Blockchain Variables and Possible Attacks: A Technical Survey

Abstract

Blockchain technology has rapidly evolved as a cornerstone of decentralized computing, transforming how trust, data integrity, and transparency are achieved in digital ecosystems. However, despite extensive adoption, significant gaps remain in understanding how key blockchain variables, such as block size, consensus mechanisms, and network latency, affect system vulnerabilities and susceptibility to cyberattacks. This survey addresses this gap by combining qualitative and quantitative analyses across multiple blockchain environments. Using simulation tools such as Ganache and Bitcoin Core, and reviewing peer-reviewed studies from 2016 to 2024, the research systematically maps blockchain parameters to cyberattack vectors including 51% attacks, Sybil attacks, and double-spending. Findings indicate that design choices like block size, block interval, and consensus type substantially influence resilience against attacks. The Blockchain Variable Quantitative Risk Framework (BVQRF) introduced here integrates NIST’s cybersecurity principles with quantitative scoring to assess risks. This framework represents a novel contribution by operationalizing theoretical security constructs into actionable evaluation metrics, enabling predictive modeling and adaptive risk mitigation strategies for blockchain systems.

1. Introduction

Blockchain technology enables multiple participants to maintain a shared, tamper-resistant ledger without centralized control. It underpins applications such as cryptocurrencies, supply chain systems, voting mechanisms, and decentralized finance (DeFi). Its transparency and trustless design offer significant advantages, yet vulnerabilities persist due to flaws in configuration and protocol design.

Empirical studies, such as “Secure framework for land record management using blockchain technology” [1] and “A novel permissioned blockchain approach for scalable and privacy-preserving IoT authentication” [2], demonstrate that design weaknesses can expose networks to critical threats. Ref. [3] emphasize, blockchain’s potential to enhance transparency, integrity, and accountability is counterbalanced by its susceptibility to exploitation if governance and technical safeguards are insufficient.

Core variables including block size, creation interval, consensus mechanisms, and encryption methods directly affect blockchain performance and security [4]. Poorly configured parameters can enable attacks or degrade system resilience [5]. Major platforms such as Bitcoin, Ethereum, and Polkadot adjust these parameters to balance scalability and protection [6]. As Nakamoto observed, even a successful attacker cannot arbitrarily alter transactions or create new funds.

This study analyzes how blockchain design variables influence security risks and proposes strategies to mitigate them, emphasizing that a systematic understanding of these parameters is essential for developing resilient distributed ledger systems.

Objectives and Methodology

The main objectives of this study are to

• Identify and categorize key blockchain design variables.
• Map these variables to major attack vectors.
• Analyze how variable manipulation influences vulnerability through empirical examples and simulations.
• Propose mitigation strategies and design recommendations for future blockchain systems.

A mixed-methods approach is employed, combining qualitative analysis through a literature review of peer-reviewed studies and documented cyberattacks (2016–2024) and quantitative analysis via data modeling and visualization in simulated blockchain environments [7,8,9,10,11,12].

Simulation tools include Ganache, a private Ethereum testing framework, and Bitcoin Core [13], which validates and maintains consensus for the Bitcoin network [14]. An example of shared agreement (consensus) mechanisms is provided in

Table 1. Example of shared agreement (consensus).

Consensus	Description
Decentralized	Users independently run their own Bitcoin Core full nodes, enforcing identical rules to evaluate and validate the blockchain.
No voting	No voting occurs; all full nodes individually apply mathematical rules to decide the valid blockchain.

.

The case study examines blockchain attacks and their financial impact between 2016 and 2024 using the following tools:

-

Ganache is a private Ethereum environment used for controlled simulation of blockchain transactions.

-

Bitcoin Core validates transaction chains through consensus, ensuring only legitimate blocks are accepted while enhancing decentralization, privacy, and user security.

-

Python 3.12.3 with Matplotlib 3.9.2 used for data modeling and visualization [15].

-

Mythril and Slither are Ethereum smart contract analysis tools. Mythril 0.24.2 applies symbolic execution and taint analysis to detect vulnerabilities such as overflow and reentrancy, while Slither 0.10.4 performs static code analysis and identifies optimization opportunities within frameworks like Truffle and Hardhat. A schematic representation of the Slither algorithm is shown in Figure 1.

