CBE - Certified Blockchain Expert Blockchain Security and Privacy Questions and Answers

Question 1

An analyst observes that a user's cryptocurrency wallet has received multiple, unsolicited, extremely small transactions from various unknown addresses. What type of attack is this user MOST likely experiencing, which aims to de-anonymize the wallet owner by linking their addresses together?

Accepted Answer

A Dusting Attack

Answer

A dusting attack is a privacy attack where malicious actors send tiny amounts of cryptocurrency (dust) to numerous wallet addresses. Their goal is to track the transactional activity of these wallets to de-anonymize the owner by linking different addresses to a single entity.

Question 2

Which privacy-enhancing cryptographic method allows a member of a group to sign a transaction on behalf of the group, making it computationally infeasible to determine which specific member's key was used for the signature?

Accepted Answer

Ring Signatures

Answer

Ring signatures provide anonymity by creating a digital signature where a transaction is signed by one member of a group ('ring') of possible signers. An observer can verify that the signature is valid and came from someone in the group, but they cannot identify the actual signer, providing plausible deniability.

Question 3

A startup holds a significant amount of its treasury in cryptocurrency. To prevent a single point of failure and protect against internal theft, they need a solution that requires approval from multiple executives before any funds can be moved. Which security mechanism is MOST effective for this requirement?

Accepted Answer

A multi-signature (multi-sig) wallet

Answer

A multi-signature (multi-sig) wallet is ideal for corporate treasury management as it requires M-of-N signatures to approve a transaction. This distributes control, preventing any single person from unilaterally moving funds and thus protecting against both external hacks and internal threats.

Question 4

Which of the following network-level attacks on a blockchain node involves isolating it from the rest of the honest network and connecting it exclusively to attacker-controlled nodes, potentially leading to double-spending or selfish mining?

Accepted Answer

Eclipse Attack

Answer

An eclipse attack is a network-level attack where an adversary monopolizes all of a victim node's connections, isolating it from legitimate peers. This allows the attacker to feed the node false information about the blockchain's state, which can be exploited for double-spending or to disrupt consensus.

Question 5

In the context of blockchain technology, what is a primary benefit of using zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) beyond providing privacy?

Accepted Answer

They enable data compression, which can significantly improve scalability.

Answer

The 'Succinct' in zk-SNARKs means that the cryptographic proofs are very small and quick to verify. This allows complex computations to be executed off-chain, with only a small proof being posted on-chain for verification. This data compression significantly reduces the data load on the blockchain, enhancing scalability.

CBE - Certified Blockchain Expert Practice Test

CBE - Certified Blockchain Expert Practice Test

CBE - Certified Blockchain Expert Blockchain Security and Privacy Questions and Answers