Zyberix: A Web3-Powered Educational Game for Cybersecurity Awareness

Zyberix: A Web3-Powered Educational Game for Cybersecurity Awareness

Ronny Sebastian Roy, Sreekanth VP, Surya Gopalakrishnan, and Thanmaya S Krishna Project Guide: Asst Prof Sonu Kuriakose

Department of Computer Science and Engineering Toc H Institute of Science and Technology Arakkunnam, Ernakulam, Kerala – 682 313, India

AbstractThe proliferation of cyber threats and the increasing digital vulnerability of students necessitate innovative educational approaches to cybersecurity awareness. Traditional methods of teaching cybersecurity often fail to engage learners effectively, resulting in poor knowledge retention and limited practical skills. This paper introduces Zyberix, an interactive educational game that leverages Web3 technologies to teach cybersecurity concepts through immersive gameplay and blockchain-based incentives. By integrating Unity game engine with Ethereum smart contracts, IPFS decentralized storage, and NFT rewards, Zyberix creates an engaging learning environment that simulates realistic cyber threats including phishing, malware, and social engineering attacks. The system rewards successful challenge completion with veriable Non-Fungible Tokens (NFTs), provid- ing both motivation and an introduction to blockchain technology. This research demonstrates how gamied experiential learning combined with Web3 technologies can signicantly enhance cybersecurity education, addressing the critical gap between theoretical knowledge and practical application while fostering digital literacy among students.

Index TermsCybersecurity education, gamication, blockchain, Web3, NFT, IPFS, Ethereum, smart contracts, experiential learning, digital literacy

1. Introduction

   1. Background Information

      In the contemporary digital landscape, cybersecurity threats have become increasingly sophisticated and pervasive. Stu- dents, as digital natives, face constant exposure to cyber risks including phishing attacks, malware infections, social engineering attempts, and data breaches. Despite this reality, traditional cybersecurity education primarily relies on passive learning methods such as lectures and textbook reading, which often fail to prepare students for real-world threat scenarios.

      Research indicates that passive educational approaches re- sult in poor engagement, limited knowledge retention, and a signicant theory-practice gap. Students may understand cybersecurity concepts theoretically but lack the practical skills to identify and respond to actual threats. This educational deciency has serious implications as cyber attacks continue to target individuals, particularly students who may be less aware of digital security practices.

      Zyberix addresses these challenges by transforming cyber- security education into an interactive, engaging experience. By leveraging game-based learning principles and integrating

      emerging Web3 technologies, the platform creates an immer- sive environment where students actively confront simulated cyber threats, make critical decisions, and develop practical defensive skills. The integration of blockchain-based NFT re- wards adds a novel incentive mechanism while simultaneously introducing students to fundamental concepts of decentralized technology and digital ownership.

   2. Research Problem

      Current cybersecurity education faces three critical chal- lenges:

      Engagement Decit: Traditional teaching methods fail to capture and maintain student interest in cybersecurity top- ics. Passive consumption of information does not align with modern learning preferences, particularly among Generation Z students who expect interactive and technology-driven ex- periences.

      Theory-Practice Gap: Students rarely encounter opportu- nities to apply cybersecurity knowledge in realistic, simulated environments. The absence of hands-on experience with actual threat scenarios leaves learners unprepared to recognize and respond to cyber attacks in real-world situations.

      Underutilized Incentive Mechanisms: Existing educa- tional platforms have not fully explored the potential of Web3 technologies such as blockchain and NFTs to create powerful, veriable incentives for learning achievement. These technologies offer unique opportunities to motivate learners and provide tangible proof of skill acquisition.

   3. Signicance of the Research

      This research contributes to both cybersecurity education and educational technology by demonstrating how Web3 tech- nologies can enhance learning outcomes. The signicance includes:

      • Innovative Pedagogical Approach: Combines gamied experiential learning with blockchain technology to create a novel educational model applicable beyond cybersecu- rity.

      • Practical Skill Development: Provides students with hands-on experience identifying and responding to cyber threats in a safe, controlled environment.

      • Digital Literacy Enhancement: Introduces fundamen- tal blockchain concepts and digital ownership principles through practical application.

      • Veriable Achievement System: Creates immutable, blockchain-based credentials that students can use to demonstrate their cybersecurity knowledge.

