3.1. Overview of the Reviewed Literature
A useful place to start is with what the literature, taken as a whole, actually agrees on — because there is more agreement here than the diversity of sources might suggest. Muhammad et al. (2019) conducted a systematic review of blockchain in FinTech and the role it plays, finding that implementing blockchain in FinTech has allowed banks and non-bank entities to make cross-network transfers and payment services more convenient without involvement of third-party entities, and that by 2030 the annual growth rate would surpass 100%. That is a striking projection, and it's worth sitting with for a moment: it implies not a gradual layering of blockchain onto existing rails, but something closer to a structural shift in how transfers get authorized at all. The authors' enthusiasm rests largely on one mechanism — the peer-to-peer system of keeping the same ledger book ensures no alteration of records, which the authors treat as a primary concern for any financial record-keeping entity.
A related strand of work looks at what a blockchain-based, bank-free mobile payment system would actually look like in practice, and the mechanics are a little more involved than "no middleman." In one such design, a delegation setup allows the bank to act as a delegator named by the payer; the merchant sends a payment request, and once the payment value and merchant identity match, the payer designates the bank as delegate, allowing the bank to issue a blockchain transaction that sells cryptocurrency for fiat currency deposited into the merchant's account, with the blockchain refusing any bank-issued transaction that fails to meet the delegation's conditions. It's an elegant solution to the trust problem — but elegant solutions to trust problems sometimes open other doors. The same traceless quality that protects ordinary users from third-party snooping can also help corrupt individuals evade taxes and facilitate illicit purchases, and that tension — privacy as both a feature and a vulnerability — turns out to be something of a recurring theme rather than a one-off caveat.
Closer to Bangladesh specifically, the picture sharpens. The reviewed sources on financial inclusion converge on three things: blockchain's usefulness, the obstacles standing in its way, and a handful of recommendations for the banking sector. Mechanically, blockchain is a digital ledger of transactions duplicated and distributed across an entire network of computer systems, where each block contains transaction information and any new transaction is recorded in the client's ledger; this decentralized, multi-client database is known as Distributed Ledger Technology (DLT), and compromising it would require a hacker to break every single block in the system — which is, in a sense, the whole security argument in one sentence. Still, the literature doesn't let that strength go unchallenged. A recurring complaint surfaces again and again: blockchain technology is not as user-friendly as most currently used technologies, interfaces for blockchain ledgers remain difficult to adopt, and a scalable solution for handling large numbers of users is necessary before the technology can be used at scale. Even so, on balance, blockchain-based banking is seen as convenient for a developing country like Bangladesh, since it can decrease the rate of corruption in the banking sector. A condensed summary of the literature underpinning this overview appears in [Table 1].
3.2. Blockchain Architecture and Working Mechanism
To make sense of where blockchain helps and where it struggles, it's worth pausing on what the technology actually is — not as an abstraction, but as a working system. Blockchain technology is an amalgamation of cryptography, algorithms, economic models, and mathematics, combining peer-to-peer networking and distributed consensus algorithms to solve the synchronization problems inherent in traditional distributed databases. [Figure 1] lays out this basic architecture. The defining feature isn't really the cryptography itself, interestingly enough, but the absence of ownership: blockchain does not belong to any person or organization, and its design provides a system monitored by all nodes in the network to ensure that transactions and activities are valid, which suggests the lowest possible percentage chance of the system being hacked.
That resilience, though, depends on something easy to overlook — redundancy at scale. Data in the blockchain are stored permanently across all nodes constituting the network, and each node must hold the updated current copy of the blockchain to ensure consistency, with nodes performing activities such as mining, making transactions, and validating other nodes' transactions (Mohanta et al., 2019). [Figure 2] breaks down the eight elements considered central to this architecture.
