereum Improvement Proposal (EIP), ERC-
cryptographic membership service on top of their blockchain’s 721-based tokens have allowed tokenization of ownership of
immutable record keeping. Each peer in such a network can be any arbitrary data. It is important here to note that the key
uniquely identified based on its real-world identity. Proof-of- differentiator in NFTs is that every token is associated with a
Authority (as discussed earlier) functions on the same principle unique identifier, rendering each token unique to its respective
of permissioned and private blockchains. owner. Lastly, unlike fungible ERC20 standard tokens that
are interchangeable, such that users can create any amount
of tokens using a single contract, ERC-721 standard requires
G. Internet of value
each token to posses a different value within the same contract.
The value addition in businesses by blockchain technology
The Ripple coin (XRP)6 is a further innovative option of
is expected to grow to $176 billion by 2025, according to
tokens on the Ripple network used to establish transactional
Gartner [55] Inc. Based on this technology, innovative payment
exchanges among parties that issue a new digital asset on
channels are being introduced. One such example is Ripplenet
the XRP ledger. Specifically, XRP can be transferred directly
[56] that facilitates quick and lower-cost payments globally
without a centralized party, rendering it a suitable solution
through its network of more than 300 financial institutions
in bridging different assets efficiently and speedily. Moreover,
located in different geographical parts of the world.
rather than leveraging the mining concept of blockchain, Rip-
ple XRP adopts a unique and novel consensus mechanism via a
H. Digital assets network of servers in order to verify and validate transactions.
A digital asset can be considered as the digital represen- This is achieved through a poll where servers on the network
tation of a tradeable valuable that can be owned and used
5 https://hyperledger-fabric.readthedocs.io/en/release-1.3/blockchain.html 6 https://ripple.com/xrp/
 7

determine the authenticity and validity of all transactions based • Revocation feature and methods: Bilinear maps accu-
upon consensus. mulators are used for revocation selection based upon
Moreover, in the realm of physical assets, blockchain tech- [60]. However, the limitation here is that users need to
nology can further enable digitisation of land registry system. be conscious about revoked credentials since the proof
Specifically, digitising registry systems via blockchain can en- must be lively updated whenever issuer-specific data for
hance their reliability and transparency and reduce challenges the update is publicly communicated (i.e. prevent privacy
of records’ integrity. Deploying the distributed and shared leakage as non-revocation process/proof can reveal user’s
database of blockchain can act as an incorruptible and unal- ID)
terable repository of information for land registry records. An • Revocation with attribute-based sharding: A partitioning
example of a use case related to land registry is “Blockchain of credential IDs is adopted to thwart privacy leakage.
Powered Land Registry in Ghana with BenBen”7 , which is The ID is partitioned into limited size shards I1 , I2 ,
a land registry system leveraging blockchain technology in ..., In , and the tail set for each shard becomes feasibly
order to help preserve property rights for citizens. BenBen8 has downloadable. The user therefore notify the verifier of
developed a top-of-stack land registry along with a verification their shard number so the latter can use the correspond-
platform for financial institutions, such that all transactions are ing accumulator data. Additionally, a revocation-liveness
captured and verified against the stored data. This platform parameter is also implemented in this module. Building
allows for a synchronized update of current registries and upon this, the verifier determines the liveness of non-
enable smart transactions and distribute private keys for users. revocation proofs to be accepted (note that in order to
As a result, a trusted and automated property transactions are restrain attacks against the revocation procedure, users
enabled between all participating parties. are recommended to deny any specification requiring an
accumulator younger than a day old.
Furthermore, various interoperability issues arise in
I. Registration and digital identity
blockchain networks include, but not limited to, energy con-
The concept of digital identity dates back to the begin- sumption and regulation policies. Such issues are mainly due
ning of the computer science era, which relates to issuer, to the lack of standardized protocols for deploying blockchain-
user, and verifier as subjects of the digital identity system. enabled mechanisms among different companies [34]. While
However, issuance, storage, and presentation operations must the number of companies interested in integrating blockchain
further align with rigorous security requirements to fulfil technology has been dramatically evolving, standardization
blockchain operability specifications [57]. These requirements protocols to allow an efficient collaboration (among different
include compatibility, unforgeability, integrity, scalability, per- blockchains) still do not exist which implies a lack of interop-
formance/low latency, revocation, unlinkability, and selective erability. Such an issue provides flexibility for blockchain de-
disclosure. Schemes of privacy-enabled digital identity have velopers to code with a variety of programming languages and
been presented in the past, e.g., U-Prove and Idemix. However, platforms; nevertheless renders blockchain networks isolated
these schemes are still not widely deployed and lack scalability and lack in-between interactions. A remarkable example here
and compatibility (i.e., assuming efficacious implementations is the GitHub, which offers more than 6500 active blockchain-
requires a meta-system congregating multiple verifiers/issuers enabled projects (i.e., coded with different platforms and
as well as credential schemas management. Furthermore, these programming languages), protocols, and consensus algorithms.
traditional schemes require a global (centralized) third party, Hence a standard protocol is needed to permit collaborations
which must be trusted, for issuers data and parameters distri- within these developed applications and integration with ex-
bution and exchange. isting blockchain systems [34], [65].
In order to address the aforementioned challenges in digital
identity systems, Evernym, Inc. developed a practical digital III. B LOCKCHAIN - BASED N ETWORK A PPLICATIONS
identity scheme (of a global scale) called “Sovrin” [58]. This
Other than cryptocurrencies, blockchain finds its applica-
scheme resolves operability and scalability issues based upon
tions in various other fields, particularly those that require
the use of permissioned blockchains and anonymous creden-
more transparency and trust in their record-keeping. Some
tials concepts. The scheme further amalgamates revocation
blockchain-based network applications with their platforms are
with anonymous credentials [59], [60] for unforgeability, pri-
shown in Fig. 5.
vacy, unlinkability and a distributed ledger, adopting practices
from BFT [61] and Ethereum [50] protocols.
A. Software-Defined Networks
• Anonymous credentials for privacy: Idemix specification
[62], [63] is used as the anonymous credential module Software-Defined Networking (SDN) is an evolving net-
baseline. Unlike U-Prove, this module grants unlinka- working technology that detaches data plane from control traf-
bility by default and is built based upon the Charm fic. In such a technology, networking resources are managed
framework [64], which offers a Python API for large by a centralized controller acting as the networking operating
integers, pairings, and signature mechanisms. system (NOS) [21]. However, scalability is a major constraint
in the single SDN-enabled networking environments, and thus
7 https://www.bigchaindb.com/usecases/government/benben/ the adoption of blockchain technology with SDN can help
8 http://www.benben.com.gh/ with facilitation of multi-domain SDNs interconnection and
 8

Fig. 5: Examples of blockchain-based network applications and their solutions

TABLE II Timeline: Evolution of Blockchain

based upon integration of SDN-enabled edge computing and
2018 • Blockchains potential got revamped by blackchain technology, where the fog nodes are placed at the
more investments in wide range of use network edge. The architecture is distributed as three layers,
cases [66]
cloud, device, and fog.
2017 • Seven European banks, announced their
program to develop a blockchain-based Blockchain in this solution is mainly used to record the
trade finance platform in collaboration QoS, service pool, and payments, while the proof-of-service
with IBM [67]
plays the role of a consensus mechanism to control the service
2016 • Ethereum DAO code was compromised usage. However, this solution has not been implemented yet
and hacked [68], Emergence of
permissioned blockchain solutions [10] and security of fog nodes enabling communication across IoT
2015 • Blockchain trial was initiated by NASDAQ entities remains an open research problem. Further studies
[69], Hyperledger project was started [70] such as, Sharma et al. [87] developed a blockchain-enabled
2014 • With crowdfunding the Ethereum Project distributed and secure SDN framework, where all controllers
was started [71], Ethereum genesis block operate as blockchain entities to control the flow tables in
was created [72], [73]
SDN switching devices over the SDN data plane. Lastly, QiU
2013 • Ethereum, a blockchain-based distributed
computing platform was proposed [74]
et al. [88] proposed distributed software-defined industrial IoT
2012 • Coinbase, started as brokerage for Bitcoin
(SDIIoT) using the permissioned blockchain to improve secu-
[75] rity, reliability, and traceability across all distributed devices.
2011 • Silk Road launched with Bitcoin as This solution further resolves the limitation in permissioned
payment method [76], BitPay first Blockchain throughput and manages access operations to
Blockchain-based wallet [77], Emergence computational resources.
of other cryptocurrencies like Swiftcoin
[78]–[80], Litecoin [81] Furthermore, emergence of SDN and Network Function
2010 • First Bitcoin cryptocurrency exchange Mt. Virtualization (NFV) can provide virtualized edge platforms
Gox started working [82], [83] for future Internet development (IoT in particular). Virtual
2009 • First Bitcoin block was created [84], [85] nodes in such virtualized platforms are dynamically managed
2008 • Bitcoin’s whitepaper was published by and can render IoT-based shared edge feasible along with
Satoshi [39] virtualized assets [89]. However, the configuration assets in
SDN are handled and maintained by a centralized control mod-
ule, which therefore enables sophisticated centralized attack
communication paving. For example, Sharma et al. [86] a surfaces [8]. A remarkable solution was presented in [87] to
fog-based solution is proposed leveraging multiple/distributed resolve such a challenge through a decentralization of SDN
SDN controllers capabilities. Namely, in order to improve reli- control layer via blockchain technology. However, the security
ability and scalability, the blockchain technology is deployed of the virtualized IoT assets using blockchain is yet to remain a
here to distributively interconnect multiple SDN controllers. major concern yielding an interesting future research direction
The presented solution is a decentralized cloud architecture [9].
 9

B. The Decentralized Internet Being a blockchain-based system (with secretly held private
The Internet has enabled the evolution of a number of keys corresponding to the registered domain names) it is im-
applications such as mobile health, education, e-commerce, mune to censorship or seizure of the registered domain name
online social systems, and digital financial services. However accounts. Similarly, any change in domain names, recorded on
many parts of the world are still deprived of the Internet’s a blockchain, requires proof-of-work by the longest chain of
boons due to the existence of a digital divide [90]–[93]. honest network peers (see Section II-D1 for details), which in
Moreover, the existing Internet infrastructure is predominantly turn is in control of the highest computing pool [105], [110].
centralized creating monopolies in the provision of services Another blockchain-based namespace system called Block-
to its users [94], [95]. Distributed denial of service (DDoS) stack, inspired by the Namecoin network, improves upon
attacks on DNS servers9 , certificate authority compromises various performance limitations of Namecoin (for a detailed
(as mentioned in Section III-I), cybersecurity-related incidents analysis of Namecoin, please see [105]) most importantly se-
[96]–[98] and similar other service disruptions are rife mainly curity and scalability [107]. The aspect of security was particu-
because of the largely centralized nature of the current Internet larly improved by Blockstack by migrating from Namecoin’s
and the services that it provides [99]. Whereas, the decentral- blockchain to Bitcoin’s larger blockchain. The reason being
ized approach to the online service provisioning gives more the bigger size of Bitcoin’s network, which makes it harder (as
control to the users (or the edges of the Internet) and ensures compared to Namecoin’s relatively smaller network) for a 51%
fair participation and sharing of the resources. It is believed attack [111] (see Section II-D1). One of the distinguishing fea-
that decentralization of the communication infrastructure may tures of Blockstack system is the introduction of a virtualchain
bridge the gap of the digital divide and make the Internet [112]. Virtualchain is a logical overlay layer that sits on top
services reachable to the remaining unconnected portion of of a production blockchain such as Bitcoin. Virtualchain eases
the planet [100]. the process of modifying the underlying blockchain without
In this section, we try to re-imagine different components of requiring actual consensus-breaking changes to it. Blockstack
the Internet through the perspective of Blockchain’s premise system facilitates users to register unique human-readable
of decentralization and distributed trust. usernames and employs the distributed PKI system to bind
user identities with arbitrary data values. This new registration
1) Decentralized naming systems: Domain name system system thus functions without the requirement of any centrally
(DNS) is an example of online namespace system. Its primary trusted third party [99], [107]. Blockstack enables users to own
goal is to resolve each unique hostname to an IP address(es) and control their data and access to this data at all times.
and vice versa. Presently, the largely centralized nature of 2) Routing in the decentralized Internet: The interoper-
DNS raises the odds for single-point failures and makes such ability of many still distinct (and largely isolated and self
systems prone to malpractice and malicious activities by the contained) blockchain networks will pose a problem in future
main stakeholders and governments. In the past, the seizure of if they are to come together to enable a wide-spread adoption
hundreds of domain names by governments or the regulatory of blockchain-powered decentralized web. There is a need
institutions have turned scientists, activists, and enthusiasts for a routing mechanism that can take into account different
to think about possible alternatives to this largely centralized characteristics of different blockchain networks and route a
namespace system [101]–[105]. transaction from one network to a potentially different one
Most applications place a demand for a namespace system and back. The main problem in inter-blockchain network
that can ensure security during the provision of such identi- routing is of verification of blockchain records among different
fiers. Blockchain can enable a namespace system by making blockchain networks and the provision of communication be-
use of global, tamper-resistant, and append-only ledgers and tween any two peers belonging to any two distinct blockchain
thereby guarantee the integrity, availability, uniqueness, and networks. In a single network this problem gets trivial with
security of name-value pairs. While some challenges remain all the peers agreeing to follow the same consensus protocol
to be solved, the blockchain technology can successfully (for example PoW). The motivation to enable interoperability
provide the essential basis for the construction and gover- among different blockchain networks can be taken from the
nance of secure and distributed naming services [106]. Such concept of a lightweight client of a blockchain network. Such
blockchain-based networks further encourage the inclusion of clients are able to verify the existence of a record of a
honest network peers since for a sufficiently large blockchain transaction in a blockchain network without downloading the
network, it becomes very difficult and costly for the adversarial entire bulk of blockchain data. The lightweight clients do so by
elements to tinker with the blockchain records [107]. making use of a technique called Simple Payment Verficiation
In 2011, an experimental open-source startup called Name- (SPV)10 [39] which allows a client to verify the existence of
coin came into being providing distributed DNS services based a transaction record only by downloading the comparatively
on blockchain technology with the aim of improved security lightweight, block headers, in the form of a Merkle branch, in
mechanism, decentralization, confidentiality, and agility [108], comparison to the entire blockchain data. Following a similar
[109]. Namecoin is designed to work on top of a blockchain principle, Blocknet11 proposes a solution for inter-blockchain
and as an alternative to the existing conventional DNS root routing infrastructure [113]. Blocknet achieves interoperability
servers for the storage of registered domain names [107].
10 http://docs.electrum.org/en/latest/spv.html
9 https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn 11 https://blocknet.co/
 10