      • Scalable Framework: Establishes a replicable model for integrating Web3 technologies into educational applica- tions across various domains.

2. Literature Review

   1. Overview of Relevant Literature

      Research in gamied learning and blockchain applications in education has grown substantially in recent years. Studies demonstrate that gamication signicantly enhances student engagement, motivation, and knowledge retention across var- ious disciplines. Simultaneously, blockchain technology has emerged as a promising tool for creating veriable credentials, secure data management, and decentralized incentive systems in educational contexts.

   2. Key Theories and Concepts

      1. Gamication in Education: Gamication applies game design elements in non-game contexts to enhance user en- gagement and motivation. Core mechanics include points, levels, badges, leaderboards, challenges, quests, immediate feedback, and narrative storytelling. Research by Durmaz et al. demonstrates that gamication elements signicantly inuence explicit motive dispositions and learning outcomes.

      2. Experiential Learning Theory: Kolbs Experiential Learning Theory provides a framework consisting of four phases: Concrete Experience (hands-on engagement), Reec- tive Observation (analyzing experiences), Abstract Conceptu- alization (connecting experiences to theoretical knowledge), and Active Experimentation (applying learning). Gamied ap- proaches naturally align with this cycle by providing concrete experiences through gameplay.

      3. Blockchain and Web3 Technologies: Blockchain tech- nology provides decentralized, immutable, and transparent ledger systems. Smart contracts enable automated execution of predened rules without intermediaries. NFTs represent unique, veriable digital assets with proven ownership. IPFS offers decentralized storage, distributing data across peer-to- peer networks. These technologies collectively enable new models for digital credentials, incentive systems, and content authentication.

   3. aps in the Literature

   While existing research validates gamication for education and blockchain for credential management separately, limited work explores their integrated application for cybersecurity education. Most cybersecurity training tools focus on pro- fessional audiences rather than students. Furthermore, few educational platforms leverage NFTs as both motivational tools and educational content about blockchain technology

   itself. Zyberix addresses these gaps by combining interac- tive cybersecurity simulation with Web3-based rewards in a student-focused platform.

   Unlike traditional cybersecurity training tools that rely on quizzes or lecture-based simulations, Zyberix integrates game- based threat scenarios with blockchain-based reward systems. Existing platforms such as phishing simulation tools primar- ily focus on detection training, whereas Zyberix combines experiential gameplay, Web3 technologies, and NFT-based achievements to enhance both engagement and digital literacy.

3. Methodology

   1. Research Design

      Zyberix employs a feature-driven development approach with modular architecture to ensure maintainability and scal- ability. The development process integrates agile methodolo- gies, allowing iterative renement based on testing feedback. The project emphasizes both technical robustness and user experience optimization to create an engaging educational platform.

   2. System Architecture

      Fig. 1. System Architecture

      The system architecture comprises ve integrated modules:

      1. Game Environment Module: Developed using Unity game engine with C# scripting, this module provides the core interactive platform. It manages game logic, visual rendering, user input handling, and overall game state progression. The interface design prioritizes intuitive navigation and engaging visual presentation to maintain student interest throughout the learning experience.

      2. Threat Simulation Levels: Each level focuses on a spe- cic cybersecurity threat category:

         • Phishing Detection: Players identify fraudulent emails, recognize suspicious URLs, and avoid social engineering tactics.

         • Malware Recognition: Scenarios involving suspicious downloads, infected attachments, and malicious software behavior.

         • Social Engineering Defense: Simulations of manipula- tion attempts, pretexting, and unauthorized information disclosure.

         • Password Security: Challenges involving password strength, multi-factor authentication, and credential man- agement.

      3. Final Boss Challenge: A comprehensive, timed assess- ment that synthesizes skills from all previous levels. This module simulates a complex, multi-vector cyber attack re- quiring players to detect threats, implement countermeasures, and manage consequences under pressure. Success requires demonstration of mastery across all learned concepts.

      4. Web3 Integration Module: Utilizes Web3.js library to es- tablish communication between Unity frontend and blockchain backend. Key functionalities include:

         • Wallet connection and authentication via MetaMask

         • Smart contract interaction for NFT minting and verica- tion

         • Transaction signing and blockchain state queries

         • Error handling for failed transactions

      5. NFT Reward System: Implements blockchain-based in- centives through:

         • Smart Contracts: Written in Solidity, deployed on Ethereum (testnet initially), dening NFT collection structure and minting logic.