History and Working Procedure
Blockchain's lineage matters for understanding today's design choices, and [Figure 3] traces that history. The public–private distinction turns out to map fairly cleanly onto two governance philosophies: Bitcoin and Ethereum are public, permissionless blockchains open to anyone, whereas the various Hyperledger networks are private, permissioned blockchains requiring participant verification before joining. As for how a transaction actually moves through the system — illustrated in [Figure 4] — the process unfolds in a fairly linear sequence: a node broadcasts a transaction; another node verifies its authenticity and stores it in a block; all nodes validate the transaction by executing either the proof-of-work or proof-of-stake algorithm on the block awaiting validation; and finally, the consensus algorithm commits the validated data to a block added to the chain, with all nodes accepting that block and extending the chain accordingly. Simple to describe, evidently — though, as later sections show, considerably harder to secure in practice.
3.3. Security and Privacy Aspects
[Figure 5] separates the blockchain properties reviewed here into two camps: security and privacy. They're related, certainly, but they answer different questions, and it's worth keeping that distinction sharp.
Security of Blockchains
On the security side, the working definition adopted here treats it as the protection of transaction information and data in a block against internal, peripheral, malevolent, and unintentional threats, typically through detection, prevention, and appropriate response using security policies, tools, and IT services. Five principles recur throughout the reviewed sources, and they're fairly standard information-security doctrine applied to a less standard substrate: defense in penetration, which follows the principle that protecting data in multiple layers is more efficient than relying on a single security layer; minimum privilege, which reduces data access to the lowest level possible to reinforce security; vulnerability management, involving identification, authentication, modification, and patching; risk management, involving identification, assessment, and control of environmental risks; and patch management, which addresses flawed code, applications, operating systems, and firmware through acquiring, testing, and installing patches. None of these principles is unique to blockchain, to be fair — but their application here carries higher stakes, given the immutability that makes correcting a security failure after the fact so much harder than on a conventional database.
Privacy of Blockchains
Privacy asks a narrower, more pointed question: can transactions be performed without leaking identification information, making it extremely difficult for other users to copy or use someone else's crypto profile? Drawing on Hassani et al. (2018), five characteristics recur as particularly significant. First, blockchain offers flexibility to store all forms of data, though privacy rules applicable to personal data become more stringent for sensitive and organizational data (Hassani et al., 2018). Second, on storage distribution, nodes storing complete copies of the blockchain are called full nodes, and an application's compatibility with data minimization determines the level of transparency and verifiability available for that application (Hassani et al., 2018). Third — and this one tends to surprise people who assume blockchain records are simply unfixable forever — the append-only feature does not, in certain cases, curtail users' right to correction when data
Figure 1. Basic architecture of a blockchain network. Schematic representation of a distributed ledger shared across participating nodes, illustrating the absence of a single controlling authority. Each node maintains an identical, continuously updated copy of the ledger, and network-wide validation of transactions and activities is distributed across all participants rather than centralized in any one entity — the structural property underlying blockchain's resistance to unilateral tampering.
Figure 2. Core elements of blockchain technology. Diagrammatic overview of the eight components considered foundational to blockchain systems, as discussed in Section 3.2, including the distributed ledger, consensus mechanism, cryptographic hashing, and peer-to-peer network layer that together enable decentralized transaction validation and record-keeping.
Figure 3. Historical timeline of blockchain development. Chronological summary of blockchain's evolution, from its original conceptualization as the architecture underlying Bitcoin through to the emergence of public, permissionless networks (e.g., Bitcoin, Ethereum) and private, permissioned networks (e.g., Hyperledger), illustrating the divergence between open-participation and verified-participation blockchain models discussed
is recorded incorrectly, though special attention is needed when assigning rights to data subjects (Hassani et al., 2018). Fourth, on the private-versus-public distinction, restricted data on a block can be encrypted for conditional access by authorized users at an advanced level, since every node maintains a copy of the entire blockchain (Hassani et al., 2018). And fifth, regarding permission structures, non-permissioned blockchain applications in principle allow all users to add data, whereas permitting the restoration of trusted mediators influences how control over the network is distributed (Hassani et al., 2018).
