Exploring the Attack Surface of Blockchain: A Comprehensive Survey

Muhammad Saad, Jeffrey Spaulding, Laurent Njilla, Charles Kamhoua, Sachin Shetty, Dae Hun Nyang, David Mohaisen

Research output: Contribution to journalArticlepeer-review

180 Scopus citations


In this paper, we systematically explore the attack surface of the Blockchain technology, with an emphasis on public Blockchains. Towards this goal, we attribute attack viability in the attack surface to 1) the Blockchain cryptographic constructs, 2) the distributed architecture of the systems using Blockchain, and 3) the Blockchain application context. To each of those contributing factors, we outline several attacks, including selfish mining, the 51% attack, DNS attacks, distributed denial-of-service (DDoS) attacks, consensus delay (due to selfish behavior or distributed denial-of-service attacks), Blockchain forks, orphaned and stale blocks, block ingestion, wallet thefts, smart contract attacks, and privacy attacks. We also explore the causal relationships between these attacks to demonstrate how various attack vectors are connected to one another. A secondary contribution of this work is outlining effective defense measures taken by the Blockchain technology or proposed by researchers to mitigate the effects of these attacks and patch associated vulnerabilities.

Original languageEnglish
Article number9019870
Pages (from-to)1977-2008
Number of pages32
JournalIEEE Communications Surveys and Tutorials
Issue number3
StatePublished - 1 Jul 2020

Bibliographical note

Publisher Copyright:
© 1998-2012 IEEE.


  • Blockchain
  • applications
  • attack surface
  • peer-to-peer systems
  • security


Dive into the research topics of 'Exploring the Attack Surface of Blockchain: A Comprehensive Survey'. Together they form a unique fingerprint.

Cite this