A schematic representation of the Slither algorithm is shown below:

2. Literature Review

Existing literature extensively explores blockchain’s technical evolution [16], yet limited attention is given to quantitative modeling of variable-specific vulnerabilities. Refs. [9,17] categorize security threats across consensus, data, and network layers, while Ref. [18] emphasize architectural dependence of attack surfaces. However, most prior studies adopt qualitative perspectives, leaving the relationship between blockchain configuration variables and attack likelihoods underexplored [19,20,21,22,23]. This study bridges that gap by developing a unified analytical framework, the BVQRF, which integrates prior security taxonomies with empirical case studies (from 2016 to 2024). By synthesizing research from both academic and applied contexts, this review establishes the theoretical foundation for the quantitative analysis presented herein.

3. Blockchain System

Blockchain, also known as Distributed Ledger Technology (DLT), enables digital storage and exchange of assets through interconnected data blocks. Each block securely links to the previous one, creating an immutable chain resistant to tampering. The technology ensures transparency, decentralization, and digital document integrity.

Unlike conventional systems where files are copied or transferred, blockchain distributes synchronized data across participants, preventing unauthorized alteration. As noted by [24] blockchain is “a method of recording information that makes it difficult or impossible to change, hack, or manipulate.”

Each block contains four core components:

-

Previous hash which links to the preceding block.

-

Transaction details that records processed transactions.

-

Nonce which is a random cryptographic number ensuring uniqueness.

-

Block hash which is a unique 256-bit identifier generated via hashing.

Mining involves solving cryptographic puzzles to validate transactions through proof-of-work, as described by [25]. The general structure of a blockchain [26] is illustrated in Figure 2. The first miner to find the correct hash receives a reward, reinforcing the network’s integrity and consensus.

3.1. Types of Blockchain

Blockchain networks [25] include public, private, consortium, and hybrid models, each differing in transparency, control, and scalability (Figure 3).

Blockchain networks are classified into several types, each designed for specific purposes and use cases(

Table 2. Blockchain types and access levels.

Type of Blockchain	Access Level	Consensus Mechanism	Typical Use Cases
Public blockchain	Open to anyone	PoW, PoS	Bitcoin, Ethereum, public DeFi platforms
Private blockchain	Invitation only	Controlled internally	Supply chain, internal enterprise solutions
Consortium blockchain	Group of organizations	Pre-selected nodes	Banking, healthcare, cross-org platforms
Hybrid blockchain	Mix of public & private	Custom (hybrid models)	Government and enterprise collaboration
Sidechain	Attached to main chain	Varies (depends on parent chain)	Asset transfers, scalability solutions
Permissioned blockchain	Restricted (by roles)	Pre-approved consensus methods	Enterprise use, identity management
Permissionless blockchain	Fully open	PoW, PoS	Crypto, NFTs, decentralized platforms

).

The pie chart in Figure 4 illustrates the distribution of blockchain types according to access level and governance model.

3.2. Properties of a Blockchain

Blockchain is a transformative technology offering decentralization, security, transparency, and immutability. As it evolves, new applications will continue to emerge. The following key features highlight its significance(

Table 3. Properties of Blockchain.

Property	Description
Anonymity/Pseudonymity	Transactions without real identities.
Decentralized	Distributed control.
Smart contracts	Self-executing code.
Secured	Cryptographic protection.
Distributed ledger	Copies on every node.
Trusted	From protocols and consensus.
Transparent	Visible transactions in public chains.
Consensus	Agreement via PoW/PoS.
Immutable	Unalterable data.
Tokenized	Digital representations of value.

). The core properties of blockchain technology are summarized in Figure 5.

Blockchain is crucial for transforming the banking industry. As the digital era evolves, banks must adapt quickly, and blockchain offers a secure, efficient, and cost-effective way to process transactions and improve operations.

4. Key Blockchain Variables

Blockchain records and shares digital information through immutable transaction logs [27]. Its key variables include

(a)

Block size which determines data capacity per block. Larger sizes increase throughput but also propagation delays and vulnerability to forking or selfish mining. Bitcoin addressed this with SegWit and the Lightning Network.

(b)

Block interval is the time between block creations affects transaction speed and security. Short intervals raise fork risks, while long ones slow confirmations.

(c)

Consensus algorithm defines network security and efficiency.

PoW—secure but energy-heavy and prone to 51% attacks.

PoS—energy-efficient but vulnerable to stake centralization and long-range attacks [28,29].

DPoS—fast but relies on few validators, risking collusion.

(d)

Network topology and latency. The peer-to-peer structure and communication delays impact consensus reliability. Poor connectivity can enable eclipse attacks by isolating nodes.

