323   Stack Exchange (2013) What Happens if Your Bitcoin Client Generates An Address Identical to Another Person's?,
                available at https:// bit .ly/ 2TyI2ox; Discussion of key duplication and collisions at Reddit at http:// bit .ly/ 2LsTDFG; See
                also number of unique addresses used in the Bitcoin blockchain at http:// bit .ly/ 2LtMNj7
            324   Stablecoin definition.
            325   Cointelegraph  (2019) Oxfam Trials Aid Distribution With DAI, Future Use 'Highly Likely', available at http:// bit .ly/
                2Y4o2w0
            326   The further back in the chain a block is, the more likely it is finalized and unlikely to be superseded by a longer chain.
                Six or seven confirmations may be safe.
            327   See Grigorean, A (2018) Latency and finality in different crypto-currencies, https:// bit .ly/ 2VYNEts
            328   Mosakheil, J (2018) Security Threats Classification, available at http:// bit .ly/ 2XPJXf8
            329   In addition, the merchant should consider connecting to a sufficiently large number of random nodes on the network
                to limit the chances of not seeing a double spend transaction. See Bamert, T & Decker, C et al. (2013) Have a Snack, Pay
                with Bitcoins, available at https:// bit .ly/ 2WbT3h1
            330   Karame, G & Androulaki, E (2012) Two Bitcoins at the Price of One? Double-Spending Attacks on
            330   Fast Payments in Bitcoin, available at http:// bit .ly/ 2xWalEI; See also Podolanko, J & Ming, J et al. (2017) Countering
                Double -Spend Attacks on Bitcoin Fast-Pay Transactions, available at http:// bit .ly/ 32wX0AR
            331   Karame, G & Androulki, E, et al. (2015) Forwarding Double-Spending Attempts in the Network, available at https:// bit .ly/
                2FhKiMI
            332   GAP600 (2019) GAP600 Platform, available at http:// bit .ly/ 2YaKTdm
            333   For a list of SC security tools. See Consensys (2019) Security Tools, available at http:// bit .ly/ 2JRJmzr
            334   Several other programming languages can be used and will compile for Ethereum as well. See Nicolic (2018) Finding
                the Greedy, Prodigal and Suicidal Contracts at Scale, available at http:// bit .ly/ 30A2XLk; Li,X (2018) A Survey on the
                Blockchain Systems, available at http:// bit .ly/ 2GkRLui ; Tsao, P (2018) Blockchain 2.0 and Ethereum [Blockchain Basics
                Part 3], available at http:// bit .ly/ 2SuoIcQ
            335   Since the majority of DLT activity on smart contracts relates to Ethereum, this section will primarily focus on Ethereum-
                specific challenges and vulnerabilities, many of which can provide insight into the difficulties which may be inherent in
                the introduction of the smart contract concept.

            336    Bitcoin script is not Turing Complete. Bitcore (2019) Script, https:// bitcore .io/ api/ lib/ script; Solidity is Turing Complete,
                available at http:// bit .ly/ 2XPxMPq;  Singh, N (2019) Turing Completeness and the Ethereum Blockchain, available at
                http:// bit .ly/ 2M0rFAI
            337   http:// bit .ly/ 2JGb4k7; Solidity, a language similar to Javascript, is the most predominant in usage and robust, although
                others exist such as Serpent, LLL and Viper. Dika (2017) and others.
            338   While bytecode is in compiled form, it is capable of being decompiled back into source code. Pillmore, E (2019) The
                EVM Is Fundamentally Unsafe, available at http:// bit .ly/ 2O46wYI
            339   The Ethereum platform features two types of accounts – a regular ‘Externally Owned Account’ which is the user
                address which stores the user’s Ether - Ethereum’s native currency; and (2) a ‘Contracts Account’ address which
                identifies a newly created contract and consists of (i) a storage area for Ether; and (ii) the contract code which is stored
                in compiled EVM bytecode language which is typically the product of using high level programming languages such
                as Solidity. Rush, T (2016) Smart Contracts are Immutable — That’s Amazing…and It Sucks, available at http:// bit .ly/
                32wxfAB

            340   The code was written by Slock.it. For an explanation of the project, see http:// bit .ly/ 2xXviio
            341   Leising, M (2017) The Ether Thief, available at https:// bloom .bg/ 2SneOcW
            342   Buterin, V (2016) Hard Fork Completed, available at http:// bit .ly/ 32CmGfi
            343   Kahatwani, S (2018) Ethereum Classic (ETC): Everything Beginners Need To Know, available at http:// bit .ly/ 2M7gvKa;
                Falkon, S (2017) The Story of the DAO — Its History and Consequences, available at http:// bit .ly/ 2Z14E4a
            344   See in relation to issues discovered with the Ethereum blockchain; Buterin, V (2016) Thinking About Smart Contract
                Security, available at https:// goo .gl/ iH78GN; and Daian, P (2016) Chasing the DAO Attacker’s Wake, available at https://
                goo .gl/ DxgOHD.
            345   See Cornell Sun (2016) Cornell Prof Uncovers Bugs in Smart Contract System, Urges More Safety in Program Design,
                available at https:// goo .gl/ d6d4F2.





                                                                   Security Aspects of Distributed Ledger Technologies  75