{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,2]],"date-time":"2026-03-02T22:24:18Z","timestamp":1772490258640,"version":"3.50.1"},"reference-count":67,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T00:00:00Z","timestamp":1766016000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"University of Oradea, Romania"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>Blockchain technology has rapidly evolved as a cornerstone of decentralized computing, transforming how trust, data integrity, and transparency are achieved in digital ecosystems. However, despite extensive adoption, significant gaps remain in understanding how key blockchain variables, such as block size, consensus mechanisms, and network latency, affect system vulnerabilities and susceptibility to cyberattacks. This survey addresses this gap by combining qualitative and quantitative analyses across multiple blockchain environments. Using simulation tools such as Ganache and Bitcoin Core, and reviewing peer-reviewed studies from 2016 to 2024, the research systematically maps blockchain parameters to cyberattack vectors including 51% attacks, Sybil attacks, and double-spending. Findings indicate that design choices like block size, block interval, and consensus type substantially influence resilience against attacks. The Blockchain Variable Quantitative Risk Framework (BVQRF) introduced here integrates NIST\u2019s cybersecurity principles with quantitative scoring to assess risks. This framework represents a novel contribution by operationalizing theoretical security constructs into actionable evaluation metrics, enabling predictive modeling and adaptive risk mitigation strategies for blockchain systems.<\/jats:p>","DOI":"10.3390\/computers14120567","type":"journal-article","created":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T11:08:28Z","timestamp":1766056108000},"page":"567","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Blockchain Variables and Possible Attacks: A Technical Survey"],"prefix":"10.3390","volume":"14","author":[{"given":"Andrei Alexandru","family":"Bordeianu","sequence":"first","affiliation":[{"name":"Department of Computers and Information Technology, Politehnica University of Timisoara, 2 V. Parvan Blvd, 300006 Timisoara, Romania"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7804-5178","authenticated-orcid":false,"given":"Daniela Elena","family":"Popescu","sequence":"additional","affiliation":[{"name":"Department of Computers and Information Technology, Faculty of Electrical Engineering and Information Technology, University of Oradea, 410087 Oradea, Romania"}]}],"member":"1968","published-online":{"date-parts":[[2025,12,18]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"222","DOI":"10.63180\/jcsra.thestap.2025.4.3","article-title":"Novel Permissioned Blockchain Approach for Scalable and Privacy-Preserving IoT Authentication","volume":"2025","author":"Addula","year":"2025","journal-title":"J. Cyber Secur. Risk Audit."},{"key":"ref_2","unstructured":"Addula, S.R., Norozpour, S., and Amin, M. (2025, November 20). Risk Assesment for Identifying Threats, Vulnerabilities and countermeasures in Cloud Computing. Jordanian J. Inform. Comput, Available online: https:\/\/www.semanticscholar.org\/paper\/Risk-Assessment-for-Identifying-Threats%2C-and-in-Addula-Norozpour\/e068f77951f00ca2ba4e2aca41a7f86a4c945789."},{"key":"ref_3","first-page":"2","article-title":"Analyzing cybersecurity risks and threats in IT infrastructure based on the NIST framework","volume":"2025","author":"Aljumaiah","year":"2025","journal-title":"J. Cyber Secur. Risk Audit."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"27","DOI":"10.63180\/jcsra.thestap.2025.2.3","article-title":"Classification of Threats and Countermeasures of Cloud Computing","volume":"2025","author":"Almanasir","year":"2025","journal-title":"J. Cyber Secur. Risk Audit."},{"key":"ref_5","unstructured":"(2025, November 20). Available online: https:\/\/www.bbc.com\/news\/articles\/c2kgndwwd7lo."},{"key":"ref_6","unstructured":"Alkhalifah, A., Ng, A., Kayes, A.S.M., Chowdhury, J., and Alazab, M. (2022). A taxonomy of blockchain threats and vulnerabilities. Blockchain for Cybersecurity in Cyber-Physical Systems, Springer."},{"key":"ref_7","unstructured":"(2025, November 20). Available online: https:\/\/www.bl.uk\/home\/british-library-cyber-incident-review-8-march-2024.pdf\/."