Escalating security challenges in blockchain and decentralized applications under scalability enhancements necessitate a systematic security reference architecture. Method: We integrate game-theoretic modeling, formal verification, zero-knowledge proofs, trusted execution environments (TEEs), and atomic swap protocol design. Contributions: (1) A novel DAG-based consensus model resilient against selfish mining and undercutting attacks; (2) An OTP-enhanced two-factor wallet and a privacy-preserving, dynamic-revotable electronic voting framework—scalable to millions of users and formally verified; (3) A secure logging system guaranteeing non-repudiation, integrity, and auditable evidence with millisecond-level write latency; (4) The first strongly consistent, cross-ledger atomic interoperability protocol for central bank digital currencies (CBDCs). Collectively, these advances significantly enhance system robustness and verifiable security across consensus, wallet infrastructure, e-voting, logging, and CBDC interoperability domains.

With the rise of cryptocurrencies, many new applications built on decentralized blockchains have emerged. Blockchains are full-stack distributed systems where multiple sub-systems interact. While many deployed blockchains and decentralized applications need better scalability and performance, security is also critical. Due to their complexity, assessing blockchain and DAPP security requires a more holistic view than for traditional distributed or centralized systems. In this thesis, we summarize our contributions to blockchain and decentralized application security. We propose a security reference architecture to support standardized vulnerability and threat analysis. We study consensus security in single-chain Proof-of-Work blockchains, including resistance to selfish mining, undercutting, and greedy transaction selection, as well as related issues in DAG-based systems. We contribute to wallet security with a new classification of authentication schemes and a two-factor method based on One-Time Passwords. We advance e-voting with a practical boardroom voting protocol, extend it to a scalable version for millions of participants while preserving security and privacy, and introduce a repetitive voting framework that enables vote changes between elections while avoiding peak-end effects. Finally, we improve secure logging using blockchains and trusted computing through a centralized ledger that guarantees non-equivocation, integrity, and censorship evidence, then build on it to propose an interoperability protocol for central bank digital currencies that ensures atomic transfers.