3.4. Why Blockchain Is Needed in Banking
Here the literature takes on a slightly more pointed tone — less descriptive, more critical of the status quo. Banking institutions worldwide have moved toward digitalization-driven models such as mobile banking, but blockchain adoption within banking has been comparatively sidelined; this hesitation contrasts with the interest blockchain is attracting elsewhere, reflected in the technology's projected growth from $4.9 billion in 2021 to over $67.4 billion by 2026 ([Figure 6]). That is more than a tenfold increase in five years — a pace that makes the banking sector's caution look, frankly, a little out of step with where capital and attention are flowing. The industry advances at a constant speed due to steady demand, yet remains slow to innovate; banks still require considerable paperwork, face security vulnerabilities, and run multiple time-consuming and expensive processes. Five specific applications illustrate where blockchain might close that gap.
Payment transfer. Trillions of dollars are presently made and wasted due to added fees and slow payments respectively — for example, a person sending money from San Francisco to London faces a $25 flat fee charged by both sending and receiving banks. By contrast, cryptocurrencies like Ether and Bitcoin, built on public blockchains, let anyone send and receive money without transaction fees and in real time, since decentralized-network payments require no separate verification step, making transfers faster and cheaper.
Settlement and clearance. An average bank transfer takes up to three days to settle — problematic for consumers and logistically difficult for banks alike, given that a simple transfer today bypasses a complex chain of intermediaries from bank to custodial service before reaching the recipient. Blockchain's transparent, public decentralized ledger allows transactions to settle without relying on custodial services, which is one of the key ways blockchain speeds up and simplifies banking transactions.
Securities. Buying or selling debt, stocks, or commodities requires banks to track ownership by connecting with multiple exchanges, brokers, clearing houses, and custodian banks, and this web of intermediaries, combined with an outdated paper ownership system, makes the process slow and prone to inaccuracy and fraud. Blockchain instead builds a decentralized database of digital, unique assets, transferring them through tokens representing assets "off-chain" — an approach whose benefit lies chiefly in cutting out middlemen and lowering exchange fees.
Loans and credit. Banks typically underwrite loans through a credit reporting system, and blockchain in consumer banking opens the door to peer-to-peer lending — one of the more investment-friendly corners of FinTech. The conventional alternative isn't necessarily fairer: banks evaluate non-payment risk by examining credit score, ownership status, and debt-to-income ratio drawn from a centralized reporting system that can work against customers. A decentralized registry of payment history, by comparison, makes it easier for consumers to apply for loans under an alternate lending system that is comparatively efficient, cheap, and secure.
Customer KYC. Verification delays are not a minor inconvenience here. Banks can take up to three months to complete KYC procedures — photo verification, address proof checks, biometric verification — and the process is costly as well as slow. Storing customer information on a shared ledger changes that math considerably: blockchain-based KYC storage gives banks shared access to verification data, an arrangement associated with personnel cost reductions of roughly 10%, equating to $160 million annually. That single figure does more to justify blockchain's banking case, arguably, than most of the more conceptual arguments combined.
3.5. Blockchain in Digital Transactions
Stepping back from banking specifically, financial service providers find blockchain useful for enhancing authenticity, security, and risk management, with institutions increasingly adopting it in trade and finance to build smart contracts between participants, improve efficiency and transparency, and open newer revenue opportunities ([Figure 7]). Blockchain's recording capabilities make
Figure 4. Working procedure of blockchain transaction validation. Sequential flow diagram depicting the lifecycle of a blockchain transaction: initiation and broadcast by the originating node, verification and provisional storage by receiving nodes, network-wide validation via proof-of-work or proof-of-stake consensus protocols, and final commitment of the validated block to the chain.
Figure 5. Security and privacy dimensions of blockchain systems. Conceptual framework distinguishing the security properties of blockchain (defense in depth, least privilege, vulnerability management, risk management, and patch management) from its privacy-preserving characteristics (data sorting, storage distribution, append-only recording, and permissioned versus non-permissioned access).
