Doctoral Thesis

Cross-Layer Security Analysis of Blockchain Systems

Final Thesis 5.36 MB Summary of Thesis 5.36 MB

Author of thesis: Ing. Martin Perešíni

Acad. year: 2025/2026

Supervisor: doc. Ing. Ivan Homoliak, Ph.D.

Reviewers: RNDr. Peter Gaži, Ph.D., Univ. Prof. Dr. Edgar Weippl

Abstract:

Blockchain security failures rarely stem from broken cryptography. They more often arise from incentive incompatibilities, flawed protocol assumptions, and implementation weaknesses that cross the boundaries between architectural layers. Existing research predominantly analyzes consensus, network, and application layers in isolation. This approach often fails to capture vulnerabilities that propagate across layer boundaries. The presented work addresses this gap through a systematic cross-layer security analysis grounded in a Security Reference Architecture for blockchains. The methodology combines game-theoretic modeling; large-scale discrete-event and stochastic simulation; protocol design and prototyping; a systematic survey of 36 cryptocurrency wallets; and zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs). At the consensus layer, random transaction selection in Directed Acyclic Graph-based Proof-of-Work protocols is formally proven not to constitute a Nash equilibrium. Simulations with more than 8000 network nodes confirm that discovered incentive vulnerability persists at realistic network scale. A multi-attacker selfish mining evaluation reveals that the profitability threshold in Nakamoto consensus drops from 33% under a single attacker to approximately 14% to 17% per attacker with five simultaneous adversaries, and Strongchain consistently emerges as the most resilient protocol across all tested configurations. At the consensus-network boundary, a Proof-of-Stake protocol with integrated onion routing achieves proposer anonymization at approximately 110 transactions per second. At the application layer, a formal authentication taxonomy reveals that most deployed cryptocurrency wallets provide only single-factor blockchain-verified authorization despite apparent multi-step interfaces. The zk-SNARK-based synchronization architecture reduces mobile client storage from 71MB to 3.5MB and replaces trust in third-party synchronization servers with on-chain cryptographic verification. These contributions collectively demonstrate that blockchain security is an inherently cross-layer property. This research and contributions provide analytical tools, empirical benchmarks, protocol mechanisms, and cryptographic designs for building more resilient decentralized systems.

Keywords:

Blockchain, Security Analysis, Security Reference Architecture, Consensus Protocols, Game Theory, Simulation, Incentive Attacks, Selfish Mining, DAG-Based Blockchains, Proof-of-Work, Proof-of-Stake, Onion Routing, Decentralization, Cryptocurrency Wallets, zk-SNARKs

Date of defence

29.06.2026

Result of the defence

Defended (thesis was successfully defended)

znamkaPznamka

Process of defence

The student presented the goals and results, that he achieved within the solution of the dissertation. The student has competently answered the questions of the committee members and reviewers and guests. The discussion is recorded on the discussion sheets, which are attached to the protocol. Number of discussion sheets: 1. The committee has agreed unanimously that the student has fulfilled the requirements for being awarded the academic title Ph.D.

Language of thesis

English

Faculty

Department

Study programme

Information Technology (DIT)

Composition of Committee

prof. Dr. Ing. Pavel Zemčík, dr. h. c. (předseda)
prof. Ing. Jan Hajný, Ph.D. (člen)
doc. RNDr. Petr Švenda, Ph.D. (člen)
Dipl. Ing. Dr. Techn. Michal Ries (člen)
RNDr. Peter Gaži, Ph.D. (člen)

Supervisor’s report
doc. Ing. Ivan Homoliak, Ph.D.

File inserted by supervisor Size
posudok - Martin.pdf 71,50 kB

Reviewer’s report
RNDr. Peter Gaži, Ph.D.

In my opinion, the dissertation thesis and the student’s results to date meet the generally recognized requirements for the award of an academic degree (in accordance with § 47 of Act No. 111/1998 Coll., on Higher Education Institutions).
File inserted by the reviewer Size
Posudek oponenta [.pdf] 1,94 MB

Reviewer’s report
Univ. Prof. Dr. Edgar Weippl

In my opinion, the doctoral thesis “Cross-Layer Security Analysis of Blockchain Systems” by Ing. Martin
Perešíni and the candidate’s scientific achievements meet the generally accepted requirements for the
award of an academic degree in accordance with Section 47 of Act No. 111/1998 Coll. on higher education
institutions and the corresponding internal regulations of Brno University of Technology.
I recommend that the thesis be accepted and graded “Excellent” (Sehr Gut).
File inserted by the reviewer Size
Posudek oponenta [.pdf] 278,64 kB

Responsibility: Mgr. et Mgr. Hana Odstrčilová