solidity - Solc --version: command not found - Ethereum ...

How to Verify Ethereum Contracts Using Web3.js and Solc-JS like Etherscan.io

How to Verify Ethereum Contracts Using Web3.js and Solc-JS like Etherscan.io submitted by deturbanator to ethdev [link] [comments]

solc-js: Compiling Ethereum Smart Contracts Locally with JavaScript

https://levelup.gitconnected.com/compiling-ethereum-smart-contracts-locally-0-5-2-0-5-x-ebfea0aed3a9
submitted by DodoTheDeveloper to ethdev [link] [comments]

Problems replicating TUSD token on remix or Ropsten through solc and go-ethereum

Can you people help me with this? It´ll be appreciated very much.
https://ethereum.stackexchange.com/questions/52774/cannot-mint-when-creating-contract-in-ropsten-nor-in-remix
submitted by mariobz7 to smartcontracts [link] [comments]

Ethereum 2.0 — Who’s building it? (combines these key projects) •Smart Contract Languages (Solidity, Vyper) •RPC Libraries (web3js, ethers, Nethereum) •Development Tools (truffle, ganache, solc, solium)Enough context, let’s get into the meat and potatoes.

Ethereum 2.0 — Who’s building it? (combines these key projects) •Smart Contract Languages (Solidity, Vyper) •RPC Libraries (web3js, ethers, Nethereum) •Development Tools (truffle, ganache, solc, solium)Enough context, let’s get into the meat and potatoes. submitted by blackfootradio to CryptoTux [link] [comments]

Why it is impossible to verify contracts compiled with solc from cpp-ethereum (It is the most frequently updated binary version for Windows).

The newest binary version of solc for windows I could find is one available in cpp-ethereum release. I compiled a contract with it (the version of solc is 0.3.5-5f97274a/RelWithDebInfo-Windows/msvc/Interpreter, but this version is not available on Etherscan to verify a contract with :(. Can it be made available? Or is there any other binary version that can be easily downloaded that is on Etherscan?
submitted by flynth to etherscan [link] [comments]

Can ethereum only run SolC binaries?

I understand that ethereum is truly revolutionary – but I still don't understand completely how it works. Can ethereum run any binary decentralized? Does it have to be JS-solidity compiled with SolC? Is it possible use ethereum with C++, for example?
submitted by Avgorakriget to ethereum [link] [comments]

OneSwap Series 2 - How to configure smart contracts

In the process of program development, we are often faced with the following requirements:
  1. Static configuration: The source code should be developed to be versatile for different purposes through simple configuration.
  2. Dynamic configuration: During the program operation, change the behavior of the program by modifying some preferences
This article offers suggestions on how to meet the static and dynamic configuration requirements when developing smart contracts using the Solidity language.

Static configuration through constants

Among the static configuration methods well known to programmers, the macro in C/C++ is the oldest. The preprocessor reads the source code with macro definitions and converts it into source code without macro definitions. Because of the lack of type information, macros are inherently inadequate, and thus may bring along security risks when used to define literal values and implement conditional compilation. As an alternative, constants should be used to realize literal values, and constants and if-else for effects similar to conditional compilation.
After learning the lessons of C/C++, many programming languages, such as Java, C# and Golang, no longer support macros and preprocessors. The Solidity language does not support macros or preprocessors, either (https://github.com/ethereum/solidity/issues/10). Although a third-party preprocessor can be used to support macros, such as https://github.com/merklejerk/solpp, that is a rare case in practice.
Solidity provides the constant keyword to define constantsknown at compile time (hereinafter referred to as constants). The use of constants does not involve storage operations at all. In the source code of OneSwap, the constant constant is frequently used for configuration. For example, in OneSwapPair.sol:
 string private constant _NAME = "OneSwap-Share"; uint8 private constant _DECIMALS = 18; 
In the code, the name of the ERC20 token is set by the constant_NAME, and the effective number of decimal places after the decimal point is set by_DECIMALS. As long as these constants are modified, the code can be applied to different occasions.

