FIT5214: Blockchain
Lecture 3: Ethereum and Smart Contract Lecturer:
https://dowsley.net
Copyright By PowCoder代写 加微信 powcoder
Unit Structure
• Lecture 1: Introduction to Blockchain
• Lecture 2: Bitcoin
• Lecture 3: Ethereum and Smart contracts
• Lecture 4: Proof-of-Work (PoW)
• Lecture 5: Attacks on Blockchains
• Lecture 6: Class Test/Alternatives to PoW
• Lecture 7: Proof-of-Stake (PoS)
• Lecture 8: Privacy
• Lecture 9: Byzantine Agreement
• Lecture 10: Blockchain Network
• Lecture 11: Payment Channels
• Lecture 12: Guest Lecture
Unit Structure
• Lecture 1: Introduction to Blockchain
• Lecture 2: Bitcoin
• Lecture 3: Ethereum and Smart contracts
• Lecture 4: Proof-of-Work (PoW)
• Lecture 5: Attacks on Blockchains
• Lecture 6: Class Test/Alternatives to PoW
• Lecture 7: Proof-of-Stake (PoS)
• Lecture 8: Privacy
• Lecture 9: Byzantine Agreement
• Lecture 10: Blockchain Network
• Lecture 11: Payment Channels
• Lecture 12: Guest Lecture
➡ Introduction to Ethereum and smart contract
➡ Understand “DAO” and “DAO” attacks
➡ Other key vulnerabilities
Digital currency and smart contract – A brief history
Digital currency and smart contract – A brief history
The concept of e-Cash
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
• 1994 First payment sent
• 1997 hashcash (not e-cash)
• 1998 b-money ( )
The concept of PoW preventing email spam
The concept of smart contract
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
• 1994 First payment sent
• 1997 hashcash (not e-cash)
• 1998 b-money ( )
• 1998 Bit gold (never implemented)
The concept of PoW preventing email spam
The concept of smart contract
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
• 1994 First payment sent
• 1997 hashcash (not e-cash)
• 1998 b-money ( )
• 1998 Bit gold (never implemented)
• 1998 PayPal
The concept of PoW preventing email spam
The concept of smart contract
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
• 1994 First payment sent
• 1997 hashcash (not e-cash)
• 1998 b-money ( )
• 1998 Bit gold (never implemented)
• 1998 PayPal
• 2008 Bitcoin ( )
The concept of PoW preventing email spam
The concept of smart contract
Digital currency and smart contract – A brief history
The concept of e-Cash
• 1990 DigiCash (Founded by Chaum)
• 1994 First payment sent
• 1997 hashcash (not e-cash)
• 1998 b-money ( )
• 1998 Bit gold (never implemented)
• 1998 PayPal
• 2008 Bitcoin ( )
• 2009 Bitcoin software released
• 2014 Ethereum ( )
The concept of PoW preventing email spam
The concept of smart contract
Smart Contract
The concept of smart contract was first proposed by in 1997.
Szabo defines smart contracts as agreements that are derived from legal principles, but enforced by cryptographic protocols.
Smart Contract
The concept of smart contract was first proposed by in 1997.
Szabo defines smart contracts as agreements that are derived from legal principles, but enforced by cryptographic protocols.
A smart contract is a computer protocol intended to digitally facilitate, verify, or enforce the negotiation or performance of a contract.
— Wikipedia
Smart Contract
So, a contract is “smart” if
• it is run by a machine rather than a person;
• the assets in the contract are moved automatically.
Smart Contract
User-defined programs running on top of a blockchain
Smart Contract
User-defined programs running on top of a blockchain
Cryptocurrency
Transfer 5 coins from Address X to Address Y
Distributed ledger, or “Blockchain”
Smart Contract
User-defined programs running on top of a blockchain
Smart Contract
User-defined programs running on top of a blockchain
Smart Contract
If the 200th block contains more transactions than the 201th block, then transfer 5 coins from Address X to Address Y
Distributed ledger, or “Blockchain”
Group Discussion:
Does Bitcoin support smart contracts?
Bitcoin supports smart contracts via a Turing-incomplete Script language, examples include multi-signature accounts, payment channels, atomic cross-chain trading.
Smart Contract Languages
Smart contracts on a blockchain can be written in different programming languages, such as
– Solidity (Ethereum)
– Golang/Java/JavaScript (Hyperledger Fabric) – C++ (EOS)
Decentralized Application (DApp)
❖ A DApp is a computer application that runs on a distributed system. ❖ With Blockchain, a smart contract is a DApp — it runs on the
distributed ledger.
is an open source programmable blockchain platform.
