Lecture Flashcards: Smart Contract Security and Fully Homomorphic Encryption

A collection of vocabulary flashcards covering Ethereum smart contract vulnerabilities (Access Control, Reentrancy, Flash Loans) and the theoretical foundations of Fully Homomorphic Encryption (FHE).

Blockchain

A decentralized, tamper-resistant distributed ledger where all transactions and code remain public to all users.

Ethereum Virtual Machine (EVM)

A deterministic stack-based runtime that executes byte code for transactions on the Ethereum chain.

Gas

A fee paid for the computational work required to perform actions or transactions on the blockchain.

Externally Owned Account (EOA)

An account type controlled by a private key and managed by a user, such as a MetaMask wallet.

Contract Account

An account on the Ethereum network that is controlled by its smart contract code rather than a private key.

DApp

A decentralized application with a web front end and a completely decentralized logic back end.

Smart Contract

A deterministic byte code program on the EVM that runs when triggered by a transaction and is immutable once deployed.

Reentrancy Attack

A vulnerability where an attacker calls a withdrawal function repeatedly before the contract can update its internal state (balance), draining funds.

Access Control Vulnerability

A security flaw occurring when sensitive functions lack proper authorization checks, allowing unauthorized users to perform privileged actions like minting tokens.

Price Oracle

A service, such as Chainlink, that feeds real-world data (e.g., live token prices) into the blockchain environment.

Price Oracle Manipulation

An attack where the source of a price feed is manipulated, often using high liquidity shifts, to lie to a protocol about collateral value.

Flash Loan

An uncollateralized loan that allows a user to borrow a large amount of funds, provided the full amount is repaid within the same single transaction.

The DAO

A decentralized autonomous organization that suffered a major reentrancy exploit in June 2016, resulting in the theft of $3,600,000$ Ethereum and leading to the hard fork of Ethereum ($ETH$) and Ethereum Classic ($ETC$).

OpenZeppelin

A library of secure, open-source, and pre-vetted smart contract components used by developers to mitigate vulnerabilities.

Homomorphic Encryption

A cryptographic scheme that allows data to be operated on in its encrypted form without requiring the secret key.

Partially Homomorphic Encryption

An encryption scheme that supports only one type of operation on ciphertext, specifically either addition or multiplication.

Somewhat Homomorphic Encryption

A scheme supporting both addition and multiplication but only for a limited number of operations before the ciphertext becomes too noisy to decrypt.

Fully Homomorphic Encryption (FHE)

The most powerful encryption standard that supports an unbounded number of operations (addition and multiplication) on encrypted text.

Bootstrapping

A technique in FHE used to periodically reduce the noise in ciphertext by 'recrypting' it, allowing for infinite operations.

Lattice-based Cryptography

The cryptographic foundation used by Craig Gentry in his 2009 dissertation to propose the first plausible FHE scheme.

Learning with Errors (LWE)

A building block for modern FHE schemes like BGV, BFV, and CKKS, which replaced earlier lattice constructions.