Figure 6. Projected global market size of blockchain technology, 2021–2026. Bar chart illustrating the projected growth of the global blockchain technology market from an estimated $4.9 billion in 2021 to over $67.4 billion by 2026, reflecting a more than tenfold increase over a five-year period. Source of underlying market projection should be cited explicitly in the figure caption and added to the reference list (e.g., the original market research report from which this estimate was drawn); the manuscript as currently written does not attribute this statistic to a specific source, which a high-impact journal reviewer is likely to query.
Figure 7. Role of blockchain in digital transaction processing. Schematic illustrating how blockchain technology is applied within trade and finance systems to support smart contract execution between participants, streamline clearing and settlement processes, and enable blockchain-based identity verification.
existing clearing and settlement processes largely redundant, and banks and other financial entities are adopting blockchain-enabled IDs to identify people.
Consensus Algorithms
Anonymity is usually framed as a benefit of blockchain, but it raises an obvious question that the literature doesn't shy away from: how can anonymous users be trusted to act honestly when adding transactions to a ledger? The answer lies in validating every transaction as legitimate — not malicious, not a case of double-spending — before placing it into a block, with the agreement to add that block reached through consensus algorithms, which function as the heart of all blockchain transactions. PoW, PoS, DPoS, and PBFT are the most common consensus algorithms, with DAG standing apart as the most structurally different, while PoET — developed by Intel Corporation — underpins Hyperledger Sawtooth specifically.
Smart Contracts
Beyond providing a distributed, unchangeable record of events, blockchain allows objective computer code to define exactly how a process should be managed and what steps follow a given event; the smart contract proposed within Ethereum was intended, in part, to overcome Bitcoin's limitations, and is sometimes referred to as chain code.
Cryptography for Blockchain
Blockchain creates a layer of trust between untrusted parties to enable secure, trusted records and transactions; absent that layer, a third-party intermediary would be necessary, but blockchain instead uses cryptography and collaboration to build that trust, eliminating the need for a centralized institution as intermediary (Muhammad et al., 2019). Three cryptographic building blocks recur most often: public key cryptography, used for digital signatures and encryption; zero-knowledge proofs, which demonstrate knowledge of a secret without revealing it; and hash functions — one-way, pseudo-random mathematical functions, with Merkle trees adopting them to form part of the block header. [Figure 8] illustrates how digital signatures and hashing function together in a blockchain transaction.
Cryptocurrencies and Supply Chains
Two applications stand out as the most thoroughly documented. On the currency side, cryptocurrency is a digital medium of exchange operating through a computer network independent of any central authority such as a government or bank, with Bitcoin — announced in 2008 and launched in 2009 — as the first such currency, capped at a maximum of 21 million BTC ([Figure 9]). On the supply-chain side, the appeal rests on visibility rather than currency: blockchain's distributed ledgers create a permanent, shared transaction record, visible to authorized participants, traceable, immutable, and irrevocable — properties that have driven growing blockchain use for supply-chain data sharing, exemplified by IBM's permissioned blockchain-based supply-chain solutions with a logistics focus (Treleaven et al., 2017), and by VeChain's cold-chain logistics solution, which tracks logistic information for transparent, regulated, secure, and reliable data sharing (Chang et al., 2020).
Real Attacks and Bugs on Blockchain Systems
It would be a disservice to the technology's record, though, to stop at what it enables without confronting where it has actually failed — and the literature is reasonably candid on this point. Because users rely on exchange platforms to transact and keep private keys in digital wallets, both exchanges and wallets count as parts of the blockchain system, and several documented incidents illustrate the resulting exposure.