4.1. Blockchain Design Variables and Their Effects

Blockchain variables include block size, block interval, consensus mechanism, network topology, node identity system, and smart contract layer, each influencing security differently. Their impacts and platform examples are summarized in

Table 4. Key Blockchain variables and their effects.

Variable	Description	Example (Platform)	Security Impact
Block size	Data capacity per block	Bitcoin (1 MB), BSV (128 MB)	Affects propagation and forking
Block interval	Time between block creation	Bitcoin (10 min), Ethereum (12 s)	Influences finality and double-spending
Consensus mechanism	Method for reaching agreement	PoW, PoS, DPoS	Resistance to 51%, Sybil
Network topology	Peer node structure	Random graph, Mesh	Exposure to eclipse attacks
Node identity system	Node authentication method	None (Bitcoin), DID (Polkadot)	Sybil resistance
Smart contract layer	Executable logic layer	Ethereum, Solana	Bugs, gas limits, flaws

.

4.2. Blockchain Layers

Blockchain has evolved beyond cryptocurrencies into a transformative technology across industries. Its layered architecture ensures scalability, security, and interoperability, with each layer serving a distinct role:

(a)

Network layer

Forms the foundation of Distributed Ledger Technology (DLT) through a decentralized P2P network. Full nodes store the entire ledger and enforce consensus, while lightweight nodes handle transactions. Network size, peer discovery, and latency affect performance.

(b)

Consensus layer

Ensures all nodes agree on the ledger’s state. Main types include proof-based systems like Proof of Work (PoW), which secures Bitcoin but is resource-intensive, and Practical Byzantine Fault Tolerance (PBFT), offering faster, less energy-demanding alternatives.

(c)

Data layer

Stores and secures blockchain data using blocks, hashes, Merkle trees, and timestamps. These structures maintain integrity and resistance to tampering, though they can be energy and time-intensive.

While Merkle trees ensure secure and decentralized transactions, they can be energy-intensive and slow to process because each transaction’s hash must be repeatedly computed and verified through multiple hierarchical levels of the tree. This recursive hashing requires substantial computational power, especially in large-scale blockchains like Bitcoin, where thousands of hashes are generated and validated per block. Moreover, any change to a single transaction triggers recalculation of all parent hashes up to the Merkle root, increasing time complexity and energy consumption. The verification process, while essential for data integrity, thus contributes to latency and reduced throughput in decentralized networks.

(d)

Execution layer

Hosts runtime environments (e.g., virtual machines) for executing smart contracts, self-enforcing programs that establish trust and automate transactions across nodes.

(e)

Application layer

Connects decentralized applications (dApps) to the blockchain. It powers cryptocurrencies, wallets, and smart contracts, and extends to IoT-based systems like smart cities, healthcare, and agriculture.

A layered architecture of modern blockchain systems is depicted in Figure 6.

4.3. Platforms of Blockchain

Blockchain protocols define how data is recorded, shared, and secured, forming the foundation of blockchain networks. Platforms built on these protocols provide tools for developing and deploying decentralized applications (dApps) [30]. While protocols establish core functions, platforms extend them to enable practical applications. The choice of platform depends on the project’s needs [31].

(a)

Hyperledger Fabric

A modular, permissioned blockchain supporting private transactions and customizable consensus. It offers high modularity, low-latency finality, multi-language smart contracts, and queryable data [30].

(b)

Hyperledger Sawtooth

An open-source platform using Proof of Elapsed Time (PoET) consensus, developed by Hyperledger and the Linux Foundation. It provides flexibility through the Sawtooth Library and Splinter networking [31].

(c)

Ethereum

A public blockchain platform for decentralized applications and smart contracts. It supports tokenization, rapid deployment, and a large developer community, operating mainly on a Proof-of-Work system [30].

Emerging Blockchain Protocols with Advanced Cryptographic and AI Techniques

Recent blockchain research integrates elliptic curve cryptography (ECC) and artificial intelligence (AI), especially neural networks, to improve fairness, resilience, and efficiency. These advances strengthen consensus and communication layers, mitigating threats like Sybil and 51% attacks through adaptive cryptography and AI-based detection.

(a)

Neural Fairness Blockchain Protocol using Elliptic Curve Lottery

Ref. [32] proposed a protocol combining ECC and neural networks for fairness-driven consensus in permissionless blockchains (https://www.mdpi.com/2227-7390/10/17/3040) (accessed on 20 November 2025).

An ECC-based lottery securely selects consensus committee members, reducing centralization risks, while neural networks validate transactions and detect anomalies to prevent double-spending [32]

(b)

Neural Networks and ECC for Secure Communication:

Ref. [33] integrated neural networks with ECC to enhance secure peer-to-peer communication in blockchain systems (https://arxiv.org/abs/2407.08831) (accessed on 20 November 2025).