         • IPFS Storage: Decentralized storage of NFT metadata and associated artwork via Pinata API.

         • Wallet Integration: MetaMask manages user keys and facilitates transaction signing.

         • Reward Triggering: Successful challenge completion veried on-chain triggers automated NFT minting and transfer.

   3. Data Collection Methods

      The system tracks two primary data categories:

      Game Performance Data: Unity collects player decisions, challenge completion rates, time metrics, and error patterns. This data informs both player progress and system renement. Blockchain Transaction Data: Smart contracts record NFT minting events, ownership transfers, and wallet interactions. IPFS maintains immutable storage of reward assets. This creates a permanent, veriable record of student achievements.

   4. Development Technologies

   • Game Engine: Unity (C# scripting)

   • Blockchain Platform: Ethereum (Sepolia testnet for development)

   • Smart Contract Language: Solidity

   • Blockchain Interaction: Web3.js, Ether.js

   • Decentralized Storage: IPFS with Pinata API

   • Wallet: MetaMask browser extension

   • Development Tools: Hardhat (smart contract develop- ment), Ganache (local blockchain testing)

   • Version Control: GitHub for collaboration and code management

4. System Implementation

   1. Game Level Design

      Each cybersecurity level follows a structured learning pro- gression:

      Introduction Phase: Brief contextual information about the threat type, presented through narrative elements or dialogue.

      Fig. 2. Cipher- Digital World Guide Explaining the threat.

      Scenario Presentation: Players encounter realistic situa- tions (e.g., receiving suspicious emails, visiting potentially malicious websites).

      Fig. 3. Scenarios

      Decision Points: Interactive moments requiring players to identify risks, select appropriate actions, or apply defensive measures.

      Immediate Feedback: Real-time consequences of deci- sions, showing either successful threat mitigation or the results of poor choices.

      Level Completion: Achievement criteria based on correct decisions and effective threat response.

      Fig. 4. Gameplay

      Fig. 5. Rewards

   2. Smart Contract Architecture

      The NFT smart contract implements ERC-721 standard with custom functionality:

      contract ZyberixNFT is ERC721 { uint256 public tokenCounter;

      }

   3. IPFS Integration

      NFT metadata and artwork storage follows this workow:

      1. Reward artwork created and stored locally

      2. File uploaded to IPFS via Pinata API

      3. Unique Content Identier (CID) generated

      4. Metadata JSON created with IPFS CID reference

      5. Metadata uploaded to IPFS, generating metadata CID

      6. Metadata CID passed to smart contract during minting

   4. Web3 Wallet Integration

   MetaMask integration enables secure blockchain interac- tion:

   • User authentication through wallet connection

   • Transaction signing for NFT claiming

   • Gas fee estimation and user approval

   • Network selection (testnet vs mainnet)

   • NFT display within wallet interface

5. Experimental Setup

   1. Research Desig

      Zyberix employs a feature-driven development approach with modular architecture to ensure maintainability and scal- ability. The development process integrates agile methodolo- gies, allowing iterative renement based on testing feedback. The project emphasizes both technical robustness and user experience optimization to create an engaging educational platform.

      The research follows a design science methodology, focus- ing on artifact creation and evaluation. The study progresses through iterative cycles of design, implementation, and testing to rene both technical functionality and educational effective- ness.

   2. Data Collection Methods

      The system tracks two primary data categories:

      Game Performance Data: Unity collects player decisions, challenge completion rates, time metrics, and error patterns. This data informs both player progress and system renement. Specic metrics include:

      • Level completion times and attempt counts

      • Decision accuracy at critical gameplay moments

      • Frequency of common errors in threat identication

        mapping(uint256 => string) public tokenURIs;Player progression patterns through difculty levels

        Blockchain Transaction Data: Smart contracts record NFT

        function mintReward( address player,

        string memory metadataURI

        ) public returns (uint256) {

        uint256 newTokenId = tokenCounter;

        _safeMint(player, newTokenId); tokenURIs[newTokenId] = metadataURI; tokenCounter++;

        return newTokenId;

        }

        minting events, ownership transfers, and wallet interactions.

