DETAILED ACTION
This non-final office action is in response to claims 1-18, 21-22, and 25-29 filed on 07/27/2022 for examination. Claims 1-18, 21-22, and 25-29 are being examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 07/27/2022 has been entered.

Response to Amendment
The amendment filed July 27, 2022 has been entered. Claims 1-18, 21-22, and 25-27 remain pending in the application. Claims 28-29 are new. Applicant’s arguments and amendments to the claims are directed to the 35 U.S.C. 102 and 103 rejections previously set forth in the Final Office Action mailed March 11, 2022. Claims 1-17 and 25 have been amended and have necessitated a new ground(s) of rejection in this Office Action. Therefore, Applicant’s arguments filed on 07/27/2022 have been fully considered but are moot in view of the new ground(s) of rejection because the arguments do not apply to any of the updated reference(s) being used in the current rejection.

Examiner Interview
Examiner initiated an Examiner Interview on 08/31/2022, wherein Applicant and Examiner discussed potential amendments to the claims to overcome the art as cited with regards to Wang et al. (US20190370806) in view of Klaedtke (US20190303932) in the Final Office Action dated 03/11/2022, as well as newly identified Gleichauf (US20200007513) at [0025] disclosing a method of verifying candidate blocks. Examiner and Applicant discussed proposed language to differentiate against the cited prior art regarding the smart card implementations, however Applicant declined to incorporate additional subject matter at this time. 

Claim Objections
Claim(s) 2-3, 6, 8, 11, 15, 18, and 21 is/are objected to because of the following informalities: 
Claim 2 recites “if the candidate block identifier […]” in line 2. For limitations to be required by the claim, they should be positively recited. Examiner suggests amending to, e.g., “when the candidate block identifier […]”. Claims 3, 6, 8, 11, 15, 18, and 21 recite a similar deficiency, and are objected to under like rationale.
Appropriate correction is required.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-5, 7, 16-18, 25, and 27 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Karame et al. (US20190394047, hereinafter “Karame”).
Regarding claim 1, Karame teaches a device (abstract and [0103] – implemented via trusted execution environment computing entity “TEE-CE”) comprising: 
a security controller ([0028] and [0103-105] – TEE-CE <i.e., security controller> ensures security of the blockchain by restricting blocks added to the blockchain), the security controller comprising: 
a memory ([0081] – “CE” computing entities comprise a processor and memory); and 
one or more processors ([0081] – “CE” computing entities comprise a processor and memory):
wherein the security controller is configured to receive a candidate block identifier corresponding to a block number of a candidate block of a distributed electronic ledger ([0111] and [0121] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger); and 
receive one or more verified block identifiers each corresponding to a block number of one or more verified blocks and to store the one or more verified block identifiers in the memory ([0111-112] – TEE-CE <i.e., security controller> receives each new block <i.e., candidate/former block> and block information including a block height of the block at the TEE-CE from a miner; [0103-105] and [0125] – Verified block heights are subsequently stored in and retrieved from attack-resistant memory); 
wherein the one or more processors are configured to compare the received candidate block identifier with a block identifier in the stored one or more verified block identifiers ([0111-114] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger from a miner. The new block height <i.e., received candidate block identifier> is compared against the latest previously stored block height identifier; [0081] – “CE” computing entities comprise a processor executing instructions); and 
upon determining that the comparing of the candidate block identifier to the block identifier in the stored one or more verified block identifiers satisfies a predetermined condition ([0111-114] – TEE-CE compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and the a signature for the block is generated and the newly signed block is added to the blockchain; [0081] – “CE” computing entities comprise a processor executing instructions), the security controller is configured to verify the candidate block corresponding to the candidate block identifier and to send data corresponding to a verified block of the distributed electronic ledger ([0112-115] and [0118-119] – TEE-CE <i.e., security controller> compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain).  

Regarding claim 2, Karame teaches the device of claim 1, wherein the one or more processors are further configured, if the candidate block identifier is identical 2to or less than any one of the stored one or more verified block identifiers, to decline verification of the candidate block corresponding to the candidate block identifier ([0103-105] and [0122-125] – new block <i.e., candidate block> identifiers are compared against a previously verified block identifier stored in the TEE-CE, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied).  