by making use of two main components namely XBridge and interoperability among different mail clients and servers. The
XRouter. XBridge is responsible for implementing the ex- security of an email system relies on a continuous process of
change functionality which implies enabling of atomic swaps planning and management. Email messages pass through the
of tokens between two blockchains. XRouter on the other non-trusted external networks that are often beyond the control
hand implements communication functionality and in unison of an email provider’s security system. These email messages,
with XBridge and making use of SPV a transaction can without appropriate security safeguards, can potentially be
then be performed between two peers belonging to different read, modified, and copied at any point along their path [115].
blockchain networks. Melissa, Sasser worm and other embedded hyperlinks and
Another project that proposes a solution to enable cross- viruses have damaged millions of computers and their data
ledger payments is called Interledger12 [114]. Interledger [116]. Email solutions (such as Yahoo) have suffered from data
presents the concept of connectors that act as decentralized breaches in the past and have resultantly urged their users to
exchanges between two distinct blockchain ledgers and route change their password keys [117]. In order to improve on these
transactions (or packets of money as per Interledger’s vernac- centralized email systems to better safeguard the users’ private
ular). Interledger takes its inspiration from IP routing and and sensitive information, a radical change in the underlying
instead of IP addresses it makes use of an ILP (Interledger technology seems imperative.
packet) address. ILP packets differ from the best-effort IP One of the solutions to address the vulnerabilities of the
routing in the way that ILP packets can not be lost or stolen email system described above can be in the form of a
since in the case of ILP, funds with real monetary value are blockchain-powered decentralized and distributed email sys-
transferred instead of data. This is achieved by making use tem. Email addresses, in a similar way to DNS address
of Hashed Timelock Agreements (HTLA)13 in combination assignment as discussed in the last section, can be assigned
with SPV to settle cross ledger payment claims. HTLAs work to the users over blockchain technology. In this system,
across the ledgers and enable conditional transfers. Conditional there is no centralized controlling server in order to gain
transfers involve a preparation step whereby a transfer is first access to personal data and records. Most importantly, email
prepared which implies that a sender’s funds are put on hold communication using blockchain technology is not under the
by a ledger’s contract until a condition is met which manifests influence of government authorities that could exploit the
itself in the form of a digest of a cryptographic hash function. centralized email providers such as ISPs and technology giants
Its incumbent on a recipient to present this digest in the form such as Google, Amazon, and Facebook, etc. John McAfee
of a preimage within a certain time window. If the time expires Swiftmail14 is a blockchain-based email solution with 256-bit
the funds are automatically released to the sender. This way, end-to-end encryption for the protection of data. CryptaMail15
by making use of HTLAs the funds can not be lost in transit. is another blockchain-based email service that claims 100%
In conclusion, we see the problem of blockchain interop- security based on the decentralized system without third party
erability as akin to the Border Gateway Protocol’s (BGP) involvement. Gmelius blockchain architecture is a hybrid
routing problem where different Autonomous Systems (ASes) system that offers a scalable and cost-effective framework that
interoperate with each other with a mutually agreed upon anchors email associated data into the Ethereum [118].
control plane information. In our opinion these two problems Lastly, given the above research efforts on blockchain
seem to fit well together. Both domains (i.e., BGP routing technology support for decentralized email systems, yet the
and blockchain interoperability) can motivate solutions in each Quality of Service (QoS) remains another significant concern
other. As an example, in our opinion, it would be beneficial if of interest among future research trends. The email service
BGP attributes such as AS prefixes with corresponding control is delay-sensitive and does not tolerate failures, whereas
plane information (such as peering agreements) are stored blockchain transactions can experience delays (or can even
in an immutable manner in a blocckhain-based database for be ignored in a time period).
routing checks. There will, however, be scalability and latency
concerns as a blockchain’s transaction rate must keep up with D. Blockchain for the Internet-of-Things (IoT)
the dynamic nature of the changing network topologies in
The Internet of Things (IoT) broadly speaking is a network
different ASes. Still, storage of network topological graphs
of everyday objects in which the IoT devices capture or
with peering agreements will create an opportunity for a more
generate enormous amounts of data and send it over the
trusted, transparent, and auditable routing decisions with a
network [119]. This interconnection of a large number of IoT
lesser chance for censorship and collusion.
devices is known to cause many privacy and security issues
[120]–[123], including, but not limited to, authentication,
C. Decentralized Email privacy preserving, and data tampering/false data injection.
Today, electronic mail (email) is a common form of com- The IoT-based social, such as health-related, applications often
munication among many that usually consists of a mail client end up monitoring and collecting sensitive personal infor-
and an associated server. There are various protocols such mation. When such information is exposed to third parties,
as SMTP, ESMTP, POP, and IMAP for formatting, process- such as health-care providers, the prospects of inadvertent
ing, delivering, and displaying email messages by ensuring or malicious privacy compromises become highly probable
12 https://interledger.org/ 14 http://johnmcafeeswiftmail.com/
13 https://interledger.org/rfcs/0022-hashed-timelock-agreements/ 15 http://www.cryptamail.com/
 11

[124]. Compliance with the privacy and security rules and P2P messaging, ii) distributed file sharing, and iii) autonomous
policies for a particular application is a significant challenge coordination among the devices of IoT network. ADEPT
in IoT-based systems [125]. In such systems, blockchain- makes use of Telehash (an encrypted mesh networking pro-
based solutions can help in addressing the issues related to tocol)18 , BitTorrent, and Ethereum respectively to realize the
security and privacy. Besides the by-design existence of some three principles just described. Ethereum’s blockchain enables
implementation constraints of energy, delay, and computation device owners of ADEPT’s IoT network to automate rules
overhead in IoT devices, businesses have started initiatives of engagement, the registration and authentication processes,
to use blockchain into their various domains such as in and interactions among themselves in a decentralized and
production and supply chain management [126], [127]. For trusted manner. This can be achieved in one of two ways
example, the IBM Watson IoT platform16 empowers the users namely: i) proximity-based: taking into consideration physical,
to put their data on blockchain ledgers, which can later be temporal or social distance and ii) consensus-based: taking into
used in shared transactions among different members of an consideration selection, validation, or blacklisting criterion
IoT-related business consortium. This way members of such [166]–[168].
consortium can take part in verifying transactions against IoT Among other works is Filament, a blockchain-based tech-
data, dispute resolution, and accountability mechanism in a nology stack that enables IoT devices to discover, register,
trusted, transparent, and mutually agreed upon manner. The manage, and communicate in a decentralized manner [169],
data collected from devices in an IoT network is formatted [170]. In [171], a system named modum.io19 has been pre-
into such API formats that are understandable to blockchain sented, which utilizes blockchain-based IoT devices to ensure
smart contracts. The IBM Watson IoT platform enables a the immutability of the transactions related to physical prod-
business solution to manage, analyze, and customize IoT ucts and facilitates in the regularization of the supply-chain
data, according to a pre-agreed policy, to be shared among management process in the various fields [172].
permissioned clients, members, and smart contracts [126]. Given the growth of blockchain aligns with transactions
The importance of IoT can be gauged by observing the man- storage by users, robust miners must handle consensus pro-
ufacturing industry, which is increasingly adopting IoT-based tocols in the blockchain. Hence as discussed earlier, various
solutions for machine diagnostics, manufacturing automation, energy efficacious consensus algorithms were presented to
and health management of industrial machines [47]. Cloud- store only recent transactions (e.g., mini-blockchain [173],
powered manufacturing systems along with IoT technology proof-of-stake [174], and proof-of-space and delegated proof-
help in the provisioning of manufacturing resources to the of-space [175], [176]). The challenge however in IoT devices
clients as per the existing demand. This usually requires the is the resource and power constraints that render them typ-
involvement of a centrally trusted third party. A blockchain- ically unable to fulfill the essential power consumption and
based platform called Blockchain Platform for Industrial In- computation in handling consensus and blockchain storage.
ternet of Things (BPIIoT) is a trustless P2P network where the Hence elaborating power efficient consensus mechanisms is a
exchange of services may take place without the need for a grand research challenge over IoT-enabled blockchain.
central trusted third party [47]. BPIIoT provides a platform for Remarkable work has recently been presented to address
the development of dApps pertaining to P2P manufacturing constrained resources based upon enabling blockchain for IoT
applications. BPIIoT improves on a similar project called environments. Most notably, Xu et al. [177] proposed a smart
Slock.it17 , according to the authors of [47], being generic in resource management for cloud datacenters (where billions
terms of dApp development. BPIIoT’s platform consists of a of IoT devices transfer data to the cloud using virtualization
single-board computer that provides a bridge to both cloud and technologies via Internet connection) by leveraging blockchain
blockchain services. BPIIoT enables customer-to-machine and technology. Namely, the proposed mechanism minimizes en-
machine-to-machine transactions without the involvement of ergy consumption cost that is achieved through enabling users
third parties. For more details on the applications of blockchain to sign transactions with their private keys, whereas neighbor
for the Internet of things (IoT), the interested readers are users are capable to validate or reject broadcast transactions.
referred to a comprehensive survey on this topic [8]. Sharma et al. [86] further presented a cloud architecture based
Another IoT project, managed by IBM in collaboration with upon emerging blockchain technology with fog computing and
Samsung, is the blockchain-powered and Ethereum-based Au- software-defined networks (SDN). Specifically, blockchain ca-
tonomous Decentralized Peer-to-Peer Telemetry (ADEPT) sys- pabilities are deployed here to ensure availability and scalabil-
tem. Ethereum is a blockchain-based generalized technology ity of networking-enabled services, while SDN controllers of
that can be considered as the compute framework for trustful fog hosts grant efficient management PIs to network operators.
messaging. Contracts authored under this framework endorse Further studies such as Xia et al. [178] presented a data sharing
the rules designed for interaction between network nodes and system leveraging blockchain technology named MeDShare.
thus are considered more secure. It also provides developers This proposed solution operates based upon three key layers;
with a platform for building applications integrated with the user, data query, and data structuring and provenance layers.
Ethereum message passing framework [50]. ADEPT realizes a Besides these efforts, Jiang et al. [179] presented Searchain,
decentralized IoT solution by following the three principles: i) a keyword search system that intends to improve efficiency in

16 ibm.co/2rJWCPC 18 http://telehash.org
17 https://slock.it/landing.html 19 https://modum.io
 12

Scope Example(s) Description

Cryptocurrency Bitcoin, Bcash, Iota, OmiseGO, Decentralized peer-to-peer electronic cash system for online payments.
Litecoin, Ripple, Dash, Zcash, Monero
Smart Contract Ethereum [50], Ripple [46] Occurrence of certain events triggers transfers of different things, i.e., security deposit payment,
saving wallets, decentralized gambling, wills etc.
Cloud Services Abuse Prevention [128] Defence to stop attacks and service abuses in cloud computing applications.
Message Exchange Bitmessage [129] Secure system to send and receive messages.
Identity and Privacy ChainAnchor [130] Trusted, privacy-preserving, identity management system.
Voting System Electronic Vote [131] Electronic vote transaction system for a voter to spend the vote in favor of one or more candidate recipients.
Digital Content Content Distribution [132] Decentralized and peer-to-peer digital content management system with rights management mechanism.
Health Patient Data [133] Patient data sharing system based on blockchain technology.
Transportation Vehicle Communication [134] Secure vehicle to vehicle communication system.
Agriculture ICT E-Agriculture [135] Distributed ledger system to safeguarded transparent data management.
Software Software Connector [136] Software components states sharing system without trusting a central integration point.
Micro Finance Stellar [137] Creates services and financial products using blockchain architecture.
E-Commerce OpenBazaar [138] Provides trading platform for users where they can make free transactions among themselves.
Mobile Banking Atlas [139] Atlas provides platform for mobile banking and connects world communities through it.
Storage Sia [140] A cloud storage platforms, enables anyone to make money.
DNS Namecoin [141] A blockchain-based domain name system.
Document Management Blockcerts [142] Issue and verify certificates for academic, professional, workforce and civic records.
Storage BigchainDB, MaidSafe, Scalable storage which supports diverse applications, platforms, industries and use cases.
Filecoin [143] [144] [145]
Business and Economy IBM Blockchain Platform [146] Integrated platform designed for creation and acceleration of blockchain based businesses.
Internet of Things (IoT) IBM Watson IoT [147] Accountability and security in blockchain-based internet of things.

TABLE III: Examples of blockchain-based applications

Scope Startups Description

IoT and Economics Chronicled [148] Provides trusted data, ensures data provenence of IoT devices and helps in business process automation
Security and Intelligence Elliptic [149] Necessary intelligence information to security agencies and financial departments.
Data Security LuxTrust [150] Provides security to customer’s electronic data and digital identity.
Regulatory Compliance GuardTime [151] Data protection regulatory compliance software.
Financial Augur [152] A market forecasting tool to increase profitability.
Transportation Lazooz [153] Real-time ridesharing services.
Property Records Ubiquity [154] Provide service for secure ownership record of property.
Process Compliance Startumn [155] Ensures process integrity and improves regulatory compliance.
Music Mycelia [156] Music industry online services.
Asset Management Gem [157] Secure identification of assets.
Data Security Tieriom [158] Data protection service.
Tracking and Ownership Provenance [159] Maintain digital history of things.
Music Ujo Music [160] An online music store.
Smart Contracts SkuChain [161] Offers services like: Smart contracts, provenance of things, Inventory Management.
Storage Storj [162] A distributed storage platform.
E-commerce Gyft [163] An online gift transfer platform.
Firearms BlockSafe [164] A secure and privacy enabled firearm solution.
Health and Environment BitGive [165] By using blockchain technology it works for the improvement of public health and environment worldwide.

