Request Demo

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.


Your Guide to Blockchain Terminologies



Also known as a ‘public key’, an address is a unique string of alphanumeric characters that signify a wallet and is used to send and receive funds on a blockchain. For example, ‘bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh’ is a public key or an address of a Bitcoin wallet.

Address Poisoning

Address Poisoning or address spoofing is an emerging cryptocurrency scam that is predominantly active on the EVM. In this, an attacker creates a vanity address that is almost similar to the authentic recipient address with the same first few and last few characters barring a few characters in between. When an unsuspecting victim does not verify the address carefully and copy-pastes them, the funds are redirected towards the fake address instead of the intended recipient’s.


A cryptocurrency airdrop is a promotional marketing strategy that involves sending tokens to random addresses to increase the circulation and distribution of a new coin or token in the market.


Air Gap is the segregation of the network by making a replica copy of the information on a secondary storage, usually done to increase security by isolating data from untrusted network infrastructures.


The word ‘altcoin’ is derived from two words: 'alternative’ and ‘coin’. It refers to all cryptocurrencies other than Bitcoin. Today, more than 5000 Altcoins exist worldwide, some of the most popular of which include Ethereum, Binance Coin, Litecoin, and Ripple.


An algorithm is a set of mathematical rules that, if followed, give a specific result.


Algorithmic Trading is a way of carrying out the trade by using automated and predetermined instructions, taking factors such as time, price, and volume into account.


Apeing is a process in which a cryptocurrency trader purchases a token shortly after its launch, without conducting much research. This is often driven by a fear of losing out on potential gains that might be missed out on conducting due diligence.

API (Application Programming Interface)

API is a set of definitions and protocols that facilitate communication between two or more computer systems.

aNFT (Autonomous NFTs)

aNFTs are non-fungible tokens capable of interacting with Web3 protocols without being prompted by an external stimulus.

ASIC (Application Specific Integrated Circuit)

It refers to a device used for the purpose of mining cryptocurrencies.


Arbitrage refers to a process of rapidly buying and selling the same digital assets into different markets to take advantage of the price discrepancies between various markets.


Atomic Swaps are defined as automated, permissionless cryptocurrency transactions between different blockchains that facilitate peer-to-peer trading without the involvement of a third party. This process is carried out with the help of Hash Timelock Smart Contracts (HTLC is a time-bound smart contract that executes trade by generating hash locks and timelocks.) These contracts require both parties to register the receipt of funds within a fixed period of time, failure of which leads to the cancellation of the entire transaction.

Attestation Ledger

An attestation ledger is a distributed ledger that provides a durable record of information that can be used to validate the authenticity and credibility of the transactions or agreements, proving that they occurred.

Automated Market Maker (AMM)

Automated Market Makers are a type of decentralized exchange (DEX), that rely on mathematical formulas or algorithms to facilitate the pricing and trading of assets. Unlike traditional markets, which include buyers and sellers, AMMs ensure permissionless and decentralized trading with the help of liquidity pools.

Anti-Money Laundering

Anti-money laundering refers to the laws, regulations, and policies that aim at preventing criminals from legitimizing their unlawfully-obtained crime proceeds.


Beacon Chain

The Beacon Chain is a blockchain that coordinates various shard chains, and stores and manages the staking and registry of validators in a Proof of Stakes-based cryptocurrency such as Ethereum 2.0.

Bear Market

A Bear Market is a state in which a market witnesses a prolonged decline in the prices of assets. It typically describes a situation in which prices drop by 20% or more from recent highs, amidst pessimism and negative investor sentiment.

Behavioral Analytics

The machine learning-based predictive analysis evaluated based on transactional patterns displayed by cryptocurrency addresses is called Behavioral Analytics. It also includes predicting future behavior by studying historical data and heuristics.

Beneficiary Customer

A Beneficiary Customer is a person or entity who is designated to receive the benefits of a property indirectly owned by them. For example, Name a beneficiary in your will and add a document to your estate plan that lists your crypto assets and any passwords, PINs, keys and instructions to find your cold wallet. If you have an account at a cryptocurrency exchange, your beneficiary can contact customer support to notify them of your death.