Regarding claim 3, Karame teaches the device of claim 1, wherein the one or more processors are further configured, if the comparing of the candidate block identifier to the block identifier in the stored one or more verified block identifiers satisfies the predetermined condition, to increment a block number counter to an identifier greater ([0103-105] and [0122-125] – new block <i.e., candidate block> identifiers are compared against a previously verified block identifier stored in the TEE-CE, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than is no validated/signed. When a block is signed, the latest block height is incremented for future comparisons).  

Regarding claim 4, Karame teaches the device claim 1, wherein the root- of-trust device further comprises a memory, configured to store a verified block identifier corresponding at least to a last verified block number of one or more verified blocks ([0103-105] and [0122-125] – new block <i.e., candidate block> identifiers are compared against a previously verified block identifier stored in the TEE-CE, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than is no validated/signed. When a block is signed, the latest block height is saved and/or incremented for future comparisons).  

Regarding claim 5, Karame teaches the device of claim 4, wherein the memory is further configured to store at least one of a public key, a private key, or an asymmetric key pair ([0131] – TEE-CE stores a private key; [0081] – TEE-computing entity stores information in memory). 

Regarding claim 7, Karame teaches the device of claim 1, wherein the one or more processors are further configured to determine a block number of the candidate block by incrementing a block number of a last verified block ([0103-105] and [0122-125] – new block <i.e., candidate block> identifiers are compared against a previously verified block identifier stored in the TEE-CE, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than is no validated/signed. When a block is signed, the latest block height is incremented for future comparisons).  

Regarding claim 16, Karame teaches the device of claim 1, wherein the predetermined condition is at least one of the candidate block identifier being greater than the stored one or more verified block identifiers, the candidate block 5being more recent than the stored one or more verified block identifiers, and/or the candidate block identifier not being duplicative of any of the store one or more block identifiers ([0103-105] and [0111-114] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied).

Regarding claim 17, Karame teaches a method of root-of-trust blockchain verification ([0028] and [0103-105] – trusted execution environment computing entity <i.e., security controller> ensures security of the blockchain by restricting blocks added to the blockchain ) comprising: 
receiving in a security controller a candidate block identifier corresponding to a block number of a candidate block of a distributed electronic ledger ([0111] and [0121] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger); 
receiving one or more verified block identifiers each corresponding to a block number of one or more verified blocks and storing the one or more verified block identifiers in a memory of the security controller ([0111-112] – TEE-CE <i.e., security controller> receives each new block <i.e., candidate/former block> and block information including a block height of the block at the TEE-CE from a miner; [0103-105] and [0125] – Verified block heights are subsequently stored in and retrieved from attack-resistant memory); 
comparing the received candidate block identifier with a block identifier of the stored one or more verified block identifiers ([0111-114] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger from a miner. The new block height <i.e., received candidate block identifier> is compared against the latest previously stored block height identifier; [0081] – “CE” computing entities comprise a processor executing instructions); 
not verifying the candidate block corresponding to the candidate block identifier upon determining that the comparing of the received candidate block identifier to the block identifier of the one or more verified block identifiers does not satisfy a predetermined condition ([0103-105] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied); and 
verifying the candidate block corresponding to the candidate block identifier and sending data corresponding to a verified block of the distributed electronic ledger ([0112-115] and [0118-119] – TEE-CE <i.e., security controller> compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain), upon determining that the comparing of the received candidate block identifier to the block identifier in the one or more verified block identifiers satisfies the predetermined condition ([0112-115] and [0118-119] – TEE-CE <i.e., security controller> compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain).  

Regarding claim 18, Karame teaches the method of root-of-trust blockchain verification of claim 17, further comprising, if the candidate block identifier is identical to any one of the one or more verified block identifiers, declining verification of the candidate block corresponding to the candidate block identifier ([0103-105] and [0122-125] – new block <i.e., candidate block> identifiers are compared against a previously verified block identifier stored in the TEE-CE, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied).  