TABLE IV: Examples of blockchain-based startups

data storage and privacy over heterogeneous IoT-enabled stor- the closest replica server instead of always fetching it from
age resources. Specifically, Searchain grants a private keyword the data-originating server. Generally, large companies such
search in decentralized storage systems based upon two key as Netflix and Google’s YouTube service, have their own
modules, blockchain of ordered blocks and P2P architecture- dedicated CDNs, while smaller organizations can rent CDN
based transaction hosts. Tapas et al. [180] further addressed space from other companies like Akamai. BitTorrent is a
security challenges in IoT-enabled blockchain, namely autho- P2P content distribution protocol that enables the propagation
rization and delegation. The proposed solution is designed of data using networks of computers for downloading and
and integrated as smart contracts handler in the Ethereum uploading simultaneously without a central server [184]. Bit-
system and furtherly offers authorization and access control Torrent’s network consists of a large number of peers, which
management over IoT devices. Moreover, Alphand et al. [181] complicates the task of traffic management. The other major
presented a further security architecture to enforce authoriza- issue with the current CDNs is that the content creators receive
tion and access control to IoT devices through blockchain an inadequate share of the revenue, especially in digital content
technology. The proposed solution, named as IoTChain, de- distribution sector [185]. Similarly, the media sector is also
livers an efficacious multicasting of IoT resources based upon significantly suffering because the content can be easily copied
a conjunctive integration of the ACE authorization framework and distributed.
[182] and the OSCAR architecture [183].
Blockchain technology can be the solution with the neces-
sary ingredients to significantly resolve the challenges related
E. Blockchain-based Content Distribution to content distribution. It can stabilize the rights management
Content distribution networks (CDNs) are an effective ap- related issues for studios and artists by providing a better way
proach to improve Internet service quality by replicating the of content control. This can enable a more agile method for
content at different strategic geographic locations in the form content delivery with a more trusted, autonomous, and intel-
of data centers. Users can request and access data from ligent network. In a blockchain-based CDN, the participants
 13

can independently verify a record and its origin without the peers and the third party service providers. Entities can earn
need for a centralized authority for verification. Blockchain cryptocurrency-based micro-payments by sharing the unused
can store all the record related to the content (e.g., its origin), disk space and Internet bandwidth of their computing devices.
and share over the network in an immutable form along with In the context of distributed cloud, Dong et al. [200] pro-
the provision of enabling a monetization system to empower posed a game-theoretic, smart-contract-based verifiable cloud-
the content creators. computing framework. This enables the clients to analyze
DECENT20 , as an example, is a blockchain-based CDN that collusion between two different clouds by making them per-
provides secure content distribution and maintains the reputa- form the same computing task. In this framework, the users
tions of the content creator with a mechanism for the payment use smart contracts to simulate distrust, tension, and betrayal
between authors and client nodes also in place. Content (e.g., between the clouds to detect, and in turn, avoid cheating
ebooks, videos, and audio) is released cryptographically over and collusion. Similarly, Sia26 is another blockchain-based
the global DECENT network and other nodes can then pur- cloud storage platform. Sia platform automates trusted service
chase them with DECENT tokens. SingularDTV21 is a media level agreements (SLAs) between a user and storage provider
industry initiative in which an Ethereum-based entertainment using smart contracts. It is an open source platform that splits
studio is developed that can enable rights management as well users’ data into encrypted fragments and distributes them
as P2P distribution to empower artists and creators. across a P2P network that increases network resilience and
reduces downtime. Unlike the traditional storage solutions, the
data in this scheme becomes more secure in the sense that
F. Distributed Cloud Storage one can only access this data if in possession of associated
Today, consumers and enterprises face the storage and cryptographic keys. Another important work is Filecoin [201].
management problems caused by an ever-increasing volume Filecoin realizes the concept of distributed storage network in
of data on non-volatile data storage systems. Despite the terms of an algorithmic marketplace for storage. Filecoin is
popularity of cloud storage solutions (such as Dropbox and built as an incentive layer on top of another distributed file
Google Drive), the control, security, and privacy of data remain system called Inter-Planetary File System (IPFS). The miners
major concerns [191]. It is largely due to the current model in Filecoin host the storage space with the mining capability
being adopted by the cloud storage systems that often puts determined by the storage capacity a miner possesses. Filecoin
them under a centralized institutional authority. In this model, enables verifiable markets, which dictates how and where data
data is transferred over TCP/IP from a client to the host is written to and read from. Each read/write transaction is
servers in the legacy client-server model [192]. The infor- powered by the underlying cryptocurrency called Filecoin.
mation thieves, censorship agencies and spies can potentially
tamper with or copy the stored confidential files from hosting G. Applications in Online Social Networks
servers through technological means, legal tactics and political
The engagement of people with online social networks
strategies [193]–[197].
(OSNs) has increased greatly in recent years [202]. Users often
Such problems, mostly caused by central and identifiable put trust in these OSNs and share their personal details with
points in the current cloud storage systems22 , can potentially their online social community. Privacy and security concerns
be solved using decentralization and (transparent and trusted however still remain an issue with many OSNs. Any breach of
execution in the form of) automation based on a trust agree- trust has the potential to detriment a user’s virtual and, often
ment between a client and a host service provider. There in turn, real-world identities [203]. As an example, in one of
exist some storage solutions such as MaidSafe23 and Tornet24 the biggest data breaches27 , a data firm named Cambridge An-
that outline possible alternatives for a decentralized cloud, but alytica got the access to personal information of more than 50
security, scalability, and cost efficiency of these solutions still million Facebook (an online social network) users during 2016
remain in question. Therefore, a cloud storage system with US presidential campaign. The firm provided software tools
trusted and verifiable security guarantees, high redundancy, to analyze/predict American voters’ behavior/personalities and
and scalability, is required that should be economically viable influenced their choices of the ballot28 .
while being practical at the same time. Blockchain-based cloud Decentralization, transparency, and P2P consensus gives
storage solutions inherit characteristics such as decentraliza- blockchain the potential to address most of these aforemen-
tion, anonymity, and trusted execution of transactions among tioned security and privacy concerns prevalent in OSNs [204].
the members of a trust agreement and can pave the way for a As an example, a blockchain-based social media platform
verifiable and trusted cloud computing era [198], [199]. named “Steem”29 gives online community an opportunity to
Storj25 is a blockchain-based P2P distributed data storage have a say on the nature of the content that gets popular on
platform that enables users to tailor their data sharing and a social network. Steem enables users to earn rewards on
storage as per individual agreements with other network the basis of votes received by the community against their
20 https://decent.ch/ 26 https://sia.tech
21 https://singulardtv.com/ 27 https://www.nytimes.com/2018/03/19/technology/facebook-cambridge-
22 https://newsroom.fb.com/news/2018/09/security-update/
analytica-explained.html
23 https://maidsafe.net 28 https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-
24 https://github.com/bytemaster/tornet facebook-influence-us-election
25 https://storj.io 29 https://steem.io
 14

Platform Description
Swarm [186] An open Infrastructure for Digital Securities
InterPlanetary File System (IPFS) [187] A protocol and peer-to-peer network for storing and sharing data in a distributed file system
Sia [140] A platform for securing storage transactions with smart contracts
MaidSafe [144] A decentralized platform for application development via a proof-of-resources protocol
Storj [188] A decentralized file storage solution over P2P network using blockchain hash table
Filecoin [145] A digital payment system and blockchain-based cooperative digital storage
BlockScores/NextCloud [189] [190] An application for blockchain and smart contract interacting via secure leaderboards

TABLE V: Examples of blockchain platforms for distributed cloud storage

contributions [205]. This encourages an honest participation blockchain technology. The company has designed a Keyless
of community peers in maintaining the quality of the overall Signature Infrastructure (KSI) [213] against the commonly
network. Such OSN systems can further be made self-healing used Public Key Infrastructure (PKI). In this new infrastruc-
by a blockchain-based “reputation system”, such as the one ture, centralized Certificate Authority (CA) uses asymmetric
proposed by Dennis et al. [206]. This system keeps records encryption and manages public keys. Thus helping in reducing
of users’ reputation based on their transaction history. In our the risk of informational asset loss from cybersecurity-related
opinion, such techniques, while not being free of some ethical incidents.
concerns, greatly reduce the snooping and policing by the Obsidian35 is also blockchain technology based platform
centralized authorities such as governments30 . for secure message exchange without any provisioning of
centralized management mechanism. In this system, the meta-
H. Cybersecurity data about the undergoing communications is spread out in
distributed ledgers and cannot be collected at centralized lo-
A study on cybercrime [207] conducted on some organi-
cations. Hence, in the context of cybersecurity, it decreases the
zations, says that information loss remained the major cost
chance of surveillance or tracking and in this way addresses
component and increased from 35% in 2015 to 43% in 2017.
privacy issues [214].
Blockchains in particular can be a costly target for cyberattacks
[208], [209]. As an example, DDoS attacks on a blockchain
system can take the form of flooding the network with small I. Public Key Infrastructure (PKI): Certificate Authority (CA)
transactions. Still such transactions must be paid for (in the Public Key Infrastructure (PKI) establishes a link between
units of gas) in order for them to be confirmed by the network identities like domain names to a cryptographic public key
[208]. The operations that require very (disproportionately) with help of certificates [215], [216]. Among traditional
low gas costs are vulnerable to exploitation by attacker31 . approaches to PKIs, the most common choice is the use
However, when it comes to the execution of smart contracts of Certificate Authority (CA) that serves as a trusted third
then there is a large attack surface area [210]. This is because, party and manages the distribution digital certificates over
often, a set of smart contracts is deployed to automate an the network. This creates a single point of failure in such
application with all of its members working in unison. If PKIs in practice [217]. There have been many incidents when
one member of such a set malfunctions it can then trigger these centralized CA’s have been compromised—e.g., the Dig-
a domino effect rendering the whole set malfunction [208]. iNotar attack: 531 fraudulent certificates issued [218] [219];
As an example an ambitious ethereum-based project imple- Trustwave’s issuance of digital “skeleton key” for surveillance
mented called decentralized autonomous organization (DAO) [220]; Debian’s predictable random number generator in the
got hacked resulting in the theft of about 60M Ether32 . Such OpenSSL package [221]; Stuxnet malware: compromise on
attacks can further be avoided by providing further trust code-signing certificates [222] [223]; Duqu malware: stealing
guarantees for the code and logic of the smart contract itself. of digital certificates along with the private keys [224]–[227];
For instance, Tezos proposes the concept of a self amending and the console hacking of Playstation 3 with compromised
ledger and to make the deployment of a smart contract more private keys [228].
trusted it provides formal proofs of the code of a smart contract Developing a blockchain-based PKI is a feasible alternative
in order to secure the trust of all the parties interested in the to the existing PKIs, which can provide the required security
execution of this smart contact [211]. properties [229]. In a blockchain-based implementation of
Based on blockchain technology, REMME33 is a password the PKI system, the user identities are bound to public-
authentication system for safeguarding the confidential cre- keys using distributed public ledgers [107]. A blockchain-
dential information from cyberattacks and at the same time based decentralized PKI system called “CertCoin” for secure
disregarding the need to remember passwords [212]. identity management and retention has been in use. This
Estonian cryptographer Ahto Buldas co-founded an infor- system trusts the majority of peer network users instead of
mation security company named Guardtime34 in 2007. This any central trusted party. It has two different mechanisms for
company has been working to secure sensitive records using verification of the known public key and the lookup for a new
30 https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data public key, which are supported by decentralized efficient data
31 https://www.coindesk.com/so-ethereums-blockchain-is-still-under-attack/ structures [217]. In [230], another blockchain-based distributed
32 https://tinyurl.com/DAOattack PKI scheme has been proposed that resolves the single point
33 https://www.remme.io
34 https://guardtime.com 35 https://obsidianplatform.com
 15

failure issue. This scheme ensures validity and ownership A. Governance, Operational & Regulatory Issues
consistency of public-key certificates by miner’s proof-of- Blockchain has great potential to enable efficient and se-
work. It uses Merkle Patricia tree (see for details [231]) for cure real-time transactions across a large number of indus-
efficient accessibility of certificates without relying on any tries by providing financial services visibility along a supply
central trusted third party. Similarly other blockchain-based chain and streamlining government authorities and consumers.
PKIs have been discussed in [232]–[235]. Blockchain technology is still far from being adopted en
masse due to some unsolved challenges of standards and
J. Other Applications
regulation. Although it’s hard to regulate the development of
Using the blockchain technology, a company named Factom the blockchain technology itself, blockchain-based activities
has started a land registration project with the Government of (such as financial services, smart contract, etc.) should be
Honduras to ensure integrity and correctness of the informa- regulated [239]. To support its emergence and commercial
tion. Using the same technology, they have engaged in projects implementation, the development of standards and regulations
related to smart cities, document verification, and the finance are required to establish market confidence and trust. These
industry [236]. regulations can also be used for law enforcement to monitor
In another application, a blockchain-based startup Ev- fraudulent activities e.g., money laundering.
erledger is working on bringing transparency to the sup- In May 2016, a complex set of smart contracts named
ply chain of diamonds, which was previously perceived as Decentralized Autonomous Organization (DAO) was built on
complex, risky and prone to carrying false and incomplete top of Ethereum blockchain. It was a crowd-funding platform
information. Everledger has been designed to reduce fraudu- for defining organization rules39 . After this smart contract’s
lent modifications in the records to help financial institutions, creation, there was a period of funding during which users
businesses, and insurance companies with actual details of could earn its restrictive ownership by purchasing Ether (i.e.,
information [237]. the underlying cryptocurrecy). After the completion of that
A bitcoin-based startup Abra for transferring money to funding period, the DAO started its operation in which the
anyone with minimal charges of transaction. No intermediate restrictive owners (also called members) casted their votes
party gets involved in this transaction [238]. Blockchain is for the usage of collected funds. Initially, this operation was
being considered as a novel software connector, which can pro- very successful and raised over $150M from 11,000 members
vide a decentralized alternative to existing centralized systems within a one month duration [240]. In June 2016, almost
resulting in quality attributes. For example, Xu et al. [136] $70M were drained after a hack making use of a recursive call
found that blockchain can improve information transparency exploit. The hackers used this exploit to get Ether back from
and traceability as a software connector. DAO repeatedly before its actual balance update40 . Another
Openchain36 is a distributed ledger based system, which such incident happened in May 2017, when the WannaCry
helps in the management of digital assets while ensuring ransomware cyberattack targeted computers, encrypted their
their robustness, security, and scalability. AKASHA37 provides data and demanded the ransom money in cryptocurrency. In
people with a platform to publish and share their content total, an amount higher than £108,000 was paid in Bitcoin
online. Participants of this system get rewarded for their cryptocurrency by the victims. The impact of this cyberattack
content based on the votes against their entries. was reportedly seen in 150 countries worldwide41 .
OpenBazaar38 is a blockchain-based platform, which facil- If blockchain is to get widely adopted, centralized regulatory
itates people to make transactions freely among themselves. agencies, such as governmental agencies and multinational
Users of this system cannot censor the transactions or freeze corporations, may be unable to control and shape the activities
the payments. Users also enjoy the flexibility of sharing based on blockchain technology [241]. Because blockchain has
information as much as they want. However, the buyers and no specific location and each node may subject to a different
sellers can engage intermediate moderators to resolve any geographic jurisdiction and therefore different applicable laws
dispute that may arise between the involved parties [137]. and legal requirements. There is no central administration
IV. C HALLENGES AND THE ROAD A HEAD for each distributed ledger, therefore, territorial regulations
constitute a problem [242]. As a result, there is an increased
The blockchain is expected to drive economic changes on need to focus on the regulation of this cross-border nature of
a global scale by revolutionizing industry and commerce by technology.
redefining how digital trust mechanisms through distributed In the Roadmap for Blockchain Standards Report [243],
consensus mechanisms and transparent tamper-evident record- it has been emphasized that there is a need to establish
keeping. The disruption of blockchain is evident, and people international standards regarding blockchain terminology, in-
are beginning to adopt this distributed ledger technology. teroperability (between blockchain systems), user privacy,
There are, however, various hurdles that are slowing down the security, user identity, governance and risk related issues so
rate of blockchain’s adoption. Some of these challenges are that people’s confidence in blockchain-based businesses may
discussed below and with pointers to how these challenges
might find a solution in the future. 39 https://www.coindesk.com/understanding-dao-hack-journalists
40 https://www.cryptocompare.com/coins/guides/the-dao-the-hack-the-soft-
36 https://www.openchain.org
fork-and-the-hard-fork
37 https://akasha.world 41 https://www.theguardian.com/technology/2017/may/12/global-cyber-
38 https://www.openbazaar.org attack-ransomware-nsa-uk-nhs
 16