Beneficiary VASP

A crypto service provider who receives funds or crypto assets from the originator VASP directly or through an intermediary VASP, and makes the funds available to the beneficiary is called a Beneficiary VASP.

Beneficial Ownership

A beneficial owner is one who can enjoy the benefits of ownership despite not having a legal claim on the ownership of the crypto assets in question.


BEP stands for Binance Smart Chain Evolution Proposal. BEP-20 is a token standard on the Binance Smart Chain that extends the possibilities of the ERC-20 token standard, one of the most widely used Ethereum token standards.

Bitcoin ATMs

A Bitcoin ATM is an electronic kiosk through which users can withdraw Bitcoin using a credit card or cash.


Blockchain is a pseudonymous, immutable, decentralized, and non-repudiable distributed database that facilitates the storing, tracking, and recording of data in a public ledger accessible to everyone. 

Blockchain Explorer

An application or website that displays blockchain networks’ metrics such as the status of a transaction, timestamp, transaction fee, and block size is called a blockchain explorer.

Blockchain Forensics

Blockchain Forensics is defined as the application of digital science to detect, examine and analyze criminal activities on the blockchain and investigate and interpret the root cause and operational undertakings of illicit actions. 

Block Height

The Block Height of a block is the number of blocks created in a blockchain preceding the block in question.

Block Reward

Block reward is defined as the amount of cryptocurrency awarded to a miner after they validate and store a transaction in blocks on the blockchain. The block reward is usually calculated on the transaction fee and the block creation subsidy on the blockchain.

Brain Wallets

A Brain Wallet is a cryptocurrency wallet in which the owner memorizes the private key or the seed phrase instead of storing it on system software.

Brokerage Services

In crypto, brokerage services are online financial intermediaries that act like middlemen between the buyer and the seller of assets. They also facilitate the trade of cryptocurrencies at prices set by the broker.


CDD (Customer Due Diligence)

CDD is a process of verifying customer identity, assessing their assets, monitoring conduct and transactions to detect and report suspicious activity in crypto. This includes carrying out regular KYC (Know Your Customer) checks, regularly monitoring client conduct, and assessing transactions to determine if they are suspicious, or unusual, and require reporting.

Chain Hopping

Chain hopping is a money laundering technique in which illicit actors repeatedly transfer stolen assets from one blockchain to another, to obfuscate tracking, making it difficult to trace the movement of tainted cryptocurrencies.

Cloud Mining

Cloud Mining is a process of cryptocurrency mining with the help of remote processing power rented from data centers or mining companies. This type of mining enables the miners to make use of hardware with extensive hashing power at a cheaper rate. 

Coin Mixers

Coin mixers are cryptographic services that mix different streams of cryptocurrencies together in order to obfuscate all trails of an asset’s transaction history. Although introduced as a tool for increasing anonymity on-chain, coin-mixers have been widely used for evading the detection of crime proceeds and carrying out illicit activities like money laundering on the blockchain leading to a loss of millions of dollars of users' funds.


The amount of assets that a borrower pledges as a guarantee that the borrowed loan will be repaid.


Compliance is the act of abiding by laws, rules, and regulations and implementing proper tools and processes to effectively enforce legal frameworks and regulatory requirements on a platform.

Consortium Blockchain

A group of private blockchains, each owned by individual entities bound together with the aim of improving workflow transparency, and accountability.

Counterparty VASP

At the time of Travel Rule data transfer, the VASP at the receiving end is called the Counterparty VASP. 

Counter-Terrorism Financing

Counter-terrorism Financing is a combination of government legislation, rules, and regulations that disrupt the flow of funds, including crypto assets to terrorist bodies. 

Custodial Wallet

As the name suggests, a custodial wallet is a wallet in which the private keys are owned and controlled by third parties like crypto exchanges or wallet providers on behalf of the user. 

Cross Chain Bridges

Cross Chain Bridges enable the transfer of digital assets from one chain to another thereby enabling the easy exchange of assets across different blockchains.


Cryptocurrencies are digital assets designed to work as a medium of exchange between peer-to-peer computer networks. Transactions are secured using cryptography and are verified and stored in a decentralized manner on a public ledger.

