2. Extropy.io 2019
Website :
https://extropy.io
Email :
info@extropy.io
Twitter : @extropy
Free Developer
Workshops
● Basic
● Enterprise
● Advanced EVM
● Zero Knowledge
Proofs
Business Workshops
Providing Blockchain solutions
DApp development and customised
blockchains
Security Audits
3. Extropy.io 2019
Agenda
● Blockchain review
● Proof of Work
● Introduction to Ethereum
● Developing Smart Contracts in Solidity
● Designing for Decentralisation
● Best Practices
● Developmental Tools and Resources
9. Extropy.io 2019
Components of the Blockchain
● Shared public ledger
updated by consensus
● P2P Network
● Cryptography
10. Extropy.io 2019
These components give a blockchain
system
● Transparency and verifiable state based on consensus
● Resilience
● Censorship resistance
● Tamper proof interactions
18. Extropy.io 2019
● Timestamping and verification
● Digital Cash
● Proof of Work (Consensus)
● Byzantine Fault Tolerance (Consensus)
● Public keys as Identities
● Smart Contracts
Working Towards Bitcoin
19. Extropy.io 2019
Satoshi Nakamoto is the name used by
the presumed pseudonymous person or
persons who developed bitcoin, authored
the bitcoin white paper, and created and
deployed bitcoin's original reference
implementation
24. EVM Specification in yellow paper
9.1. Basics. The EVM is a simple stack-based architecture. The word size of the machine (and thus size of
stack items) is 256-bit. This was chosen to facilitate the Keccak256 hash scheme and elliptic-curve
computations. The memory model is a simple word-addressed byte array. The stack has a maximum size
of 1024.
The machine also has an independent storage model; this is similar in concept to the memory but rather
than a byte array, it is a wordaddressable word array. Unlike memory, which is volatile, storage is non
volatile and is maintained as part of the system state.
All locations in both storage and memory are well-defined initially as zero.
The machine does not follow the standard von Neumann architecture. Rather than storing program code in
generally-accessible memory or storage, it is stored separately in a virtual ROM interactable only through
a specialised instruction.
30. Solidity
The most popular programming language for Ethereum contracts
LLL
Low-level Lisp-like Language
Vyper
A language with overflow-checking, numeric units but without unlimited loops
Pyramid Scheme (experimental)
A Scheme compiler into EVM that follows the SICP compilation approach
Flint
A language with several security features: e.g. asset types with a restricted set of atomic operations
LLLL
An LLL-like compiler being implemented in Isabelle/HOL
HAseembly-evm
An EVM assembly implemented as a Haskell DSL
Bamboo (experimental)
- A language without loops but with explicit constructor invocation at the end of every call
36. Playing Rock Paper Scissors on the blockchain
Alice plays ‘Rock’
Bob sees Alice’s
transaction, so he plays
‘Paper’
and therefore wins
Here is your
prize
38. The commit stage
Alice commits to
Hash (‘Rock’)
Bob can see the
transaction but does not
know what Alice played.
He commits to
Hash (Scissors)
39. The reveal stage
Alice reveals her
move by sending
(‘Rock’)
Bob reveals his move by
sending (Scissors)
The smart contract
verifies Alice’s move
The smart contract
verifies Bob’s move
The smart contract declares Alice the winner
41. Consensys : Best Practices
● Use caution when making external calls
● Mark untrusted contracts
● Avoid state changes after external calls
● Don't use transfer() or send().
● Handle errors in external calls
● Favor pull over push for external calls
● Don't delegatecall to untrusted code
● Remember that Ether can be forcibly sent to an account
● Remember that on-chain data is public
● Beware of the possibility that some participants may "drop offline" and not return
● Beware of negation of the most negative signed integer
● Enforce invariants with assert()
● Use assert(), require(), revert() properly
● Use modifiers only for checks
● Beware rounding with integer division
● Be aware of the tradeoffs between abstract contracts and interfaces
● Keep fallback functions simple
● Check data length in fallback functions
etc.