be developed. The report has further highlighted the need for be associated with an either identified or identifiable living
collaboration among committees and experts in order to further person44 . Some of the examples of identifiable information
strengthen the regulated use of the blockchain technology. include names, unique code number, IP address, single or
In [244], it has been described that there are many in- multiple identifying characteristics. Further, GDPR applies
terpretations of the blockchain technology in literature and throughout the lifecycle of personal data i.e., from data col-
formal blockchain terminologies are yet to be defined, i.e., lection, to data processing through to the ultimate disposal
permissioned blockchains vs. private distributed ledgers are of this data. GDPR-compliant businesses are bound to collect
few of those used interchangeably. In this [245] literature, the only data for the clearly stated purposes and process it with
importance of standards in paving the way for interoperability the users’ consent. After the use of personal data for the said
between multiple blockchain platforms and applications, have purpose, according to GDPR, the businesses are incumbent
been discussed. The author is of the view that developing such to delete the personal information from their local storage.
standards for ensuring interoperability can help in minimizing However, this excludes data pertaining to a deceased person
the risk of fragmented blockchain systems. and processing of such data is at the disposal of local policies
At first, the organizations who have been governing the in place at a particular geographic region [252].
Internet, considered blockchain technologies as beyond their GDPR gives users certain rights when they interact with
scope but this opinion changed later [246]. The World Wide businesses which provide a service based on their personal
Web Consortium (W3C) has been discussing online payments data collection and processing. These rights include:
by utilizing the blockchain’s potential42 . The Internet Gover- 1) Awareness: This entails that the users’ must be informed
nance Forum (IGF) has been arranging sessions on blockchain about how their personal data will be used;
technology to devise a distributed governance framework43 . 2) Access: The users must be able to access copies of their
The Her Majesty’s Revenue and Customs (HMRC) issued data collected by a business or a service provider free
a policy paper describing the tax treatment for the income of charge;
earned from Bitcoin (blockchain-based cryptocurrency) and 3) Correction: If a user finds some inaccuracies in her data
other cryptocurrencies-related activities [247]. The Financial held by a company then she must be able to flag it as
Crimes Enforcement Network (FinCEN) has recommended disputed;
that decentralized currencies should follow the money laun- 4) Deletion: A user must be able to make a company
dering regulations [248] [249]. delete all the information pertaining to her whenever
The European Securities Market Authority (ESMA) has she chooses. (This right is sometimes referred to as the
issued a paper [250] in which the benefits and risks of right to be forgotten);
the blockchain technology in securities markets have been 5) Restriction: If a user is in a process of assessing the
discussed. The UK Treasury has issued a report [251], which accurateness of her data use she must be able to restrict
has emphasized the need for Government to make efforts the access to her data during the process;
for the necessary regulatory framework in parallel to new 6) Objection: A user must be able to object to the uses of
blockchain-based developments. Moreover, other US regula- her data if she disagrees with some of the automated de-
tory authorities and agencies like Securities and Exchange cisions involving her (such as marketing ads or shopping
Commission (SEC), Commodity Futures Trading Commission recommendations).
(CFTC), Internal Revenue Service (IRS) and Federal Trade It can be observed that many of these rights seem to fit
Commission (FTC) have been working to make regulations quite well with the blockchain’s premise of decentralization,
pertaining to blockchain-based businesses and applications tamper-evident record keeping, transparency, and auditability.
[53]. There are however a few nuances which we discuss next.
1) Blockchain and GDPR: The European General Data There are two important terms that GDPR defines namely
Protection Regulation (GDPR) was adopted in 2016 by the Eu- data controller and data processor which require special
ropean Parliament and the European Council [252]. Since then, attention when dealing with blockchain-based projects. Both
two years were given to the businesses to prepare themselves of these entities take part in users’ personal data processing
to comply with the regulation. In this section, we discuss with their specific consent. There is, however, a nuance in the
where does the compliance with GDPR put the blockchain way these two entities function. Controller is an entity which
technology? Will the original premise of decentralization and sets the purposes and means for data processing. Controllers
immutability be able to sustain under the GDPR ramifications can take the shape of a natural or legal person, authority, or
particularly when we consider the right to be forgotten clause an agency. Data processors, on the other hand, is similarly a
of GDPR? In what follows we first provide a brief overview natural or legal person, authority, or an agency that processes
of the GDPR, the duties it puts on businesses, the rights it personal data on a controller’s behalf strictly following the
gives to the users’, and finally what are its ramifications on rules specified by the corresponding controller. There should
the blockchain technology in general? also be an agreement between a controller and a processor
After its legislation, the GDPR came into effect on May 25, clearly defining their roles and functions [253]. Given the
2018, and is applicable to any kind of information that can users’ rights, as mentioned above, one of the underlying prin-
ciples of GDPR is auditability which provides the provision
42 https://goo.gl/NjVLri
43 https://goo.gl/9pPeiQ 44 https://gdpr-info.eu/art-4-gdpr/
 17

to hold the process and the entities involved in personal data her. Further, as discussed above, the businesses are incumbent
processing accountable for their responsibilities, functions, and to delete personal data after a set duration of time. This right
actions45 . In the decentralized environment of blockchain the seems at odds with the blockchain’s data integrity guarantees.
important issue is related to specifying who gets to be a data The situation gets worse as blockchain-based solutions are
controller and who a processor [253], [254]. usually distributed with multiple copies of the records stored
In terms of blockchain, we consider a number of scenarios at different nodes of the network.
(self open, self private, open, private, consensus protocols) to As paradoxical as deletion and integrity seem at first glance
answer the questions related to deciding the roles of controllers there are, however, proposals to reconcile these two seemingly
and processors. First, an entity (a business for instance) can opposing principles47 . One of the solutions could be to encrypt
choose to make use of the open and permissionless blockchain. each data entry in blockchain with a key pair and only store the
In this scenario, such an entity can potentially write the core ciphertext on a blockchain. This way deletion can be achieved
blockchain protocol and make it open source. Further, such by simply deleting the corresponding private key while still
entities can also deploy a set of smart contracts defining data preserving the ciphertext on blockchain. In some geographical
processing rules and interactions among nodes of the network. jurisdictions (such as in Britain48 ) the interpretation of GDPR
We conjecture that this way such an entity can assume the does recognize such methods of digital deletion. However,
role of data controller. Further, anyone can download the such techniques do not provide a future-proof guarantee since
client software and become a node in the overall blockchain’s with the advent of new and faster technologies and techniques
P2P network. It has been a common practice that the open such as quantum computing, such encryption methods pose a
and public blockchains make use of PoW-based consensus risk for future data breaches49 .
mechanism. This implies that any node in the network can Another proposal is to only store hashes of data on
process transactions and validate them by including them in blockchain while storing the actual data in an off-chain stor-
a mined block and ultimately appending that block to the age. This way the deletion can be achieved by deleting the
overall blockchain. As we discussed earlier that PoW-based off-chain stored record while keeping the hash of it intact on
mining is a lottery-based process which means that it is a blockchain. An argument against this technique is that the hash
random event that a node in a network finds a nonce hence of a blob of data can still qualify as personal data since if an
mining and ultimately appending this block to the blockchain. entity possesses this blob then she can easily reconstruct the
In this scenario, it is not a trivial task to decide who is the hash and decipher what was stored on blockchain in the first
processor. Since potentially all the nodes in such a PoW-based place. To get around this problem, we can use hash peppering
network process data at the same time. We conjecture, either whereby a random and secretly kept nonce is appended to the
the whole network should be considered as a processor or the blob of data before taking its hash and storing it on blockchain.
responsibility of being a processor should be weighted as per This, however, implies keeping the nonces well protected and
the processing power of either individual nodes or pool of such secret and does imply some level of trust on third parties that
nodes (which are sometimes referred to as mining pools). are responsible for peppered hashing of data.
The second scenario is of private and permissioned Another way can be to make use of a technique similar to
blockchain. In this scenario, a number of entities can come the way channels are implemented in Hyperledger Fabric50 .
together to form a consortium and then automate the dynam- Channels can be understood as confidential and permissioned
ics of such a consortium using a permissioned version of islands of smaller blockchain instances on top of a larger
blockchain. In this setup the entities can make use of a PoA- blockchain infrastructure. A blockchain instance pertaining
based consensus mechanism or Hyperledger’s channel-based to a channel can be audited in the same way a public and
permissioned blockchain 46 . Further, such entities can rent open blockchain opens itself to auditing. However, the actual
storage and computational resources from a third party cloud contents of transactional records are encrypted and one can
provider and hence rendering them as data processors. On the not decipher the nature of the business being automated in
other hand, the consortium as a whole can assume the role a channel’s instance of blockchain. This way by deleting the
of a data controller. Again, we conjecture, if the consortium cryptographic information related to such a channel the whole
makes use of a consensus mechanism such as PoS then as instance of the corresponding blockchain can be rendered
far as accountability is concerned then each node can be held redundant.
accountable according to the stake value that such node holds
in the overall network. B. Scalability Issues
2) Right to be forgotten: Although many of the principles Scalability is one of the major concerns in the way of wide
outlined in GDPR such as data auditability fit quite well with spread adoption of blockchain-based technological solutions.
blockchain’s premise, the main bone of contention, however, We discuss this concern with following three different per-
in the way of making blockchain-based decentralized solutions spectives.
in compliance with GDPR is the so called right to be forgotten.
This right dictates that a user must be able to instruct a 47 https://thenextweb.com/syndication/2018/07/26/

business at any time to remove personal data pertaining to gdpr-blockchain-cryptocurrency/

48 https://bit.ly/1VBf6Y8
45 https://thenextweb.com/syndication/2018/07/26/ 49 https://www.bundesblock.de/wp-content/uploads/2018/05/GDPR
gdpr-blockchain-cryptocurrency/ Position Paper v1.0.pdf
46 https://hyperledger-fabric.readthedocs.io/en/release-1.3/channels.html 50 https://hyperledger-fabric.readthedocs.io/en/release-1.3/channels.html
 18

1) Transaction throughput: Although the Bitcoin is a pop- will put increasing pressure on storage nodes, which could
ular blockchain-based global cryptocurrency, scaling it to result in increased synchronization delay, power consumption,
handle the large transaction volumes worldwide raises some and server costs. We believe that more research is required in
concerns. Among other things, the transaction processing rate order to address these these scalability issues.
of Bitcoin is affected by (1) the available network bandwidth, 3) The Lightning Network and Sharding: The scalability
and (2) the network delay affects. Miners with high bandwidth issue can, up to some extent, be addressed by distributing
and with less network delay can broadcast their blocks among the transaction execution process into multiple steps [260].
peer nodes with ease and speed, while on the other hand low To ensure scalability, the execution of transactions can be
bandwidth miners with limited computational resources pos- performed outside the blockchain, whereas the validation
sess less probability of getting their fair share in a successful should take place within the blockchain network. This would
execution of proof-of-work [255]. decrease the transaction confirmation time. For example, the
Bitcoin has seen an increasing interest, which has raised Lightning Network is able to perform 45000 transactions per
questions about its scalability. Scalability was one of the second by executing the transactions outside the blockchain
reasons that led to the creation of Bitcoin Cash51 ; a forked [261].
version of Bitcoin but with a larger block size to allow more Another possible solution could be a decentralized database
transactions per block. that can be used by both public and private blockchain and
The blockchain-based systems are usually self-managed deploying sharding (which implies horizontal partitioning of
and accept transaction blocks after approximate intervals of records given large databases) and then merging the shardes
time. The throughputs of these transactions are mainly based at regular intervals52 [262], [263]. A decentralized database
on block interval and maximum block size [256]. It has would be able to process millions of writes per second with
been predicted that if the blocks size were to continue to the storage capacity of petabytes and latency in sub-seconds.
grow at the same rate then it might attain a value close to This will also allow more nodes to be added to the platform,
its maximum capacity level by 2017 and this could be a which would increase the performance and make the capacity
significant scalability concern [257]. scalabile.
Increasing the block size does imply a higher transaction
throughput, however, this will also mean that the larger blocks C. Security and Privacy Concerns
would require more time to reach to the peer nodes of the Besides security being in the system by design of the
network resulting in higher latency when it comes to proposing blockchain-based transactions, privacy remains a concern in
new blocks or reaching consensus on the state of a blockchain. applications and platforms [264]. The blockchain technology
On the other hand, the latency would decrease with decreased has been considered as privacy-preserver and rated well in this
block interval but at the cost of potential disagreement in context [265] [266] [267]. However, third-party web trackers
the system [258]. Similarly, other consensus protocols such have been observed deanonymizing users of cryptocurrencies.
as PoS-based consensus (as meniotned in Section II-D2) are These trackers fetch user’s identity and purchase information
in development phase which are aimed to addressed the from shopping websites to be used for advertisement and
scalability and energy concerns. analysis purpose. Normally, these trackers have sufficient
2) Storage: In addition to the block size scalability concern, information required to uniquely identify the blockchain-based
the storage capacity of peer nodes is another issue. The trans- transaction along with user’s identity [268].
action rate has a direct relation with the storage capacity of It has been widely believed that blockchain is safe as its
the participating nodes. With more nodes joining the network, transactions are executed with generated addresses instead of
the transaction rate would likely be higher and will require real identities [10]. Besides this, in [269] [51], it has been
more storage space on the peer nodes, which might be seen shown that the blockchain transactions do not ensure privacy
as a limitation from the perspective of the consumers [259]. since the transaction balances and values against public key(s)
It has been identified that blockchain technology is not remain available for all.
limited to cryptocurrencies, but there are various blockchain- In addition to the privacy-related issues, there are some
based prototype applications that are being used in domains security concerns related to blockchain technology. There are
such as IoT, Botnet, P2P broadcast protocols, smart property, certain scenarios that may affect the expected behavior of
and others. This shows the potential of blockchain technology the blockchain system. Consider the case where a miner-A
for various other industries. Currently, the size of blockchain- successfully generates two blocks but does not disclose it to
based applications, in terms of their user base, is relatively the peer honest network nodes, instead withholds these. We
small. Bitcoin is the largest solution based on the blockchain, may call these as secret/hidden or private blocks. The miner-A
but the transaction rate in bitcoin’s network in comparison releases these secret blocks when some honest nodes complete
to the traditional digital payment solutions is considerably mining of a new block (say grey block). After the release of
lower. However, in future, blockchain-based solutions could secret blocks, the miner-A successfully adds his two secret
be used by millions or trillions of individuals and the number blocks in the blockchain network (since the miner-A holds the
of transactions would increase drastically. Because of the the longest chain of honest network nodes), whereas the newly
distributed storage characteristic inherent in blockchains, it added grey block does not remain a part of honest blockchain
51 https://www.investopedia.com/tech/bitcoin-vs-bitcoin-cash-whats-difference/ 52 https://medium.com/edchain/what-is-sharding-in-blockchain-8afd9ed4cff0
 19