        IPFS maintains immutable storage of reward assets. This creates a permanent, veriable record of student achievements, including:

        • Timestamp of achievement completion

        • Unique NFT identiers linked to specic challenges

        • Transaction hashes for verication

        • Metadata references stored on IPFS

        User Feedback Data: Post-gameplay surveys capture sub- jective assessments using 5-point Likert scales measuring

        engagement, perceived learning effectiveness, system usability, and satisfaction with rewards mechanism.

   3. Sample Selection

      Initial prototype testing utilized a convenience sample of 15 undergraduate computer science students from Toc H In- stitute of Science and Technology. Participants varied in prior cybersecurity knowledge (ranging from none to intermediate) and blockchain familiarity (12 had no prior Web3 experience). Selection criteria included:

      • Active enrollment in computer science program

      • Access to laptop meeting minimum system requirements

      • Willingness to install MetaMask wallet

      • Availability for 60-minute testing session

        The evaluation was conducted with a sample of 15 partici- pants due to the prototype-stage testing.Future comprehensive evaluation will employ stratied random sampling and more diverse participant groups across multiple institutions to ensure demographic diversity and generalizability.

   4. Data Analysis Techniques

      Analysis methods include:

      Quantitative Analysis:

      • Descriptive statistics for performance metrics (mean, me- dian, standard deviation)

      • Pre-post comparison of threat identication accuracy us- ing paired t-tests

      • Success rate calculations for technical operations (wallet connection, NFT claiming)

      • Performance benchmarking against established standards

        Qualitative Analysis:

      • Thematic coding of open-ended survey responses

      • User experience observation notes

      • Error pattern categorization

        Technical Validation:

      • Smart contract functionality verication through test cases

      • Blockchain transaction verication via etherscan

      • IPFS content persistence validation

      • System load and performance testing

6. Results

   1. Presentation of Findings

      Initial prototype testing with 15 undergraduate students demonstrates the technical feasibility and educational potential of the Zyberix platform across multiple dimensions.

      Fig. 6. Numeric Testing Table

      1. Technical Integration Results: The Unity game suc- cessfully communicates with Ethereum smart contracts via Web3.js integration. Wallet connection functionality achieved an 87% success rate, with failures primarily attributed to user unfamiliarity with MetaMask installation rather than system errors. Transaction signing and NFT minting operations func- tioned correctly on Sepolia testnet with 100% success rate once wallets were properly congured.

      2. Gameplay Performance: Functional threat simulation levels for phishing detection and password security effectively presented realistic scenarios requiring player decision-making. Average level completion time ranged from 8-12 minutes, consistent with designed difculty. Players demonstrated pro- gressive improvement across repeated scenarios, suggesting effective learning transfer.

         Fig. 7. Results Matrix Table

      3. Blockchain Reward System: Players completing chal- lenges successfully received NFTs with metadata stored on IPFS and ownership recorded on blockchain, viewable in MetaMask wallet. All 15 test participants who completed the nal boss challenge received their NFT rewards without technical failures. Smart contract gas costs averaged 0.002-

         0.004 ETH per NFT mint on testnet, conrming cost efciency for educational deployment.

   2. Data Analysis and Interpretation

      1. Learning Effectiveness Metrics: Pre-test and post-test assessment of phishing threat identication revealed signicant improvement. Before gameplay, participants correctly identi- ed phishing emails 58% of the time (mean=5.8/10 scenarios). After completing the phishing detection level, correct identi- cation increased to 93% (mean=9.3/10 scenarios), representing a 60% improvement (p ¡ 0.001, paired t-test).

         Password security awareness similarly improved, with par- ticipants creating stronger passwords (measured by entropy) post-gameplay. Mean password strength increased from 42 bits to 68 bits of entropy, exceeding the 60-bit threshold recommended for strong passwords.

      2. Engagement and Satisfaction: User feedback surveys (5- point Likert scale) revealed:

         • Gameplay engagement: mean = 4.3/5.0 (SD = 0.62)

         • Perceived learning effectiveness: mean = 4.1/5.0 (SD = 0.71)

         • NFT reward motivation: mean = 4.5/5.0 (SD = 0.52)

         • Overall satisfaction: mean = 4.2/5.0 (SD = 0.68)

         • Likelihood to recommend: mean = 4.4/5.0 (SD = 0.63) Qualitative feedback highlighted the NFT rewards as partic-

           ularly motivating: Earning something I actually own makes it

           feel more real than just points in a game was a representative comment.

