EN   FR

Services addressing the security and confidentiliaty aspects are also proposed for applications based on public blockchain technologies, e.g. Bitcoin or Ethereum.


Training: Bitcoin under the hood, understand the blockchain mechanics

Bitcoin and Blockchain technologies are discussed everyday in the media. Erroneous information is spread, such as transactions being anonymous, and underlying mechanics may seem obscure for someone wanting to study the topic.

The goal of this training is to know how Bitcoin works in detail under the hood, without needing to be a doctor in cryptography.
But more importantly to understand why Blockchain is structured like that, through the creation of a fake virtual currency and the iterative fixing of its vulnerabilities.
Finally, an overall perspective enables to grasp the potential and the limitations of Blockchain for other domains.

Duration: 3 hours, with 2 hours of theory and 1 hour of practice including a questions & answers session.
More information on demand.

Threat Modeling

Blockchain technologies, with their groundbreaking architecture, enable to implement use cases with a very different approach.
Unavailability of best practices, due to the very young age of those solutions, and usage of cryptographic primitives only by the underlying exchange protocol cannot guarantee the security of the overall information system.

Thread modeling workshops, following the STRIDE methodology, enable to identify exhaustively the security risks of the project. And in particular around private keys management or data privacy for public blockchains.
A classification by business impact then allows to prioritize risks and decide which countermeasures are needed.

Smart Contracts code review

Smart contracts for public blockchains can keep their high trust promise for end users if both conditions are met
  • full transparency of the contract terms
  • immutability of those terms
First point is now commonplace in the computer world with Open Source. But in this context code updates happen (very) frequently to fix security defects visible by anyone.
This is in opposition with the desire not to change a single character of the contract. Hence a code review, similar to embedded code validation in the space industry, is absolutely necessary to ensure no vulnerabilites are present.

Other blockchain services tailored to your needs can be provided on demand.