vCoin Cryptocurrency Platform

brief() {

This project was created in response to a Web Security module assignment brief at university. The module was designed to provide students with a detailed understanding of the principles and nature of security in digital environments.

The assignment was to design, build and demonstrate a simple web based platform using PKI technologies to operate a digital currency, modelled similar to BitCoin.

From the module handbook:

“Users should be able to purchase digital currency from the platform. This currency should be held with the user and only accessible by the user, via the platform. The user should be able to discover how much currency is stored. Consideration can occur as to whether the amount of currency should be something only accessible to the user e.g. if it is also protected. Encryption technologies should be used in the protection processes of the currency.”

Skills applied:

  • PHP
  • PKI
  • SSL
  • Slim 3
  • Bootstrap 4

Demonstration available upon request.

objectives() {

  1. Proof of ownership – who has rights to the vCoin.
  2. Order of transactions – which transaction comes first.
  3. Double spending – prevention against spending the same money twice.
  4. Build a platform to allow the user to make and receive payments using the cryptocurrency
Screenshot of buying vCoin

approach() {

Explored how bitcoin works and approaches for constructing a currency in a similar fashion. Thought about avenues of attack that the platform and the currency itself could be exposed to and the implementation of appropriate mechanisms for attack prevention.

Screenshot of requesting vCoin

outcome() {

Created was a cryptocurrency similar to BitCoin. Implementation of a blockchain was outside the scope of the module. All transactions were stored in a relational database. PKI was used to sign each transaction solving the “Proof of ownership” challenge - guaranteeing the vcoin in a transaction is owned by a particular user.

The cryptocurrency platform used a sandbox payment gateway allowing users to buy vcoin. Implemented were mechanisms, for sending and receiving coins via addresses (similarly to BitCoin). Lastly, the system displayed a transaction log and current balance.

Screenshot of requesting vCoin
Screenshot of vCoin transaction log

results() {

From the assignment feedback:

"An outstanding response to the specification. You have clearly thought through your solution completely taking into account each aspect of the assignment specification and the elements of security that can protect your solution."

95/100 mark