      3. Technical Performance: System performance analysis across all test sessions revealed:

         • Unity game maintained 60 FPS on standard student laptops (Intel i5, 8GB RAM, integrated graphics)

         • IPFS upload tme averaged 3.2 seconds for NFT artwork les (range: 2-5 seconds)

         • Transaction conrmation time on Sepolia testnet averaged 22 seconds (range: 15-30 seconds)

         • Zero system crashes or critical errors during 15 complete playthroughs

         • Average total session time: 45 minutes including wallet setup

   3. Support for Research Question or Hypothesis

   The results strongly support the central hypothesis that gamied experiential learning combined with Web3-based incentives can effectively enhance cybersecurity education for students.

   Hypothesis 1 – Enhanced Engagement: Conrmed. User satisfaction scores (4.2/5.0) and engagement metrics (4.3/5.0) signicantly exceeded baseline expectations. Participants spent 45 minutes on average in focused learning activity, compared to typical 15-20 minute attention spans in traditional lecture formats.

   Hypothesis 2 – Improved Learning Outcomes: Conrmed. The 60% improvement in threat identication accuracy (58% to 93%) demonstrates measurable knowledge transfer from gameplay to practical cybersecurity skills.

   Hypothesis 3 – NFT Rewards as Effective Incentives: Conrmed. NFT reward motivation scored highest among all metrics (4.5/5.0), and 100% of participants who completed challenges claimed their rewards, indicating strong perceived value.

   Hypothesis 4 – Technical Feasibility: Conrmed. All core system components (Unity, Web3.js, Ethereum smart contracts, IPFS, MetaMask) integrated successfully with ac- ceptable performance on standard hardware.

   Additional ndings revealed that participants with no prior blockchain experience (n=12) successfully navigated wallet

   setup and NFT claiming with guided tutorials, suggesting the platform effectively introduces Web3 concepts to novices while teaching cybersecurity.

7. Discussion

   1. Interpretation of Results

      The comprehensive results from Zyberix prototype testing provide valuable insights into the intersection of gamied learning, cybersecurity education, and Web3 technologies.

      1. Technical Integration Success: The successful imple- mentation demonstrates that Web3 technologies can be ef- fectively integrated into educational gaming platforms despite their inherent complexity. The 87% wallet connection success rate, while not perfect, indicates that students can navigate blockchain interactions with appropriate interface design and guided tutorials. The 13% failure rate primarily resulted from user unfamiliarity with MetaMask installation rather than fun- damental system aws, suggesting that improved onboarding materials could achieve near-universal success.

         The 100% success rate for NFT minting and transfer operations among users who successfully connected wallets validates the robustness of the smart contract implementation and Web3.js integration layer. This reliability is essential for educational contexts where technical failures could undermine learning objectives and user trust.

      2. Learning Effectiveness: The 60% improvement in threat identication accuracy (58% to 93%) strongly supports the effectiveness of experiential learning through gameplay for cybersecurity education. This improvement magnitude exceeds typical gains from traditional lecture-based instruction, which research suggests produces 15-25% improvement in similar contexts.

         The learning transfer appears particularly effective for pat- tern recognition tasks like phishing detection, where players must identify subtle visual and textual cues. The games immediate feedback mechanismshowing consequences of correct versus incorrect decisionslikely accelerates pattern learning by creating memorable associations between threat indicators and outcomes.

         Password security improvements (42 to 68 bits entropy) demonstrate that gameplay can inuence not just knowledge but actual behavioral practices. Creating stronger passwords requires both understanding security principles and applying them, suggesting the game successfully bridges the theory- practice gap.

      3. Motivation and Engagement: The exceptionally high NFT reward motivation score (4.5/5.0) validates a core hy- pothesis: blockchain-based incentives can effectively motivate learning. Student feedback reveals that the tangible, ownable nature of NFT achievements creates perceived value beyond traditional in-game rewards or grades. Comments like earning something I actually own suggest that students appreciate the permanence and portability of blockchain credentials.

         This nding has signicant implications for educational technology. While traditional gamication uses ephemeral points or badges stored on centralized servers, NFTs provide

         veriable, permanent proof of achievement that students retain independently of the educational platform. This shift from temporary to permanent ownership may explain the heightened motivational impact.

