METHOD OF DETECTING ANOMALIES IN A BLOCKCHAIN NETWORK AND BLOCKCHAIN NETWORK IMPLEMENTING SUCH A METHOD

§103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Status of Claims The Amendment filed on November 18, 2025, has been entered. Claims 1, 12 and 13 were amended. As a result, claims 1-15 are pending, of which claims 1, 12 and 13 are in independent form. Response to Amendment Applicant’s amendment and arguments regarding claims 1, 12, and 13 do not obviate the claim rejection, therefore the rejection under 35 U.S.C. § 112(a) is maintained. Applicant’s amendment and arguments regarding claims 1, 12, and 13 do not obviate the claim rejection, therefore the rejection under 35 U.S.C. § 112(b) is maintained. Response to Arguments Applicant’s arguments with respect to claim(s) are rejected, under 35 USC 103(a), have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter. Claim Rejections - 35 USC § 112(a) On pages 6-8 of Remarks, Applicant argues that “wherein the non-provisional specification explicitly and unambiguously discloses each of these limitations” as recited in claim 1 “measuring at least one operational parameter ... , wherein the at least one operational parameter that is measured comprises one or more a latency of communications of said at least one node with at least one other node of the plurality of nodes”. Applicant asserts “paragraph [0017] of the specification expressly states:"...by measuring the latency of communications of one node with at least one other node of the network, then by injecting the measured value of this latency into a heuristic model, it is possible to detect an abnormal latency and therefore to detect an attack in progress...". The examiner disagrees. Paragraph [0017] merely provides a list of example operational parameters, such as communication latency, communication topology, internal clock… The specification does not disclose any structure that performs the measurement, any algorithm for calculating communication latency, any technique for determining communication topology… without describing how that parameter is measured. Accordingly, the specification fails to provide sufficient written description support of the claimed “measuring at least one operational parameter”. Further, Applicant argues that “Written Description Support for Measuring Communication Topology” as recited in claim 1 “wherein the at least one operational parameter that is measured comprises …a topology of communication...”. Applicant asserts “paragraph [0018] states: "... it is possible with the method according to the invention to detect an eclipse attack, for example by measuring the communication topology of at least one node...". The examiner disagrees. There is no support for the term “topology” in paragraph [0018]. Paragraph [0018] describes measuring an operational parameter and in converted into a value suitable for injection into a heuristic model. Accordingly, the specification does not disclose any structure that performs the measurement, or any algorithm as to how a topology of communication was measured. Furthermore, Applicant argues that “Written Description Support for Injecting Measured Values Into a Heuristic Model” as recited in claim 1 “measuring at least one operational parameter ... , wherein the at least one operational parameter that is measured comprises one or more a latency of communications of said at least one node with at least one other node of the plurality of nodes”. Applicant asserts “paragraph [00129] of the specification unambiguously states:"...it is possible to inject the communication topology of several measured nodes into a heuristic model in order to detect if one of these measured nodes has an anomaly." Applicant relies on “paragraph [0129] ” as alleged support for claimed limitation. However, review of the specification as filed indicates that no paragraph [0129] exists. Paragraph [0097] discloses “it is possible to inject together several measured values of this operational parameter at several measured nodes. For example, it is possible to inject the communication topology of several measured nodes into a heuristic model in order to detect if one of these measured nodes has an anomaly”. The specification fails to disclose any algorithm, structure, or defined process for performing the claimed injecting step. Therefore, the specification fails to provide sufficient written description support for the claimed “injection” step. Thus, the rejection under 35 USC § 112 (a) is maintained. Claim Rejections - 35 USC § 112(b) On page 8 of Remarks, Applicant argues that “wherein "injecting" has a well-established meaning in the art as one of ordinary skill in the art would appreciate”. The examiner disagrees. The term “injecting” renders the claim indefinite. Applicant asserts that “injecting” has a well-established meaning in the art. However, even if the word “inject” is used in various computing contexts, the claim fails to define, what constitutes an “injection”, and what is the mechanism of injection. For example, the specification merely states that it is “possible to inject” measured values into a heuristic model “it is possible to inject the communication topology of several measured nodes into a heuristic model in order to detect if one of these measured nodes has an anomaly”, see paragraph [0097]. This functional statement does not clarify the scope of the term “injecting”. The