Crypto Compliance

Crypto Compliance is the act of abiding by laws, rules, and regulations and implementing proper tools and processes to effectively enforce legal frameworks and regulatory requirements on a platform. This aims at reducing fraud across crypto by implementing tools and procedures to effectively mitigate financial crimes like money laundering and terrorist financing.


Cryptojacking is a combination of two words: ‘cryptocurrency’ and ‘hijacking’. It is a cybercrime that involves the unauthorized intervention or hijacking of a device to mine cryptocurrencies. Malicious crypto miners often make use of rogue mobile applications, phishing attacks, or unsafe websites to seize a victim’s device and use its computing power to illegally mine crypto.


Cybersquatting refers to the unauthorized registration and use of internet domain names that are identical or similar to trademarks, company names, or service names of already existing entities to gain profit from the goodwill of the actual trademark owners. For example, on OpenSea, .eth domains that contain famous trademarks like nike.eth, Adele.eth have a wide market. Since ENS (Ethereum Name Service) is a decentralized naming service on the Ethereum blockchain, it is unregulated, and laws like Anti-Cybersquatting Consumer Protection Act (ACPCA) do not apply to this.


DAO (Decentralized Autonomous Organisations)

These are open-source, community-led entities that have no central authority or governing body. Members work towards a shared common goal and token-holders participate in the management, organization, and decision-making of the platform. 

DApps (decentralized applications)

DApps are open-source software applications that run on peer-to-peer blockchain networks.


 The darknet is an anonymized, unindexed portion of the internet that is accessible through incognito networks like The Onion Router (TOR) that help obscure the identities and locations of users. These networks are predominantly used for carrying out illicit peer-to-peer transactions of goods and services. 

Difficulty Bomb

A difficulty Bomb refers to a sudden increase in the mining difficulty on a blockchain.

Distributed Denial of Service Attack (DDoS)

A DDoS attack is a cyberattack meant to shut down a machine or network by continuously overwhelming services and rendering them unusable. In the blockchain, this can be carried out by ‘transaction flooding’. Each block on the blockchain can only include a fixed number of transactions in it. Once saturated, the remaining transactions rest in the mempool for consideration for the next block. Meanwhile, when an attacker bombards a network with multiple spam transactions, these spam transactions fill up block space causing legitimate transactions to sit in the mempool. One famous example of a DDoS attack is the September 2021 attack on Solana that forced the network to go offline for several hours. 


The process of sending small amounts of cryptocurrencies to several VASPs to understand their fund management techniques.

Dusting Attack

A dusting attack is a relatively new way of deanonymizing identity on the blockchain for carrying out illicit activities. In this, attackers send minuscule amounts of crypto (also known as ‘dust’) to hundreds of thousands of wallet addresses with the hope of unmasking the owner of the wallet. Attackers also use dusting transactions to feed malicious links to users that lead users to illegitimate sites causing phishing and malware attacks, and other cyber threats.   

Due Diligence

The in-depth on-chain and off-chain risk analysis of cluster(s)/address(es).

Double Spend Attack

 A double-spend attack usually occurs due to a fundamental flaw in the network due to which the same digital currency is spent twice.


Eclipse Attack

An Eclipse attack is one in which an attacker isolates a particular node within a peer-to-peer blockchain network from the rest of the nodes in the network. By isolating a node from its legitimate neighbor nodes, an attacker can manipulate the affected node to perform malicious activities like confirming illicit transactions and even lead to further attacks like double-spending. 

EDD (Enhanced Due Diligence)

EDD is the process of reporting and monitoring users or cryptocurrency transactions that hold a high risk of carrying out illicit activities like money laundering or terrorist financing. It aims at going beyond customer due diligence for certain high-risk counterparts such as PEPs.

EIP (Ethereum Improvement Proposals)

 EIP is the network improvement proposal aiming at enhancing the user experience and scalability of the Ethereum network. 

ENS (Ethereum Name Service)

 ENS is a look-up service that allows Ethereum users to convert long-form and machine-readable addresses into easy-to-read and remember names. 


Epoch refers to a specific period of time that provides all validators or miners a common frame for reference for events scheduled on a blockchain. 

