intro to smart contract on blockchain en

SMART CONTRACT

林修平

CONTRACT

• What’s a contract?

• voluntary arrangement between two or more parties

• legally binding agreement

• buying, selling, renting, leasing, insurance, investment, etc.

• actively or inactively perform

“SMART” CONTRACT

• How to perform : self-enforcing , self executing

• preliminary: terms matched

• “SMART”? How?

• Smart Contract in real-life：• vending machine

• U-bike, on-line gambling

• what’s the difference between smart contract and automated service?

“SMART” CONTRACT

smart contract on blockchain

• What differences does it make?

• value of Blockchain

• whom to trust?

• a person?

• a company? https://en.wikipedia.org/wiki/Financial_crisis_of_2007–08

• government?https://en.wikipedia.org/wiki/Watergate_scandal

• or program and mathematics?

• its totally up to you

• reach an agreement with untrustful party


• https://www.thenewslens.com/article/11796

• a washing machine that can buy detergent itself if needed

• without blockchain

• cash flow :

• online payment -> companies that sells detergent -> transportation companies

• what’s the cost?

• time, efforts on checking status and verify

• what if something went wrong?

• how long does it take to find out the problem?

• who will find out the problem?

• how long do I have to wait?


https://www.thenewslens.com/article/11796

• https://www.thenewslens.com/article/11796

• a washing machine that can buy detergent itself if needed

• with blockchain

• cash flow :

• online payment -> companies that sells detergent -> transportation companies

• what’s the cost?

• transaction fee

• what if something went wrong?

• how long does it take to find out the problem?

• who will find out the problem?

• how long do I have to wait?


https://www.thenewslens.com/article/11796

BLOCKCHAIN + IOT

• IOT

• a device connecting to Internet?

• machine to machine

• how does it make sure it is not talking to a malicious node?

• can try

• how to make sure what it says is true?

• share same information

• distributed?

• can an IOT device provide such capability in its storage unit?

• decentralized?

BLOCKCHAIN + IOT?

• main problems in IOT

• Security• hardware resource

BLOCKCHAIN + IOT?

CHALLENGE

CHALLENGE

• External Information

• Liquidity

• has no control beyond ledgers

• say you start a bet on tomorrow’s game score…

• how do you provide the score to smart contract?

• fetch the source from outside?

• which source to trust?

• can everyone fetch from the same source?

• will it expire? disappear? change from time to time?

• for now, smart contracts on blockchain can not fetch external information itself

• provided by third party

CHALLENGE


• Liquidity


• suppose you start an insurance contract with insurance company, is the money you pay monthly going to stay in there indefinitely?

• no, like deposit in a bank, the company will make the best out of the money which means the money will only be there when something happened…

• then, how can the terms in smart contract be enforced?

CHALLENGE


• Liquidity


• How do you enforce in the real world? probably by litigation

• but how is smart contract different from legacy contract?

Ethereum smart contract


• Turing Complete

• conditional branching

• loop

• ability to change arbitrary amount of memory


• Bitcoin

• Turing incompleteness

• OP_IF, OP_NOTIF, OP_ELSE, OP_ENDIF

• stateless

• stack-based language

• no loop

• made purposely

• prevent costly and infinite computation


• Turing Complete

• conditional branching

• loop

• ability to change arbitrary amount of memory

• powerful

• how to deal with malicious code, e.g. infinite loop?

• gas

• each operation has a price(gas)

• pay for gas where user decides how much to pay per unit gas

• pay with ether


• How does it work?

• 1. write your contract




• 2. compile it to byte code





• 3. broadcasted and mined






• 4. invoke transaction


• contract language

• Serpent

• python-like

• Solidity

• javascript-like






• 4. invoke transaction

https://ethereum.github.io/browser-solidity/

run full node :https://github.com/ethereum/go-ethereum/wiki/Building-Ethereum

OR use a wallet :https://github.com/ethereum/mist/releases



https://github.com/ethereum/go-ethereum/wiki/Building-Ethereum

https://github.com/ethereum/go-ethereum/wiki/Building-Ethereum

https://github.com/ethereum/mist/releases

https://github.com/ethereum/mist/releases

living example : DAO


• Decentralized Autonomous Organization

• by slock.it

• crowdfunding

• vote by your share

• profit by your share

• child DAO

• to prevent abuse of majority voting


• Recursive calling vulnerability

• propose a split -> execute the split -> withdraw

• propose a split -> execute the split -> propose a split -> execute the split -> withdraw


• function splitDAO

problem1problem2


• function withdrawRewardFor

problem1


• function payOut

problem1

• address.call.value(amount)• supply with enough gas• if address refers to a contract, it triggers fallback function

• do what whatever you want as long as enough gas remaining• call to splitDAO again in fallback function


• function splitDAO

problem2

• cleans up his/her balance after sending the money


• counter measure :

• use address.send(amount)

• 2300 gas

• don’t execute address.call.value(amount) to untrusted code

• limit gas in address.call.value(amount)

• address.call.gas(gas_amount).value(amount)

• cleans up the balance before sending money

• then check if sending succed, if not ,rollback


• what happens after?

• votes for hard fork

• choose to stay, becomes ETC

• choose to fork, becomes ETH

• Ethereum foundation, token holders, immutability believers

• too much money to fail? lawsuits?

• what do you believe?

intro to smart contract on blockchain en

Technology