term “injecting ” is therefore ambiguous and does not define the metes and bonds of the claimed method. Accordingly, the claim fails to comply with 35 USC § 112(b). Claim Rejections - 35 USC § 103 On Pages 9-11 of Applicant’s response to the office action, regarding the cited limitation of the independent claims 1, 12, and 13, Applicant argues that “Novotny '673 fails to disclose " injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model, an output of predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value,…”. Applicant’s arguments, with respect to the rejection(s) of claim(s) 1, 12 and 13 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of ISAAC (WO 2021/176460 A1). As to the dependent claims 2-11, and 14-15, these claims remain rejected by virtue of dependency to their independent claims 1, 12 and 13. Therefore, the examiner maintains the rejection under 35 USC § 103. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL. — The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-15 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim 1 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim 1 recites “measuring at least one operational parameter of said at least one measured node; and injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model, an output of the predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value; wherein the at least one operational parameter that is measured comprises one or more of a latency of communications of said at least one node with at least one other node of the plurality of nodes, a topology of communication of said at least one node, representative of other nodes of the plurality of nodes that the at least one node communicates with”. The non-provisional specification fails to provide written description support for the claim limitation of “measuring at least one operational parameter… , wherein the at least one operational parameter that is measured comprises one or more a latency of communications of said at least one node with at least one other node of the plurality of nodes” (i.e., by measuring the latency of communications of one node with at least one other node of the network, then by injecting the measured value of this latency into a heuristic model, it is possible to detect an abnormal latency and therefore to detect an attack in progress seeking to slow the transmission of messages within the blockchain network”, see paragraph [0017]). It is noted that there are no specific steps or calculations for measuring an operational parameter comprising one or more latency of communications of one node. Further, The non-provisional specification fails to provide written description support for the claim limitation of “injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model signaling a possible anomaly within said blockchain network based on said at least one measured value” (i.e., it is possible with the method according to the invention to detect an eclipse type attack, for example by measuring the communication topology of at least one node, that is, with which other nodes of the network said node is communicating. In effect, an eclipse attack against a node of the network seeks to isolate that node from the rest of the blockchain network, which involves a communication topology change of that node of the blockchain network”, see paragraph [0018]). It is noted that there are no specific steps or calculations for measuring an operational parameter comprising a topology of communication of said at least one node. Furthermore, the non-provisional specification fails to provide written description support for the claim limitation of “measuring at least one operational parameter…, a topology of communication of said at least one node, representative of other nodes of the plurality of nodes that the at least one node communicates with (i.e., the injection of the values into a heuristic model may be carried out individually for each operational parameter. In this case, it is possible to inject together several measured values of this operational parameter at several measured nodes. For example, it is possible to inject the communication topology of several measured nodes into a heuristic model in order to detect if one of these measured nodes has an anomaly”, see paragraph [0097]). It is noted that there is no specific algorithm for injection of the values into a heuristic model. In addition, The non-provisional specification fails to provide written description support for the claim limitation of “an output of the predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value” (i.e., the method according to the invention makes it possible to carry out a more complete detection of anomalies, particularly of anomalies symptomatic of a cyberattack and therefore less susceptible to generating false positives”, see paragraph [0059]). The disclosure describes that the heuristic model “signal a possible anomaly” see paragraphs [0101]-[0102], but it does not describe an identifiable output of the heuristic model as claimed. The specification does not describe does not characterize the anomaly determination as an “output” nor describe its technical form. Note though that a claim will not be found inadequate on section 112(a) ground simply because the embodiments of the specification do not contain examples explicitly covering the full scope of the claim language. That is because