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"841","DOI":"10.1016\/j.future.2017.08.020","article-title":"A Survey on the Security of Blockchain Systems","volume":"107","author":"Li","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_9","first-page":"100002","article-title":"A survey on blockchain systems: Attacks, defenses, and privacy preservation","volume":"1","author":"Liu","year":"2021","journal-title":"High-Confid. Comput."},{"key":"ref_10","unstructured":"Nakamoto, S. (2025, May 18). Bitcoin: A Peer-to-Peer Electronic Cash System. Available online: https:\/\/bitcoin.org\/bitcoin.pdf."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"38010","DOI":"10.1109\/ACCESS.2021.3063324","article-title":"A Systematic Review and Empirical Analysis of Blockchain Simulators","volume":"9","author":"Grigaitis","year":"2021","journal-title":"IEEE Access"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"107858","DOI":"10.1109\/ACCESS.2021.3101044","article-title":"BlockPerf: A Hybrid Blockchain Emulator\/Simulator Framework","volume":"9","author":"Polge","year":"2021","journal-title":"IEEE Access"},{"key":"ref_13","unstructured":"(2025, November 20). Available online: https:\/\/www.bl.uk\/cyber-incident\/."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"19","DOI":"10.63180\/jcsra.thestap.2023.1.3","article-title":"Secure Framework for Land Record Management using Blockchain Technology","volume":"2023","author":"Alyounis","year":"2023","journal-title":"J. Cyber Secur. Risk Audit."},{"key":"ref_15","unstructured":"Antonopoulos, A.M. (2017). Mastering Bitcoin: Programming the Open Blockchain, O\u2019Reilly Media. [2nd ed.]."},{"key":"ref_16","unstructured":"(2025, November 20). Available online: https:\/\/jjic.thestap.com\/archives\/volume-2025-1\/680f20ddcd605702a281651f."},{"key":"ref_17","first-page":"1423","article-title":"Ransomware Attacks on Critical Infrastructure: A Study of the Colonial Pipeline Incident","volume":"7","author":"Bellamkonda","year":"2024","journal-title":"Int. J. Res. Comput. Appl. Inf. Technol."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"3796","DOI":"10.1109\/COMST.2019.2928178","article-title":"A Vademecum on Blockchain Technologies: When, Which, and How","volume":"21","author":"Belotti","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Xinyi, Y., Yi, Z., and He, Y. (2018, January 6\u20139). Technical Characteristics and Model of Blockchain. Proceedings of the 2018 10th International Conference on Communication Software and Networks (ICCSN), Chengdu, China. Available online: https:\/\/www.researchgate.net\/publication\/328246761_Technical_Characteristics_and_Model_of_Blockchain.","DOI":"10.1109\/ICCSN.2018.8488289"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"576","DOI":"10.1109\/TNET.2008.923723","article-title":"SybilGuard: Defending Against Sybil Attacks via Social Networks","volume":"16","author":"Yu","year":"2008","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1594","DOI":"10.1109\/JIOT.2018.2847705","article-title":"Smart contract-based access control for the Internet of Things","volume":"6","author":"Zhang","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3158369","article-title":"Security and privacy on blockchain","volume":"52","author":"Zhang","year":"2019","journal-title":"ACM Comput. Surv."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Zheng, Z., Xie, S., Dai, H., Chen, X., and Wang, H. (2017, January 25\u201330). An overview of blockchain technology: Architecture, consensus, and future trends. Proceedings of the 2017 IEEE International Congress on Big Data, Honolulu, HI, USA.","DOI":"10.1109\/BigDataCongress.2017.85"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Cachin, C., and Vukoli\u0107, M. (2017). Blockchain consensus protocols in the wild. arXiv.","DOI":"10.1109\/EDCC.2017.36"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Caldarola, F., d\u2019Atri, G., and Zanardo, E. (2022). Neural Fairness Blockchain Protocol Using an Elliptic Curves Lottery. Mathematics, 10.","DOI":"10.3390\/math10173040"},{"key":"ref_26","unstructured":"(2025, November 20). Available online: https:\/\/www.tenable.com\/cybersecurity-guide\/principles\/common-vulnerability-scoring-system-cvss."