Neural models manage asymmetric cryptography to protect data exchanges and resist eavesdropping, while multiple ECC curves and lightweight design suit IoT applications [33].

These protocols demonstrate how ECC and AI can reinforce blockchain security and fairness, though further testing is needed to ensure scalability and robustness.

The role of elliptic curve cryptography in the two emerging AI-enhanced protocols is represented in Figure 7.

P1 = Traditional ECC-based asymmetric key generation and signing

P2 = Neural network layer used for transaction validation and anomaly detection

P3 = Hybrid consensus committee selection via ECC lottery combined with neural fairness scoring

5. Common Blockchain Attacks and Related Variables: Case Studies of Main Significant Attacks from 2016 to 2024

As blockchain adoption expands across critical sectors, understanding its security vulnerabilities is vital. Despite its decentralized design, blockchain remains susceptible to threats like 51% attacks, Sybil attacks, smart contract flaws, and phishing schemes. These exploits depend on factors such as network size, consensus type, coding quality, and user behavior. Analyzing these attacks and variables offers key insights for improving blockchain security and resilience.

5.1. The Main Attack Types

(a)

51% Attack:

Occurs when an entity controls most of a network’s mining or validation power, enabling double-spending or transaction censorship. Caused by low hash rate or stake concentration. Ethereum Classic suffered multiple 51% attacks in 2020 [34].

(b)

Sybil Attack:

Attackers create numerous fake identities to gain network influence, exploiting weak identity verification or consensus without economic barriers [35,36,37,38,39,40,41,42,43,44]. Prevented through PoW/PoS resource constraints or social graph verification [45].

(c)

Double-Spending Attack:

Involves reusing the same tokens by exploiting slow confirmation and network delays. Mitigation includes longer confirmation times and real-time monitoring.

(d)

Eclipse Attack:

An attacker isolates a node by hijacking its connections, feeding false data to enable double-spending or selfish mining. Prevented through diversified peer connections and randomized node lists [46].

(e)

Smart Contract Exploits:

Turing-complete contracts (e.g., on Ethereum) are prone to flaws like reentrancy (DAO hack), integer overflows, and gas manipulation. These stem from coding errors tied to variables like gas limits and governance [47,48].

Overall, blockchain attacks exploit decentralization, consensus, and P2P structures, prompting stronger algorithms, improved topologies, and economic deterrents. Smaller networks remain more vulnerable than established ones like Bitcoin or Ethereum.

5.2. Blockchain Ecosystem Possible Attacks

The blockchain ecosystem is a transformative framework enabling secure, transparent, and decentralized data and transaction management without central authorities. Since Bitcoin’s launch in 2009, blockchain has evolved to support cryptocurrencies, DApps, smart contracts, and applications across finance, supply chain, healthcare, and governance [49,50].

At its core, blockchain is a distributed ledger of cryptographically linked blocks maintained by network nodes that ensure trust via consensus mechanisms. The ecosystem spans multiple layers from data and network protocols to consensus, smart contracts, and user applications engaging participants from individuals to governments.

While blockchain offers immutability, transparency, and decentralization, it also introduces vulnerabilities that demand strong security at every layer. As the foundation of Web3, the expanding blockchain ecosystem continues to reshape digital infrastructure. The diagram below illustrates potential attack points (data, network, consensus, contracts, applications) and threats from both internal vulnerabilities and external actors [30].

For instance, the introduction of smart contracts on platforms like Ethereum has created new vulnerabilities such as reentrancy attacks, where malicious actors repeatedly withdraw funds before a contract updates its balance. This was exemplified by the 2016 DAO hack, which exploited a coding flaw to siphon approximately $60 million worth of Ether, demonstrating how innovative blockchain features can also expand the system’s attack surface. Potential attack points across the entire blockchain ecosystem are visualized in Figure 8. The diagram illustrates five primary attack surfaces: Block data layer, Networking protocol layer, Consensus algorithm layer, Smart-contract layer, Decentralized applications and user-facing layer. Red X symbols indicate recommended defensive measures or mitigation controls that should be implemented at each corresponding layer to prevent or reduce the severity of the associated attacks.

The blockchain system represents an integrated framework encompassing technical components (blocks, networking protocols, consensus mechanisms, smart contracts, and DApps), diverse user groups (individuals, organizations, the public), and physical infrastructure (hardware, servers, and nodes). Together, these elements form the operational foundation of blockchain technology.