The earliest and arguably most consequential bug struck at the protocol's core. Occurring in August 2010, the CVE-2010-5139 vulnerability was the most famous software bug in the Bitcoin network, caused by an integer overflow in its protocol; an invalid transaction of 0.5 BTC was replaced with 184 trillion BTC and added to a normal block, taking more than eight hours to resolve (Chen et al., 2019). Exchange platforms have fared little better in more recent years: in July 2020, hackers breached Cashaa, a UK-based cryptocurrency exchange, stealing more than 336 BTC, and in August 2020, attackers struck the European trading platform 2gether's servers, stealing 1.39 million USD (Dasgupta & Gupta, 2019). Wallets, too, have proven a recurring weak point — on October 23 and 26, 2013, an Australian Bitcoin bank was hacked, and all 4,100 BTC held by the wallet service on a US server were stolen (Zhang & Xue, 2019); a multi-signature vulnerability in the Parity Wallet later allowed a hacker to steal 30 million USD from at least three Ethereum accounts by compromising their addresses on July 19, 2017 (Cheng et al., 2020); and an undiscovered initialization bug in a subsequently deployed version of the Parity Wallet library
Figure 8. Digital signatures and hash functions in blockchain transactions. Diagram illustrating the cryptographic workflow underlying transaction verification, including the generation of a digital signature using public key cryptography and the use of one-way hash functions — incorporated into Merkle tree structures — to ensure transaction integrity and authentication.
Figure 9. Bitcoin logo, the first cryptocurrency built on blockchain technology. Visual symbol of Bitcoin, the original cryptocurrency, announced in 2008 and launched in 2009, with a hard-capped maximum supply of 21 million BTC, included here to anchor the discussion of cryptocurrency as blockchain's earliest and most widely recognized financial application.
contract caused a further incident on November 6, 2017, freezing funds in affected multi-signature wallets (Kadena & Holicza, 2018) — three separate failures within roughly four years, all tracing back to wallet infrastructure rather than the underlying ledger itself. Smart contracts complete the pattern: in January 2018, a hacker exploited an integer overflow bug in smart contracts built on the Proof of Weak Hands (PoWH) coin, stealing 888 ETH, and in October 2018, an attacker executed a reentrancy attack against Spankchain's smart contracts, draining 165.38 ETH. Taken together, these cases suggest the vulnerability rarely sits in the consensus mechanism itself, but rather in the software layered on top of it — a distinction that matters quite a bit for how Bangladesh's own adoption efforts, discussed next, ought to be approached.
3.6. Blockchain Adoption in Bangladesh
Why Bangladeshis Are Adopting Blockchain
If there's a single event that explains the urgency behind Bangladesh's interest in blockchain, it's probably this one. In 2016, North Korean hackers stole $81 million from Bangladesh Bank in what is known as "the Lazarus Heist," the largest cyber heist in the world to date. What makes the episode unsettling isn't merely the sum involved, but where it happened: the money was taken from Bangladesh Bank's account at the New York Federal Reserve, and the hackers managed to access SWIFT — widely considered the most secure method for transferring large sums between banks — even though SWIFT itself has periodically drawn criticism for inefficiency, with the Financial Times noting in 2018 that transfers remain time-consuming, costly, and lacking in transparency. The reaction from outside Bangladesh was telling. As US Congresswoman Carolyn Maloney put it to the BBC, a breach of that scale could fatally undermine confidence in the SWIFT system itself — and Istiaque Ahmed, a blockchain developer and research scientist at the Blockchain Economy Research Center at the Gwangju Institute of Science and Technology in South Korea, has voiced the same concern, suggesting that blockchain adoption could plausibly have prevented frauds of this kind.
Current Scenario in Bangladesh
Adoption so far has been concentrated, rather than widespread. A handful of financial institutions — Standard Chartered Bank, Prime Bank, HSBC Bank, and bKash — have already begun adopting blockchain technology, alongside agro-tech startups such as Krishi Swapno operating pilot projects; Bangladesh-based banks have, in the past two years, executed a number of letters-of-credit transactions through blockchain, and Krishi Swapno, describing itself as a blockchain-based agricultural technology platform, has reportedly implemented blockchain within its supply chain on a pilot basis. Policy has begun to catch up with practice, if cautiously: in March 2020, the ICT Division released Bangladesh's first national blockchain strategy, outlining a three-phase plan aimed ultimately at establishing a comprehensive regulatory sandbox and a National Blockchain Platform — a cloud-based, permissioned blockchain hosted under the relevant government agency, intended to let local companies build blockchain-based services. For now, though, only a few large-scale companies possess the resources needed to adopt blockchain, and successful execution of the National Blockchain Strategy would be required before all companies could meaningfully harness permissioned blockchain.
