Certified Solution Architect Flashcards
1
Q
Name a language that can be used for each layer in a dApp
A
Front - HTML
Middle - JavaScript
Blockchain - Solidity
2
Q
What are function modifiers?
A
Can be used to limit access to or use if a function based on an account/node
3
Q
What is Ganache used for?
A
In memory blockchain testing (runs a simulated node)
4
Q
A DApp resembles a typical …………………..
A
Full stack web app
5
Q
Describe a dApp front end
A
User interface for interacting with your blockchain dApp
No special technology front-end requirements Presentation layer: HTML/CSS Mobile app Even Alexa
6
Q
Describe the technology of a dApp middle layer
A
Interface between the UI and the blockchain
Can use:
Node.js
Server side code
All comes to and from the blockchain is in byte-code
Middle layer abstracts the bytecide with JS libraries (e.g. Truffle)
7
Q
What is contained in a dApp middle layer?
A
Validation and exception handling
Business logic should live in this layer
8
Q
Which languages can you use for the middle layer?
A
Solidity/Viper to write the contracts
9
Q
Describe the blockchain layer of a dApp
A
Biggest learning curve
Contracts can call other contracts
10
Q
What is a centralised ledger?
A
Contains all the transactions
Controlled by a single entity
11
Q
Double-entry accounting is…
A
A record for tracking debits and credits.
12
Q
Blockchain is…(3)
A
A record keeping system
An event tracking system
A workflow platform
13
Q
Changing the data on any block will result in……..
A
A different hash
14
Q
Group Consensus is reached when how many members agree?
A
51% or more
15
Q
Blocks in Blockchain are “chained” together by:
A
By hashing the previous block and embedding that hash into the new block’s header
16
Q
Give 3 examples of Blockchain transactions
A
Two or more parties, exchange of monetary value such as cryptocurrency.
Two or more parties, but no exchange of monetary value such as updates to medical records.
One party announcing an important event such as supply chain management, business process automation, creation/auditing of financial records.
17
Q
A decentralized ledger acts as a …………………….., like a bank.
A
trust broker
18
Q
Blockchain was documented and released via a whitepaper by:
A
Satoshi Nakamoto
19
Q
Blockchain provides the same services as a traditional bank, except for:
A
Providing Certificates of Deposit
20
Q
Hyperledger and Ethereum both went live in which year?
A
2015
21
Q
What are the benefits of Blockchain?
A
Trust
Security
Decentralization
Immutability
22
Q
In Proof of Work consensus what happens when you add another node to the network?
A
Security time is increased by 1/N
Transaction time is increased by 1/N
(where N equals the number of nodes on network)
23
Q
The Private Key does what?
A
Used to sign any transaction that might be made by the holder of the key pair
24
Q
What is Cryptographic hashing?
A
A one-way function that encrypts information that can not be decrypted.
25
A 'hard fork' occurs when:
New Blockchain software is released which breaks or modifies existing rules.
Some nodes decide to keep a different version of the ledger then others
26
Proof of Stake consensus aims to do what? (3)
Improving transaction capacity
Lower energy consumption
Removing the need for specialized hardware
27
On a public Blockchain such as Ethereum, transactions are............ before they're added to the block.
validated
28
The Merkle Tree serves which important function in Blockchain?
It acts as an index, allowing transactions to be found quickly regardless of their location on the Blockchain
29
What are the key terms used in Cryptography? (4)
The secret
The key
The function
The cypher
30
A public closed Blockchain allows...
Many people to write, only a few can read
31
Blockless platforms offer which advantage?
Greater transaction processing capacity
32
Each block in a Blockchain is linked to what?
The preceeding block
33
Must users explicitly purchase gas before using a Blockchain solution?
No
34
Name the three main Ethereum token standards:
ERC20
ERC223
ERC721
35
A ......... Blockchain would be a good choice for situations where only a few people should be able to write data, but a large number of people should be able to consume that data.
private / open
36
Give an example for a 'blockless' platform:
IoTA
37
What happens if a function call runs out of gas?
The function rolls-back
| The user loses the gas
38
Which token standards is used for non-fungible, non-transferrable assets on the Ethereum Blockchain?
ERC721
39
An ............. Blockchain architecture should be used in cases where public verification is important.
Open
40
Blockchain Smart Contracts are analogous to:
Firmware
41
........... provide greater fault-tolerance than ..............