Static configuration through persistent storage

Configuration through constants requires modifying the source code and recompiling to get the new bytecode before deployment. Sometimes we find this method not flexible, and hope to decide the value of the configuration at the time of deployment. This can be achieved by assigning values to persistent storage in the constructor. If the value of "constant" can be determined only when the contract is deployed (for example, passed in through the constructor), it can only be achieved through ordinary state variables before Solidity v0.6.5. Below is a code in OneSwapToken.sol:
 mapping (address => uint256) private _balances; uint256 private _totalSupply; string private _name; string private _symbol; uint8 private immutable _decimals; constructor (string memory name, string memory symbol, uint256 supply, uint8 decimals) public OneSwapBlackList() { _name = name; _symbol = symbol; _decimals = decimals; _totalSupply = supply; _balances[msg.sender] = supply; } 
The state variables_name,_symbol, and_decimals here are all assigned values only once in the constructor, and they are read-only during subsequent operations.

Static configuration through Immutable

As we know, the reading and writing of the contract state, that is, the reading and writing of storage, consumes a lot of gas. Therefore, when writing a contract, we should do everything possible to reduce (preferably to eliminate) storage reading and writing. State variables that are written only once are too wasteful of gas. The state variable immutable newly added by Solidity in v0.6.5 optimizes the condition that "a constant, once assigned in the constructor, is read-only during the subsequent operation". By modifying the bytecode during contract runtime when deploying the contract, the "constant" can be determined until the contract is deployed. For the convenience of discussion, we call the state variable immutable as an invariable. In the examples listed above, _decimals is an invariable.

The underlying implementation mechanism of the three static configuration methods

Constants and ordinary state variables are easier to understand. Now we will compare constants, invariables and ordinary state variables through a case study to discuss the realization principle of invariables.
The invariables are easy to use: just add the keyword immutable when defining a state variable, and assign value to it in the constructor. Note that you can only and must assign a value to an invariable when the contract is constructed, and only its value can be read when the contract is executed. At present, invariables can only be used to define value types, not structures or other types. For example, in the above example, _name and_symbol cannot be defined immutable. However, this restriction may be released in future versions of Solidity. Now we use a simple example contract to analyze the principle of invariables. The complete code is as follows:
pragma solidity =0.6.12; contract ImmutableDemo { uint256 private constant _f0 = 0x1234; uint256 private immutable _f1 = 0x5678; uint256 private immutable _f2; uint256 private _f3; constructor(uint256 f2) public { _f2 = f2 & 0xABCD; _f3 = 0xEFEF; } function addF0(uint256 x) external pure returns (uint256) { return (x + _f0) & 0xFFFFFF00; } function addF1(uint256 x) external view returns (uint256) { return (x + _f1) & 0xFFFFFF01; } function addF2(uint256 x) external view returns (uint256) { return (x + _f2) & 0xFFFFFF02; } function addF3(uint256 x) external view returns (uint256) { return (x + _f3) & 0xFFFFFF03; } } 
The contract defines a total of 4 variables. Among them, _f0 is a known constant at compile time, _f1 and _f2 are invariables, and _f3 is an ordinary state variable. The value of _f1 is determined at compile time, and the value of _f2 is calculated through the parameters passed to the constructor when the contract is created. The value of _f3 is initialized when the contract is created. In addition to the constructor, the contract also defines 4 external methods. To facilitate the observation of the compiled bytecode of the contract, we used some special constants in these methods and performed simple calculations. In addition, the logic of these methods is very simple.
Compile the above contract using solc (v0.6.12), and we can get the contract bytecode. The complete contract bytecode is also called the creation bytecode of the contract. It is mainly divided into two parts. The first half is the bytecode executed when the contract is deployed, and the second half is the runtime bytecode of the contract. The constructor of the contract will be compiled to the first half and executed when the contract is deployed for such operations as contract state initialization. After the bytecode is created, the runtime bytecode of the contract will be returned.
Note that for the contract creation bytecode, the runtime bytecode is just normal data. The contract creation bytecode can return the runtime bytecode intact (directly on the chain), or it can be modified arbitrarily and then returned (for example, by injecting the actual value of the invariable. See below for details). For more information on the contract bytecode, please refer to this article, and for more information on contract deployment, please refer to this article.
The compiled bytecode (creation bytecode) of our sample contract totals 673 (0x2A1) bytes, as shown below:
0x60c060405261567860809081525034801561001957600080fd5b506040516102a13803806102a18339818101604052602081101561003c57600080fd5b810190808051906020019092919050505061abcd811660a0818152505061efef6000819055505060805160a05161021b610086600039806101a8525080610176525061021b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c8063091ecb4e146100515780632183283914610093578063648dfa46146100d55780637217d1a014610117575b600080fd5b61007d6004803603602081101561006757600080fd5b8101908080359060200190929190505050610159565b6040518082815260200191505060405180910390f35b6100bf600480360360208110156100a957600080fd5b810190808035906020019092919050505061016d565b6040518082815260200191505060405180910390f35b610101600480360360208110156100eb57600080fd5b810190808035906020019092919050505061019f565b6040518082815260200191505060405180910390f35b6101436004803603602081101561012d57600080fd5b81019080803590602001909291905050506101d1565b6040518082815260200191505060405180910390f35b600063ffffff006112348301169050919050565b600063ffffff017f00000000000000000000000000000000000000000000000000000000000000008301169050919050565b600063ffffff027f00000000000000000000000000000000000000000000000000000000000000008301169050919050565b600063ffffff03600054830116905091905056fea2646970667358221220f2e74694c1ee966e6985b7d31032343ce592dc88a10f9359fa6a42fdbeff1cbe64736f6c634300060c0033 
The runtime code of the contract starts from the 134th (0x86) byte and totals 539 (0x21B) bytes, as shown below:
0x608060405234801561001057600080fd5b506004361061004c5760003560e01c8063091ecb4e146100515780632183283914610093578063648dfa46146100d55780637217d1a014610117575b600080fd5b61007d6004803603602081101561006757600080fd5b8101908080359060200190929190505050610159565b6040518082815260200191505060405180910390f35b6100bf600480360360208110156100a957600080fd5b810190808035906020019092919050505061016d565b6040518082815260200191505060405180910390f35b610101600480360360208110156100eb57600080fd5b810190808035906020019092919050505061019f565b6040518082815260200191505060405180910390f35b6101436004803603602081101561012d57600080fd5b81019080803590602001909291905050506101d1565b6040518082815260200191505060405180910390f35b600063ffffff006112348301169050919050565b600063ffffff017f00000000000000000000000000000000000000000000000000000000000000008301169050919050565b600063ffffff027f00000000000000000000000000000000000000000000000000000000000000008301169050919050565b600063ffffff03600054830116905091905056fea2646970667358221220f2e74694c1ee966e6985b7d31032343ce592dc88a10f9359fa6a42fdbeff1cbe64736f6c634300060c0033 
Below we will carefully analyze these two bytecodes to see how the invariables work.

