Anomaly detection in distributed ledger systems

What is claimed is: 1. A method comprising: at a first network node of a plurality of network nodes that are configured to maintain respective copies of a distributed ledger, the first network node including one or more processors, a non-transitory memory that stores a first copy of the distributed ledger and one or more network interfaces: determining, by the one or more processors of the first network node, a characteristic value based on information associated with the first copy of the distributed ledger, wherein each copy of the distributed ledger stores blocks of transactions that were added to each copy of the distributed ledger based on a consensus determination between the plurality of network nodes; determining, by the one or more processors of the first network node, whether a current transaction satisfies the characteristic value; generating, by the one or more processors of the first network node, an anomaly indication indicating whether there is an anomaly based on a function of the current transaction in relation to the characteristic value; determining, by the one or more processors of the first network node, whether to add the current transaction to the distributed ledger based on the the anomaly indication; and transmitting, via the one or more network interfaces of the first network node, the anomaly indication to other network nodes of the plurality of network nodes. 2. The method of claim 1 , wherein determining the characteristic value comprises: determining types of transactions that are stored in the first copy of the distributed ledger. 3. The method of claim 2 , wherein determining whether the current transaction satisfies the characteristic value comprises: determining whether the current transaction to be added to the distributed ledger is of the same type as one of the types of transactions stored in the first copy of the distributed ledger. 4. The method of claim 2 , wherein the generating comprises: generating the anomaly indication in response to determining that the current transaction is of a different type from the types of transactions stored in the distributed ledger. 5. The method of claim 1 , wherein determining the characteristic value comprises: determining a historical frequency of occurrence for a type of transaction. 6. The method of claim 5 , wherein the generating comprises: generating the anomaly indication in response to the current transaction indicating a current frequency of occurrence that is different from the historical frequency. 7. The method of claim 1 , wherein the first network node comprises a plurality of layers; and wherein determining the characteristic value comprises: determining a plurality of characteristic values corresponding with respective layers of the first network node. 8. The method of claim 7 , wherein the generating comprises at least one of: generating an indication of a layer-level anomaly in response to the current transaction not satisfying at least one of the plurality of characteristic values; and generating an indication of a node-level anomaly in response to the current transaction not satisfying a combination of the plurality of characteristic values. 9. The method of claim 7 , further comprising: determining a first characteristic value for a ledger layer that interfaces with the distributed ledger; determining a second characteristic value for a smart contract layer that is configured to execute a smart contract in response to determining that a condition associated with the smart contract has been satisfied; and determining that a third characteristic value for a communication layer that is configured to communicate with the other network nodes of the plurality of network nodes. 10. The method of claim 1 , further comprising: causing the current transaction to be added to the distributed ledger based on a consensus determination between the plurality of network nodes and an indication that there is not an anomaly. 11. A network node configured to maintain a distributed ledger in coordination with a plurality of network nodes, the network node comprising: a processor configured to execute computer readable instructions including on a non-transitory memory; and a non-transitory memory including a first copy of the distributed ledger and computer-readable instructions, that when executed by the processor, cause the network node to: determine a characteristic value based on information associated with the first copy of the distributed ledger, wherein the plurality of network nodes store respective copies of the distributed ledger and each copy of the distributed ledger stores blocks of transactions that were added to each copy of the distributed ledger based on a consensus determination between the plurality of network nodes; determine whether a current transaction to be added to the distributed ledger satisfies the characteristic value; generate an anomaly indication indicating whether there is an anomaly based on a function of the current transaction in relation to the characteristic value; determine whether to add the current transaction to the distributed ledger based on the anomaly indication; and transmit the anomaly indication to other network nodes of the plurality of network nodes. 12. The network node of claim 11 , wherein the computer readable instructions cause the network node to determine the characteristic value by: determining types of transactions that are stored in the first copy of the distributed ledger. 13. The network node of claim 12 , wherein the computer readable instructions cause the network node to determine whether the current transaction satisfies the characteristic value by: determining whether the current transaction is of the same type as one of the types of transactions stored in the first copy of the distributed ledger. 14. The network node of claim 12 , wherein the computer readable instructions cause the network node to generate the anomaly indication by: anomaly generating the anomaly indication in response to determining that the current transaction is of a different type from the types of transactions stored in the distributed ledger. 15. The network node of claim 11 , further comprising a plurality of layers; and wherein the computer readable instructions cause the network node to determine the characteristic value by: determining a plurality of characteristic values corresponding with respective layers of the network node. 16. The network node of claim 15 , wherein the computer readable instructions cause the network node to generate the anomaly indication by: generating an indication of a layer-level anomaly in response to the current transaction not satisfying at least one of the plurality of characteristic values; and generating an indication of a node-level anomaly in response to the current transaction not satisfying a combination of the plurality of characteristic values. 17. The network node of claim 15 , wherein the computer readable instructions cause the network node to determine the plurality of characteristic values by: determining a first characteristic value for a ledger layer management layer that is configured to manage the distributed ledger in coordination with other network nodes of the plurality of network nodes; determining a second characteristic value for a smart contract layer that is configured to execute a smart contract in response to determining that a condition associated with the smart contract has been satisfied; and determining that a third characteristic value for a