Public Blockchain networks
| Databases
42
Are Public Blockchains the ideal solutions when data sovereignty is a concerned?
No
43
Smart Contracts exist as ............... records on the Blockchain once deployed
permanent
44
Unlike conventional networks, Peer-to-Peer networks do not contain ...................................
both clients and servers.
45
Blockchain will be a better fit over a traditional database system when:
Public validation is required
Infinite scalability is needed
No single authority can or should own the data
46
When a Smart Contract is killed it…
No longer accepts new transactions but remains on the Blockchain forever
47
Hypermedia Distributed File System is …
A content-based addressing system
48
Name some primary network architectures:
Decentralized
Distributed
Centralized
49
DApp stands for
Decentralized Application
50
Remix is a browser-based IDE for editing Smart Contracts on which platform?
Ethereum
51
How do Smart Contracts access data outside the Blockchain?
Using Oracles
52
What does the middle layer of a Blockchain application contain?
Business logic
53
Does developing a user interface for a public Blockchain application require developers to learn new skills?
No
54
What are the two types of transactions in the Hyperledger Fabric?
Deploy and Invoke
55
To develop in Hyperledger, you use which tool?
Composer
56
What does DAO stands for?
Decentralized Autonomous Organization
57
Other tools and frameworks to be familiar with when building Blockchain applications include:
Ganache, Truffle and Web3.js
58
A good solution can and often does incorporate Blockchain along with .......................
more conventional technologies.
59
Which design artifact describes what a solution should do without focusing on how it should be done?
Functional requirements
60
Once a contract has been killed you cannot....
revive it
| Take funds out of it
61
Can a user can have multiple personas?
Yes
62
User stories will help to create:
Functional Requirements
63
Which design artifacts describes how a functional requirement will be fulfilled?
Technical requiement
64
What are the base columns you should have in your Task estimation worksheet?
Task Name
Task Owner
Estimated Time to Complete
Skillset Required/Role
65
List 3 Blockchain architecture fundamental questions?
BETTER - Does the use of Blockchain create a better end-user experience?
HEAVY USE - heavy use on day 1?
VIEW RIGHTS - Who needs to see the data? Who should NOT see the data?
66
............ Blockchains offer lower transaction speed than ......... Blockchains.
Public
| Private
67
According to the Sandwich Complexity Model, the bulk of the application logic should live at which layer?
Middle
68
Technology decisions do not .................. to design a good Blockchain solution.
made up-front
69
A modular design pattern for Smart Contracts is generally preferable unless which feature is desired?
Security
70
........ payments are the desired pattern for giving funds to a user.
Pull
71
What are some of the best practices for testing a Blockchain application?
Local testing -> test network -> production network
Use a local Blockchain tool like Ganache when doing development and initial testing
72
When developing a Blockchain application always align _____________ to your guiding principles.
Personas
73
What is the risk of using a Monolithic architecture for an application or Smart Contract?
There is a single attack surface or single point of failure
74
All Smart Contract function calls should be wrapped in:
Try / Catch statement
75
Is data on a public Blockchain is automatically encrypted?
No
76
Name an Ethereum test network
Ropsten
77
Name the types of bugs
Security
Logic
Integration
78
How can you add value to bug reports
Make them multimedia (a picture speaks a thousand words)
79
Traditional testing time should be scaled up how much in the Blockchain world?
5-10 times up
80
Shift-Left Testing is…
Involving your testers earlier in the project lifecycle.
81
Name the types of testing
Unit
Configuration
Regression
Stress
82
______________ should be the start of your test cases.
Personas
83
What is the ideal but not realistic target for test coverage of a Blockchain application?
100%
84
What is a bug bounty?
Offering a reward to others who find flaws, security holes or exploits in your code.
85
Name 3 Blockchain Testing best practices:
SEPARATE - (dev/test environments)
MULTIPLE times/views (from the point of view of multiple users)
State UNTESTED platforms (that are not supported by your Blockchain application)
86
What is the synchronicity or determinism problem?
When nodes do not execute a function at exactly the same time and thus the data retrieved from an Oracle is not consistent between the nodes.
(Only happens when the data being retrieved is changed frequently)
87
When is an Oracle most reliable?
When it is retrieving historical data
88
What is the Oracle-architecture pattern?
A method to access off chain external data and bring it onto the chain
89
Oracles are not part of the ..............
Consensus mechanism
90
What is a centralized ledger?