the patent specification is written for a person of ordinary skill in the art, and such a person comes to the patent disclosure with the knowledge of what has come before. While a claim will not usually be limited to a particular species described in the specification, it is clear from the non-provisional specification in this application that the disclosed. The level of detail required to satisfy the written description requirement varies depending on the nature and scope of the claims and on the complexity and predictability of the relevant technology. Ariad, 598 F.3d at 1351, 94 USPQ2d at 1172; Capon v. Eshhar, 418 F.3d 1349, 1357-58, 76 USPQ2d 1078, 1083-84 (Fed. Cir. 2005). Computer-implemented inventions are often disclosed and claimed in terms of their functionality. For computer-implemented inventions, the determination of the sufficiency of disclosure will require an inquiry into the sufficiency of both the disclosed hardware and the disclosed software due to the interrelationship and interdependence of computer hardware and software. The critical inquiry is whether the disclosure of the application relied upon reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date. Vasudevan Software, Inc. v. MicroStrategy, Inc., 782 F.3d 671, 682. 114 USPQ2d 1349, 1356 (citing Ariad Pharm., Inc. V. Eli Lilly & Co, 598 F.3d 1336, 1351, 94 USPQ2d 1161, 1172 (Fed. Cir. 2010) in the context of determining possession of a claimed means of accessing disparate databases). Independent claims 12 and 13 are similarly rejected. Claims 2-11 and 14-15 which are dependent to claims 1, 12, and 13 are similarly rejected. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION. — The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 1 recites the limitation “injection of the values into a heuristic model” renders the claim indefinite. It is unclear as to how the values are injected into a heuristic model. It is not clear what the term “inject” is referring to. The examiner suggests clarifying the term “inject” to rectify the issue. Claim 1 recites the limitation “injecting at least one measured value … an output of the predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack” renders the claim indefinite. The claim does not specify whether the output is generated upon injection. Moreover, there is no step of generating or obtaining the output. It is unclear whether “an output of the predetermined heuristic model” is a separate method step. Accordingly, a person of ordinary skill in the art would not be able to determine with certainty, the metes and bounds of the claimed invention. The examiner suggests clarifying the term “an output” to rectify the issue. Claim 1 recites the limitation “an output of the predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack” renders the claim indefinite. The claim does not provide objective boundaries for what constitutes “a possible anomaly”, a person of ordinary skill in the art would not be able to determine with certainty, the metes and bounds of the claimed invention. The examiner suggests clarifying the term “a possible anomaly” to rectify the issue. Independent claims 12 and 13 are similarly rejected. Claims 2-11 and 14-15 which are dependent to claims 1, 12, and 13 are similarly rejected. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-7 and 12-15 are rejected under 35 U.S.C. 103 as being unpatentable over the article entitled “Monitoring the Bitcoin Network for Malicious Behaviour” by Justin in view of ISAAC (WO 2021/176460 A1), hereinafter ISAAC. In regard to claim 1, Justin discloses a method of detecting anomalies within a blockchain network comprising a plurality of nodes, said method comprising (Justin, section 1.2, the data collected by these modified Bitcoin clients will then be further processed by our second component in order to find patterns of network traffic or activity that indicates suspicious behavior. The system is based on the principles used in intrusion detection systems (IDS). In these systems, two different approaches can be used to detect an ongoing attack: misuse detection and anomaly detection): for at least one node of said plurality of nodes, said at least one node comprising at least one measured node of said blockchain network (Justin, section 4.2.1, the first step is to make sure that our Honey node is logging all the information we need and is not missing essential data. This means that from the logged data, we should be able to detect any of the network-level attacks), Justin does not explicitly disclose measuring at least one operational parameter of said at least one measured node; and injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model, an output of predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value, wherein the at least one operational parameter that is measured comprises one or more of a latency of communications of said at least one node with at least one other node of the plurality of nodes; a topology of communication of said at least one node, representative of other nodes of the plurality of nodes that the at least one node communicates with. However, ISAAC teaches measuring at least one operational parameter of said at least one measured node (ISSAC, Para. 0028, the data is associated with latency and only abnormally high values are considered anomalies) and (ISSAC, Fig. 4, Para. 0052, for example modules may be stored in memory 