         The sustained 45-minute average session time, signicantly exceeding typical attention spans for educational content (15- 20 minutes), demonstrates that the combination of engaging gameplay and meaningful rewards successfully maintains fo- cus on challenging technical material.

   2. Comparison with Existing Literature

      Zyberixs results align with and extend ndings from pre- vious research in several ways:

      1. Gamication for Technical Education: The results cor- roborate Tsang et al.s ndings that gamied experiential learn- ing signicantly improves knowledge retention in technical subjects like blockchain. However, Zyberix extends this work by applying similar principles to cybersecurity education and demonstrating that gamications effectiveness transfers across technical domains.

         The engagement metrics (4.3/5.0) compare favorably with Durmaz et al.s research on gamication elements, which found similar satisfaction scores (4.1/5.0) for game-based learning. This consistency across studies strengthens con- dence in gamications reliability as a pedagogical strategy.

      2. Security Education Through Gaming: Zyberixs ap- proach aligns closely with Arai et al.s REN-A.I., which used episodic memory and emotional engagement to teach AI security concepts through dating simulation gameplay. Both projects demonstrate that non-traditional game genres can effectively convey technical security content. However, Zyberixs integration of Web3 rewards represents a novel extension not present in REN-A.I.

         The 60% improvement in threat identication exceeds the 40% improvement reported in typical security awareness train- ing programs, suggesting that interactive simulation combined with meaningful incentives may be superior to conventional approaches.

         Although the prototype was tested on the Ethereum Sepolia testnet with minimal cost, large-scale deployment on the Ethereum mainnet may incur higher transaction fees. Future implementations may utilize Layer-2 blockchain solutions such as Polygon to signicantly reduce gas costs and enable scalable educational deployment.

      3. Blockchain in Education: Compared to existing blockchain-based credential systems, Zyberix demonstrates that NFT rewards can serve dual purposes: motivating learn- ing and teaching blockchain concepts simultaneously. While Pandey et al. focused on blockchain for content authenti- cation, Zyberix applies similar technologies for educational credentialing, demonstrating the versatility of blockchain-IPFS integration.

      4. Limitations Relative to Prior Work: The small sample size (n=15) represents a signicant limitation compared to larger-scale studies like Kassenkhan et al.s review of gam- ication and AI in education, which analyzed 101 publca-

         tions. Future research must validate ndings with substantially larger, more diverse populations.

   3. Implications and Limitations of the Study

      1. Educational Implications: The successful integration of Web3 technologies into cybersecurity education suggests several important implications:

         Scalable Credential Systems: Blockchain-based achieve- ment credentials offer a decentralized alternative to traditional certicates, potentially enabling portable, veriable proof of cybersecurity competencies across institutions and employers. Intrinsic-Extrinsic Motivation Synthesis: NFT rewards successfully combine intrinsic motivation (gameplay enjoy- ment, curiosity) with extrinsic motivation (ownable assets, recognition), creating more powerful incentive structures than

         either alone.

         Dual Learning Objectives: The platform effectively teaches both primary content (cybersecurity) and secondary technical literacy (blockchain, Web3 wallets), suggesting that educational games can efciently address multiple learning goals simultaneously.

         Experiential Learning Validation: Results support Kolbs Experiential Learning Theory by demonstrating that concrete experience (gameplay) combined with immediate feedback produces stronger learning outcomes than abstract instruction alone.

      2. Practical Limitations: Blockchain Complexity Bar- rier: MetaMask wallet setup requires technical competence that may initially deter non-technical users. While 87

         Economic Sustainability: Current testing on Sepolia test- net incurs no costs, but mainnet deployment would require addressing gas fees. Even at low current rates (0.002-0.004 ETH $5-$10), scaling to thousands of students could become prohibitively expensive without Layer 2 migration.

         Limited Sample Diversity: Testing exclusively with com- puter science students likely overestimates general population success rates. Non-technical students might struggle more with both cybersecurity concepts and blockchain interactions.

         Content Scope: Current prototype addresses only phish- ing and password security. Comprehensive cybersecurity ed- ucation requires coverage of malware, social engineering, network security, privacy, cryptography, and incident re- sponserepresenting signicant additional development.

         Hardware Requirements: While 60 FPS on standard lap- tops is acceptable, users need internet connectivity, compatible devices, and ability to install software (MetaMask). These requirements may exclude some populations, particularly in resource-constrained educational settings.