Within this framework, multiple layers constitute distinct attack surfaces:

(a)

Block data—stores raw transaction details. Compromises threaten data integrity, confidentiality, and availability.

(b)

Networking protocol—governs node communication. Attacks may drop, delay, or modify messages, or perform eclipse attacks that isolate nodes.

(c)

Consensus algorithm—ensures ledger agreement (e.g., PoW, PoS) but remains vulnerable to 51% and Sybil attacks, undermining system trust.

(d)

Smart contracts—self-executing code subject to vulnerabilities such as reentrancy (DAO hack) or flawed logic, causing fund loss or freezing.

(e)

Decentralized applications (DApps)—built atop smart contracts, DApps face logic flaws, integration errors, and library exploits affecting deployed services.

The physical infrastructure layer connects blockchain networks with real-world devices and is exposed to risks like terminal hijacking, malware, and data interception. External actors further heighten vulnerabilities through phishing, credential theft, or organizational exploitation. Attack escalation can progress upward from data breaches to application-level exploits, while defenses (marked by red crosses) must counter threats at each layer.

Regulatory oversight plays a crucial role in securing blockchain ecosystems. Governments and financial regulators increasingly influence blockchain development through policy and enforcement, particularly after the rise in ICOs and cross-border applications.

This study reviews major blockchain-related attacks (2016–2024) and their financial impact. The movement of remaining bitcoin after the Harmony Bridge hack is illustrated in Table 5.

-

2016–2018: The DAO hack ($60 M ETH loss) and Parity wallet flaw ($150 M ETH locked).

-

2019–2021: Increasingly complex incidents, including the 2020 KuCoin hack ($281 M stolen) and the 2021 Poly Network exploit ($600 M stolen, later mostly returned). The Colonial Pipeline ransomware case (2021) also underscored cryptocurrency’s role in ransom payments (75 BTC; [51]).

-

2022–2024: Major cross-chain breaches included the 2022 Ronin Network hack ($620 M) and Harmony’s Horizon Bridge theft ($100 M), both linked to North Korea’s Lazarus Group. According to a 2023 FBI report, $60 M in stolen ETH was laundered via the RAILGUN protocol and partially frozen through cooperation with virtual asset service providers [13,52,53,54,55,56,57,58,59,60]. The remaining Bitcoin was later traced to multiple new addresses.

Table 5. Movement of remaining bitcoin in the Harmony Bridge hack [59].

Bitcoin Address
1BK769SseNefb6fe9QuFEi8W4KGbtP8gi3
15FcqYRbwh2JsRUyBjvZ4jJ2XAD3pycGch
1HwSof6jnbMFpfrRRa2jvydYdopkkGB4Sn
15emeZ7buVegqhYh9PekH7cwFEJcCeVNpS
3MSbCJCYtx5sj1nkzD4AMEhhvvviXBc8XJ
17Z79rZpkk8kUiJseg5aELwYKaoLnirMUn
bc1qp2vvntdedxw4xwtyd4y3gc2t9ufk6pwz2ga4ge
3P9WebHkiDxCi8LDXiRQp8atNEagcQeRA3
37fnBxofDeph2fpBZxZKypNkwdXAt9nT6F
185NxhFAmKZrdwn9rVga3kqbvDP4FkbTNw
12283Cq1pJ3f1gXwqi6K3bRf5LZb8Bkm6g

Table 5. Movement of remaining bitcoin in the Harmony Bridge hack [59].

Bitcoin Address
1BK769SseNefb6fe9QuFEi8W4KGbtP8gi3
15FcqYRbwh2JsRUyBjvZ4jJ2XAD3pycGch
1HwSof6jnbMFpfrRRa2jvydYdopkkGB4Sn
15emeZ7buVegqhYh9PekH7cwFEJcCeVNpS
3MSbCJCYtx5sj1nkzD4AMEhhvvviXBc8XJ
17Z79rZpkk8kUiJseg5aELwYKaoLnirMUn
bc1qp2vvntdedxw4xwtyd4y3gc2t9ufk6pwz2ga4ge
3P9WebHkiDxCi8LDXiRQp8atNEagcQeRA3
37fnBxofDeph2fpBZxZKypNkwdXAt9nT6F
185NxhFAmKZrdwn9rVga3kqbvDP4FkbTNw
12283Cq1pJ3f1gXwqi6K3bRf5LZb8Bkm6g

MOVEit Data Breach [61]: The Cl0p ransomware group exploited a SQL injection vulnerability in MOVEit Transfer, exposing data from over 2700 organizations and 93.3 million individuals [7]. Affected versions included builds before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3). Fixed versions: 2020.1.10 (12.1.10) 2023.0.3 (15.0.3). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35708 (accessed on 20 November 2025).