405 of FIG. 4, and these modules may provide instructions so that when the instructions of a module are executed by respective RAN node processing circuitry 403, processing circuitry 403 performs respective operations of the flow charts)injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model (ISAAC, Para. 0056, At block 620, processing circuitry 403 determines anomaly scores based on the time series data. In some embodiments, the anomaly scores are determined by an outlier detector (e.g., using a z-score model)) and (ISAAC, Para. 0028, an outlier detection process used for independent and identically distributed ("IID") data includes obtaining residuals (e.g., components free of seasonality) and applying an outlier detection algorithm to obtain scores and set a threshold), an output of predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value (ISAAC, Paras. 0042-0043, the following process describes the adaptive thresholding heuristic for anomaly detection … the output is one or more anomaly flags. The operations of the process including: 1) Fit the model M using Y; 2) S = scores of Y using M; 3) thresh_list = unique values of S; 4) Sort thresh_list by its values according to the specified tail - if left: ascending order, if right: descending order, if two: descending order; and 5) Initialize previous_thresh to store the first item in thresh_list) wherein the at least one operational parameter that is measured comprises one or more of a latency of communications of said at least one node with at least one other node of the plurality of nodes (ISAAC, Para. 0028, the data is associated with latency and only abnormally high values are considered anomalies. In additional or alternative examples, the data is associated with bandwidth and only abnormally low values are considered anomalies. In additional or alternative examples, the data is associated with load and both abnormally low values and abnormally high values are considered anomalies) and (ISAAC, Fig. 4, RAN node) and (ISAAC, fig. 5, CN node); Justin and ISAAC are both considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filing date of the claimed invention to have modified Justin to incorporate the teachings of ISAAC to include measuring at least one operational parameter of said at least one measured node (ISSAC, Para. 0028, the data is associated with latency and only abnormally high values are considered anomalies) and (ISSAC, Fig. 4, Para. 0052); and injecting at least one measured value of said at least one operational parameter that is measured into a predetermined heuristic model (ISAAC, Para. 0056) and (ISAAC, Para. 0028), an output of predetermined heuristic model including data signaling a possible anomaly indicative of a cyberattack within said blockchain network based on said at least one measured value (ISAAC, Paras. 0042-0043); wherein the at least one operational parameter that is measured comprises one or more of a latency of communications of said at least one node with at least one other node of the plurality of nodes (ISAAC, Para. 0028) and (ISAAC, Fig. 4, RAN node) and (ISAAC, fig. 5, CN node)). Doing so would aid to adaptively determine a final threshold value to be a threshold value that identifies anomalies in data while meeting a threshold anomaly proportion value and a threshold anomaly periodicity value, provides an innovative way to detect and handle concept drift that more accurately identifies anomalies using less processing resources (ISAAC, Para. 0008). In regard to claim 2, the combination of Justin in view of ISAAC teaches the method according to claim 1, wherein said at least one measured node is a real node of the blockchain network (Justin, section 4.1, we name our monitoring system Honey node. It will run a modified version of Bitcoin Core and act as a passive full Bitcoin node. By running a full node). In regard to claim 3, the combination of Justin in view of ISAAC teaches the method according to claim 1, wherein said at least one measured node is a decoy node deployed within the blockchain network (Justin, section 7.1, the Honey node is a completely passive node that only monitors the data it receives. We have seen that this leads to a long set up time. It takes several weeks for the network to learn about the existence of the Honey node). In regard to claim 4, the combination of Justin in view of ISAAC teaches the method according to claim 1, wherein said injecting said at least one measured value is implemented at a decoy node deployed within the blockchain network (Justin, section 4.3.1, the two log-files and the five dictionaries produced by the Honey node are transferred to the remote processing unit once a day in order to be processed together with the outputs received from other Honey nodes). In regard to claim 5, the combination of Justin in view of ISAAC teaches the method according to claim 1, wherein said injecting said at least one measured value is implemented at a central module, and wherein the method further comprises transmitting said at least one measured value to said central module (Justin, section 4.3.1, the two log-files and the five dictionaries produced by the Honey node are transferred to the remote processing unit once a day in order to be processed together with the outputs received from other Honey nodes). In regard to claim 6, the combination of Justin in view of ISAAC teaches the method according to