Fig. 6: Workflow of selfish mining attack

because the grey block does not hold the longest chain of projects. Therefore, sustainability scientists and blockchain
honest network nodes [270] [271]. This type of attack is called developers must discuss problems and solutions. More re-
selfish mining attack (see Figure 6 ) and this results in the search is needed to find energy efficient approaches for Bitcoin
undermining of the fair share of the block mining rewards mining. Behavioral and psychological research is required to
51% attack [12], [272], [273] is another type of attack on attain people’s trust in technology for cryptography. Most
blockchain systems. In this attack, a miner having more than importantly, lawyers and programmers must collaborate to
half (i.e, 51%) of network node’s computational resources formulate smart contracts and dictionaries will be necessary
dominates the blockchain system in terms of transaction that connect computer codes and legal languages.
generation, approval, and verification and thus paves the way
for fraudulent transactions generation [274].
E. Anonymity
In a blockchain system, the users utilize generated ad-
D. Sustainability Issues dresses, which are mostly in the form of public keys, for
Blockchain has attained an extraordinary amount of interest their unique identification over the blockchain network. The
and attention and a large number of industries are adopting blockchain users can generate their multiple addresses in order
this virtual digital ledger. However, it is still unclear that any to avoid the revelation of their real identities. These addresses
particular solution of blockchain can attain a certain level are generated in the form of cryptographic keys. The said keys
of adoption for their sustainability. As a new technology, are then used to send and receive blockchain based transactions
blockchain still facing operational, technical and its adoption- [275].
related issues. Similarly, there are also some aspects of Moreover, there is no central storage system for preserv-
blockchain technology that may need further modification or ing the user’s private identification details in the blockchain
development to attain its anticipated potential. For example, network. By this way, the privacy in blockchain system is
although blockchain does provide a reliable cryptocurrency maintained up-to certain extent, however, the user’s privacy
mechanism, it also adds latency to the network since the ver- protection is not guaranteed since the transaction amount
ification of the transaction requires consensus, which requires details and the blockchain-based cryptographic keys (i.e., used
a certain amount of computation and a certain amount of time. for user identification) along with their respective balances, are
The sustainability of blockchain is still uncertain for in- publicly visible [10].
ternational development projects, especially in developing The blockchain-based applications still do not completely
countries. These projects require a very large infrastructure guarantee the preservation of transactional anonymity. The
and involve various stakeholders, cross-border organizations, transactional transparency is impacted due to the lack of strong
governments, and public or private parties. In these scenarios, anonymity support for the end users [266]. In [269], the author
the practicality of blockchain is unclear and it is the time showed that the movements of blockchain-based transactions
to explore how blockchain will facilitate and sustain in such are traceable and thus do not possess enough anonymity [276].
 20

Few other anonymity tracing techniques are discussed in [277] detection and analysis of blockchain-related patterns. These
[82]. systems also help to improve security and privacy-related
concerns.
F. Use of Artificial Intelligence and Machine Learning It has also been reported in the challenges and limitations
of blockchain that the bitcoin API is difficult to use for the
Recent advancements in blockchain technology are making
developments [3]. Bitcoin users have to deal with public key
new ways for the involvement of AI and machine learning
cryptography that differs from the password-based authentica-
(ML) that can help to solve many challenges of blockchain
tion system. The usability of bitcoin key management also
with several important future applications [278]. Blockchains
presents fundamental challenges for end users [282]. This
is a technology that is being used to verify, execute and record
requires more research in the future to provide more ease to
the transaction. AI can help in understanding, recognizing,
the end users and the developers.
assessment decision making in the blockchain. Whereas ML
techniques could help to find ways to improve decision making
and smart contracts. For instance, AI can help to build an V. C ONCLUSION
intelligent oracle without the control of the third party. This In this paper, we provide a study on blockchain-based
would learn and train itself to make the smart contract smarter network applications, discuss their applicability, sustainability
[10]. The integration of AI and ML with blockchain will and scalability challenges. We also discuss some of the most
potentially create a new paradigm by accelerating the analysis prevalent and important legal ramifications of working with
enormous amount of data. Examples include automation of blockchain-based solutions. Additionally, this paper suggests
tokens creation, recommender systems, security enhancement, some future directions that will be helpful to support sustain-
etc. able blockchain-based solutions. At the time of writing, we
1) Use of Big Data Analytics: Recently, many companies believe that, blockchain is still in its infancy implying there
are focusing to adopt the blockchain technology in their frame- will be sometime spent before it gets ubiquitous and widely
works. This is creating new types of data for analysis by the adopted. However, the aim of this study is to provide a guiding
powerful tools of big data. There is a huge number of blocks— reference manual in a generic form to both the researches and
increasing rapidly and constantly throughout the globe. Each practitioners of the filed so that a more informed decision can
block is full of information (i.e., details of every financial be made either for conducting similar research or designing a
transaction) that can be used for analysis to explore thousands blockchain-based solution.
of patterns and trends. The blockchain is a technology that
provides integrity, but not analysis. By using big data, it will R EFERENCES
be possible to detect nefarious users with whom business
[1] M. Ali, “Trust-to-trust design of a new internet,” Ph.D. dissertation,
would be dangerous. Big data can also provide real-time fraud Princeton University, 2017.
detection based on the users’ records and history. The risky [2] E. B. Hamida, K. L. Brousmiche, H. Levard, and E. Thea, “Blockchain
transactions or malicious users can be detected quickly by for enterprise: Overview, opportunities and challenges,” ICWMC 2017,
p. 91, 2017.
using big data analytics. This will result in cost reduction for [3] M. Swan, Blockchain: Blueprint for a new economy. O’Reilly Media,
real-time transaction [279]. Furthermore, user trading patterns Inc., 2015.
can also be used to predict trading behaviors and potential [4] T. Mori, “Financial technology: blockchain and securities settlement,”
Journal of Securities Operations & Custody, vol. 8, no. 3, pp. 208–227,
partners for trade with the help of big data analytics [10]. 2016.
A good resource to conduct big data analysis on (real-time [5] D. Tapscott and A. Tapscott, “Realizing the potential of blockchain:
updated) data related to Ethereum and Bitcoin’s blockchain A multi stakeholder approach to the stewardship of blockchain and
cryptocurrencies,” http://www3.weforum.org/docs/WEF Realizing
is by using Google’s BigQuery53 ,54 . For more details on the Potential Blockchain.pdf, (Accessed on 20-May-2020).
applications of blockchain for enabling AI, the interested [6] G. W. Peters and E. Panayi, “Understanding modern banking ledgers
readers are referred to a comprehensive survey on this topic through blockchain technologies: Future of transaction processing and
smart contracts on the internet of money,” in Banking Beyond Banks
[20]. and Money. Springer, 2016, pp. 239–278.
[7] N. Badshah, “Facebook to contact 87 million users affected by
data breach,” https://www.theguardian.com/technology/2018/apr/08/
G. Usability and Key Management facebook-to-contact-the-87-million-users-affected-by-data-breach,
One of the primary challenges that any new technology April 2018, (Accessed on 20-May-2020).
[8] M. S. Ali, M. Vecchio, M. Pincheira, K. Dolui, F. Antonelli, and M. H.
faces is the usability. This issue is more acute in blockchain Rehmani, “Applications of blockchains in the internet of things: A
because of new architecture and high stakes. The transaction comprehensive survey,” IEEE Communications Surveys & Tutorials,
flow should be visible to users to analyze the whole transaction 2018.
[9] M. A. Ferrag, M. Derdour, M. Mukherjee, A. Derhab, L. Maglaras,
flows. This will improve the usability and help the individuals and H. Janicke, “Blockchain technologies for the internet of things:
to understand and analyze the whole blockchain network Research issues and challenges,” IEEE Internet of Things Journal,
[12]. There are some systems such as Bitconeview [280] 2018.
[10] Z. Zheng, S. Xie, H.-N. Dai, and H. Wang, “Blockchain challenges
and Bitiodine [281] that proved to be very effective for the and opportunities: A survey,” Work Paper, 2016.
[11] Y. Guo and C. Liang, “Blockchain application and outlook in the
53 https://cloud.google.com/blog/products/gcp/
banking industry,” Financial Innovation, vol. 2, no. 1, p. 24, 2016.
bitcoin-in-bigquery-blockchain-analytics-on-public-data [12] J. Yli-Huumo, D. Ko, S. Choi, S. Park, and K. Smolander, “Where
54 https://cloud.google.com/blog/products/data-analytics/ is current research on blockchain technology?—a systematic review,”
ethereum-bigquery-public-dataset-smart-contract-analytics PloS one, vol. 11, no. 10, p. e0163477, 2016.
 21

[13] M. Pilkington, “11 blockchain technology: principles and applications,” [37] U. Bodkhe, D. Mehta, S. Tanwar, P. Bhattacharya, P. K. Singh, and W.-
Research handbook on digital transformations, p. 225, 2016. C. Hong, “A survey on decentralized consensus mechanisms for cyber
[14] M. Nofer, P. Gomber, O. Hinz, and D. Schiereck, “Blockchain,” physical systems,” IEEE Access, vol. 8, pp. 54 371–54 401, 2020.
Business & Information Systems Engineering, vol. 59, no. 3, pp. 183– [38] J. Al-Jaroodi and N. Mohamed, “Blockchain in industries: A survey,”
187, 2017. IEEE Access, vol. 7, pp. 36 500–36 515, 2019.
[15] Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, “An overview of [39] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.
blockchain technology: Architecture, consensus, and future trends,” in [40] P. Rogaway and T. Shrimpton, “Cryptographic hash-function basics:
Big Data (BigData Congress), 2017 IEEE International Congress on. Definitions, implications, and separations for preimage resistance,
IEEE, 2017, pp. 557–564. second-preimage resistance, and collision resistance,” in International
[16] I.-C. Lin and T.-C. Liao, “A survey of blockchain security issues and workshop on fast software encryption. Springer, 2004, pp. 371–388.
challenges.” IJ Network Security, vol. 19, no. 5, pp. 653–659, 2017. [41] “Descriptions of sha-256, sha-384, and sha-512,” https:
[17] D. Miraz and M. Ali, “Applications of blockchain technology be- //web.archive.org/web/20130526224224/http://csrc.nist.gov/groups/
yond cryptocurrency,” Annals of Emerging Technologies in Computing STM/cavp/documents/shs/sha256-384-512.pdf, (Accessed on 20-May-
(AETiC), vol. 2, pp. 1–6, 01 2018. 2020).
[18] Y. Yuan and F.-Y. Wang, “Blockchain and cryptocurrencies: Model, [42] J. Chen and S. Micali, “Algorand,” arXiv preprint arXiv:1607.01341,
techniques, and applications,” IEEE Transactions on Systems, Man, 2016.
and Cybernetics: Systems, vol. 48, no. 9, pp. 1421–1428, 2018. [43] S. De Angelis, L. Aniello, R. Baldoni, F. Lombardi, A. Margheri, and
[19] K. Wüst and A. Gervais, “Do you need a blockchain?” in 2018 Crypto V. Sassone, “Pbft vs proof-of-authority: Applying the cap theorem to
Valley Conference on Blockchain Technology (CVCBT). IEEE, 2018, permissioned blockchain,” 2018.
pp. 45–54. [44] P. Ekparinya, V. Gramoli, and G. Jourjon, “The attack of the clones
[20] K. Salah, M. H. Rehman, N. Nizamuddin, and A. Al-Fuqaha, against proof-of-authority,” arXiv preprint arXiv:1902.10244, 2019.
“Blockchain for AI: Review and open research challenges,” IEEE [45] M. Castro and B. Liskov, “Practical byzantine fault tolerance and
Access, pp. 1–1, 2019. proactive recovery,” ACM Transactions on Computer Systems (TOCS),
[21] J. Xie, H. Tang, T. Huang, F. R. Yu, R. Xie, J. Liu, and Y. Liu, “A survey vol. 20, no. 4, pp. 398–461, 2002.
of blockchain technology applied to smart cities: Research issues and [46] L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making
challenges,” IEEE Communications Surveys & Tutorials, vol. 21, no. 3, smart contracts smarter,” in Proceedings of the 2016 ACM SIGSAC
pp. 2794–2830, 2019. Conference on Computer and Communications Security. ACM, 2016,
[22] W. Wang, D. T. Hoang, P. Hu, Z. Xiong, D. Niyato, P. Wang, Y. Wen, pp. 254–269.
and D. I. Kim, “A survey on consensus mechanisms and mining strategy [47] A. Bahga and V. K. Madisetti, “Blockchain platform for industrial
management in blockchain networks,” IEEE Access, vol. 7, pp. 22 328– Internet of Things,” J. Softw. Eng. Appl, vol. 9, no. 10, p. 533, 2016.
22 370, 2019. [48] “Solidity — solidity 0.6.9 documentation,” https://solidity.readthedocs.
[23] W. Yang, E. Aghasian, S. Garg, D. Herbert, L. Disiuta, and B. Kang, “A io/en/develop/, (Accessed on 20-May-2020).
survey on blockchain-based internet service architecture: Requirements,
[49] D. Bargar, “The Economics of the Blockchain: A study of its engineer-
challenges, trends, and future,” IEEE Access, vol. 7, pp. 75 845–75 872,
ing and transaction services marketplace,” Ph.D. dissertation, Clemson
2019.
University, 2016.
[24] R. Yang, F. R. Yu, P. Si, Z. Yang, and Y. Zhang, “Integrated blockchain
[50] G. Wood, “Ethereum: A secure decentralised generalised transaction
and edge computing systems: A survey, some research issues and
ledger,” Ethereum project yellow paper, vol. 151, pp. 1–32, 2014.
challenges,” IEEE Communications Surveys & Tutorials, vol. 21, no. 2,
[51] A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou, “Hawk:
pp. 1508–1532, 2019.
The blockchain model of cryptography and privacy-preserving smart
[25] M. Belotti, N. Božić, G. Pujolle, and S. Secci, “A vademecum on
contracts,” in IEEE Symposium on Security and Privacy (SP), 2016.
blockchain technologies: When, which, and how,” IEEE Communica-
IEEE, 2016, pp. 839–858.
tions Surveys & Tutorials, vol. 21, no. 4, pp. 3796–3838, 2019.
[26] H.-N. Dai, Z. Zheng, and Y. Zhang, “Blockchain for internet of things: [52] “ethereum-homestead.pdf,” https://buildmedia.readthedocs.org/media/
A survey,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 8076– pdf/ethereum-homestead/latest/ethereum-homestead.pdf, (Accessed on
8094, 2019. 20-May-2020).
[27] M. Wu, K. Wang, X. Cai, S. Guo, M. Guo, and C. Rong, “A [53] H. Kakavand and N. Kost De Sevres, “The blockchain revolution:
comprehensive survey of blockchain: From theory to iot applications An analysis of regulation and technology related to distributed ledger
and beyond,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 8114– technologies,” 2016.
8154, 2019. [54] V. Buterin et al., “A next-generation smart contract and decentralized
[28] W. Viriyasitavat, L. Da Xu, Z. Bi, and D. Hoonsopon, “Blockchain application platform,” White Paper, 2014.
technology for applications in internet of things—mapping from system [55] “Three things cios need to know about the blockchain busi-
design perspective,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. ness value forecast,” https://www.gartner.com/en/documents/3776763/
8155–8168, 2019. three-things-cios-need-to-know-about-the-blockchain-busi, (Accessed
[29] M. B. Mollah, J. Zhao, D. Niyato, K.-Y. Lam, X. Zhang, A. M. on 20-May-2020).
Ghias, L. H. Koh, and L. Yang, “Blockchain for future smart grid: [56] “Instantly move money to all corners of the world — ripple,” https:
A comprehensive survey,” IEEE Internet of Things Journal, 2020. //ripple.com/, (Accessed on 20-May-2020).
[30] Y. Liu, F. R. Yu, X. Li, H. Ji, and V. C. Leung, “Blockchain and [57] M. Kuperberg, “Blockchain-based identity management: A survey
machine learning for communications and networking systems,” IEEE from the enterprise and ecosystem perspective,” IEEE Transactions on
Communications Surveys & Tutorials, 2020. Engineering Management, 2019.
[31] T. Neudecker and H. Hartenstein, “Network layer aspects of per- [58] D. Khovratovich and J. Law, “Sovrin: digital identities in the
missionless blockchains,” IEEE Communications Surveys & Tutorials, blockchain era,” Github Commit by jasonalaw October, vol. 17, 2017.
vol. 21, no. 1, pp. 838–857, 2019. [59] J. Camenisch and A. Lysyanskaya, “Dynamic accumulators and ap-
[32] L. Lao, Z. Li, S. Hou, B. Xiao, S. Guo, and Y. Yang, “A survey of iot plication to efficient revocation of anonymous credentials,” in Annual
applications in blockchain systems: Architecture, consensus, and traffic International Cryptology Conference. Springer, 2002, pp. 61–76.
modeling,” ACM Computing Surveys (CSUR), vol. 53, no. 1, pp. 1–32, [60] J. Camenisch, M. Kohlweiss, and C. Soriente, “An accumulator based
2020. on bilinear maps and efficient revocation for anonymous credentials,”
[33] J. Kolb, M. AbdelBaky, R. H. Katz, and D. E. Culler, “Core concepts, in International workshop on public key cryptography. Springer, 2009,
challenges, and future directions in blockchain: A centralized tutorial,” pp. 481–500.
ACM Computing Surveys (CSUR), vol. 53, no. 1, pp. 1–39, 2020. [61] L. Lamport, R. Shostak, and M. Pease, “The byzantine generals
[34] A. A. Monrat, O. Schelén, and K. Andersson, “A survey of blockchain problem,” ACM Transactions on Programming Languages and Systems
from the perspectives of applications, challenges, and opportunities,” (TOPLAS), vol. 4, no. 3, pp. 382–401, 1982.
IEEE Access, vol. 7, pp. 117 134–117 151, 2019. [62] “Specification of the identity mixer cryptographic library version 2.3.0,”
[35] R. Zhang, R. Xue, and L. Liu, “Security and privacy on blockchain,” 2009,” https://domino.research.ibm.com/library/cyberdig.nsf/papers/
ACM Computing Surveys (CSUR), vol. 52, no. 3, pp. 1–34, 2019. EEB54FF3B91C1D648525759B004FBBB1/File/rz3730 revised.pdf,
[36] Y. Xiao, N. Zhang, W. Lou, and Y. T. Hou, “A survey of distributed (Accessed on 15-May-2020).
consensus protocols for blockchain networks,” IEEE Communications [63] J. Camenisch and E. Van Herreweghen, “Design and implementation
Surveys & Tutorials, 2020. of the idemix anonymous credential system,” in Proceedings of the 9th
 22