British Library Cyberattack [62]: The Rhysida hacker group attacked the British Library’s online systems, demanding 20 BTC (aprox. $400,000). Upon refusal, they released about 600 GB of stolen data. https://www.bl.uk/cyber-incident/, https://www.bl.uk/home/british-library-cyber-incident-review-8-march-2024.pdf (accessed on 20 November 2025).

ByBit Exchange Hack [63]: The Lazarus Group (alias TraderTraitor) infiltrated ByBit, stealing approximately $1.5 billion in digital assets the largest cryptocurrency heist to date (

Table 6. Summary of financial losses (2016–2025).

Year	Estimated Losses (USD)	Notable Incidents
2016	$60 million	The DAO Hack
2017	$150 million	Parity Wallet Bug
2020	$275 million	KuCoin Hack
2021	$600 million	Poly Network Exploit
2021	$4.4 million	Colonial Pipeline Ransomware
2022	$620 million	Ronin Network Hack
2022	$100 million	Harmony Horizon Bridge Attack
2023	—	MOVEit Data Breach (93.3 million individuals affected)
2023	$400,000 (approx.)	British Library Cyberattack
2025	$1.5 billion	ByBit Exchange Hack

). https://www.bbc.com/news/articles/c2kgndwwd7lo (accessed on 20 November 2025).

The chart shows the escalating damage, highlighting the importance of such studies.

The chart showing estimated financial losses from major incidents (2016–2025) is presented in Figure 9.

6. Mapping Blockchain Variables to Attack Vectors

6.1. Potential Vulnerabilities

Blockchain technology offers trust, transparency, and security in digital transactions but remains vulnerable when key variables such as transaction data, consensus mecha-nisms, cryptographic keys, or network con-ditions which are manipulated, enabling attacks that compromise its integrity and reliability. Potential vulnerabilities and their mapped attack vectors [64] are detailed in

Table 7. Potential vulnerabilities and mapped attack vectors.

Potential Vulnerability	Mapped Attack Vectors	Example Incidents
Manipulation of block production/voting	51% attack, forking, nothing-at-stake	Ethereum Classic 51% attack (2020) [4,12,30]
Logic errors, lack of verification	Reentrancy, integer overflow, oracle attacks	The DAO Hack (2016) [45], bZx Oracle Attack (2020) [8]
Node isolation, message delay	Eclipse, partitioning, routing attacks	Bitcoin eclipse attacks (2015–2018) [47]
Weak/outdated cryptography	Signature forgery, collision attacks	Bitcoin transaction malleability (2014) [6]
Inadequate trust model	Sybil attack, eclipse attack	Sybil simulations in Bitcoin (2016) [45]
Resource abuse	Gas limit abuse, transaction flooding	Ethereum congestion (2017) [65]
Untrusted external inputs	Oracle manipulation, front-running	DeFi price oracle exploits (2020–2023) [10]
High storage cost	State bloat, history rewriting	Ethereum state growth (ongoing)

.

To assess how variable manipulation affects a system’s vulnerability, we examine blockchain as an example sensitive to variables like transaction data, cryptographic keys, consensus mechanisms, and timestamps. In such systems, altering key variables can undermine integrity and increase attack susceptibility.

6.2. Variable Manipulation in Blockchain

The decentralized nature of blockchain eliminates central control but also introduces risks. Since it depends on variables like transaction data, consensus mechanisms, and timestamps to maintain a secure ledger, manipulation of these elements can compromise system integrity. Altering transaction data can enable double-spending, modifying consensus rules may lead to 51% attacks, and changing timestamps can reorder transactions, creating new vulnerabilities. Understanding these interactions helps strengthen blockchain resilience against exploits.

• Example 1: Double-spending (Transaction data)

A double-spending attack occurs when an attacker sends the same funds twice (e.g., Andrew sends 100 BTC to both Jane and Adrian). If both transactions are confirmed by different miners, the same funds are spent twice, undermining trust and value stability.

• Example 2: Consensus manipulation (PoS control)

In Proof of Stake (PoS) systems, voting power depends on stake size. If an attacker gains majority control, they can approve fraudulent transactions or block legitimate ones executing a 51% attack that compromises network trust.