claim 1, wherein the at least one measured value of said at least one operational parameter of said at least one measured node is read in an operational log of said at least one measured node (Justin, section 4.2, We propose two different strategies to collect the data listed in the third column of table 4.1. At first, we make use of the debug.log file generated by the node). In regard to claim 7, the combination of Justin in view of ISAAC teaches the method according to claim1, wherein at least one communication relative to implementation of the method is encrypted (Justin, section 2.1.2, the proof-of-work concept implicates that during the mining process every peer has to solve a puzzle. This puzzle consists in finding a nonce that when hashed with SHA-256 (twice) together with the hash value of all transactions, and the hash of the previous block results in a string starting with a predefined number of zero bits decided by Bitcoin’s Core algorithm). In regard to claim 12, the method of claim 12 relates to the method claim 1. Therefore, claim 12 is rejected for the same reason. In regard to claim 13, the method of claim 13 relates to the method claim 1 and method claim 12. Therefore, claim 13 is rejected for the same reason. In regard to claim 14, the method of claim 14 relates to the method claim 3. Therefore, claim 14 is rejected for the same reason. In regard to claim 15, the combination of Justin in view of ISAAC teaches the blockchain network according to claim 13, further comprising a central module (Justin, section 4.3.1, the two log-files and the five dictionaries produced by the Honey node are transferred to the remote processing unit once a day in order to be processed together with the outputs received from other Honey nodes). Claims 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over the article entitled “Monitoring the Bitcoin Network for Malicious Behaviour” by Justin in view of ISAAC (WO 2021/176460 A1), hereinafter ISAAC and further in view of Taylor et al. (US 10,963,786 B1), hereinafter Taylor. In regard to claim 8, the combination of Justin in view of ISAAC does not explicitly teach the method according to claim1, wherein said predetermined heuristic model comprises at least one heuristic model that is provided for comparing said at least one measured value that is injected to at least one predefined threshold value. However, Taylor teaches wherein said predetermined heuristic model comprises at least one heuristic model that is provided for comparing said at least one measured value that is injected to at least one predefined threshold value (Taylor, Col. 16, Lines 15-20, when the autoencoder is deployed a blockchain in a normal or healthy blockchain state will exhibit a minimal reconstruction loss, i.e., min ∥xh−xh 1∥. If the ‘reconstruction loss’ is substantially higher on data during deployment, e.g., against a threshold, and/or the blockchain is in an unhealthy blockchain state). Justin and ISAAC and Taylor are all considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filing date of the claimed invention to have modified Justin and ISAAC to incorporate the teachings of Taylor to include wherein said predetermined heuristic model comprises at least one heuristic model that is provided for comparing said at least one measured value that is injected to at least one predefined threshold value (Taylor, Col. 16, Lines 15-20). Doing so would aid to identify and isolate anomalies and to identify and trigger appropriate remedial actions including pushing block level representations of at least some anomaly information into a blockchain network as described in a smart contract (Taylor, Col. 5, Lines 45-50). In regard to claim 9, the combination of Justin in view of ISAAC does not explicitly teach the method according to claim1, wherein said predetermined heuristic model comprises at least one heuristic model that comprises a neuronal network previously trained to detect at least one anomaly from at least one value of an operational parameter that is provided to it. However, Taylor teaches wherein said predetermined heuristic model comprises at least one heuristic model that comprises a neuronal network previously trained to detect at least one anomaly from at least one value of an operational parameter that is provided to it (Taylor, Col. 9, Lines 23-26, the deep learning system 132 trains some of the learning model (s) 134 implementing neural networks in semi - super vised modalities to recognize anomalies and trigger remedial actions). Justin and ISSAC and Taylor are all considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Justin and ISSAC and Taylor are all considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filing date of the claimed invention to have modified Justin and ISAAC to incorporate the teachings of Taylor to include wherein said predetermined heuristic model comprises at least one heuristic model that comprises a neuronal network previously trained to detect at least one anomaly from at least one value of an operational parameter that is provided to it (Taylor, Col. 9, Lines 23-26). Doing so would aid to identify and isolate anomalies and to identify and trigger appropriate remedial actions including pushing block level representations of at least some anomaly information into a blockchain network as described in a smart contract (Taylor, Col. 5, Lines 45-50). In regard to claim 10, the