Contains transactions
Controlled by single entity
Anything in the world which has a financial value needs a ledger
91
What is a distributed ledger?
A database that is consensually shared and synchronized across multiple sites, institutions or geographies.
It allows transactions to have public "witnesses," thereby making a cyberattack more difficult.
92
What is the difference between a centralized and decentralized ledger?
Centralised and decentralised refer to control.
centralised controlled by one person or entity
Decentralised controlled by all or multiple persons or entities
93
What is the difference between decentralised and distributed?
Centralised/decentralised refer to CONTROL
Distributed refers to LOCATION (all on one server in one place, or distributed over multiple servers and geographical locations)
94
What is a block?
A block is like a page of a ledger or record book.
| Each time a block is ‘completed’, it gives way to the next block in the blockchain.
95
What is contained on a block?
```
Transactions
Height
Timestamp
Nonce
Hash of previous block
```
96
What is the difference between possession and ownership?
The main difference is:
Possession is requiring a physical custody or control of an object.
(library book in your possession)
Ownership is the right which grants a person an object.
(that is owned by the library)
97
What is the difference between Double vs. Triple Entry accounting?
Triple-entry accounting creates a link between the two double-entry systems documenting that the transactions in the two systems go together.
98
What is Group Consensus?
Consensus decision-making is a group decision-making process in which group members develop, and agree to support a decision in the best interest of the whole group or common goal.
99
How are blocks chained together?
Every block contains a hash of the previous block
100
Name three types of blockchain
Public
Private
Hybrid
101
Name 3 types of blockchain transaction
Involving transfer of value
Declaring an event
Not involving money
102
What are the benefits of blockchain? (5)
```
Greater transparency.
Enhanced security.
Improved traceability
Increased efficiency and speed
Reduced costs
```
103
What is Cryptography
Techniques for secure communication in the presence of third parties called adversaries.
104
What is Public Key Cryptography?
Public-key cryptography, or asymmetric cryptography, is a system that uses pairs of keys:
public keys which may be disseminated widely
private keys which are known only to the owner.
105
What is Cryptographic Hashing?
It is a mathematical algorithm that maps data of:
- arbitrary size to a bit string of a fixed size
- one-way function, that is practically infeasible to invert
106
What is Proof of Stake Consensus?
Consensus algorithm used to VALIDATE blocks
| First implemented in 2012.
107
What is entropy in relation to IDs?
Now entropy is said to be a measure of randomness to determine how difficult it is for an attacker to be successful.
108
Pending transactions on the Ethereum Blockchain are always ...
Ordered by the highest fee paid to lowest, and then written to the block in that order.
109
What are the weaknesses of blockchain?
```
Scalability
Excessive energy consumption
Slow transaction processing time
Cost of data storage
Get external triggers on chain
Getting currency off chain
```
110
What is the difference between a public key and a private key?
The public key can be shared with everyone
The sender will use the receivers public key to encrypt the contents and only the receiver
can unencrypt it with their private key.
The private key is kept secret.
It is used to unencrypt data encrypted with their public key
And to sign transactions to prove who they come from
111
How does blockchain enable trustless environments?
Parties do not need to trust each other or a third party
All information being transacted across the network is:
- independently verified
- immutably stored
112
What makes trustless environments viable?
```
combination of:
Proof of Work
cryptography
merkle chains
P2P networks
```
113
How is cryptographic hashing used to protect anonymity?
To complete
114
What is the nothing at stake problem?
Only happens in the event of a fork
The optimal strategy is to mine on every chain, so that the miner gets their reward no matter which fork wins.
An attacker may be able to send a transaction in exchange for some digital good, receive the good, then start a fork of the blockchain from one block behind the transaction and send the money to themselves instead.
Even with 1% of the total stake the attacker’s fork would win because everyone else is mining on both. This assumes a large number of economically interested miners
115
Summarise POS
The higher your balance, the higher the chance that you’ll forge the next block.
Actual block generation is randomized by the protocol.
Simple, fast, efficient, no energy waste, and it can even run on a low power device or cheap VPS node.
116
What is chain code?
Hyperledger name for smart Contract
117
How does gas work in relation to transaction time?
Wait longer = pay less gas
| Execute faster = pay more gas
118
All transactions on the Ethereum network cost a certain amount of gas, depending on the................. and the ............... of the contract one is trying to execute.
current demand for gas
| size and speed
119
Every transaction or smart contract executed on the Ethereum blockchain requires .........