Regarding claim 25, Karame teaches a non-transient computer readable medium comprising instructions that, when executed, are configured to cause one or more processors ([0028] and [0103-105] – TEE-CE <i.e., security controller> ensures security of the blockchain by restricting blocks added to the blockchain; [0081] – “CE” computing entities comprise a memory and processor executing instructions) to receive in a security controller a candidate block identifier corresponding to a block number of a candidate block of a distributed electronic ledger ([0111] and [0121] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger); 
receive one or more verified block identifiers each corresponding to a block number of one or more verified blocks and store the one or more verified block identifiers in a memory of the security controller ([0111-112] – TEE-CE <i.e., security controller> receives each new block <i.e., candidate/former block> and block information including a block height of the block at the TEE-CE from a miner; [0103-105] and [0125] – Verified block heights are subsequently stored in and retrieved from attack-resistant memory); 
compare the received candidate block identifier with a block identifier in the one or more verified block identifiers ([0111-114] – TEE-CE <i.e., security controller> receives a new block <i.e., candidate block> and new block information including a block height of the block on a distributed ledger from a miner. The new block height <i.e., received candidate block identifier> is compared against the latest previously stored block height identifier; [0081] – “CE” computing entities comprise a processor executing instructions); 
not verify the candidate block corresponding to the candidate block identifier upon determining that the comparing of the received candidate block identifier to the block identifier in the one or more verified block identifiers does not satisfy a predetermined condition ([0103-105] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied); and 
verify the candidate block corresponding to the candidate block identifier and sending data corresponding to a verified block of the distributed electronic ledger ([0112-115] and [0118-119] – TEE-CE <i.e., security controller> compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain), upon determining that the comparing of the received candidate block identifier to the block identifier in the one or more verified block identifiers satisfies the predetermined condition ([0112-115] and [0118-119] – TEE-CE <i.e., security controller> compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain).  

Regarding claim 27, Karame teaches the security controller of claim 1, wherein the security controller comprises a trusted processing environment ([0103] and [0121-126] – controller implemented via trusted execution environment computing entity “TEE-CE”), and wherein the one or more processors are configured to perform at least one of comparing the received candidate block identifier with a block identifier in the stored one or more verified block identifiers or verifying the candidate block corresponding to the candidate block identifier in the trusted processing environment ([0111-114] – TEE-CE compares the new block height <i.e., received candidate block identifier> against the latest previously stored block height identifier. When their difference satisfies a defined value, they are determined to be valid and signed, and a signature for the block is generated and the newly signed block is added to the blockchain).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 6, 8-10, 13-14, 21-22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Karame in view of Cheng et al. (US20210119778, Hereinafter “Cheng”).
Regarding claim 6, Karame teaches the device of claim 1. Karame appears to fail to specifically disclose wherein the one or more processors are further configured to insert a public authentication key into the candidate block if the one or more processors verify the candidate block.  
However, Cheng teaches a distributed ledger verification system (abstract), wherein the one or more processors are further configured to insert a public authentication key into the candidate block if the one or more processors verify the candidate block ([0031-033] – public key is included into blocks added to the blockchain to detect illegal blocks based on a certificate).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein the one or more processors are further configured to insert a public authentication key into the candidate block if the one or more processors verify the candidate block, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).

Regarding claim 8, Karame teaches the device of claim 1, wherein the one or more processors are further configured, if the candidate block identifier is identical to any one of the stored one or more verified block identifiers (Karame at [0103-105] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied; [034-036] – as disclosing the logging the user identifiers), to deny the proposed block. While Karame teaches detecting the candidate block identifier is identical to a stored verified block identifier (Karame at [0103-105]), Karame appears to fail to specifically disclose the device configured to log a user identifier corresponding to a user submitting the candidate block for verification.
However, Cheng teaches a distributed ledger verification system (see abstract), configured to log a user identifier corresponding to a user submitting the candidate block for verification ([0034-036] – user identifiers of the submitting miner nodes are logged when there is potential for a double-spending attack).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein the one or more processors are further configured, if the candidate block identifier is identical to any one of the stored one or more verified block identifiers, to log a user identifier corresponding to a user submitting the candidate block for verification, to detect and prevent malicious nodes from committing double-spending attacks (see, e.g., Karame at [0027-028] with Cheng at [0034-036]).