ERC (Ethereum Request Comments)

ERC is a reference document used by developers for writing smart contracts. In these documents, Ethereum-based tokens are outlined in compliance with the rules that are included in them. 


Escrow is the third party that temporarily holds the assets until they are transferred from one party to another after the completion of predetermined conditions. 

EU Regulatory Framework

The European Commission states that “Crypto-assets qualifying as 'financial instruments' under the Markets in Financial Instruments Directive have previously been subject to EU securities markets legislation. However, these rules predated the emergence of crypto-assets and DLT. This could hamper innovation. So, the Commission proposed a pilot regime for market infrastructures that wish to try to trade and settle transactions in financial instruments in crypto-asset form. The pilot regime allows for exemptions from existing rules and allows regulators and companies to test innovative solutions utilizing blockchain. Recently, the EU legislators gave their approval to MiCA, a new licensing system for cryptocurrency. The European Parliament has also voted in favor of a separate law concerning the transfer of funds.

EVM (Ethereum Virtual Machine)

EVM is a computation engine or environment in which Ethereum accounts exist and smart contracts are deployed and executed. EVM provides developers with a run-time environment for creating DApps, DeFi platforms and other applications like play-to-earn gaming services and NFT marketplaces.

Exit Scams

 An Exit Scam is a fraudulent practice in which projects attract investors through fake promotional activities and suddenly disappear or shut down after accumulating large amounts of investors’ funds. Fraudsters usually create a fake token and relentlessly promote it in the market only to suddenly abscond after accumulating a significant amount of investor funds. 

Externally Owned Accounts (EOAs)

 EOAs are blockchain accounts on the Ethereum blockchain that are controlled by private keys. These are used for transactions between two cryptocurrency wallets and interactions with already existing smart contracts. 


FATF (Financial Action Task Force)

FATF is an intergovernmental, policy-making body that generates necessary political regulations to prevent global crimes like money laundering and terrorist financing. 


A faucet is a cryptocurrency reward system in which users are paid a small amount of digital assets in return for the completion of basic predefined tasks.


The Financial Conduct Authority (FCA) regulates financial markets and services in the UK. Businesses carrying out crypto-related transactions, trades, or activities must register with the FCA and comply with ML/CTF regulations in order to continue business in the UK.


The Financial Crimes Enforcement Network is a government body that collects and analyzes information about financial transactions in order to prevent and punish criminals and counter financial crimes like money laundering. FinCEN regulates all crypto assets for purposes of AML and combating the financing of terrorism.


The Financial Industry Regulatory Authority (FINRA) is a government-authorized non-profit organization that is dedicated to protecting investors by safeguarding market integrity and assessing the conduct and operation of crypto asset brokers and broker-dealer firms in the United States. 

Flash Loans

A flash loan is an uncollateralized loan that allows users to borrow and return funds within the same transaction or a few seconds before a new block is created on the blockchain. Borrowers can quickly flip a profit on the borrowed amount through arbitrage and return the initially borrowed funds with the help of these loans.

Floor Price

The floor Price is the lowest price at which an asset can be sold. 

Frozen Assets

Cryptocurrency assets that are seized by Law Enforcement Agencies due to their involvement in illicit activities on the blockchain.



Gas is the unit to measure the amount of computational power required for carrying out specific functions on the EVM blockchains.  

Genesis Block

Genesis Block is the name given to the first block ever mined and recorded on a blockchain. It is also called ‘Block 0’ or ‘Block 1’. 


Hard Fork

A hard fork is a radical upgrade in a blockchain that is incompatible with the existing blockchain protocol which makes the previously invalid blocks or transactions valid, and vice-versa.


Hong Kong Monetary Authority is Hong Kong’s central banking authority that is responsible for maintaining monetary and banking stability in the nation. Under the Ordinance, the HKMA's primary objective is to ensure the stability of the Hong Kong currency, and the banking system. It is also responsible for promoting the efficiency, integrity and development of the financial system.

Hybrid Blockchain

A Hybrid Blockchain is a combination of a private, permissioned blockchain and a public, permissionless blockchain. These are customizable blockchains owned by a single entity. 


Impermanence Loss

Impermanence Loss happens when there is a significant difference between the price of a token before and after depositing it into a liquidity pool. 