• Example 3: Timestamp manipulation

Each block’s timestamp maintains transaction order. If altered, an attacker can reorder blocks to make earlier transactions appear invalid or already spent, enabling double-spending and network confusion.

The effect of timestamp manipulation on transaction ordering is demonstrated in Figure 10.

Visualization:

• Block 1: Transaction A → Andrew to Jane (12:00 PM)
• Block 2: Transaction B → Andrew to Adrian (12:01 PM)

Attacker manipulates Block 2’s timestamp to 11:59 a.m., making it appear earlier than Block 1 creating confusion about transaction order and enabling double-spending vulnerabilities.

Empirical Example: 51% Attack on Bitcoin (PoW)

In Proof of Work systems like Bitcoin, an attacker controlling over 51% of total hash power can rewrite the blockchain.

Steps:

-

Gain majority mining power.

-

Mine blocks faster than the rest of the network.

-

Publish a longer, alternative chain.

-

Network accepts the attacker’s chain, invalidating the original.

Impact: Enables transaction reversal, double-spending, and widespread network disruption.

A graphical representation of a blockchain fork during a successful 51% attack is provided in Figure 11.

Graphical representation of attack susceptibility:

Before attack:

Blocks process sequential transactions (A → B → C → D).

During attack (51% Control):

The attacker forks from Block 3, mines faster, and creates a longer chain.

Original: Block 1 → Block 2 → Block 3 → Block 4

Attacker: Block 1 → Block 2 → Block 3 → Block 5 → Block 6

After attack:

The network adopts the attacker’s longer chain, invalidating previous transactions.

Variable manipulation of transaction data, consensus rules, or timestamps creates major vulnerabilities like double-spending and 51% attacks. Robust consensus design, cryptographic proofs, and timestamp validation are essential to preserve blockchain integrity.

7. Mitigation Techniques and Design Guidelines

To enhance blockchain resilience, developers should align consensus mechanisms with threat models and application needs. Optimizing block size and timing improves capacity and security, while peer diversity and latency controls help prevent eclipse attacks. Formal smart contract verification and economic incentives can deter Sybil and 51% attacks [66]. Emerging solutions like zero-knowledge proofs, layer-2 scaling, and decentralized identity systems further strengthen scalability and security.

Key strategies:

(a)

User education—promote phishing awareness, private key best practices, and hardware wallet use for secure storage.

(b)

Strengthened protocols—employ multi-signature wallets, decentralized identity frameworks, and conduct regular smart contract audits to minimize vulnerabilities.

7.1. Best Practices and Mitigation

Ensuring blockchain security and resilience demands comprehensive safeguards to maintain trust, performance, and sustainability as adoption grows across critical sectors. Recommended best practices and mitigation strate-gies are consolidated in

Table 8. Best practices and mitigation strategies.

Vulnerability	Prevention Technique
51% attack	Decentralize, checkpoint
Sybil attack	Identity binding, staking, or CAPTCHAs
Eclipse attack	Peer randomness, inbound connections
Double spending	Multi-confirmation, fraud detection systems
Smart contract bugs	Formal verification, code audits, use safe libraries

.

7.2. Risk Evaluation

(a)

Blockchain security framework

Ref. [4] in “Classification of threats and countermeasures of cloud computing” outlines a layered defense model addressing threats like data breaches, insecure APIs, and DoS attacks via encryption, IAM, segmentation, and monitoring. Adapting this framework to blockchain allows researchers to link design variables, such as block size, consensus type, and node identity, to specific vulnerabilities (e.g., weak consensus leading to Sybil or 51% attacks), thereby improving the resilience of decentralized systems.

(b)

Data encryption

Encryption safeguards private keys, transactions, and smart contract data using public-key cryptography (e.g., elliptic curve cryptography). It protects data both at rest and in transit, reducing breach and tampering risks.

(c)

Identity and access management (IAM)

IAM verifies and controls access to nodes, wallets, and contracts through decentralized identity systems and zero-knowledge proofs. For example, Ethereum uses private keys for wallet-based authentication. IAM prevents unauthorized actions and insider threats.

(d)

Network segmentation

Segmentation isolates nodes or layers to limit attack spread and enhance privacy. In Hyperledger Fabric, channels create private subnets for participants, preventing network-wide breaches and supporting scalability.

(e)

Monitoring protocols

Real-time monitoring tools (e.g., block explorers, IDS) track anomalies like double-spending or Sybil attacks. Continuous observation ensures auditability and rapid threat response, preserving network integrity.