combination of Justin in view of ISAAC does not explicitly teach the method according to claim1, further comprising sending an alert message when said injecting said at least one measured value signals an anomaly. However, Taylor teaches further comprising sending an alert message when said injecting said at least one measured value signals an anomaly (Taylor, Col. 9, Lines 45-50, Learning model(s) 134 in conjunction with event hub 115 enable interface server(s) 102 to apply machine learning techniques (cluster identification, free form input learning) to observational global state of the block level events in the block chain, input of responses to follow-up questions obtained from user responses and actions, to identify anomalies, and decide when to gather additional information and/or filing a report to another entity into the blockchain network 106). Justin and ISAAC and Taylor are all considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filing date of the claimed invention to have modified Justin and ISSAC to incorporate the teachings of Taylor to include further comprising sending an alert message when said injecting said at least one measured value signals an anomaly (Taylor, Col. 9, Lines 45-50). Doing so would aid to identify and isolate anomalies and to identify and trigger appropriate remedial actions including pushing block level representations of at least some anomaly information into a blockchain network as described in a smart contract (Taylor, Col. 5, Lines 45-50). Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over the article entitled “Monitoring the Bitcoin Network for Malicious Behaviour” by Justin, in view of ISAAC (WO 2021/176460 A1), hereinafter ISAAC, in view of Taylor et al. (US 10,963,786 B1), hereinafter Taylor, and further in view of Zamani et al. (US 2020/0162264 A1), hereinafter Zamani. In regard to claim 11, the combination of Justin and ISAAC in view of Tylor does not explicitly teach the method according to claim10, wherein, when said injecting said at least one measured value signals said anomaly, said method further comprises an incident response step comprising executing any combination of at least one of: excluding certain nodes that have a Byzantine behavior, suspending a protocol for a time to make a report and prevent forging corrupt blocks94 updating the protocol via a consensus. However, Zamani teaches wherein, when said injecting said at least one measured value signals said anomaly, said method further comprises an incident response step comprising executing any combination of at least one of (Zamani, Para. 0005, The use of PoW not only allows the consensus protocol to impede Sybil attacks by limiting the rate of malicious participants joining the system): excluding certain nodes that have a Byzantine behavior (Zamani, Para. 0167, wherein f can be the fraction of nodes that are malicious nodes. If more than e nodes from a committee correctly announce that they were elected, then that committee is dishonest, and all other nodes can determine to not accept any messages from any elected nodes from that committee), suspending a protocol for a time to make a report and prevent forging corrupt blocks94 (Zamani, Para. 0094, the time-to-failure of the protocol of Elastico decreases rapidly for larger network sizes. For Omni Ledger, it can be expected that larger network sizes will, at best, only slightly increase the throughput due to large committee sizes required. The latency numbers reported in Table 2 refer to block (or transaction) confirmation times which is the delay from the time that a block maker proposes the block to the network until it is confirmed as a valid transaction by the network), updating the protocol via a consensus (Zamani, Para. 0007, one can expect a larger growth in the size of blockchains that are updated via higher-throughput consensus protocols than that of Bitcoin) and (Zamani, Para. 0210). Justin, ISAAC, Taylor and Zamani are all considered to be analogues to the claimed invention because they are in the same field of detecting anomalies within a blockchain network. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filing date of the claimed invention to have modified Justin, ISAAC and Taylor to incorporate the teachings of Zamani to include when said injecting said at least one measured value signals said anomaly, said method further comprises an incident response step comprising executing any combination of at least one of (Zamani, Para. 0005): excluding certain nodes that have a Byzantine behavior (Zamani, Para. 0167), suspending a protocol for a time to make a report and prevent forging corrupt blocks94 (Zamani, Para. 0094), updating the protocol via a consensus (Zamani, Para. 0007) and (Zamani, Para. 0210). Doing so would aid to protect the transaction entries in the ledger from being doctored with false transaction data. This can prevent double spending and make all transactions immutable and irreversible, and therefore make the ledger trustworthy (Zamani, Para. 0051). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GITA FARAMARZI whose telephone number is (571)272-0248. The examiner can normally be reached Monday- Friday 9:00 am- 6:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached at (571)272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /GITA FARAMARZI/Examiner, Art Unit 2496 /JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496