Infinite Mint Attack

 An infinite mint attack occurs when a hacker or malicious entity mints an absurd amount of digital assets inflating its supply to unhealthy levels that degrade the value of each token in the market. Illicit actors often proceed to dump all the tokens in the market, therefore, leading to a crash in their price.

Initial Coin Offering (ICO)

Initial Coin Offering is a type of unregulated funding activity using cryptocurrencies as a means of raising capital for early-stage companies. It is a way of introducing new coins into the market at lower rates and attracting buyers by creating direct relations between the business and the customer. 

Intermediary VASP

Intermediary VASPs act as a passway that receives and retransmits a virtual asset transfer on behalf of the Originator and the Beneficiary VASP.

Internal Transactions

An internal transaction that occurs between two or more smart contracts, rather than addresses on the Ethereum network.


Know Your Customer (KYC)

KYC is a process of identifying and verifying a client’s identity before engaging in any business with them. In other words, by meeting KYC security standards, institutions can ensure that their clients are genuinely who they claim to be. It is a safety standard designed to protect financial and digital assets institutions against illicit activities like fraud, money laundering, corruption, and terrorist funding.

Know Your Transactions (KYT)

KYT is the process of collecting, monitoring, and tracking financial and crypto transactions in order to detect and prevent fraudulent or suspicious activities, like money laundering and terrorist funding on a network.


Layer-0 Blockchain

Layer-0 Blockchains are network frameworks running beneath a blockchain that consists of protocols, connections, miners, hardware, and everything else that forms the basis of a blockchain.

Layer-1 Blockchain

Layer-1 is the next foundational layer on which blocks are produced, transactions are finalized and cryptocurrency coins are used as a transaction fee and as a reward for those who secure the network.

Layer-2 Blockchain

Layer-2 Blockchains are secondary frameworks or protocols that are built on top of an existing blockchain for rendering scaling solutions. These are built to improve scalability and enhance the efficiency of a network by shifting a portion of the protocol’s transactional burden to an adjacent system architecture.


Licensing is an official permit that ensures an individual or entity’s right to do, use or own something.

Liquidity Pool

A Liquidity Pool is a collection of cryptocurrencies stored in smart contracts that provide liquidity for networks that facilitate decentralized trading.


Man in the Middle Attack

Man in the middle is a type of cyber attack in which an attacker secretly intercepts and relays messages between two parties to eavesdrop on confidential information or impersonate one of the parties. Attackers use this technique for carrying out illicit activities like stealing #Crypto Attacks digital assets by intercepting web pages of famous crypto exchanges and stealing confidential data of users by posing to be a legitimate authority. 


A mempool is a mechanism for storing information or transactions before being added to a newly created block. The word is an amalgamation of two words, ‘ memory’ and ‘pool’. Mempool acts as a waiting room for transactions before they are confirmed and stored on the blockchain. 

Merkle Tree

 A Merkle Tree, also known as a ‘Binary Hash Tree’ is a mathematical data structure that compiles the summary of all activities in the form of branched leaves.

MEV (Maximal Extractable Value)

 MEV refers to the maximum value that can be extracted by producing a block in excess of the block reward and gas fee, by including, excluding, or changing the order of transactions in a block. 


MiCA is a regulatory mechanism established to govern currently off-scale crypto-assets and their EU providers that aims at providing all Member States with a common licensing system. MiCA seeks to "unify the European framework for the trading and issuance, as part of Europe 's digital finance policy, of different forms of crypto-token".

Mining Pool

Mining Pool is a joint group of miners that pool their processing power over a network, therefore, increasing their mining potential and splitting the rewards equally depending on the amount of work they do. 


The process of generating more of an existing or new digital asset on the blockchain is called minting. 

Money Laundering

Money laundering is the process of concealing illegally acquired funds or cryptocurrencies to obfuscate tracking and investigations.


Multi-Sig is an additional layer of security in blockchain that requires more than one key to authenticate a transaction. 



Nonce refers to a numeric portion of a cryptographic hash that a cryptocurrency miner solves to find in order to mine a block. Nonce is a 4-byte numeric which is a portmanteau for 'number only used once.' 