Regarding claim 9, the combination of Karame and Cheng teach the device of claim 8. Karame appears to fail to specifically disclose wherein the one or more processors are further configured not to verify a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the stored one or more verified block identifiers.
However, Cheng teaches a distributed ledger verification system (abstract), wherein the one or more processors are further configured not to verify a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the stored one or more verified block identifiers  ([0036-038] – detecting a maliciously added block and submitting node, and, when a number of malicious detections at different heights is detected, the CA certificate of the node is marked/revoked. The entire network then rejects blocks submitted by the creator). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein the one or more processors are further configured not to verify a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the stored one or more verified block identifiers, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).  

Regarding claim 10, Karame teaches the device of claim 1. Karame appears to fail to specifically disclose wherein the one or more processors are further configured to delay verification of a candidate block until completion of a predetermined time duration. 
However, Cheng teaches a distributed ledger verification system (abstract), wherein the one or more processors are further configured to delay verification of a candidate block until completion of a predetermined time duration ([0033] and [0016] – blocks must wait a specific duration before they may be confirmed, or they will be discarded).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein the one or more processors are further configured to delay verification of a candidate block until completion of a predetermined time duration, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).

Regarding claim 13, Karame teaches the device of claim 1, wherein verifying the candidate block comprises signing the block according to one or more digital keys ([0111-114] and [0132] – private key used to sign the block by the TEE). Karame appears to fail to specifically disclose wherein verifying the candidate block comprises verifying a block signature of the candidate block.  
However, Cheng teaches a distributed ledger verification system (abstract), wherein verifying the candidate block comprises verifying a block signature of the candidate block ([0030-033] – a public key and certificate are added to a block, and then other nodes verify the block’s creation by checking whether the signature of the block matches the block’s public key/certificate <i.e., and the hash thereof>; Note: One of ordinary skill in the art before the effective filing date of the claimed invention would know verifying a certificate comprises recalculating the hash value using the public key. While not presently relied upon, see, e.g., Suraj et al. (NPL: “How does a public key verify a signature”, Jan. 28, 2018) describing this process).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein verifying the candidate block comprises verifying a block signature of the candidate block, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).

Regarding claim 14, Karame teaches the device of claim 1. Karame appears to fail to specifically disclose wherein verifying the candidate block comprises verifying a block signature of the candidate block and signing the block according to one or more digital keys.  
However, Cheng teaches a distributed ledger verification system (abstract), wherein verifying the candidate block comprises verifying a hash value of the candidate block by recalculating the hash value ([0030-033] – a public key and certificate are added to a block, and then other nodes verify the block’s creation by checking whether the signature of the block matches the block’s public key/certificate <i.e., and the hash thereof>; Note: One of ordinary skill in the art before the effective filing date of the claimed invention would know verifying a certificate comprises recalculating the utilized hash value using the public key. While not presently relied upon, see, e.g., Suraj et al. (NPL: “How does a public key verify a signature”, Jan. 28, 2018) describing this process).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein verifying the candidate block comprises verifying a hash value of the candidate block by recalculating the hash value, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).

Regarding claim 21, Karame teaches the method of root-of-trust blockchain verification of claim 17, further comprising, if the candidate block identifier is identical to any one of the one or more verified block identifiers (Karame at [0103-105] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied; [034-036] – as disclosing the logging the user identifiers), to deny the proposed block. While Karame teaches detecting the candidate block identifier is identical to a stored verified block identifier (Karame at [0103-105]), Karame appears to fail to specifically disclose the device configured to log a user identifier corresponding to a user submitting the candidate block for verification.
However, Cheng teaches a distributed ledger verification system (see abstract), configured to log a user identifier corresponding to a user submitting the candidate block for verification ([0034-036] – user identifiers of the submitting miner nodes are logged when there is potential for a double-spending attack).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Cheng, wherein the one or more processors are further configured, if the candidate block identifier is identical to any one of the stored one or more verified block identifiers, logging a user identifier corresponding to a user submitting the candidate block for verification, to detect and prevent malicious nodes from committing double-spending attacks (see, e.g., Karame at [0027-028] with Cheng at [0034-036]).