First Blockchain-Based Instant Transfers from Malaysia
The clearest real-world demonstration of these ideas converging into an actual product arrived in September 2020. On September 9, 2020, Standard Chartered Bank, mobile financial service provider bKash, and Malaysia's digital remittance provider Valyou launched the first blockchain-based remittance service in Bangladesh, powered by blockchain technology from Ant Group. The corridor matters more than it might first appear, given how central remittances are to the national economy: wage-earner remittances from expatriate Bangladeshis represent one of the key pillars of the Bangladesh economy and a major contributor to its foreign currency reserves, and Malaysia is an important part of that remittance ecosystem, with Bangladeshi migrants there who hold bKash wallets able to send wage remittances via Valyou to beneficiaries back home.
Institutionally, Standard Chartered Bank serves as the fund settlement bank and regulatory approval holder for the service, bringing together Standard Chartered, Ant Group, bKash, and Valyou to serve the Bangladeshi diaspora in Malaysia; Ant Group's blockchain technology streamlines the remittance process, radically improving delivery speed while also strengthening information security and transparency, and recipients can cash out at roughly 240,000 nearby agent points nationwide while also accessing bKash's wider service range. The executives involved framed the service in similar terms, each emphasizing a slightly different angle — speed, convenience, cost — but converging on the same underlying claim. Standard Chartered's Bangladesh unit CEO, Naser Ezaz Bijoy, described the solution as making the remittance experience simpler and faster through round-the-clock availability; bKash's CEO, Kamal Quadir, noted that the integration brings considerable convenience to both recipients and senders while contributing further to foreign remittance earnings; and Valyou's CEO, Prasanna Rao, explained that Valyou customers in Malaysia can cash in through online banking, ATMs, and a network of more than 1,300 merchants, with the blockchain integration saving cost and time without compromising the safety and security of remittance transactions flowing from Valyou to bKash.
3.7. Synthesis: What This Means for MFS in Bangladesh
Pulling these threads together, a fairly consistent picture emerges — though not, it should be said, an uncomplicated one. Blockchain technology appears to offer substantial potential to address some of the most persistent weaknesses already documented in Bangladeshi MFS platforms: high service charges, limited transaction privacy, susceptibility to scams involving phone numbers and transaction histories, and vulnerability to large-scale cyber heists of the kind that struck Bangladesh Bank. By decentralizing record-keeping and reducing reliance on intermediaries, blockchain-based MFS could plausibly lower transaction fees, speed up settlement, and provide a tamper-resistant audit trail that strengthens user trust.
Mapping the security and privacy framework from onto these MFS-specific concerns turns out to be a fairly natural fit, rather than a forced one. The security principles reviewed — defense in depth, least privilege, vulnerability management, risk management, and patch management — together with blockchain's privacy-preserving characteristics, map directly onto the concerns most frequently raised about MFS in Bangladesh, including unauthorized access to transaction records and impersonation-based fraud. The bKash–Valyou–Standard Chartered remittance case demonstrates that these benefits are not merely theoretical; they are already being realized in practice, through faster, more transparent, and more secure cross-border transfers.
That said, optimism here needs tempering, and the literature itself is reasonably insistent on this point. Important limitations remain before blockchain can be adopted at scale within Bangladeshi MFS: the technical complexity and poor usability of blockchain interfaces for the general public, the scalability demands of a system that would need to support millions of users, and the documented history of attacks and bugs affecting exchanges, wallets, and smart contracts reviewed in [Section 3.5]. Bangladesh's National Blockchain Strategy, with its proposed permissioned National Blockchain Platform, offers a promising regulatory pathway — but one whose success will hinge on building the technical capacity and infrastructure needed for adoption to spread meaningfully beyond a handful of large institutions