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"80931","DOI":"10.1109\/ACCESS.2021.3085187","article-title":"MBCP: Performance Analysis of Large Scale Mainstream Blockchain Consensus Protocols","volume":"9","author":"Kaur","year":"2021","journal-title":"IEEE Access"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1156","DOI":"10.1093\/rfs\/hhaa075","article-title":"Blockchain Without Waste: Proof-of-Stake","volume":"34","author":"Saleh","year":"2020","journal-title":"Rev. Financ. Stud."},{"key":"ref_29","unstructured":"(2025, November 20). Available online: https:\/\/www.fintechfutures.com\/blockchain-crypto-digital-assets\/cryptocurrencies-and-the-critical-vulnerability-of-a-51-attack."},{"key":"ref_30","first-page":"1","article-title":"A survey on Ethereum systems security: Vulnerabilities, attacks, and defenses","volume":"53","author":"Chen","year":"2020","journal-title":"ACM Comput. Surv."},{"key":"ref_31","unstructured":"(2025, November 20). Ethereum Classic Suffers Third 51% Attack in a Month. Available online: https:\/\/www.coindesk.com."},{"key":"ref_32","unstructured":"Cormen, T.H., Leiserson, C.E., Rivest, R.L., and Stein, C. (2009). Introduction to Algorithms, The MIT Press."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1109\/MSP.2018.3111247","article-title":"A First Look at Identity Management Schemes on the Blockchain","volume":"16","author":"Dunphy","year":"2018","journal-title":"IEEE Secur. Priv."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Decker, C., and Wattenhofer, R. (2013, January 9\u201311). Information Propagation in the Bitcoin Network. Proceedings of the IEEE P2P 2013 Proceedings, Trento, Italy. Available online: https:\/\/ieeexplore.ieee.org\/document\/6688704.","DOI":"10.1109\/P2P.2013.6688704"},{"key":"ref_35","first-page":"62296","article-title":"Security in blockchain: A systematic literature review","volume":"8","author":"Wan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Woien, M.C., Catak, F.O., Kuzlu, M., and Cali, U. (2024). Neural Networks Meet Elliptic Curve Cryptography: A Novel Approach to Secure Communication. arXiv.","DOI":"10.1109\/VCC63113.2024.10914360"},{"key":"ref_37","unstructured":"(2025, November 20). Available online: https:\/\/blockchain.gov.in\/Home\/BlockChain?blockchain=blockchain."},{"key":"ref_38","unstructured":"(2025, November 20). Available online: https:\/\/crustlab.com\/blog\/types-of-blockchain-technology-a-complete-overview\/."},{"key":"ref_39","unstructured":"(2025, November 20). Available online: https:\/\/encyclopedia.pub\/entry\/24357."},{"key":"ref_40","unstructured":"(2025, November 20). Available online: https:\/\/ntiprit.gov.in\/pdf\/blockchainanddistributed\/Blockchain_Introduction_KR.pdf."},{"key":"ref_41","unstructured":"(2025, November 20). Available online: https:\/\/www.bbc.com\/news\/technology-58331959."},{"key":"ref_42","unstructured":"(2025, November 20). Available online: https:\/\/www.h-x.technology\/blog\/top-3-smart-contract-audit-tools."},{"key":"ref_43","unstructured":"(2025, November 20). Available online: https:\/\/www.ibm.com\/think\/topics\/blockchain."},{"key":"ref_44","unstructured":"(2025, November 20). Available online: https:\/\/www.researchgate.net\/publication\/386014193_Ransomware_Attacks_On_Critical_Infrastructure_A_Study_Of_The_Colonial_Pipeline_Incident."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Eyal, I., and Sirer, E.G. (2014). Majority is Not Enough: Bitcoin Mining is Vulnerable. Financial Cryptography and Data Security; Lecture Notes in Computer Science, Spring. Available online: https:\/\/www.researchgate.net\/publication\/258224002_Majority_Is_Not_Enough_Bitcoin_Mining_Is_Vulnerable.","DOI":"10.1007\/978-3-662-45472-5_28"},{"key":"ref_46","unstructured":"Heilman, E., Kendler, A., Zohar, A., and Goldberg, S. (2015, January 12\u201314). Eclipse Attacks on Bitcoin\u2019s Peer-to-Peer Network. Proceedings of the 24th USENIX Security Symposium, Washington, DC, USA. Available online: https:\/\/www.usenix.org\/system\/files\/conference\/usenixsecurity15\/sec15-paper-heilman.pdf."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Atzei, N., Bartoletti, M., and Cimoli, T. (2017, January 22\u201329). A Survey of Attacks on Ethereum Smart Contracts Sok. Proceedings of the 6th International Conference on Principles of Security and Trust, Uppsala, Sweden.","DOI":"10.1007\/978-3-662-54455-6_8"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1016\/j.future.2019.08.014","article-title":"Dissecting Ponzi schemes on Ethereum: Identification, analysis, and impact","volume":"102","author":"Bartoletti","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_49","unstructured":"Carter, L., and Ubacht, J. (June, January 30). Blockchain applications in government. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the Data Age, Delft, The Netherlands. Available online: https:\/\/www.researchgate.net\/publication\/325497149_Blockchain_applications_in_government."},{"key":"ref_50","unstructured":"Catalini, C., and Gans, J.S. (2025, November 20). The Blockchain Ecosystem. SSRN Electron. J., Available online: https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=2874598."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Hao, Y., Li, Y., Dong, X., Fang, L., and Chen, P. (2018, January 26\u201330). Performance Analysis of Consensus Algorithm in Private Blockchain. Proceedings of the 2018 IEEE Intelligent Vehicles Symposium (IV), Changshu, China. Available online: https:\/\/www.researchgate.net\/publication\/328457612_Performance_Analysis_of_Consensus_Algorithm_in_Private_Blockchain.","DOI":"10.1109\/IVS.2018.8500557"},{"key":"ref_52","unstructured":"(2025, November 20). Available online: https:\/\/www.simplilearn.com\/tutorials\/blockchain-tutorial\/blockchain-technology."},{"key":"ref_53","unstructured":"(2025, November 20). Available online: https:\/\/crypto.com\/glossary\/the-dao-hack."},{"key":"ref_54","unstructured":"(2025, November 20). Available online: https:\/\/techcrunch.com\/2017\/11\/07\/a-major-vulnerability-has-frozen-hundreds-of-millions-of-dollars-of-ethereum\/."},{"key":"ref_55","unstructured":"(2025, November 20). Available online: https:\/\/www.reuters.com\/article\/technology\/un-experts-point-finger-at-north-korea-for-281-million-cyber-theft-kucoin-li-idUSKBN2AA08T\/."},{"key":"ref_56","unstructured":"(2025, November 20). Available online: https:\/\/www.reuters.com\/technology\/how-hackers-stole-613-million-crypto-tokens-poly-network-2021-08-12\/."},{"key":"ref_57","unstructured":"(2025, November 20). Available online: https:\/\/www.cisa.gov\/news-events\/news\/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years."},{"key":"ref_58","unstructured":"(2025, November 20). Available online: https:\/\/therecord.media\/us-agency-attributes-540-million-ronin-hack-to-north-korean-apt-group."},{"key":"ref_59","unstructured":"(2025, November 20). Available online: https:\/\/www.fbi.gov\/news\/press-releases\/fbi-confirms-lazarus-group-cyber-actors-responsible-for-harmonys-horizon-bridge-currency-theft."},{"key":"ref_60","unstructured":"(2025, November 20). Available online: https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2023-35708."},{"key":"ref_61","first-page":"3334","article-title":"The security reference architecture for blockchains: Toward a standardized model for studying vulnerabilities, risks, attacks, and defenses","volume":"22","author":"Homoliak","year":"2020","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1109\/MCSE.2007.55","article-title":"Matplotlib: A 2D Graphics Environment","volume":"9","author":"Hunter","year":"2007","journal-title":"Comput. Sci. Eng."},{"key":"ref_63","first-page":"129","article-title":"Cyber security Vulnerabilities and Remediation Through Cloud Security Tools","volume":"2","author":"Jimmy","year":"2024","journal-title":"J. Artif. Intell. Gen. Sci. (JAIGS)"},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"1977","DOI":"10.1109\/COMST.2020.2975999","article-title":"Exploring the attack surface of blockchain: A comprehensive survey","volume":"22","author":"Saad","year":"2020","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_65","unstructured":"(2025, November 20). Available online: https:\/\/arxiv.org\/abs\/2407.08831."},{"key":"ref_66","unstructured":"(2025, November 20). Available online: https:\/\/www.mdpi.com\/2227-7390\/10\/17\/3040."},{"key":"ref_67","unstructured":"(2025, November 20). Available online: https:\/\/www.chainalysis.com\/blog\/north-korea-russia-crypto-money-laundering\/."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/12\/567\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T11:14:02Z","timestamp":1766056442000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/12\/567"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,18]]},"references-count":67,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["computers14120567"],"URL":"https:\/\/doi.org\/10.3390\/computers14120567","relation":{},"ISSN":["2073-431X"],"issn-type":[{"value":"2073-431X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,18]]}}}