Non-Custodial Wallet

A non-custodial wallet is one whose private keys are directly owned and controlled by the user instead of any third-party service provider. 

Non-Fungible Tokens

Non-fungible tokens are unique digital assets that cannot be interchanged or replicated. 


OFAC (The Office of Foreign Assets Control)

OFAC is a regulatory agency within the US Department of Treasury that implements and enforces economic and trade sanctions against certain foreign countries, regimes, terrorists, drug traffickers, and those involved in the proliferation of weapons of mass destruction. These sanctions are based on US foreign policy and national security goals, and are intended to address threats to the national security, foreign policy, or economy of the United States.

Off-chain transactions

Off-chain transactions are defined as transactions that take place outside the blockchain networks with a reduced cost and increased speed.

On-chain transactions

On-chain transactions are transactions that are processed, validated, and stored on a blockchain network. 


Oracles are third-party services that connect smart contracts to the outer world to make use of off-chain data in the on-chain ecosystem. Price Oracles are one of the most widely used oracles on the blockchain, the manipulation of which is a common technique used by hackers that feed misleading information into the market and gain profits from the same. 

Over the Counter Trading (OTC)

OTC is defined as a transaction made directly between peers without the involvement of a crypto exchange, through private trades. 


Payment Services Act

 The Payment Services Act is a regulatory framework for payment systems and payment service providers in Singapore. There are two regulatory frameworks under the PS Act, “a) a designation regime to designate payment systems for financial stability or to ensure efficiency or competition in the financial system, and b) a licensing regime that is modular and risk-based, and right-sizes the regulation of payment services to mitigate risks according to the scope and scale of payment service providers.”

Peel Chain

Peel Chain is a technique used for laundering large amounts of illegally obtained cryptocurrencies through a series of transactions. Attackers carry out a lengthy and complex series of small-value transactions that makes it difficult to trace the flow of funds scattered across different addresses and networks.

PEP (Politically Exposed Person)

PEPs are high-risk individuals who have a greater opportunity of acquiring illegal digital assets through means like money laundering, terrorism funding, and theft.

Permissioned Blockchain

Permissioned or private blockchains are closed networks in which designated parties take part or participate in the consensus and data validation processes. These networks are partially decentralized and lack proper anonymity, as in a permissionless blockchain.

Permissionless Blockchain

Permissionless Blockchain, also known as a public or trustless blockchain is an open network for everyone to participate and interact with. These are censorship-resistant, highly decentralized networks developed using open-source protocols and are mostly anonymous with no central authority to rely on. 


Phishing is a form of a social engineering attack in which attackers masquerade as a reputable and trustworthy entity and deceive people into revealing confidential information usually by installing malware that corrupts their system through clickbait websites, malicious files, or emails. 

Pig Butchering

Pig Butchering is a typical investment scam in which a scammer creates a fake investment platform and reaches out to potential victims to establish trust and influence them to invest more and more on their platform (often with quick and sizable returns at the beginning). Once the scammer has successfully duped victims into investing a significant amount on their platform, the scammer disappears with their funds never to be seen again. 

Ponzi Scheme

A Ponzi scheme is a fraudulent investment scheme that involves the payment of purported returns to existing investors from funds contributed by recent investors. 

Privacy Coin

Privacy Coins are an emerging class of cryptocurrencies that enhance anonymity and security on the blockchain. Unlike other cryptocurrencies, privacy coins are designed in a way that makes connecting and tracking transactions a challenging task. These coins use techniques like stealth addresses, Zk-SNARKs, and ring signatures to make transactions less traceable and more secure, preserving users’ privacy and anonymity. Some of the most famous privacy coins are Monero and Zcash.

Proof of Burn

Proof of Burn is a consensus mechanism that addresses the high capital investment and high energy consumption drawbacks of the Proof of Work mechanism. With PoB, validators send coins to irretrievable addresses hence burning them forever. By doing this, validators demonstrate their commitment towards the network, therefore gaining the right to mine transactions on a random selection process. 

Proof of Reserves

 Proof of Reserves is an auditing method used for verifying that a crypto exchange or trading platform actually holds its users’ funds in reserve and can support all withdrawal requests at any given time.