(f)

Layered defense strategy

Combining encryption, IAM, segmentation, and monitoring builds a multi-layered defense that reduces attack surfaces and strengthens blockchain resilience.

(g)

Quantitative risk assessment

Risk metrics such as Annualized Loss Expectancy (ALE = SLE × ARO) help prioritize mitigation.

Example: A 51% attack on a mid-sized PoW network may have SLE ≈ $500 M and ARO = 0.1, yielding ALE = $50 M. Decentralization measures can cut ARO by 80%, reducing ALE to $10 M [29].

CVSS scoring (0–10) ranks vulnerabilities by impact; DAO reentrancy bugs rate 9.8 (Critical), underscoring the need for audits [26].

7.3. Cyber Security Risk and Threats

The NIST Cybersecurity Framework offers a structured method for assessing and mitigating IT security risks through its five core functions: identify, protect, detect, respond, and recover. Aligning assets, threat intelligence, and risk management with NIST standards helps organizations anticipate and minimize cyberattacks, ensuring resilience and compliance across industries.

Research by [9] identifies human vulnerabilities, errors, negligence, poor training, and social engineering as leading threats, with 12 documented cases in critical infrastructure.

According to [10], DPRK-linked groups stole $340.4 million in cryptocurrency in 2023, down from $1.65 billion in 2022, reflecting a decline but underscoring the persistence of advanced state-sponsored cyberattacks. Total value stolen in cryptocurrency hacks and money-laundering activities by DPRK-linked actors (2017–2024) is shown in Figure 12.

7.4. Basic Framework: Blockchain Variable Quantitative Risk Framework

The NIST Cybersecurity Framework manages risks through five core functions: identify, protect, detect, respond, and recover. Integrating these with the proposed Blockchain Variable Quantitative Risk Framework (BVQRF) enhances blockchain-specific risk analysis by mapping NIST’s qualitative functions to variables such as block size, consensus mechanisms, and network topology. The BVQRF incorporates quantitative metrics to evaluate vulnerabilities like 51% attacks, Sybil attacks, and smart contract exploits, combining NIST’s qualitative structure with data-driven precision. The proposed Blockchain Variable Quantitative Risk Framework (BVQRF) is presented in

Table 9. Blockchain variable quantitative risk framework.

No.	Step	Action
1	Find Risks	Connect blockchain settings to risks.
2	Measure Risks	Set probability, impact, and control strength.
3	Score Risks	Calculate Risk = Probability × Impact × to rank threats.
4	Test Settings	Ganache to test settings or risks like double-spending.
5	Apply Fixes	Adjust settings based on scores.
6	Monitor and Update	Check risks every three months using Chainalysis Hexagate.

, mapping NIST functions to blockchain variables and quantitative risk metrics

The Blockchain Variable Quantitative Risk Framework (BVQRF) introduces a variable-centric, predictive approach to modeling blockchain risks. By quantifying variable impacts, e.g., increasing node diversity can raise the eclipse attack mitigation factor from 0.75 to 0.9, reducing risk by 60% [8,46] BVQRF enhances security analysis through simulation tools like Ganache. Future research could automate BVQRF’s scoring with AI using real-time data (e.g., Chainalysis, Hexagate), test it on hybrid blockchains (e.g., Polkadot), and integrate human vulnerability metrics [9]. This mapping operationalizes NIST’s qualitative framework into a quantitative, data-driven blockchain security model.

8. Conclusions

This study advances blockchain security by introducing the Blockchain Variable Quantitative Risk Framework (BVQRF)—a novel, data-driven model that links qualitative cybersecurity theory with quantitative risk assessment. Using simulations and case data (2016–2025), BVQRF demonstrates that key blockchain variables—such as block size, interval, consensus design, and network topology—directly influence attack susceptibility, including 51% attacks, Sybil exploits, and smart contract vulnerabilities.

Findings show that optimizing variable configurations can reduce attack probability by up to 60%, notably through increased node diversity [8,46]. Quantitative analysis estimates an ALE of $50 million for mid-sized PoW networks, validated by incidents like Ethereum Classic and the 2025 Monero attack. Integrating NIST’s cybersecurity functions (identify–recover) with blockchain metrics, BVQRF transforms qualitative guidance into actionable, measurable security practices.

Future work should apply AI-driven real-time scoring to automate BVQRF assessments, test the framework across hybrid blockchains (e.g., Polkadot), and integrate human risk factors [9]. By quantifying the impact of blockchain design choices, BVQRF offers a predictive, scalable model for strengthening resilience and guiding secure blockchain development across critical industries.