❖ Nov.2013.EthereumwasproposedbyVitalikButerin.
❖ July-August2014.Ethereumcrowdsourcingcampaign>$18million
through initial coin offering (by selling Ether — the Ethereum coins/tokens). ❖ 30thJuly2015.Thefirstrelease.
❖ Mar.2016.Officialrelease.
Potential applications
Potential applications
❖ Crowdfunding/initial coin offering (ICO)
❖ Gambling
❖ Supply-chain management
❖ Power trading and management
❖ Internet of Things
❖ Asset Issuance
❖ Marketplaces ❖…
Different from Bitcoin:
❖ Block generation: on average one block every 12 seconds through PoW
❖ Mining algorithm: Ethash
❖ Memory bound
❖ Helps mitigate ASIC and GPU advantages
❖ Difficulty is adjusted every block
❖ Hash algorithm:
❖ SHA3_256 (a.k.a. Keccak-256) and
❖ SHA3_512 (a.k.a. Keccak-512)
Simplified GHOST (Greedy Heaviest Observed Subtree)
Choose the path that has the most computation done
Uncle blocks
9876543210
7’ 6’ 5’ 4’ 3’ 2’
Uncles are orphan blocks, i.e., with parents that are ancestors (max 6 blocks back) of a block in the canonical blockchain.
Ethereum mining reward
A successful PoW miner receives:
❖ A static block reward of X Ether
❖ Before Block 4369999 (16-Oct-2017)
❖ Block 4,370,000 — Block 7,279,999 (16-Oct-2017 — 28-Feb-2019)
❖ Since Block 7,280,000 (28-Feb-2019 — present)
❖ Transaction fees (all the gas consumed, explained later)
❖ An extra of 1/32 of 2 Ether for including Uncles as part of the block. (Can include up to two Uncles)
❖ Uncles receive 7/8 of the static block reward, an uncle can only be included by one valid block.
EVM and Solidity
EVM and Solidity
❖ EVM is a virtual machine for Ethereum, it can run smart contracts.
❖ Solidity is a language for writing smart contracts supported by EVM.
EVM and Solidity
❖ EVM is a virtual machine for Ethereum, it can run smart contracts.
❖ Solidity is a language for writing smart contracts supported by EVM.
❖ EVM “understands” EVM bytecode
❖ Solidity (High-level language) is deterministically compiled into EVM bytecode.
EVM and Solidity
❖ EVM is a virtual machine for Ethereum, it can run smart contracts.
❖ Solidity is a language for writing smart contracts supported by EVM.
❖ EVM “understands” EVM bytecode
❖ Solidity (High-level language) is deterministically compiled into EVM bytecode.
❖ All Ethereum nodes need to have EVM to run all smart contracts to verify the transactions, like in BTC. Thus, they all share the same EVM states.
❖ Solidity programs are capable of expressing all tasks accomplishable by computers, making them theoretically Turing complete.
(C, C++, C#, Java, Python.. are all Turing complete.)
Smart contract in Ethereum
❖ Smart contract is written in Solidity;
❖ Solidity is deterministically compiled into EVM bytecode
❖ Each smart contract (bytecode) is contained in a transaction, just like BTC, and will be recorded in the blockchain;
❖ When one user uploads a smart contract through their Ethereum node, it is included in one block and propagated around the network, where it is stored on every other node in the network.
❖ Since smart contract needs to be run and verified on every full node, it needs to be guaranteed to execute, and the result is deterministic (for verification).
Ether and Gas
Ether and Gas
❖ Ether is the currency
Similar to Bitcoin, in Ethereum miners are paid “ether” for mining.
Ether and Gas
❖ Ether is the currency
Similar to Bitcoin, in Ethereum miners are paid “ether” for mining.
❖ Gas is a unit of work measuring the computational cost of an operation in EVM. Users can buy gas by using Ether
➡ Ethereum Gas is the “fuel” for running smart contract
Just like the fuel for cars 🙂
➡ Gas guarantees that all “works” to process a smart contract or a
transaction is properly priced.
➡ Complicated contracts require more gas to operate — this prevents DoS
Ether and Gas
❖ Ether is the currency
Similar to Bitcoin, in Ethereum miners are paid “ether” for mining.
❖ Gas is a unit of work measuring the computational cost of an operation in EVM. Users can buy gas by using Ether
➡ Ethereum Gas is the “fuel” for running smart contract
Just like the fuel for cars 🙂
➡ Gas guarantees that all “works” to process a smart contract or a
transaction is properly priced.