         Long-term Retention Unknown: Testing measured imme- diate post-gameplay improvement but did not assess knowl- edge retention over weeks or months. Cybersecurity educa- tion effectiveness ultimately depends on long-term behavioral change.

      3. Methodological Limitations: Absence of Control Group: Without a comparison group receiving traditional cybersecurity instruction, we cannot denitively isolate the

         effectiveness of gamication and NFT rewards from general learning effects.

         Self-Selection Bias: Participants volunteered for testing, potentially skewing toward students more interested in gaming or blockchain, inating engagement metrics.

         Novelty Effect: High engagement may partly reect the novelty of NFT rewards rather than sustainable long-term motivation. Repeated exposure might reduce perceived value. Limited Threat Coverage: Testing only two threat cate- gories (phishing, passwords) provides insufcient evidence for

         generalization across all cybersecurity domains.

      4. Security and Ethical Considerations: Smart Contract Vulnerabilities: Without professional security audit, the cur- rent smart contract may contain vulnerabilities exploitable on mainnet. This represents a critical limitation before production deployment.

   Private Key Management: Students managing MetaMask wallets assume responsibility for private key security. Loss of keys means permanent loss of earned NFTs, creating potential frustration and undermining educational goals.

   Data Privacy: Blockchains transparency means all NFT awards and wallet addresses are publicly visible. While pseudonymous, this raises privacy considerations for student achievement records.

   Environmental Concerns: Ethereum mainnets energy con- sumption (though signicantly reduced post-merge) may con- ict with institutional sustainability commitments, necessitat- ing Layer 2 or alternative chain migration.

8. Conclusion

   1. Summary of Key Findings

      This research successfully demonstrates the feasibility and potential of integrating Web3 technologies into cybersecurity education through the Zyberix platform. Key contributions include:

      • Development of a functional prototype combining Unity game engine with Ethereum blockchain and IPFS decen- tralized storage

      • Implementation of realistic cybersecurity threat simula- tions (phishing, malware, social engineering, password security)

      • Creation of a novel NFT-based reward system that moti- vates learning while introducing blockchain concepts

      • Preliminary validation showing improved threat identi- cation skills and high user engagement

      • Establishment of a technical framework for Web3- enhanced educational applications

   2. Contributions to the Field

      Zyberix makes several notable contributions:

      Pedagogical Innovation: Demonstrates how gamied ex- periential learning can be enhanced with blockchain-based incentives, creating a model applicable to various educational domains beyond cybersecurity.

      Technical Framework: Provides a replicable architecture for integrating Unity, Ethereum, IPFS, and MetaMask in educational applications.

      Dual Educational Value: Addresses both cybersecurity awareness and blockchain literacy, preparing students for two critical aspects of digital citizenship.

      Veriable Achievement System: Establishes a model for blockchain-based educational credentials that students own permanently and can verify independently.

   3. Practical Applications

      The Zyberix model has immediate practical applications:

      • Integration into university computer science curricula

      • Cybersecurity awareness programs for students

      • Corporate training for employee security awareness

      • Introduction to blockchain technology for non-technical audiences

      • Model for other skill-based educational games

   4. Recommendations for Future Research

      Future development should address several key areas:

      AI-Driven Personalization: Integrate machine learning al- gorithms to analyze player performance and dynamically ad- just difculty, creating adaptive learning experiences tailored to individual student needs.

      Curriculum Expansion: Develop additional levels cover- ing advanced topics including network security, cryptography, IoT security, cloud security, and incident response.

      Scalability Solutions: Migrate NFT contracts to Layer 2 solutions (e.g., Polygon) to eliminate gas fee barriers and enable large-scale deployment. Investigate alternative chains with lower transaction costs.

      Comprehensive Evaluation: Conduct rigorous educational research including:

      • Large-scale controlled studies comparing learning out- comes against traditional methods

      • Long-term retention studies assessing knowledge persis- tence

      li data-list-text=””>

      Skill transfer validation measuring real-world threat recognition improvement

      • Diverse demographic testing to ensure accessibility and effectiveness across student populations

   Enhanced Social Features: Implement team-based chal- lenges, competitive leaderboards (stored on-chain), and col- laborative problem-solving scenarios to foster peer learning.

   Professional Pathways: Explore partnerships with industry to create recognized blockchain-based cybersecurity certica- tions that hold professional value.