ACM conference on Computer and communications security, 2002, pp. [87] P. K. Sharma, S. Singh, Y.-S. Jeong, and J. H. Park, “Distblocknet: A
21–30. distributed blockchains-based secure sdn architecture for iot networks,”
[64] “A tool for rapid cryptographic prototyping,” http://charm-crypto.com/, IEEE Communications Magazine, vol. 55, no. 9, pp. 78–85, 2017.
(Accessed on 15-May-2020). [88] C. Qiu, F. R. Yu, H. Yao, C. Jiang, F. Xu, and C. Zhao, “Blockchain-
[65] H. Jin, X. Dai, and J. Xiao, “Towards a novel architecture for enabling based software-defined industrial internet of things: A dueling deep
interoperability amongst multiple blockchains,” in 2018 IEEE 38th q-learning approach,” IEEE Internet of Things Journal, vol. 6, no. 3,
International Conference on Distributed Computing Systems (ICDCS). pp. 4627–4639, 2018.
IEEE, 2018, pp. 1203–1211. [89] M. Samaniego and R. Deters, “Hosting virtual iot resources on edge-
[66] “Breaking blockchain open deloitte’s 2018 global blockchain survey,” hosts with blockchain,” in 2016 IEEE International Conference on
https://www2.deloitte.com/content/dam/Deloitte/us/Documents/ Computer and Information Technology (CIT). IEEE, 2016, pp. 116–
financial-services/us-fsi-2018-global-blockchain-survey-report.pdf, 119.
(Accessed on 20-May-2020). [90] S. K. Gnangnon and H. Iyer, “Does bridging the Internet access divide
[67] “Ibm news room - 2017-06-26 seven major european banks se- contribute to enhancing countries’ integration into the global trade in
lect ibm to bring blockchain-based trade finance to small and services markets?” Telecommunications Policy, 2017.
medium enterprises - united states,” https://www-03.ibm.com/press/us/ [91] M. Nekrasov, L. Parks, and E. Belding, “Limits to Internet freedoms:
en/pressrelease/52706.wss, (20-May-2020). Being heard in an increasingly authoritarian world,” in Proceedings of
[68] S. Tikhomirov, “Ethereum: state of knowledge and research perspec- the 2017 Workshop on Computing Within Limits. ACM, 2017, pp.
tives,” in International Symposium on Foundations and Practice of 119–128.
Security. Springer, 2017, pp. 206–221. [92] N. B. Weidmann, S. Benitez-Baleato, P. Hunziker, E. Glatz, and
X. Dimitropoulos, “Digital discrimination: Political bias in internet
[69] H. Zhu and Z. Z. Zhou, “Analysis and outlook of applications of
service provision across ethnic groups,” Science, vol. 353, no. 6304,
blockchain technology to equity crowdfunding in china,” Financial
pp. 1151–1155, 2016.
innovation, vol. 2, no. 1, p. 29, 2016.
[93] S. Park, “Digital inequalities in rural Australia: A double jeopardy of
[70] O. Jacobovitz, “Blockchain for identity management,” The Lynne and remoteness and social exclusion,” Journal of Rural Studies, vol. 54,
William Frankel Center for Computer Science Department of Computer pp. 399–407, 2017.
Science. Ben-Gurion University, Beer Sheva Google Scholar, 2016. [94] H. Klein, “Icann and internet governance: Leveraging technical coordi-
[71] L. Zavolokina, M. Dolata, and G. Schwabe, “Fintech transformation: nation to realize global public policy,” The Information Society, vol. 18,
How it-enabled innovations shape the financial sector,” in International no. 3, pp. 193–207, 2002.
Workshop on Enterprise Applications and Services in the Finance [95] P. Purkayastha and R. Bailey, “US control of the Internet: Problems
Industry. Springer, 2016, pp. 75–88. facing the movement to international governance,” Monthly Review,
[72] K. R. Özyılmaz and A. Yurdakul, “Integrating low-power iot devices to vol. 66, no. 3, p. 103, 2014.
a blockchain-based infrastructure: work-in-progress,” in Proceedings of [96] S. Jasper and J. Wirtz, “Cyber security,” in The Palgrave Handbook of
the Thirteenth ACM International Conference on Embedded Software Security, Risk and Intelligence. Springer, 2017, pp. 157–176.
2017 Companion. ACM, 2017, p. 13. [97] H. Patrick and Z. Fields, “A need for cyber security creativity,” Col-
[73] “Launching the ether sale — ethereum foundation blog,” https://blog. lective Creativity for Responsible and Sustainable Business Practice,
ethereum.org/2014/07/22/launching-the-ether-sale/, (Accessed on 20- pp. 42–61, 2017.
May-2020). [98] S. Karchefsky and H. R. Rao, “Toward a safer tomorrow: Cybersecurity
[74] “History of ethereum — ethereum homestead 0.1 documentation,” and critical infrastructure,” in The Palgrave Handbook of Managing
http://ethdocs.org/en/latest/introduction/history-of-ethereum.html, (Ac- Continuous Business Transformation. Springer, 2017, pp. 335–352.
cessed on 20-May-2020). [99] “Blockstack, building the decentralized computing network,” https://
[75] “Coinbase definition,” https://www.investopedia.com/terms/c/coinbase. blockstack.org/, (Accessed on 20-May-2020 ).
asp, (Accessed on 20-May-2020). [100] “Ammbr whitepaper v1.0,” http://ammbr.com/docs/20171018/Ammbr
[76] J. R. Hendrickson, T. L. Hogan, and W. J. Luther, “The political Whitepaper v2.1 18Oct2017.pdf, (Accessed on 20-May-2020).
economy of bitcoin,” Economic Inquiry, vol. 54, no. 2, pp. 925–939, [101] “Wikileaks.org taken down by us dns provider —
2016. netcraft news,” https://news.netcraft.com/archives/2010/12/03/
[77] “Bitcoin payment gateway api v0.3,” https://bitpay.com/downloads/ wikileaks-org-taken-down-by-us-dns-provider.html, (Accessed on
bitpayApi-0.3.pdf, (Accessed on 20-May-2020). 20-May-2020).
[78] “Cryptocurrencies timeline: a history of digital money,” [102] “Four rounds of ice domain name seizures and related controversies and
https://www.telegraph.co.uk/technology/digital-money/ opposition – berkeley technology law journal,” https://bit.ly/36qsA5H,
the-history-of-cryptocurrency/, (Accessed on 20-May-2020). (Accessed on 20-May-2020).
[79] “Bnak launches swiftcoin, electronic currency that [103] R. Bendrath and M. Mueller, “The end of the net as we know it?
is safer than cash — business wire,” https:// deep packet inspection and internet governance,” New Media & Society,
www.businesswire.com/news/home/20121119005937/en/ vol. 13, no. 7, pp. 1142–1160, 2011.
BNAK-Launches-Swiftcoin-Electronic-Currency-Safer-Cash, [104] L. DeNardis, “Hidden levers of internet control: An infrastructure-
(Accessed on 20-May-2020). based theory of internet governance,” Information, Communication &
Society, vol. 15, no. 5, pp. 720–738, 2012.
[80] D. B. Bruno, “System and method for providing a cryptographic plat-
[105] H. A. Kalodner, M. Carlsten, P. Ellenbogen, J. Bonneau, and
form for exchanging debt securities denominated in virtual currencies,”
A. Narayanan, “An Empirical Study of Namecoin and Lessons for
Jul. 27 2017, uS Patent App. 15/483,190.
Decentralized Namespace Design,” in WEIS. Citeseer, 2015.
[81] Y. Zhao, “Cryptocurrency brings new battles into the currency market,” [106] S. Angieri, A. Garcı́a-Martı́nez, B. Liu, Z. Yan, C. Wang, and M. Bag-
Future Internet (FI) and Innovative Internet Technologies and Mobile nulo, “A distributed autonomous organization for internet address
Communications (IITM), vol. 91, 2015. management,” IEEE Transactions on Engineering Management, 2019.
[82] D. Ron and A. Shamir, “Quantitative analysis of the full bitcoin trans- [107] M. Ali, J. C. Nelson, R. Shea, and M. J. Freedman, “Blockstack: A
action graph,” in International Conference on Financial Cryptography global naming and storage system secured by blockchains.” in USENIX
and Data Security. Springer, 2013, pp. 6–24. Annual Technical Conference, 2016, pp. 181–194.
[83] D. Yermack, “Is bitcoin a real currency? an economic appraisal,” in [108] “Namecoin,” https://www.namecoin.org/, (Accessed on 20-May-2020).
Handbook of digital currency. Elsevier, 2015, pp. 31–43. [109] “Namecoin - wikipedia,” https://en.wikipedia.org/wiki/Namecoin, (Ac-
[84] L. Wang and Y. Liu, “Exploring miner evolution in bitcoin network,” in cessed on 20-May-2020).
International Conference on Passive and Active Network Measurement. [110] A. Back et al., “Hashcash-a denial of service counter-measure,” 2002.
Springer, 2015, pp. 290–302. [111] J. A. Kroll, I. C. Davey, and E. W. Felten, “The economics of Bitcoin
[85] “Bitcoin’s quirky genesis block turns eight years old mining, or Bitcoin in the presence of adversaries,” in Proceedings of
today — featured bitcoin news,” https://news.bitcoin.com/ WEIS, vol. 2013, 2013, p. 11.
bitcoins-quirky-genesis-block-turns-eight-years-old-today/, (Accessed [112] S. S. Kirkman and R. Newman, “Using smart contracts and blockchains
on 20-May-2020). to support consumer trust across distributed clouds.”
[86] P. K. Sharma, M.-Y. Chen, and J. H. Park, “A software defined fog node [113] “The blocknet: Design specification,” https://www.blocknet.co/
based distributed blockchain cloud architecture for iot,” Ieee Access, wp-content/uploads/whitepaper/Blocknet Whitepaper.pdf, (Accessed
vol. 6, pp. 115–124, 2017. on 20-May-2020).
 23