Gas consumption of different configurations

Let's first look at the runtime bytecode of the contract. For the convenience of observation, the assembly code of the contract will be shown below. Long as the assembly code of the contract is, we can be sure that the logic of the constructor is not in the runtime bytecode according to the special constant value in the source code, and thus can easily find the assembly code of the four external methods. Most of the assembly code is omitted here, but only the important parts of the 4 external methods:
... [345] JUMPDEST [346] PUSH1 0x00 [348] PUSH4 0xffffff00 [353] PUSH2 0x1234 [356] DUP4 [357] ADD [358] AND ... [365] JUMPDEST [366] PUSH1 0x00 [368] PUSH4 0xffffff01 [373] PUSH32 0x0000000000000000000000000000000000000000000000000000000000000000 [406] DUP4 [407] ADD [408] AND ... [415] JUMPDEST [416] PUSH1 0x00 [418] PUSH4 0xffffff02 [423] PUSH32 0x0000000000000000000000000000000000000000000000000000000000000000 [456] DUP4 [457] ADD [458] AND ... [465] JUMPDEST [466] PUSH1 0x00 [468] PUSH4 0xffffff03 [473] PUSH1 0x00 [475] SLOAD [476] DUP4 [477] ADD [478] AND ... 
Obviously,
  1. PC (Programm Counter) is the assembly code of the addF0() function starting from 345, and the compile-time constants are compiled into PUSH2 instructions (PC is 353).
  2. The PC from 365 is the assembly code of the addF1() function. The invariable _f1 is compiled into PUSH32 instructions (PC is 373), and the immediate value is 0.
  3. The PC from 415 is the assembly code of the addF2() function. The invariable _f2 is also compiled into PUSH32 instructions (PC is 423), and the immediate value is 0.
  4. PC from 465 is the assembly code of the addF3() function, and ordinary state variables are compiled into SLOAD instruction (PC is 475).
It can be seen that in the runtime bytecode of the contract, the invariable is compiled into a PUSH instruction (the specific instruction depends on the number of bytes occupied by the invariable). But the immediate value of the instruction, which is 0, only serves as a placeholder. The creation bytecode of the contract must properly handle the immediate value of the PUSH instruction corresponding to each invariant, and replace it with the actual value, which will be further analyzed below.
Like constants, invariables are compiled into PUSH instructions, so they both consume the same gas, much lower than the gas consumed by ordinary state variables (SLOAD consumes 800 gas).

