Consensus algorithm comparison and general implementation interview questions. Q1: Compare different consensus algorithms. Answer: Comparison Table: Algorithm Type Finality Block Time Energy Fault Tolerance Paxos Classic Immediate N/A Low (n-1)/2 failures BFT Byzantine Immediate Fast Low f Byzantine (n=3f+1) Tendermint …

Medium-level Web3 interview questions covering DeFi, advanced Solidity, security, and protocol design. Q1: Explain DeFi and common DeFi protocols. Answer: DeFi Stack Automated Market Maker (AMM) Constant Product Formula: $x \times y = k$ Q2: What are Solidity modifiers and function visibility? Answer: Modifiers …

Fuzzing (fuzz testing) automatically generates and injects malformed or unexpected inputs to find bugs, crashes, and security vulnerabilities. Overview Fuzzing is an automated software testing technique that provides invalid, unexpected, or random data as inputs to a program. Goals: Find crashes and hangs Discover …

Key sharding splits a secret into multiple shares where a threshold of shares is needed to reconstruct the original secret. Overview Secret Sharing (also called key sharding) divides a secret $S$ into $n$ shares such that: Any $t$ shares can reconstruct $S$ (threshold) Fewer than $t$ shares reveal nothing about $S$ …

Multi-signature schemes require multiple parties to sign a transaction or message, providing enhanced security and distributed control. Overview Multi-signature (multisig) requires $m$ out of $n$ signatures to authorize a transaction or validate a message. Notation: $m$-of-$n$ multisig $n$ = total number of signers $m$ …

Threshold signatures enable a group to sign messages without ever reconstructing the private key, providing enhanced security over traditional multisig. Overview Threshold Signature Scheme (TSS) allows $t$ out of $n$ parties to collaboratively sign a message without reconstructing the private key. Key Difference from …

Tools and techniques for scanning web services and applications for security vulnerabilities. Overview Vulnerability scanning identifies security weaknesses in applications, networks, and systems before attackers can exploit them. Scanning Types: Network scanning Web application scanning API security testing …

Core authentication and authorization concepts overview. This page provides a quick reference and links to detailed guides. Quick Reference Authentication vs Authorization Authentication (AuthN): Who are you? Verifying identity Credentials: username/password, tokens, biometrics Result: User identity established …

Security best practices for authentication: password security, token storage, CSRF protection, MFA, and common vulnerabilities. Password Security Best Practices 1✅ DO: 2- Use bcrypt, scrypt, or Argon2 for hashing 3- Minimum 12 characters 4- Require complexity (upper, lower, number, symbol) 5- Implement rate limiting on …

Secure coding practices for C/C++ applications. Buffer Overflow Prevention 1// ❌ Vulnerable 2char buffer[100]; 3gets(buffer); // Never use! 4sprintf(buffer, "%s", user_input); 5 6// ✅ Secure 7char buffer[100]; 8fgets(buffer, sizeof(buffer), stdin); 9snprintf(buffer, sizeof(buffer), "%s", user_input); …

Tools for checking vulnerabilities in C/C++ code. Valgrind 1# Install 2sudo apt install valgrind 3 4# Check memory leaks 5valgrind --leak-check=full ./program 6 7# Detailed output 8valgrind --leak-check=full --show-leak-kinds=all --track-origins=yes ./program AddressSanitizer (ASan) 1# Compile with ASan 2gcc …

Secure coding practices for Go applications. SQL Injection Prevention 1// ❌ Vulnerable 2username := r.FormValue("username") 3query := fmt.Sprintf("SELECT * FROM users WHERE username = '%s'", username) 4db.Query(query) 5 6// ✅ Secure 7username := r.FormValue("username") 8query := …

Tools for checking vulnerabilities in Go code. Govulncheck 1# Install 2go install golang.org/x/vuln/cmd/govulncheck@latest 3 4# Check current module 5govulncheck ./... 6 7# JSON output 8govulncheck -json ./... Gosec 1# Install 2go install github.com/securego/gosec/v2/cmd/gosec@latest 3 4# Scan project 5gosec ./... 6 7# …