   Accessibility Improvements: Develop simplied onboard- ing processes, tutorial modes for blockchain concepts, and support for users with varying technical backgrounds and abilities.

   Cross-Platform Deployment: Optimize for web-based play and mobile devices to maximize accessibility and reach.

9. Figures

Figure 1:Illustrates the overall architecture of the Zyberix platform.It shows how the Unity-based game environment interacts with Web3 technologies.

Figure 2:Shows the in-game guide character Cipher,who introduces cybersecurity concepts and explains the threats that the player will encounter during gameplay.

Figure 3:It presents an example of a threat scenario en- countered by the player. In this case, the player receives a suspicious email and must analyze the content to determine whether it is a phishing attempt or a legitimate message.

Figure 4:This displays the gameplay environment where the player navigates the digital world and interacts with various cybersecurity challenges. The environment simu- lates real-world situations that require players to make security-related decisions.

Figure 5:It shows the NFT reward earned by players after successfully completing game challenges. The reward is minted on the blockchain and stored in the players wallet, providing veriable proof of achievement.

Figure 6:Presents the numerical testing results of the Zyberix system. The table summarizes technical validation metrics such as threat detection accuracy, gameplay interaction success, smart contract testing, wallet connection, and IPFS metadata upload performance.

Figure 7:Summarizes key gameplay performance metrics collected during prototype testing. The matrix presents statis- tics such as average level completion time, incorrect decisions per player, feedback response understanding, boss level com- pletion rate, and NFT reward claim success rate.

Future research will involve large-scale testing with students from multiple institutions and academic disciplines. This will enable statistical validation of learning outcomes and eval- uation of the systems effectiveness across diverse learner populations.

1. J. A. Francisco and P. S. Rodrigues, Computer Vision Based on a Modular Neural Network for Automatic Assessment of Physical Therapy Rehabilitation Activities, IEEE Transactions on Neural Systems and Rehabilitation Engineering, vol. 31, pp. 2174-2183, 2023.

2. D. A. Rohani, A. Springer, V. Hollis, J. E. Bardram, and S. Whittaker, Recommending Activities for Mental Health and Well-being: Insights from Two User Studies, IEEE Transactions on Emerging Topics in Computing, vol. 9, no. 1, pp. 1-11, 2021.

3. F. T. Achal, M. S. Ahmmed, and T. T. Aurpa, Severity Detection of Problematic Smartphone Usage (PSU) and its Effect on Human Lifestyle using Machine Learning, in 2023 IEEE 8th International Conference for Convergence in Technology (I2CT), 2023, pp. 16.

References

1. S. Rajput, A. Singh, S. Khurana, T. Bansal, and S. Shreshtha, Blockchain Technology and Cryptocurrencies, in 2019 Amity Interna- tional Conference on Articial Intelligence (AICAI), IEEE, Feb. 2019.

2. M. E. Whitman and H. J. Mattord, Principles of Information Security, Vikas Publishing House, New Delhi, 2004.

3. T. B. Durmaz, J. L. Fuertes, and R. Imbert, Inuence of Gamication Elements on Explicit Motive Dispositions, IEEE Access, vol. 10, pp. 118058-118071, 2022.

4. S. D. Ristianto, A. Putri, and Y. Rosmansyah, Personalized Gamica- tion as a Technological Approach for Student Education: A Systematic Literature Review, IEEE Access, vol. 13, pp. 55712-55726, 2025.

5. Y. P. Tsang et al., Gamied Blockchain Education in Experiential Learning: An Analysis of Students Cognitive Well-Being, Educational Technology Research, 2024.

6. A. M. Kassenkhan et al., Gamication and Articial Intelligence in Education: A Review of Innovative Approaches to Fostering Critical Thinking, Educational Innovation Journal, 2025.

7. M. Arai et al., REN-A.I.: A Video Game for AI Security Education Leveraging Episodic Memory, Computer Science Education, 2024.

8. A. Pandey et al., Blockchain Based Digital Multimedia Content Au- thentication System: Using IPFS and Ethereum, International Journal of Blockchain Technology, 2024.

9. S. Gedam and S. Paul, A Review on Mental Stress Detection Using Wearable Sensors and Machine Learning Techniques, IEEE Access, vol. 9, pp. 84045-84066, 2021.