Gas
120
Gas economics as a way to make sure that the network does not................... on securing pointlessly long-winding transactions. The gas system ..................... first by making their computational costs and rewards publicly known to the miners.
waste energy
| prioritizes important transactions
121
What is ERC?
A technical standard used for smart contracts on the Ethereum blockchain for implementing tokens
122
Name 5 blockless blockchains
```
Iota
Nano
Byteball
Travelflex
IOT chain
```
123
What technology is used in a blockless chain?
DAG
124
What is the main problem that blockless blockchains solve?
Scaleability
125
What is a distributed system?
A system whose components are located on different networked computers, which communicate and coordinate their actions by passing messages to one another
126
What is peer to peer?
A network of computers where each computer can act as a server for the others, allowing shared access to files and peripherals without the need for a central server.
127
What is Hypermedia Distributed File System?
Content-addressable, peer-to-peer method of storing and sharing hypermedia in a distributed file system.
128
Name a Hypermedia Distributed File System
IPFS
129
How can the IPFS system be accessed?
In a variety of ways, including via FUSE and over HTTP.
130
IPFS uses a ............... to track content across the entire web
Merkle tree
131
What is firmware development?
Firmware is part of the machine, and it would not function without it.
Having a dev with the mindset of a Firmware dev is crucial as like firmware Smart Contracts can not be changed therefore you have to get them right first time.
132
What is the Kill function?
A function to deactivate a smart Contract
133
How do you call a kill function?
Selfdestruct()
134
Can you transfer money out of a smart Contract when you kill it?
Yes...
Enter the address to transfer to in the function parameters
Selfdestruct(address)
135
When you implement a kill function to destroy a contract, ....................... lets you protect the contract from getting destroyed by the wrong person
checking the identity of the caller
136
Differences between Blockchain vs. Databases?
The primary difference between a blockchain and a database is centralization.
137
While all records secured on a database are ..................., each participant on a blockchain has a secured copy of all records and all changes so each user can view the .................. of the data.
centralized
| provenance
138
What is Data Sovereignty?
The idea that data are subject to the laws and governance structures within the nation it is collected.
Or
Data sovereignty is the concept that information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located.
139
What is a Decentralized App?
A.K.A - Smart Contract
A decentralized application is a computer application that runs on a distributed computing system.
140
What is user interaction layer?
Front end UI
141
DApps/products sit at the ........... and is the part that the consumer or user interacts with.
In this sense you could consider that it’s the currency (like ...........)
Or
The DApp that people use (like ...........)
top layer
Bitcoin
Cryptokitties
142
............ are where the DApps/products are built on. They make use of the rules of the ..................../ to form it’s basis and can be thought of taking the protocol down a specific use case (like supply chain for instance).
The platform will have chosen the protocol to build on, based on what it’s rules allow for.
Platforms
| protocol level
143
What is a protocol?
The set of rules that govern the network that the platforms and DApps sit on.
144
What is Remix?
An IDE that is web browser based that allows you to write Solidity smart contracts, then deploy and run the smart contract.
145
What is the set of collaboration tools for building blockchain business networks that make it simple and fast for business owners and developers to create smart contracts and blockchain applications to solve business problems?
Hyperledger Composer
146
What is an Oracle?
An agent that finds and verifies real-world occurrences and submits this information to a blockchain to be used by smart contracts.
- Provide external data
- Trigger smart contract executions when pre-defined conditions are met
147
What is Remix?
Remix is a Solidity IDE that’s used to write, compile and debug Solidity code.
148
What is Solidity?
Solidity is a high-level, contract-oriented programming language for writing smart contracts.
149
What is a Smart Contract?
A trust-less agreement between two parties that makes use of blockchain technology, to enforce the parties to adhere to the terms.
150
What is Mist?
The Ethereum Dapp browser
151
What are "Invoke" and "Deploy" transactions?
Hyperledger transactions
152
Name the 2 types of Hyperledger transactions
Invoke
| Deploy
153
What do deploy transactions do?
Installs chaincode to the chain
- Creates new chaincode and takes a program as parameter
- When a deploy transaction executes successfully, the chaincode has been installed “on” the blockchain.
154
What do invoke transactions do?
Calls a function on a chaincode Contract
- This may involve modifying the corresponding state, and returning an output.
155
What are Guiding Principles? (4)
Feature heavy/feature light?
Collaborative/Security focused?