➡ Complicated contracts require more gas to operate — this prevents DoS
❖ Miners are paid “gas” for running smart contracts on the network Use Ether to buy Gas, and use Gas as “transaction fees” to store and run the smart contract
Denominations of ether
http://ethdocs.org/en/latest/ether.html
https://coinmarketcap.com/currencies/ethereum/
https://coinmarketcap.com/currencies/ethereum/
Each operation (Opcode) in the EVM was assigned a number of how much gas it consumes.
https://etherscan.io/chart/gasprice
https://etherscan.io/chart/gasprice
Gas Price: the price of a unit of gas the creator is willing to pay.
Like transaction fees, the higher the Gas price is, the faster the transaction will be chosen by a miner.
https://ethgasstation.info
Why using gas rather than Ether?
❖ Ether is a cryptocurrency, and the price of one ether is ever changing.
❖ If using ether, the price of running the same operation/contract can be very
different.
❖ So, Ethereum uses Gas, where users can define the gas price!
Error: Out of Gas
If gas is not enough to complete all operations of a transaction, then:
1. the contract is terminated and transaction is cancelled.
2. the miner still gets the transaction fees.
3. the contract creator loses the transaction fees, but not the coin to be
transferred.
Error: Out of Gas
How it works – basics
The high-level idea is the same as Bitcoin
How it works – basics
The high-level idea is the same as Bitcoin
Step 1. The very first block, called genesis block, is hardcoded to initialise the system.
How it works – basics
The high-level idea is the same as Bitcoin
Step 1. The very first block, called genesis block, is hardcoded to initialise the system.
Step 2. New blocks are created through the PoW-based mining process. – The mining algorithm is Ethash rather than SHA-256 in Bitcoin – A block is generated every 12 seconds
– Ethereum plans to move to Proof-of-Stake.
How it works – basics
The high-level idea is the same as Bitcoin
Step 1. The very first block, called genesis block, is hardcoded to initialise the system.
Step 2. New blocks are created through the PoW-based mining process. – The mining algorithm is Ethash rather than SHA-256 in Bitcoin – A block is generated every 12 seconds
– Ethereum plans to move to Proof-of-Stake.
Step 3. Miners get reward
– The mining reward is static
– Transaction fees go to the miner as well
– An extra of 1/32 of 2 Ether for including Uncles as part of the block.
(Can include up to two Uncles)
How it works – basics
The high-level idea is the same as Bitcoin
Step 1. The very first block, called genesis block, is hardcoded to initialise the system.
Step 2. New blocks are created through the PoW-based mining process. – The mining algorithm is Ethash rather than SHA-256 in Bitcoin – A block is generated every 12 seconds
– Ethereum plans to move to Proof-of-Stake.
Step 3. Miners get reward
– The mining reward is static
– Transaction fees go to the miner as well
– An extra of 1/32 of 2 Ether for including Uncles as part of the block.
(Can include up to two Uncles)
Step 4. Block creators gain the new coins as reward, and spend them through transactions.
How it works – basics
The high-level idea is the same as Bitcoin
Step 1. The very first block, called genesis block, is hardcoded to initialise the system.
Step 2. New blocks are created through the PoW-based mining process. – The mining algorithm is Ethash rather than SHA-256 in Bitcoin – A block is generated every 12 seconds
– Ethereum plans to move to Proof-of-Stake.
Step 3. Miners get reward
– The mining reward is static
– Transaction fees go to the miner as well
– An extra of 1/32 of 2 Ether for including Uncles as part of the block.
(Can include up to two Uncles)
Step 4. Block creators gain the new coins as reward, and spend them through transactions.
Step 5. Transactions are included in blocks through Step 2.
How it works – basics
Smart contract:
1. Create a contract (Solidity)
2. Create a transaction containing the contract (EVM bytecode) 3. Submit the transaction to the blockchain
Account and wallet
Account and wallet
Two types of accounts:
– Externally-Owned Account – Contract Account
Account and wallet
Two types of accounts:
– Externally-Owned Account – Contract Account
– A set of one or more external accounts – Used to store/transfer Ether
Externally-Owned Account (EOA)
Externally-Owned Account:
– the bank account for a user
– it keeps money (Ether) for the user – it can send transactions
– controlled by the private key
– no code!