Implementation of immutable variables: Modify bytecode on the chain

Compared to the runtime bytecode of the contract, creation bytecode is a bit more complicated, so we need a form that facilitates observation. With the online disassembler provided by https://www.trustlook.com/services/smart.html, we can disassemble the bytecode into a relatively easy-to-understand pattern. The following is the disassembly result of the contract creation bytecode:
contract disassembler { function main() public return () { mstore(0x40,0xC0); mstore(0x80,0x5678); var0 = msg.value; require(!msg.value); var1 = (code.size - 0x2A1); callcodecopy(0xC0,0x2A1,(code.size - 0x2A1)); mstore(0x40,((code.size - 0x2A1) + 0xC0)); require((0x20 < (code.size - 0x2A1))); temp0 = (0xC0 + var1); temp1 = mload(0xC0); mstore(0xA0,(temp1 & 0xABCD)); sstore(0x0,0xEFEF); temp3 = mload(0x80); temp2 = mload(0xA0); callcodecopy(0x0,0x86,0x21B); mstore(0x1A8,temp2); mstore(0x176,temp3); RETURN(0x0,0x21B); } } 
Compared with the bytecode and assembly code, it is already an improvement. Still hard to understand? Don't worry. We will add comments to the disassembly code above, remove the irrelevant code, rename some variables, and explain each line of code in detail.
 function main() public return () { mstore(0x40,0xC0); // m[0x40] = 0xC0 mstore(0x80,0x5678); // m[0x80] = 0x5678 require(!msg.value); 
Line 1 above: The compiler reserves 0xC0 bytes of memory, and records this number in memory 0x40. Line 2: Record 0x5678 in memory 0x80. Line 3 has nothing to do with the discussion in this article and can be ignored.
 argsLen = (code.size - 0x2A1); callcodecopy(0xC0,0x2A1,argsLen); // m[0xC0] = args mstore(0x40,(argsLen + 0xC0)); // m[0x40] = 0xC0 + argsLen require((0x20 < argsLen)); 
Line 1: When the contract is deployed, the parameters passed to the constructor (after ABI encoding) will be spliced behind the bytecode. We can obtain the total length of the code after adding the parameter with the CODESIZE instruction, and, after subtracting the real code length 0x2A1, get the length of the parameter. Line 2: Copy the incoming parameters to 0xC0 in the memory. Line 3: Update the number of memory usage. Line 4: Ensure the length of the incoming parameter is sufficient.
 f2 = mload(0xC0); // f2 = m[0xC0] mstore(0xA0,(f2 & 0xABCD)); // m[0xA0] = f2 & 0xABCD sstore(0x0,0xEFEF); // _f3 = 0xEFEF 
Line 1: Load the parameter f2 that has been loaded into the memory onto the operand stack. Line 2: Perform a bitwise AND operation between f2 and 0xABCD, and then record it in memory 0xA0. Line 3: Initialize the state variable_f3.
 _f1 = mload(0x80); // _f1 = m[0x80] = 0x5678 _f2 = mload(0xA0); // _f2 = m[0xA0] = f2 & 0xABCD callcodecopy(0x0,0x86,0x21B); // m[0x00:] = code[0x86: 0x86+0x21B] mstore(0x1A8,_f2); // m[0x01A8] = _f2 mstore(0x176,_f1); // m[0x0176] = _f1 RETURN(0x0,0x21B); } 
The first and second lines above load the values at memory 0x80 and 0xA0 onto the operand stack. These two temporary variables record the actual values of _f1 and _f2. Then the value previously placed in memory is completely useless, so on the third line all the runtime bytecodes are copied to memory 0. On Lines 4 and 5, the immediate placeholders of PUSH instructions of two invariables in the runtime bytecode (located at 0x0176 and 0x01A8 in the runtime bytecode, respectively) are replaced with actual values. At this point, the runtime bytecode is ready, and then returns on Line 6 through the RETURN instruction. The following is the complete disassembly code after being adjusted with comments:
contract disassembler { function main() public return () { mstore(0x40,0xC0); // m[0x40] = 0xC0 mstore(0x80,0x5678); // m[0x80] = 0x5678 require(!msg.value); argsLen = (code.size - 0x2A1); callcodecopy(0xC0,0x2A1,argsLen); // m[0xC0] = args mstore(0x40,(argsLen + 0xC0)); // m[0x40] = 0xC0 + argsLen require((0x20 < argsLen)); f2 = mload(0xC0); // f2 = m[0xC0] mstore(0xA0,(f2 & 0xABCD)); // m[0xA0] = f2 & 0xABCD sstore(0x0,0xEFEF); // _f3 = 0xEFEF _f1 = mload(0x80); // _f1 = m[0x80] = 0x5678 _f2 = mload(0xA0); // _f2 = m[0xA0] = f2 & 0xABCD callcodecopy(0x0,0x86,0x21B); // m[0x00:] = code[0x86: 0x86+0x21B] mstore(0x1A8,_f2); // m[0x01A8] = _f2 mstore(0x176,_f1); // m[0x0176] = _f1 RETURN(0x0,0x21B); } } 

