Classification
Classification consists of points gained during the semester and poins gained at the exam. The exam is mandatory and 0 poins from exam result in a failure (even if there are enough semester points).
Assessment
- 80% Semester points
- 20% Exam
Exam
Oral discussion over topic covered during the semester.
| Grade | Points | Evaluation in words |
|---|---|---|
| A | 90 and more | excellent |
| B | 80 to 89 | very good |
| C | 70 to 79 | good |
| D | 60 to 69 | satisfactory |
| E | 50 to 59 | sufficient |
| F | less than 50 | failed |
The evaluation is governed by the Study and Examination Rules for Students at CTU, which you can find on page Legislation and Study Regulations.
Exam Topics
Each student will be given one question from the following list:
| Number | Question | Lecture / Tutorial |
|---|---|---|
| 1 | Describe a Bitcoin block | L1,2 - Bitcoin |
| 2 | Describe Ethereum blockchain and its properties, EVM | T2 - Ethereum Tooling, T4 - Solidity I. |
| 3 | Smart contract security in general: threat model, trust assumptions, and common vulnerability classes (examples) | T8 - Security I., T9 - Security II., Semestral work |
| 4 | Describe reentrancy attack on Ethereum | T8 - Security I. |
| 5 | Name a good and a bad use case for blockchain, why | L5,6 - Systems design, hands-on development |
| 6 | Fuzzing: black-box vs grey-box vs white-box, property-based testing/invariants, and smart contract fuzzers (examples) | T8 - Security I., T9 - Security II., T10 - Advanced fuzz testing |
| 7 | Describe the process that changes state of Ethereum blockchain (transactions, mining) | T3 - Ethereum Tooling II. |
| 8 | Describe the process that reads from Ethereum blockchain (RPC calls). | T3 - Ethereum Tooling II. |
| 9 | Multisig operational security: Safe libraries | T3 - Ethereum Tooling II., T11 - Security Audit Assignment and Account Abstraction |
| 10 | Structure of security audit report - what should be included and why | Semestral work |