[114] E. S. Stefan Thomas, “A protocol for interledger payments,” https: [141] H. Wei-hong, A. Meng, S. Lin, X. Jia-gui, and L. Yang, “Review of
//interledger.org/interledger.pdf, (Accessed on 11/01/2019). blockchain-based dns alternatives,” vol. 3, no. 3, pp. 71–77, 2017.
[115] K. Stine and M. Scholl, “E-mail security. an overview of threats and [142] “Home — blockchain education network (ben),” https://blockchainedu.
safeguards.” Journal of AHIMA, vol. 81, no. 4, pp. 28–30, 2010. org/, (Accessed on 06-Oct-2018).
[116] A. J. Ferguson, “Fostering e-mail security awareness: The west point [143] “Bigchaindb—the scalable blockchain database.” https:
carronade,” Educase Quarterly, vol. 28, no. 1, pp. 54–57, 2005. //www.bigchaindb.com/, (Accessed on 06-Oct-2018).
[117] C. Taylor, “Blockchain & email, access date: 06-Oct-2018,” http: [144] “Maidsafe—the new decentralized internet,” https://maidsafe.net/, (Ac-
//finteknews.com/blockchain-email/, 2016. cessed on 06-Oct-2018).
[118] F. Bersier and R. Bischof, “Email stamping: Gmelius blockchain ar- [145] “Filecoin,” https://filecoin.io/, (Accessed on 06-Oct-2018).
chitecture,” https://gmelius.com/email-stamping-blockchain.pdf, 2017, [146] “Ibm blockchain,” https://www.ibm.com/blockchain/, (Accessed on 06-
(Accessed on 06-Oct-2018). Oct-2018).
[119] F. Xia, L. T. Yang, L. Wang, and A. Vinel, “Internet of things,” [147] “Ibm watson IoT—private blockchain,” https://www.ibm.com/
International Journal of Communication Systems, vol. 25, no. 9, p. internet-of-things/platform/private-blockchain/, (Accessed on 06-Oct-
1101, 2012. 20187).
[120] T. M. Fernández-Caramés and P. Fraga-Lamas, “A review on the use of [148] “Chronicled,” https://www.chronicled.com/, (Accessed on 06-Oct-
blockchain for the internet of things,” IEEE Access, vol. 6, pp. 32 979– 2018).
33 001, 2018.
[149] “Elliptic,” https://www.elliptic.co/, (Accessed on 06-Oct-2018).
[121] A. W. Ahmed, M. M. Ahmed, O. A. Khan, and M. A. Shah, “A
[150] “Luxtrust,” https://www.luxtrust.lu/, (Accessed on 06-Oct-2018).
comprehensive analysis on the security threats and their countermea-
sures of IoT,” International Journal of Advanced Computer Science [151] “Data-centric security — guardtime industrial blockchain,” https://
and Applications, vol. 8, no. 7, pp. 489–501, 2017. guardtime.com/, (Accessed on 06-Oct-2018).
[122] J. A. Oravec, “Emerging “cyber hygiene” practices for the internet of [152] “Decentralized prediction markets — augur project,” https://augur.net/,
things (IoT): Professional issues in consulting clients and educating (Accessed on 06-Oct-2018).
users on IoT privacy and security,” in Professional Communication [153] “Lazooz,” http://lazooz.org/, (Accessed on 06-Oct-2018).
Conference (ProComm), 2017 IEEE International. IEEE, 2017, pp. [154] “Ubitquity - the first blockchain-secured platform for real estate
1–5. recordkeeping,” https://www.ubitquity.io/web/index.html, (Accessed on
[123] S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, 06-Oct-2018).
privacy and trust in internet of things: The road ahead,” Computer [155] “Stratumn — trust the process,” https://stratumn.com/, (Accessed on
Networks, vol. 76, pp. 146–164, 2015. 06-Oct-2018).
[124] A. Ukil, S. Bandyopadhyay, and A. Pal, “IoT-privacy: To be private [156] “Mycelia for music - for a fairtrade music industry,” http://
or not to be private,” in Computer Communications Workshops (IN- myceliaformusic.org/, (Accessed on 06-Oct-2018).
FOCOM WKSHPS), 2014 IEEE Conference on. IEEE, 2014, pp. [157] “Introducing gemos, your blockchain operating system.” https://gem.
123–124. co/, (Accessed on 06-Oct-2018).
[125] T. Pasquier, J. Singh, J. Powles, D. Eyers, M. Seltzer, and J. Bacon, [158] “Tierion - blockchain proof engine — api,” https://tierion.com/, (Ac-
“Data provenance to audit compliance with privacy policy in the cessed on 06-Oct-2018).
internet of things,” Personal and Ubiquitous Computing, vol. 22, no. 2, [159] “Provenance — technology,” https://www.provenance.org/technology,
pp. 333–344, 2018. (Accessed on 06-Oct-2018).
[126] N. Kshetri, “Can blockchain strengthen the internet of things?” IT [160] “Ujo,” https://ujomusic.com/, (Accessed on 06-Oct-2018).
Professional, vol. 19, no. 4, pp. 68–72, 2017. [161] “Skuchain - turn information into capital — turn information into
[127] S. Huckle, R. Bhattacharya, M. White, and N. Beloff, “Internet of capital,” http://www.skuchain.com/, (Accessed on 06-Oct-2018).
things, blockchain and shared economy applications,” Procedia com- [162] “Storj - decentralized cloud storage,” https://storj.io/, (Accessed on 06-
puter science, vol. 98, pp. 461–466, 2016. Oct-2018).
[128] J. Szefer and R. B. Lee, “Bitdeposit: Deterring attacks and abuses [163] “Gyft block - building gift cards 2.0 on blockchain technology,” https:
of cloud computing services through economic measures,” in Cluster, //block.gyft.com/, (Accessed on 06-Oct-2018).
Cloud and Grid Computing (CCGrid), 2013 13th IEEE/ACM Interna- [164] “Blocksafe™ - blockchain centric enhanced firearm network,” http:
tional Symposium on. IEEE, 2013, pp. 630–635. //www.blocksafefoundation.com/, (Accessed on 06-Oct-2018).
[129] J. Warren, “Bitmessage: A peer-to-peer message authentication and [165] “Bitgive foundation,” https://www.bitgivefoundation.org/, (Accessed on
delivery system,” white paper (27 November 2012), https:// bitmessage. 06-Oct-2018).
org/ bitmessage.pdf , 2012. [166] IBM, “Empowering the edge,” https://tinyurl.com/IBM-edge-report,
[130] D. Shrier, D. Sharma, and A. Pentland, “Blockchain & financial (Accessed on 06-Oct-2018).
services: The fifth horizon of networked innovation,” 2016.
[167] “Adept tech paper v10.3,” https://tinyurl.com/adept-white-paper, (Ac-
[131] P. Noizat, “Blockchain electronic vote,” Handbook of Digital Currency:
cessed on 06-Oct-2018).
Bitcoin, Innovation, Financial Instruments, and Big Data, p. 453, 2015.
[168] J. J. Karst and G. Brodar, “Connecting multiple devices with blockchain
[132] J. Kishigami, S. Fujimura, H. Watanabe, A. Nakadaira, and A. Akutsu,
in the internet of things.”
“The blockchain-based digital content distribution system,” in Big
Data and Cloud Computing (BDCloud), 2015 IEEE Fifth International [169] “Filament foundations.pages,” https://tinyurl.com/filament-report, (Ac-
Conference on. IEEE, 2015, pp. 187–190. cessed on 06-Oct-2018).
[133] K. Peterson, R. Deeduvanu, P. Kanjamala, and K. Boles, “A blockchain- [170] D. Wörner, T. Von Bomhard, Y.-P. Schreier, and D. Bilgeri, “The
based approach to health information exchange networks,” in Proc. bitcoin ecosystem: Disruption beyond financial services?” 2016.
NIST Workshop Blockchain Healthcare, vol. 1, 2016, pp. 1–10. [171] T. Bocek, B. B. Rodrigues, T. Strasser, and B. Stiller, “Blockchains
[134] A. Dorri, M. Steger, S. S. Kanhere, and R. Jurdak, “Blockchain: everywhere-a use-case of blockchains in the pharma supply-chain,” in
A distributed solution to automotive security and privacy,” IEEE Integrated Network and Service Management (IM), 2017 IFIP/IEEE
Communications Magazine, vol. 55, no. 12, pp. 119–125, 2017. Symposium on. IEEE, 2017, pp. 772–777.
[135] Y.-P. Lin, J. R. Petway, J. Anthony, H. Mukhtar, S.-W. Liao, C.-F. [172] P. Gonczol, P. Katsikouli, L. Herskind, and N. Dragoni, “Blockchain
Chou, and Y.-F. Ho, “Blockchain: The evolutionary next step for ict implementations and use cases for supply chains-a survey,” Ieee Access,
e-agriculture,” Environments, vol. 4, no. 3, p. 50, 2017. vol. 8, pp. 11 856–11 871, 2020.
[136] X. Xu, C. Pautasso, L. Zhu, V. Gramoli, A. Ponomarev, A. B. Tran, [173] B. França, “Homomorphic mini-blockchain scheme,” 2015.
and S. Chen, “The blockchain as a software connector,” in 13th [174] “Dpos description on bitshares,” ttps://how.bitshares.works/en/master/
Working IEEE/IFIP Conference on Software Architecture (WICSA), technology/dpos.html, (Accessed on 27-May-2020).
2016. IEEE, 2016, pp. 182–191. [175] S. Dziembowski, S. Faust, V. Kolmogorov, and K. Pietrzak, “Proofs of
[137] J. Mattila et al., “The blockchain phenomenon–the disruptive potential space,” in Annual Cryptology Conference. Springer, 2015, pp. 585–
of distributed consensus architectures,” The Research Institute of the 605.
Finnish Economy, Tech. Rep., 2016. [176] X. Fan and Q. Chai, “Roll-dpos: a randomized delegated proof of stake
[138] “Openbazaar: Online marketplace — peer-to-peer ecommerce,” https: scheme for scalable blockchain-based internet of things systems,” in
//www.openbazaar.org/, (Accessed on 06-Oct-2018). Proceedings of the 15th EAI International Conference on Mobile and
[139] “Atlas,” https://atlas.money/, (Accessed on 06-Oct-2018). Ubiquitous Systems: Computing, Networking and Services, 2018, pp.
[140] “Sia,” http://sia.tech/, (Accessed on 06-Oct-2018). 482–484.
 24

