CSSE 490 - Blockchain (and Security) Spring Quarter 2020-2021 Rose-Hulman Institute of Technology Instructor: Sid Stamm Office Address: Moench F216 E-mail: stammsl@rose-hulman.edu Web Site: https://www.rose-hulman.edu/~stammsl/csse490-blockchain/ Textbooks: NONE! -------------------------------------------------------------------------------- Course Description: Bitcoin, Ethereum, and many other systems rely on blockchains. Blockchain technology is a distributed, decentralized, secure ledger that allows public auditing and consensus-based attestation. In this class, you’ll learn about the technology these platforms are built upon, uses for the platforms other than virtual currency trading, and the security problems and solutions inherent in their design. In this class, students will read and present/discuss modern academic research papers, implement blockchain and smart contract code, and deploy their work to a shared blockchain platform. Students who successfully complete this course will be able to: 1. Explain how blockchains, smart contracts, and non-fungible tokens work. 2. Implement a basic blockchain prototype. 3. Deploy smart contract programs on a blockchain system. 4. Identify limitations in a blockchain system and various ways to compensate for them. 5. Exploit security flaws in smart contracts (and then fix them). Course Requirements: To earn a passing grade, you will complete written assignments, present one or more papers relevant to class, coding projects (in pairs) and lab exercises (in pairs). Grading: This class uses specs grading. You will earn tokens based on tasks you complete while working on assignments, labs, projects, and presentations for this class. Each assignment will specify what tokens are available and how to earn them. Students must be able to individually demonstrate satisfaction of the exercise's requirements in order to earn tokens for those exercises when working in groups or pairs. There are four TYPES of tokens: hacker, presenter, coder, and analyst. In general, you must earn some of each to pass the course. The "base" level for each type of token is reached when you earn four of that type of token. You reach the "star" level when you reach six or more of hacker, presenter or analyst tokens. To reach the "star" level of coder tokens, you must earn fifteen or more of those. Letter grades: * You earn a grade of D when you... reach the "base" level of three token types. * You earn a grade of C when you... reach the "base" level of all four types. * You earn a grade of B when you... reach the "star" level of two types AND reach the "base" level of the rest. * You earn a grade of A A when you... reach the "star" level of all four types. Note that earning star levels of two token types is necessary but not sufficient to earn a B. You must at least achieve "base" of all types to earn a C or higher. Please understand that it is not a promise. We will do our best to conform to the institute-wide grading policy described in the Grade Descriptions section of the registrar's web page. https://www.rose-hulman.edu/campus-life/student-services/registrar/rules-and-procedures/grades.html Reflection Paper: Students will submit ONE written assignment in which they reflect on their learning during a guest lecture and relate the lecture to material covered in class. Paper Presentation: Students will be assigned a presentation slot during which they will present one or more papers to the class. During their presentation, the students will summarize and present the important points from the reading, answer questions from the class and their instructor about the material, and lead a discussion to explore how the material relates to the rest of the course. Students may also potentially demonstrate the technical bits from the reading, or examine cases external to the reading that help illustrate the topics. The rest of the class will be required to read the paper before the presentation and expected to interact in discussion with the presenter. Blockchain Implementation: In pairs, students will implement their own prototype blockchain with all the basic features of a blockchain like bitcoin. Students may additionally implement advanced features (consensus, sharding, etc), or identify security flaws in theirs or other groups' chains. Completed projects will be presented to the class. Smart Contract Implementation: In pairs, students will design and implement a smart contract game in which two or more players interact using the blockchain. This game will involve a front-end (javascript/html), a backend (solidity contract on an ethereum blockchain), and should be straightforward to play. Completed projects will be presented to the class. Labs: In pairs, students will conduct analysis of smart contracts and exploit their security on a live blockchain implementation. During these labs, students will be expected to explain the flaw being exploited, exploit the flaw (create and run code to exploit the contract), and potentially fix the vulnerable smart contract. "Advanced" exploitation is possible in the labs and additional grading tokens may be available for more advanced exploits. Attendance Policy Regular attendance is expected. Good Citizenship In this class you may learn things to protect but also to exploit flaws systems for educational purposes. You are expected to act ethically and only use these skills on systems when authorized by the owners of those systems. This course in no way protects or exempts you from following policies and laws. Don't be a jerk or a criminal. If at any time you are uncertain if something is allowed: stop, think, and ask. Academic Integrity Collaboration is required on certain graded work items (team presentations), prohibited on others (individual quizzes & papers), and encouraged on the remainder. Copying is not collaboration. Discussing positions or working out a solution as a group is acceptable collaboration. Each individual is responsible for understanding the entire solution and explaining their point of view. You must properly credit your collaborators and clearly indicate the extent of the collaboration, except where it is obvious. Your instructor may use a plaigarism detection tool to identify copying or verify that you properly credit collaborators. Failure to acknowledge collaboration can be considered cheating and will result in a penalty grade of F in the course. You are encouraged to talk to your instructor if you have any questions regarding these expectations. Late Assignments Homework and quizzes must be submitted on time to receive credit for them. Concerns about anything? Got a problem and can't get your assigments done on time? Come talk to me and we'll work something out!