Proof of Work

Proof of Work is a consensus mechanism for block validation on a blockchain in which miners make use of high computing power to solve complex mathematical problems to validate and store transactions on a blockchain and earn rewards for the work done. Although well-known for its anonymous and decentralized workflow, major blockchains in Web3 are moving towards other consensus mechanisms because of the high cost, and high energy consumption drawbacks of the PoW protocol. 

Pump and Dump Scheme

 Pump and Dump is a form of securities fraud that involves artificially inflating asset prices through false and misleading statements and actions, to sell a cheaply purchased asset at a higher price. 



Ransomware is a type of malware that locks users out of their systems and blocks access to their sensitive data. Attackers threaten to publish confidential data or permanently block access to their system until a ransom is paid to retrieve their data back. 

Recovery Seed

A recovery seed or a seed phrase, is a cryptographic security code used for unlocking or accessing cryptocurrency wallets when their owner has lost or forgotten the passcodes for his wallet. 

Red Flag Indicators

Red flag indicators are tools that help detect whether virtual assets on a platform are being used for criminal or unlawful activity.

Replay Attack

 A replay attack is a network attack in which valid data transmission is maliciously or fraudulently delayed or repeated. This is carried out either by an originator or an adversary who intercepts the data and re-transmits it, possibly through a spoofing attack by IP packet substitution. For example, this technique can be used to gain access to confidential data stored on protected networks by sending valid credentials retransmitted in the process. Replay attacks can also happen in Cryptocurrency networks. Note that when a network undergoes a hard fork, it becomes theoretically possible for attackers to intercept the workflow of the network and carry out malicious activities.

Risk-Based Approach

A Risk-Based Approach is a form of auditing that examines the highest compliance risks to an organization. The companies come up with a process to monitor, manage and mitigate money laundering and terrorist financing risks.


 Blockchain roll-ups are off-chain scaling solutions that execute transactions out of the mainnet, compile them into a single piece of data, and submit them back to the network, therefore decreasing congestion in the network and increasing transaction speed.   

Rug Pull

Rug Pull is a scam in which developers abruptly abandon a project, and disappear with all the liquidity provided by its investors. 


Sanctions list

A sanctions list refers to a list of prohibited personnel, groups, organizations, or nations who are or are associated with those involved in terrorism, aggression, or those who have broken international laws.

Sanctions Screening

Sanctions screening is a measure used to detect and prevent financial crime by comparing an organization’s data with the sanctions list provided by the authorities in order to flag all indicators of non-compliant activities on a network.

SAR (Suspicious Activity Report)

SAR is a document used for reporting potentially suspicious activity to the authorities. At Merkle Science, we publish in-depth Enhanced Due Diligence reports to support our clients SAR-filing practices.

Securities and Futures Commission

The Securities and Futures Commission is an independent supervisory body in Hong Kong that regulates the securities and futures market. The Securities and Futures Commission closely overviews the regulation and supervision of cryptocurrency markets in the country.   

Security Token

Security tokens are digital assets that represent ownership or rights of traditional investments like stocks, bonds, and other securitized assets. 



The US Securities and Exchange Commission (SEC) is an independent agency of the US government that is responsible for implementing federal security laws and regulations. The primary purpose of the SEC is to enforce the law against market manipulation. To achieve its mandate, the SEC enforces the statutory requirement that public companies and other regulated companies submit quarterly and annual reports, as well as other periodic reports. In addition to annual financial reports, company executives must provide a narrative account, called the "management discussion and analysis" (MD&A), that outlines the previous year of operations and explains how the company fared in that time period.


SegWit or Segregated Witness refers to a protocol upgrade on the Bitcoin network. It reduces the weight of a transaction by segregating it into two sections, therefore increasing the number of transactions that can be stored in a block.


Seizure is the process of legally evicting or forfeiting digital assets or crime proceeds that are not rightfully owned by legitimate authorities.

Selfish Mining Attack

A Selfish Mining attack or a block withholding attack is an act of concealing blocks validated by other miners in order to discredit the work of other miners and acquire better income for themselves.


Sharding is the process of dividing a network’s computational and storage workload into smaller portions called ‘shards’ to enhance scalability and reduce latency. 