Regarding claim 22, the combination of Karame and Cheng teach the method of root-of-trust blockchain verification of claim 21. The combination of Wang and Klaedtke appear to fail to specifically teach further comprising disabling verification of a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the one or more verified block identifiers
However, Cheng teaches a system for detecting maliciously added blocks to a system (see, e.g., [0034-036]), further comprising disabling verification of a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the one or more verified block identifiers ([0036-038] – detecting a maliciously added block and submitting node, and, when a number of malicious detections at different heights is detected, the CA certificate of the node is marked/revoked. The entire network then rejects blocks submitted by the creator).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Klaedtke with the teachings of Cheng, comprising disabling verification of a candidate block corresponding to the user identifier for whom a predetermined number of candidate blocks were not verified based on their candidate block identifier being identical to any one of the stored one or more verified block identifiers, to improve resistance against double spending attacks on the blockchain network (see, e.g., Cheng at [0002], [0033]).  

Claim(s) 11-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Karame in view of Lundin et al. (US20210209885, Hereinafter “Lundin”).
Regarding claim 11, Karame teaches the device of claim 1, wherein the one or more security processors are configured to deny access[[ to the stake]] if the comparing of the candidate block 4identifier to the block identifier of the one or more verified block identifiers does not satisfy the predetermined condition ([0103-105] – new block <i.e., candidate block> identifiers are compared against previous block identifier, and must be monotonically increasing <i.e., must be greater than the previous> to be validated/signed, and equal or lesser than block height identifiers are denied).
While Karame teaches using a proof-of-work algorithm and/or another desired consensus algorithm (Karame at [0011-013] and [0017]), it fails to specifically denote using a proof-of-stake algorithm, wherein the one or more processors are further configured to store in a memory a user stake, and to deny access to the stake if the stake provider is misbehaving.  
However, Lundin teaches confirming blocks to a blockchain using a proof of stake consensus algorithm in place of proof-of-work ([0097-099]), wherein the one or more processors are further configured to store a user stake in a memory ([0060-061] – a user’s stake is assigned a custom weight <i.e., a value of the user stake> and stored on the nodes, wherein the custom weight is used in a consensus determination for a proof-of-stake algorithm), and to deny access to the stake if the stake provider is misbehaving (Lundin at [0099] and [0132] – validators on the blockchain lose access to their stake when they misbehave).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Lundin, wherein the one or more processors are further configured to store in a memory a user stake, and wherein the one or more security processors are configured to deny access to the stake if the comparing of the candidate block 4identifier to the block identifier of the one or more verified block identifiers does not satisfy the predetermined condition, improve resistance to unauthorized hijacking of distributed ledgers (see, e.g., Lundin at [0097-099]).

Regarding claim 12, the combination of Karame and Lundin teach the device claim 11, wherein the user stake is a user stake according to a proof of stake algorithm (Lundin at [0097-099] – consensus algorithms may be based on a proof-of-stake in lieu of proof-of-work). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the combination of Karame and Lundin with the teachings of Lundin, wherein the user stake is a user stake according to a proof of stake algorithm, to improve resistance to unauthorized hijacking of distributed ledgers (see, e.g., Kurson at [0097-099]).    

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Karame in view of Kurson et al. (US20200186523, Hereinafter “Kurson”).
Regarding claim 15, Karame teaches the device of claim 1. While Karame teaches using a proof-of-work algorithm and/or another desired consensus algorithm ([0011-013] and [0017]), it fails to specifically denote wherein the one or more processors are further configured to determine a user stake and compare the determined user 26P77566 stake to a predetermined user stake threshold, and in the case that the user stake is less than the predetermined user stake threshold, to disable verification of the candidate block.  
However, Kurson teaches confirming blocks to a blockchain using a proof of stake consensus algorithm (abstract, [0049], [0060]), wherein the one or more processors are further configured to determine a user stake and compare the determined user 26P77566stake to a predetermined user stake threshold ([0091] – the system establishes a threshold amount of stake required for approval in a proof-of-stake consensus system, and each node has a different amount of stake in the system), and if the user stake is less than the predetermined user stake threshold, to disable verification of the candidate block (Note: Claim limitations must be recited positively to be a required claim limitation. The recitation of “if the […]” fails to recite a positive limitation, and accordingly the limitation is not necessary for Wang to disclose the claim set; Further, Applicant is directed to Kurson at: [0091] – the system establishes a threshold amount of stake required for approval in a proof-of-stake consensus system, and each node has a different amount of stake in the system. When the validation threshold is not med by the nodes, the system then rejects validation of the proposed record/block).  
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Karame with the teachings of Kurson, wherein the one or more processors are further configured to determine a user stake and compare the determined user 26P77566stake to a predetermined user stake threshold, and in the case that the user stake is less than the predetermined user stake threshold, to disable verification of the candidate block, to improve resistance to unauthorized hijacking of distributed ledgers (see, e.g., Kurson at [0060]).