[177] C. Xu, K. Wang, and M. Guo, “Intelligent resource management in [205] “Steemwhitepaper.pdf,” https://steem.io/SteemWhitePaper.pdf, (Ac-
blockchain-based cloud datacenters,” IEEE Cloud Computing, vol. 4, cessed on 06-Oct-2018).
no. 6, pp. 50–59, 2017. [206] R. Dennis and G. Owen, “Rep on the block: A next generation reputa-
[178] Q. Xia, E. B. Sifah, K. O. Asamoah, J. Gao, X. Du, and M. Guizani, tion system based on the blockchain,” in 10th International Conference
“Medshare: Trust-less medical data sharing among cloud service for Internet Technology and Secured Transactions (ICITST). IEEE,
providers via blockchain,” IEEE Access, vol. 5, pp. 14 757–14 767, 2015, pp. 131–138.
2017. [207] Accenture, “2017 cost of cyber crime study,” https://tinyurl.com/
[179] P. Jiang, F. Guo, K. Liang, J. Lai, and Q. Wen, “Searchain: Blockchain- CostCyberCrimeStudy, (Accessed on 06-Oct-2018).
based private keyword search in decentralized storage,” Future Gener- [208] Deloitte, “Blockchain & cyber security,” https://goo.gl/2BXkDb, 2017,
ation Computer Systems, vol. 107, pp. 781–792, 2020. (Accessed on 06-Oct-2018).
[180] N. Tapas, G. Merlino, and F. Longo, “Blockchain-based iot-cloud [209] S. Myers, “Block-by-block: Leveraging the power of blockchain tech-
authorization and delegation,” in 2018 IEEE International Conference nology to build trust and promote cyber peace,” Yale JL & Tech.,
on Smart Computing (SMARTCOMP). IEEE, 2018, pp. 411–416. vol. 19, pp. 334–334, 2017.
[181] O. Alphand, M. Amoretti, T. Claeys, S. Dall’Asta, A. Duda, G. Ferrari, [210] J. Liu and Z. Liu, “A survey on security verification of blockchain
F. Rousseau, B. Tourancheau, L. Veltri, and F. Zanichelli, “Iotchain: smart contracts,” IEEE Access, vol. 7, pp. 77 894–77 904, 2019.
A blockchain security architecture for the internet of things,” in 2018 [211] “Tezos: A Self-Amending Crypto-Ledger, access date: 06-Oct-2018,”
IEEE Wireless Communications and Networking Conference (WCNC). https://tezos.com/static/papers/position paper.pdf, 2014.
IEEE, 2018, pp. 1–6. [212] “White paper v.0.1.pdf - google drive,” https://drive.google.com/file/
[182] L. Seitz, G. Selander, E. Wahlstroem, S. Erdtman, and H. Tschofenig, d/0B1jTRGmj 3khUV9RTERnYzNvaE0/view, (Accessed on 06-Oct-
“Authentication and authorization for constrained environments (ace),” 2018).
Internet Engineering Task Force, Internet-Draft draft-ietf-aceoauth- [213] “Ksi data sheet,” https://tinyurl.com/KSI-data-sheet, (Accessed on
authz-07, 2017. 09/16/2017).
[183] M. Vučinić, B. Tourancheau, F. Rousseau, A. Duda, L. Damon, and [214] “Obsidian platform whitepaper,” https://tinyurl.com/
R. Guizzetti, “Oscar: Object security architecture for the internet of obsidian-white-paper, (Accessed on 06-Oct-2018).
things,” Ad Hoc Networks, vol. 32, pp. 3–16, 2015.
[215] G. C. Polyzos and N. Fotiou, “Blockchain-assisted information distri-
[184] J. Pouwelse, P. Garbacki, D. Epema, and H. Sips, “The bittorrent P2P bution for the internet of things.”
file-sharing system: Measurements and analysis,” in IPTPS, vol. 5.
[216] M. Conti, E. S. Kumar, C. Lal, and S. Ruj, “A survey on security and
Springer, 2005, pp. 205–216.
privacy issues of bitcoin,” IEEE Communications Surveys & Tutorials,
[185] R. Aitken, “Can decent’s ‘crypto-fuelled’ blockchain revolutionize
vol. 20, no. 4, pp. 3416–3452, 2018.
content & data distribution? accessed on 06-Oct-2018,” https://goo.gl/
[217] C. Fromknecht, D. Velicanu, and S. Yakoubov, “A decentralized public
hCtEm1, 2017.
key infrastructure with identity retention.” IACR Cryptology ePrint
[186] “Filecoin,” https://www.swarm.fund/, (Accessed on 15-May-2020).
Archive, vol. 2014, p. 803, 2014.
[187] “Filecoin,” https://ipfs.io/, (Accessed on 15-May-2020).
[218] J. Prins and B. U. Cybercrime, “Diginotar certificate authority
[188] “Storj - decentralized cloud storage,” https://storj.io/, (Accessed on 06-
breach’operation black tulip’,” 2011.
Oct-2018).
[219] D. Fisher, “Final report on diginotar hack shows total compromise of
[189] “Filecoin,” http://blockscores.com/, (Accessed on 15-May-2020).
CA servers,” ThreatPost, Oct, vol. 31, 2012.
[190] “Filecoin,” https://nextcloud.com/, (Accessed on 15-May-2020).
[220] “Trustwave sold root certificate for surveillance — zdnet,” http://www.
[191] M. Crosby, P. Pattanayak, S. Verma, and V. Kalyanaraman, “Blockchain
zdnet.com/article/trustwave-sold-root-certificate-for-surveillance/,
technology: Beyond bitcoin,” Applied Innovation, vol. 2, pp. 6–10,
(Accessed on 06-Oct-2018).
2016.
[221] “Debian – security information – dsa-1571-1 openssl,” https://www.
[192] S. Wilkinson, J. Lowry, and T. Boshevski, “Metadisk a blockchain-
debian.org/security/2008/dsa-1571, (Accessed on 06-Oct-2018).
based decentralized file storage application,” Technical Report, Avail-
able: http://metadisk.org/metadisk.pdf, Tech. Rep., 2014. [222] N. Falliere, “w32 stuxnet dossier.pdf,” http://www.symantec.com/
[193] L. M. Kaufman, “Data security in the world of cloud computing,” IEEE content/en/us/enterprise/media/security response/whitepapers/w32
Security & Privacy, vol. 7, no. 4, 2009. stuxnet dossier.pdf, February 2011, (Accessed on 06-Oct-2018).
[194] B. R. Kandukuri, A. Rakshit et al., “Cloud security issues,” in Services [223] L. Seltzer, “Securing your private keys as best practice for code signing
Computing, 2009. SCC’09. IEEE International Conference on. IEEE, certificates,” 2013.
2009, pp. 517–520. [224] B. Bencsáth, G. Pék, L. Buttyán, and M. Félegyházi, “Duqu: A stuxnet-
[195] S. Subashini and V. Kavitha, “A survey on security issues in service like malware found in the wild,” CrySyS Lab Technical Report, vol. 14,
delivery models of cloud computing,” Journal of network and computer pp. 1–60, 2011.
applications, vol. 34, no. 1, pp. 1–11, 2011. [225] B. Bencsáth, G. Pék, L. Buttyán, and M. Felegyhazi, “The cousins of
[196] Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, “Enabling public ver- stuxnet: Duqu, flame, and gauss,” Future Internet, vol. 4, no. 4, pp.
ifiability and data dynamics for storage security in cloud computing,” 971–1003, 2012.
Computer Security–ESORICS 2009, pp. 355–370, 2009. [226] B. Bencsáth, G. Pék, L. Buttyán, and M. Félegyházi, “Duqu: Analysis,
[197] C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving public detection, and lessons learned,” in ACM European Workshop on System
auditing for data storage security in cloud computing,” in Infocom 2010. Security (EuroSec), vol. 2012, 2012.
IEEE, 2010, pp. 1–9. [227] M. Faisal and M. Ibrahim, “Stuxnet, duqu and beyond,” International
[198] K. Gai, J. Guo, L. Zhu, and S. Yu, “Blockchain meets cloud computing: Journal of Science and Engineering Investigations, vol. 1, no. 2, pp.
A survey,” IEEE Communications Surveys & Tutorials, 2020. 75–78, 2012.
[199] Q. Wang, H. Wang, and B. Zheng, “An efficient distributed storage [228] M. Schmid, “ECDSA-application and implementation failures,” https:
strategy for blockchain,” in Proceedings of the ACM Turing Celebration //tinyurl.com/SchmidProject, accessed on 6-Oct-2018.
Conference-China, 2019, pp. 1–5. [229] L. Axon, “Privacy-awareness in blockchain-based PKI,” Oxford Uni-
[200] C. Dong, Y. Wang, A. Aldweesh, P. McCorry, and A. van Moorsel, versity Center for Doctoral Training (CDT) in Cyber Security: CDT
“Betrayal, distrust, and rationality: Smart counter-collusion contracts Technical Paper, 2015.
for verifiable cloud computing,” in Proceedings of the 2017 ACM [230] B. Qin, J. Huang, Q. Wang, X. Luo, B. Liang, and W. Shi, “Cecoin:
SIGSAC Conference on Computer and Communications Security, 2017, A decentralized PKI mitigating MitM attacks,” Future Generation
pp. 211–227. Computer Systems, 2017.
[201] “Filecoin: A decentralized storage network, access date: 06-Oct-2018.” [231] “Ethereum,” https://github.com/ethereum/wiki/wiki/Patricia-Tree, (Ac-
[202] Statista, “Number of social media users worldwide 2010–2021,” https: cessed on 06-Oct-2018).
//tinyurl.com/statista-worldwide, (Accessed on 06-Oct-2018). [232] L. Axon and M. Goldsmith, “PB-PKI: a privacy-aware blockchain-
[203] M. Fire, R. Goldschmidt, and Y. Elovici, “Online social networks: based PKI.”
threats and solutions,” IEEE Communications Surveys & Tutorials, [233] M. Al-Bassam, “SCPKI: A Smart Contract-based PKI and Identity
vol. 16, no. 4, pp. 2019–2036, 2014. System,” in Proceedings of the ACM Workshop on Blockchain, Cryp-
[204] “mit blockchain and infrastructure report.pdf,” https://www. tocurrencies and Contracts. ACM, 2017, pp. 35–40.
getsmarter.com/blog/wp-content/uploads/2017/07/mit blockchain [234] H. Tewari, A. Hughes, S. Weber, and T. Barry, “X509Cloud-Framework
and infrastructure report.pdf, (Accessed on 20-May-2020). for a Ubiquitous PKI.”
 25

[235] S. Matsumoto and R. M. Reischuk, “IKP: Turning a PKI Around with [264] C. Davids, V. K. Gurbani, G. Ormazabal, A. Rollins, K. Singh, and
Blockchains,” IACR Cryptology ePrint Archive, vol. 2016, p. 1018, R. State, “Research topics related to real-time communications over 5g
2016. networks,” 2016.
[236] S. Underwood, “Blockchain beyond bitcoin,” Communications of the [265] E. Duffield and K. Hagan, “Darkcoin: Peertopeer cryptocurrency with
ACM, vol. 59, no. 11, pp. 15–17, 2016. anonymous blockchain transactions and an improved proofofwork sys-
[237] P. Yeoh and P. Yeoh, “Regulatory issues in blockchain technology,” tem,” Mar-2014 [Online]. Available: https:// cryptopapers.info/ assets/
Journal of Financial Regulation and Compliance, vol. 25, no. 2, pp. pdf/ darkcoin.pdf [Accessed: 06-Oct-2018], 2014.
196–208, 2017. [266] P. De Filippi, “The interplay between decentralization and privacy: the
[238] “Abra,” https://www.abra.com/, (Accessed on 06-Oct-2018). case of blockchain technologies,” 2016.
[239] J. S. Cermeño, “Blockchain in financial services: Regulatory landscape [267] H. Wang, K. Chen, and D. Xu, “A maturity model for blockchain
and future challenges for its commercial application,” Working Paper, adoption,” Financial Innovation, vol. 2, no. 1, p. 12, 2016.
Tech. Rep., 2016. [268] S. Goldfeder, H. Kalodner, D. Reisman, and A. Narayanan, “When
[240] K. Bharadwaj, “Blockchain 2.0: Smart contracts,” 2016. the cookie meets the blockchain: Privacy risks of web payments via
[241] A. Wright and P. De Filippi, “Decentralized blockchain technology and cryptocurrencies,” Proceedings on Privacy Enhancing Technologies,
the rise of lex cryptographia,” 2015. vol. 2018, no. 4, pp. 179–199, 2018.
[269] S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy,
[242] J. Sebastian et al., “Blockchain in financial services: Regulatory
G. M. Voelker, and S. Savage, “A fistful of bitcoins: characterizing
landscape and future challenges,” Tech. Rep., 2016.
payments among men with no names,” in Proceedings of the 2013
[243] V. Meguerditchian, “Roadmap for blockchain standards,” https://goo. conference on Internet measurement conference. ACM, 2013, pp.
gl/zbv6p6, March 2017, (Accessed on 06-Oct-2018). 127–140.
[244] J. de Kruijff and H. Weigand, “Understanding the blockchain using [270] R. Pass and E. Shi, “Fruitchains: A fair blockchain,” in Proceedings of
enterprise ontology,” in International Conference on Advanced Infor- the ACM Symposium on Principles of Distributed Computing. ACM,
mation Systems Engineering. Springer, 2017, pp. 29–43. 2017, pp. 315–324.
[245] A. Deshpande, K. Stewart, L. Lepetit, and S. Gunashekar, “Under- [271] I. Eyal and E. G. Sirer, “Majority is not enough: Bitcoin mining is
standing the landscape of distributed ledger technologies/blockchain,” vulnerable,” in International conference on financial cryptography and
2017. data security. Springer, 2014, pp. 436–454.
[246] D. Tapscott and A. Tapscott, Blockchain Revolution: How the tech- [272] D. Bradbury, “The problem with bitcoin,” Computer Fraud & Security,
nology behind Bitcoin is changing money, business, and the world. vol. 2013, no. 11, pp. 5–8, 2013.
Penguin, 2016. [273] M. Bastiaan, “Preventing the 51%-attack: a stochastic analysis of two
[247] G. of UK HMRC, “Revenue and customs brief 9 (2014): Bitcoin and phase proof of work in bitcoin.”
other cryptocurrencies - gov.uk,” https://goo.gl/QSz2GL, March 2014, [274] J. J. Xu, “Are blockchains immune to all malicious attacks?” Financial
(Accessed on 06-Oct-2018). Innovation, vol. 2, no. 1, p. 25, 2016.
[248] F. C. E. Network, “Application of fincen’s regulations to persons [275] P. Koshy, D. Koshy, and P. McDaniel, “An analysis of anonymity
administering, exchanging, or using virtual currencies,” United States in bitcoin using p2p network traffic,” in International Conference on
Department of the Treasury, March, vol. 18, 2013. Financial Cryptography and Data Security. Springer, 2014, pp. 469–
[249] A. Guadamuz and C. Marsden, “Blockchains and bitcoin: Reg- 485.
ulatory responses to cryptocurrencies,” First Monday, vol. 20, [276] J. Herrera-Joancomartı́, “Research and challenges on bitcoin
no. 12, 2015. [Online]. Available: http://journals.uic.edu/ojs/index.php/ anonymity,” in Data Privacy Management, Autonomous Spontaneous
fm/article/view/6198 Security, and Security Assurance. Springer, 2015, pp. 3–16.
[250] E. Securities and M. Authority, “Discussion paper: The distributed [277] F. Reid and M. Harrigan, “An analysis of anonymity in the bitcoin
ledger technology applied to securities markets,” https://goo.gl/jHncDb, system,” in Security and privacy in social networks. Springer, 2013,
June 2016, (Accessed on 06-Oct-2018). pp. 197–223.
[251] M. Walport, “Distributed ledger technology: Beyond blockchain. uk [278] M. Rahouti, K. Xiong, and N. Ghani, “Bitcoin concepts, threats, and
government office for science,” Tech. Rep, Tech. Rep., 2016. machine-learning security solutions,” IEEE Access, vol. 6, pp. 67 189–
[252] “Official GDPR Document,” Official Journal of the European Union, 67 205, 2018.
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX: [279] “Introduction to blockchains & what it means to big data,” https:
32016R0679&from=EN, (Accessed on 08-Nov-2018). //www.kdnuggets.com/2017/09/introduction-blockchain-big-data.html,
[253] J. Bacon, J. D. Michels, C. Millard, and J. Singh, “Blockchain (Accessed on 20-May-2020).
demystified,” SSRN: https://ssrn.com/abstract=3091218, 2017. [280] G. Di Battista, V. Di Donato, M. Patrignani, M. Pizzonia, V. Roselli,
[254] C. N. Informatique, “Blockchain,” https://www.cnil.fr/sites/default/ and R. Tamassia, “Bitconeview: visualization of flows in the bitcoin
files/atoms/files/blockchain en.pdf, (Accessed on 20/05/2020). transaction graph,” in Visualization for Cyber Security (VizSec), 2015
[255] Y. Sompolinsky and A. Zohar, “Accelerating bitcoin’s transaction IEEE Symposium on. IEEE, 2015, pp. 1–8.
processing fast money grows on trees,” Not Chains, 2013. [281] M. Spagnuolo, F. Maggi, and S. Zanero, “Bitiodine: Extracting in-
telligence from the bitcoin network,” in International Conference on
[256] K. Croman, C. Decker, I. Eyal, A. E. Gencer, A. Juels, A. Kosba,
Financial Cryptography and Data Security. Springer, 2014, pp. 457–
A. Miller, P. Saxena, E. Shi, E. G. Sirer et al., “On scaling decentralized
468.
blockchains,” in International Conference on Financial Cryptography
[282] S. Eshkandary, D. Barrera, E. Stobert, and J. Clark, “A first look at the
and Data Security. Springer, 2016, pp. 106–125.
usability of bitcoin key management,” NDSS Symposium 2015, 2015.
[257] “Tradeblock blog,” https://tinyurl.com/tradeblock-blog, (Accessed on
6-Oct-2018).
[258] I. Eyal, A. E. Gencer, E. G. Sirer, and R. Van Renesse, “Bitcoin-NG:
A scalable blockchain protocol.” in NSDI, 2016, pp. 45–59.
[259] C. D. R. Wattenhofer, “A fast and scalable payment network with
bitcoin duplex micropayment channels.”
[260] G. Yu, X. Wang, K. Yu, W. Ni, J. A. Zhang, and R. P. Liu, “Survey:
Sharding in blockchains,” IEEE Access, vol. 8, pp. 14 155–14 181,
2020.
[261] Sofia, “How the bitcoin lightning network could solve the blockchain
scalability problem, access date: 06-Oct-2018,” https://goo.gl/SqpMX4,
2016.
[262] I. Allison, “Meet bigchaindb: the scalable blockchain database’ hitting
one million writes per second, access date: 06-Oct-2018,” https://goo.
gl/iBWb0Y, 2016.
[263] L. Luu, V. Narayanan, C. Zheng, K. Baweja, S. Gilbert, and P. Saxena,
“A secure sharding protocol for open blockchains,” in Proceedings of
the 2016 ACM SIGSAC Conference on Computer and Communications
Security. ACM, 2016, pp. 17–30.