Centralised support model/Decentralised?
Consistency/Specialisation?
156
Define the Feature heavy or feature light guiding principle
As much functionality as possible (like Excel)
Vs
Simple(like Google)
157
Define the Collaborative or Security focused guiding priciple
Communication, content sharing (Facebook)
Vs
Defined walls and boundaries (online banking)
158
Define the Centralised support model or Decentralised
Dedicated trained staff for support (for medical diagnostic app)
Vs
Forum to browse for answers (like Instagram)
159
Define the Consistency or Specialisation guiding principle
All uses have the same access and treated the same (Facebook)
vs
Different access for different roles. (World of Warcraft)
160
What is a problem with using hashes to anomyise data?
Hashes are deterministic and if there are limited inputs an attacker can use a brute force attack.
161
Ensuring anonymous record security relies on ............. which is just a fancy way of saying ...................
entropy
| randomness
162
If the anonymous record keys are................, or low on ............., then the attacker can simply brute force all possible keys and match them to record identifiers.
There is a way of militating against this threat with a security mechanism called a ..............
poorly constructed
entropy
salt
163
What is the name of the security mechanism that can help protect against attacks on anonymised data?
Salt
164
How does salt work?
A ‘salt’ is an extra piece of information that is baked into a hash record. If every single record has its own unique salt, then an attacker can’t crack all records in one pass.
165
Salt is useful in the case of.............. brute force attacks but less useful for .......... attacks.
large scale
| Single record
166
What is a disadvantage of using salt?
As the anonymised identifier depends on the salt, it is difficult to compare participants across multiple studies.
167
Salt is akin to a ............. in blockchain
Nonce
168
Name the block header fields (5)
```
Version
Last Block
Merkle Root
Timestamp
Target
```
169
What is Meta mask?
Browser extension wallet.
| Connects to Ethereum blockchain
170
What is the difference between a message and a transaction?
Message - between smart contracts
| Transaction - between external accounts
171
What are the functions of gas?
Incentivises noses to process contracts
Decentivises spam and other abuses
Helps prevent bad code or infinite loops (too expensive or gas runs out)
172
What are calling contracts?
Design pattern
When you have multiple versions of a smart Contract on the blockchain,
Middle layer is coupled to calling contract it decides which child contract to pass to.
173
What is the advantage of the calling contract?
Easier to manage multiple versions (to go to the current version where old ones exist)
And multiple versions simultaneously
174
How do calling contracts decide which contract to call?
Either logic in the calling contract
Or
Oracle to get info from external data source
175
What is the zero defects philosophy?
Do it right first time
| Cost of preventing problems is less than fixing them later
176
What is the purpose of regression testing?
To check for:
Reintroduction of old bugs
New bugs
177
What is regression testing?
Testing all code, including deployed code or code that hasn’t been changed to check for introduced or re-introduced bugs
178
What is Mocha?
JavaScript test framework
Runs on Node.js and in the browser
Allows asynchronous testing
179
What is Chai?
A BDD / TDD assertation library
For node and the browser
Can be paired with any javascript testing framework (e.g. Mocha)
Use:
assert.typeOf(foo, 'string');
180
What is BDD?
Behaviour driven development
181
Name the Chai interfaces (3)
Should
Expect
Assert
182
What assumptions must you not make with Smart Contracts?
That the contract has a 0 balance
That the variables are uninitialised
(because someone may have interacted with your contract before you)
183
What is a buffer overflow attack?
Each variable has an allocated amount of memory
When you exceed it, the variable will reset itself to the lowest number
(E.g. -127)
This can be used to steal money from a contract
184
Remember, anyone can .......... and .......... a function in your contract or deposit funds into a contract.
View
| Invoke
185
What is CI/CD?
Continuous Integration
| continuous delivery
186
What is GO?
A development language that can be used in Hyperledger Fabric
187
How is Contract data stored?
In hex
188
Automated testing allows you to test ............ not .............
Faster
| Better
189
In addition to testing your code, you should also test your. ............ and ...............
Documentation
| Support materials
190
Testing is not an expense but a .....................
Risk mitigation strategy
191
How is the creator of the next block is determined in POS?
By a RANDOMISED system that is, in part, dictated by:
HOW MUCH - cryptocurrency a user is holding
HOW LONG - they have been holding that particular currency.
192
What are the main advantages of proof of stake?
ENERGY EFFICIENCY
| SECURITY