Contract Account
Contract Account:
– the account for a deployed contract
– it keeps money (Ether) to support the contract – hold contract code in the memory
– can be triggered by other contracts
– no owner once released
Transaction
A transaction is a request to modify the state of the blockchain
– It can run code/contracts to change the global state of the blockchain
Transaction
A transaction is a request to modify the state of the blockchain
– It can run code/contracts to change the global state of the blockchain
Types of transactions:
• Value Transaction:
Fund transfer between EOA
• Creation Transaction:
Deploy a contract on Ethereum network
• Invocation Transaction:
Invoke code (functions) on a Deployed Contract
Transaction
Main fields:
• From: Fund sender, an EOA
• To: Fund receiver, an EOA
• Value: amount
(wei is the unit)
• Gas Limit: the total amount of gas.
(The default amount for a standard ETH transfer is 21,000 gas)
• Gas Price: the price of a unit of gas the creator is willing to pay
(Gwei is the unit).
The total cost of a transaction (the “transaction fee”) is:
the Gas Limit * Gas Price
Transaction
https://etherscan.io
Transaction
https://etherscan.io
Gas price*gas limit = transaction fee 0.000000008 Ether * 21000 = 0.000168 Ether
Transaction
https://etherscan.io
Gas price*gas limit = transaction fee 0.000000008 Ether * 21000 = 0.000168 Ether
No data for smart contract, so this is only for transferring money (13 Ether)
Transaction
gas limit = 98,415 > 21.000
https://etherscan.io
Bytecode of a contract
Transaction
❖ Given a smart contract source code (Solidity), it is easy to verify the bytecode.
You need to trust Etherscan if using the service. If you don’t, you still need to trust EVM.
❖ It is very hard to decompile from bytecode to Solidity, but you can publish the verified smart contract source code at Etherscan.
https://etherscan.io
Transaction
❖ Given a smart contract source code (Solidity), it is easy to verify the bytecode.
You need to trust Etherscan if using the service. If you don’t, you still need to trust EVM.
❖ It is very hard to decompile from bytecode to Solidity, but you can publish the verified smart contract source code at Etherscan.
https://etherscan.io
Transaction
❖ Given a smart contract source code (Solidity), it is easy to verify the bytecode.
You need to trust Etherscan if using the service. If you don’t, you still need to trust EVM.
❖ It is very hard to decompile from bytecode to Solidity, but you can publish the verified smart contract source code at Etherscan.
https://etherscan.io
Contracts With verified source codes
https://ropsten.etherscan.io/contractsVerified
Contracts With verified source codes
https://ropsten.etherscan.io/contractsVerified
Again, you need to trust Etherscan if using the service
Running a transaction
All full nodes do: – Verification:
– The sender.balance should have at least Value + Gas Limit * Gas price
– Update account balance:
– Recipient.balance += Value
– Sender.balance -= Value + Gas Limit * Gas price – Sender.balance += The unused gas * gas price
An IDE to write, deploy, and run smart contracts in Solidity or Vyper. You can access Remix from a web browser!
https://remix.ethereum.org
Decentralized Autonomous Organization (DAO)
Decentralized Autonomous Organization (DAO)
DAO deployed a smart contract to raise 11.5 million Ether ($150 million USD at the time) in a token sale for funding
Decentralized Autonomous Organization (DAO)
DAO deployed a smart contract to raise 11.5 million Ether ($150 million USD at the time) in a token sale for funding
Vulnerability is found in DAO code, and 3.6 million Ether ($50 million USD at the time) was stolen.
Decentralized Autonomous Organization (DAO)
DAO deployed a smart contract to raise 11.5 million Ether ($150 million USD at the time) in a token sale for funding
Vulnerability is found in DAO code, and 3.6 million Ether ($50 million USD at the time) was stolen.
20 July 2016
Ethereum community at large decided to hard fork the chain to restore the funds to their original wallets and patch the vulnerability
• Ethereum Classic (ETC): The continued original chain containing the vulnerability in DAO code
• Ethereum (ETH): The hard forked chain with vulnerability of DAO code patched and stolen money returned to their owner.
The majority of the community and the core developers continued working on this chain.
The DAO Attack (simplified)
A contract can have one unnamed function, called fallback function. This function does not take any arguments and it is triggered in three cases:
1. No functions of the call to a contract match any of the functions in the called contract.
2. No data was supplied.
3.The contract receives Ether without extra data.
Reentrancy Attack on DAO
A simplified example of DAO:
mapping (address => unit) public balances;
function withdraw(uint x) {
if (balances[msg.sender] >= x) {
msg.sender.call.value(x)();
balances[msg.sender] -= x; }
Reentrancy Attack on DAO
mapping (address => unit) public balances;
A simplified example of DAO:
function withdraw(uint x) {
if (balances[msg.sender] >= x) {
msg.sender.call.value(x)();
balances[msg.sender] -= x; }
It maps an address to a value, and stores the value in a public variable ba
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com