Introduction to Smart Contracts

Dominik Harz @ Code Block 2018

24 March 2018

Content

  • What are smart contracts?
  • Ethereum
  • Hands-on
  • Security
  • Alternatives
  • My research

Smart contracts

According to Nick Szabo:

  • Computerized transaction protocol
  • Executes terms of a contract
  • Satisfies common contractual conditions
  • Minimize exceptions (accidental and malicious)
  • Minimize the need for trusted intermediaries

Practically speaking: smart contracts are programs on a blockchain

Bitcoin

Bitcoin supports scripts!

  • Included in a transaction
  • Stack based
  • Perform from left to right

scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

scriptSig: <sig> <pubKey>

Ethereum

  • Ethereum is an account based blockchain
  • Ether as cryptocurrency

  • Blockchain with a replicated state machine (EVM)
  • Turing complete language for smart contracts (written in Solidity, ..)

  • Verification and enforcement of contracts through consensus
  • Proof of Work to Proof of Stake (Casper)

Ethereum

How to deal with the Halting problem in a replicated state machine?

  • No way to determine if a program halts or runs indefinitely

Make users pay for program execution!

  • Operations in the EVM cost gas
  • Gas has a gas price in Eth
  • Out of gas exceptions if global gas limited is exceeded

Check: https://ethereum.github.io/yellowpaper/paper.pdf

Ethereum

State S is a mapping from address to state

  • address, code, storage, balance, nonce

Inputs I are transactions

  • from, sig, nonce, to, data, value, gaslimit, gasprice

Transition f

  • Validate signature, nonce
  • Execute code (from, data, value, gaslimit, gasprice)

Ethereum smart contract

pragma solidity ^0.4.21;

contract Storage {

uint storedData; // state variable

function store(uint _data) public payable {

storedData = _data;

}

}

Ethereum hands-on

Demo: Solidity contract deployment with Truffle

Security and other considerations

  • The default type of variables and functions is public
  • Everything is public on the ledger
  • Random numbers are hard
  • Re-entrancy by multiple calls to a contract
  • Callstack depth limited to 1024
  • Dealing with cryptocurrency which has fiat value
  • Complex computations (say worse than O(n)) are not feasible

Formal verification?

Check: http://solidity.readthedocs.io/en/develop/security-considerations.html

Alternatives

Solidity

  • Quorum is a EVM-based permissioned blockchain
  • Private transactions and private contracts
  • Consensus mechanism with Raft or PBFT
  • ZSL for zk-SNARKS in Quorum

//Truffle

module.exports = function(deployer) {
deployer.deploy(SimpleStorage, 42, {privateFor: ["ROAZBWtSacxXQrOe3FGAqJDyJjFePR5ce4TSIzmJ0Bc="]})
};

Alternatives

Plutus

  • Cordano permissionless blockchain
  • Haskell-like functional
  • Strictly typed
  • Eagerly evaluated

data Nat = { Zero | Suc Nat }

add : Nat -> Nat -> Nat {
add Zero n = n ;
add (Suc m) n = Suc (add m n)
}

data List a = { Nil | Cons a (List a) }

Alternatives

Corda

  • Corda (R3) permissioned blockchain
  • JVM (i.e. Java or Kotlin) apps
  • Contracts check validity of transactions for its input and output states

import net.corda.core.identity.Party

class IOUState(val value: Int,
val lender: Party,
val borrower: Party) : ContractState {
override val participants get() = listOf(lender, borrower)
}

Alternatives

Pact

  • Kadena permissioned blockchain
  • Based on LISP
  • Not Turing complete

(env-keys ["mockAdminKey"])

(define-keyset 'admin-keyset (read-keyset "admin-keyset"))

(module helloWorld 'admin-keyset

(defun hello (name)

(format "Hello {}!" [name]))

)

(hello "world")

Alternatives

NEO

  • NeoVM
  • C#, VB.Net, F#, Java, Kotlin, Python smart contracts

public class Contract1: SmartContract

{

public static void Main()

{

Storage.Put(“Hi, World”);

}

}

Alternatives

  • EOS
  • NEM
  • Lisk
  • Tezos
  • Hyperledger
  • Aeternity
  • Tendermint
  • Rootstock
  • ...

Agent negotiation with smart contracts

Alice

Bob

general smart contract

How to trust the smart contract?

  • Security flaws, malicious intentions, lack of transparency

Agent negotiation with smart contracts

Alice

Bob

negotiate

individual smart contract

The projects I work with

Q&A

Thanks!

Smart contracts in the stack

SQL, key-value, ...

HTTP, AMQP, streams, ...

JVM, Hadoop, ...

Java, Node.js, ...

Bitcoin, IPFS, OrbitDB, ...

HTTP, Whisper, ...

EVM, TrueBit, ...

Solidity, JS, ...

Storage

Communications

Processing

Applications

Centralised

Decentralised

Introduction to Smart Contracts - Google Slides