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Karame in view of Ferrin (US20160218879, Hereinafter “Ferrin”).
Regarding claim 26, Karame teaches the security controller of claim 1. While Karame teaches using a trusted execution environment to perform security operations on the blockchain (see, e.g., Karame at abstract, [0111-114]), Karame appears to fail to specifically teach wherein the security controller is configured as, or as a component of, a smart card.  
However, Ferrin teaches using trusted execution environments in blockchain block generation (see, e.g., Ferrin at [0041-043]), wherein the security controller is configured as, or as a component of, a smart card ([0043-046] – the trusted execution environment performing the blockchain validation and signatures can be, e.g., of a smart card).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the trusted execution environment of Karame with the teachings of Ferrin, wherein the security controller is configured as, or as a component of, a smart card, so general purpose computers may be configured to provide security controller services (see, e.g., Karame at [0111-114] with Ferrin at [0043-046]).

Claim(s) 28-29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Karame in view of Lundin, further in view of Ferrin.
Regarding claim 28, the combination of Karame and Lundin teach the security controller of claim 11. While the combination of Karame and Lundin teach using a trusted execution environment to perform security operations on the blockchain (see, e.g., Karame at abstract, [0111-114]), the combination of Karame and Lundin appear to fail to specifically teach wherein the security controller is configured as, or as a component of, a smart card.  
However, Ferrin teaches using trusted execution environments in blockchain block generation (see, e.g., Ferrin at [0041-043]), wherein the security controller is configured as, or as a component of, a smart card ([0043-046] – the trusted execution environment performing the blockchain validation and signatures can be, e.g., of a smart card).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the trusted execution environment of Karame and Lundin with the teachings of Ferrin, wherein the security controller is configured as, or as a component of, a smart card, so general purpose computers may be configured to provide security controller services (see, e.g., Karame at [0111-114] with Ferrin at [0043-046]).

Regarding claim 29, the combination of Karame and Lundin teach the security controller of claim 11. While the combination of Karame and Lundin teach using a trusted execution environment to perform security operations on the blockchain (see, e.g., Karame at abstract, [0111-114]), the combination of Karame and Lundin appear to fail to specifically teach wherein the security controller is configured as, or as a component of, a physical electronic authorization device that is configured to be removeably coupled with a blockchain mining device.  
However, Ferrin teaches using trusted execution environments in blockchain block generation (see, e.g., Ferrin at [0041-043]), wherein the security controller is configured as, or as a component of, a physical electronic authorization device that is configured to be removeably coupled with a blockchain mining device ([0043-046] – the trusted execution environment performing the blockchain validation and signatures can be, e.g., of a smart card <i.e., removably couplable with the miner>).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the trusted execution environment of Karame and Lundin with the teachings of Ferrin, wherein the security controller is configured as, or as a component of, a physical electronic authorization device that is configured to be removeably coupled with a blockchain mining device, so general purpose computers may be configured to provide security controller services (see, e.g., Karame at [0111-114] with Ferrin at [0043-046]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Andreina et al. (US20200106623) discloses a proof-of-stake blockchain protocol on a blockchain network, wherein trusted execution environments on the mining nodes are used to sign and add blocks to the blockchain (see, e.g., abstract, [0019-029], [0035]). Windland et al. (US20160284033) discloses a blockchain system wherein block numbers previously added to the blockchain are used as comparison against a new block to be added (see abstract, [0136]). Karame et al. (US20200228318) discloses a method for registering mining computing entities holding trusted execution environments, and using a proof-of-stake system for adding nodes (see, e.g., abstract, [0014], [0026]). Gleichauf et al. (US20200007513) teaches a blockchain technique for creating candidate blocks, and sending the candidate blocks to a verification node (see, e.g., abstract, [0025]).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365. The examiner can normally be reached Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                                        /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438