Slippage is defined as the difference between the expected price of an asset and the price at which its trade is executed. 

Smart Contract

A Smart Contract is a program or a protocol intended to automate blockchain functionalities like the creation, destruction, swap, or transaction of digital assets based on predefined conditions. The purpose of smart contracts is to automate and thereby reduce human errors and reduce transaction time.


Stablecoins are cryptocurrencies that are pegged against stable fiat currencies. Unlike other cryptocurrencies, the value of stablecoins does not fluctuate as much as the other coins and are thus often favored over the others.

STR (Suspicious Transaction Report)

STR is a document that helps monitor and report any activity that is deemed out of the ordinary and track illicit crypto transactions that are being carried out on a network or infrastructure.

Suspicious Activity

An act or behavior that indicates that an individual or group of entities is involved in a crime such as crypto-driven financial crimes.

Sybil Attack

Sybil attack is a form of security threat in which a single entity tries to dominate a peer-to-peer, decentralized network by creating multiple identities simultaneously and gaining majority influence over a protocol. The attacker sets up fake nodes on the network controlling all nodes that the target user is connected to. Once the user is surrounded by the malicious nodes, attackers can then refuse to relay the target’s transaction. 


Threshold Report

A Threshold Report is one that financial entities are required to file with the Financial Intelligence Unit (FIU) for executive cash transactions or wire transfers above a stated threshold limit.

Timejacking Attack

A Timejacking Attack takes place when an attacker successfully corrupts the timestamp of a node and forces the node to accept an alternative blockchain. This attack majorly takes place on the Bitcoin blockchain. Each node functions on a time counter that is the median of the time counters of its peers. If the median differs from the system time, the node reverts to the system time. The attacker manipulates this function by adding multiple fake peers with inaccurate timestamps to the network. This causes the network to slow down or speed up, therefore leading to a desynchronization in the system. 

Total Value Locked (TVL)

The value of a cryptocurrency that users have ‘locked up’ in various lending and staking protocols is called the Total Value Locked of that currency. It can also be defined as the amount of cryptocurrency circulating in the marketplace at a given point in time. 

Travel Rule

It is the regulation that states that any cryptocurrency transaction must be accompanied by the exchange of KYC information between the sending and receiving VASPs.


VA (Virtual Assets)

VAs are digital representations of financial value that can be traded or transferred and can be used for investment and payment purposes.

VASP (Virtual Asset Service Providers)

VASPs are blockchain protocols or businesses that are involved in the exchange, transfer, or administration of virtual assets on a network.



A cryptocurrency wallet helps users store and transact cryptocurrencies on a blockchain network. A wallet comprises a unique identifier called the wallet address and its digital key. 

Wallet providers

A Wallet provider is any entity that provides a virtual wallet for holding, storing and transferring assets. 

Wash Trading

Wash Trading is a market manipulation tactic in which a trader buys and sells the same assets multiple times in order to artificially inflate its price, thereby making profits by feeding misleading information into the market.

Web 1

Web 1 was the first stage of the World Wide Web evolution. It was a Content Delivery Network (CDN) with static web pages and linear information built using Common Gateway Interface (CGI). The Web 1 era spanned roughly from 1991 to 2004 before the introduction of a more advanced, interactive evolution of the World Wide Web took place later. 

Web 2

 Web 2 marked the beginning of the age of the internet in which more emphasis was given to creating user-generated content, ease of use, interoperability for users, and community-based interactions and collaborations.

Web 3

Web 3 is the latest evolving iteration of the World Wide Web in which the primary focus shifted from open and interactive community-based interaction to a decentralized and anonymous ecosystem.


Yield Farming

Yield Farming is the practice of staking and lending digital assets into liquidity pools to generate high returns and interest on them. 


Zero Knowledge Proof ( ZKP)

ZKP is a method by which one party (the prover) can prove to the other party (the verifier) that a given statement is true without conveying any additional information in the process, apart from the fact that the given statement is true. In other words, when a statement is true, the verifier learns nothing other than the fact that it is true. This technique is the building block of privacy-focused blockchains, where transactions are not publicly visible but they are probably legitimate.