Combining proxy mode and static configuration

As mentioned earlier, the value of the invariable is determined when the contract is constructed and injected into the runtime bytecode of the contract, so the gas consumed by the invariable reading during the contract runtime is the same as that consumed by the constant. OneSwap mainly includes 7 contracts, most of which use invariables. Take OneSwapPairProxy as an example:
contract OneSwapPairProxy { uint internal _unlocked; uint internal immutable _immuFactory; uint internal immutable _immuMoneyToken; uint internal immutable _immuStockToken; uint internal immutable _immuOnes; uint internal immutable _immuOther; constructor(address stockToken, address moneyToken, bool isOnlySwap, uint64 stockUnit, uint64 priceMul, uint64 priceDiv, address ones) public { _immuFactory = uint(msg.sender); _immuMoneyToken = uint(moneyToken); _immuStockToken = uint(stockToken); _immuOnes = uint(ones); uint temp = isOnlySwap ? 1 : 0; temp = (temp<<64) | stockUnit; temp = (temp<<64) | priceMul; temp = (temp<<64) | priceDiv; _immuOther = temp; _unlocked = 1; } receive() external payable { } fallback() payable external { /* code omitted */ } } 
Similar to Uniswap, OneSwap's Pair contract is created by the Factory contract. The difference is that OneSwap adopts a proxy model in order to minimize the gas consumption when a Pair is created. Considering the complex logic of Pair and the gas-consuming deployment, OneSwap puts this part of the logic in the OneSwapPair contract which needs to be deployed only once. The Factory deploys the OneSwapPairProxy contract each time, which forwards all actual operations to OneSwapPair for processing. With the proxy mode, OneSwap also supports the upgrade of the Pair logic. In addition, to benefit from both the invariable and proxy mode at the same time, the OneSwap project has also explored the "Immutable Forwading" mode, which we will specifically introduce in a follow-up article.

Dynamic configuration of the contract

Constants must be valued when the contract is compiled, and invariables must be valued when the contract is constructed. That is static configuration. Common state variables can be modified after contract deployment, which is dynamic configuration. It is advised to limit the modification of important configurations to privileged accounts or governance contracts only. For example, the maintenance of the mainstream token list of the BuyBack contract follows this mode, and the list can only be configured by the ONES issuer:
contract OneSwapBuyback is IOneSwapBuyback { mapping (address => bool) private _mainTokens; address[] private _mainTokenArr; ... // Other codes omitted function addMainToken(address token) external override { require(msg.sender == IOneSwapToken(ones).owner()); if (!_mainTokens[token]) { _mainTokens[token] = true; _mainTokenArr.push(token); } } function removeMainToken(address token) external override { require(msg.sender == IOneSwapToken(ones).owner()); if (_mainTokens[token]) { _mainTokens[token] = false; uint256 lastIdx = _mainTokenArr.length - 1; for (uint256 i = 0; i < lastIdx; i++) { if (_mainTokenArr[i] == token) { _mainTokenArr[i] = _mainTokenArr[lastIdx]; break; } } _mainTokenArr.pop(); } } } 
The feeBPS and pairLogic variables of the OneSwapFactory contract are configured through the OneSwapGov contract. The feeBPS variable is read by the OneSwapPair contract to control the fee rate. The pairLogic variable is read by the OneSwapProxy contract. This variable and dynamic configuration is a major contributor to the negligible gas consumed by the Pair deployment and upgradeable Pair logic of the OneSwap project.

Conclusion

This article summarizes the two configuration methods of smart contracts: static configuration and dynamic configuration, and introduces several protection modes of dynamic configuration: privilege modification mode and governance mode. Static configuration can be realized through constants and invariables, and dynamic configuration through ordinary state variables. It also goes deep into the implementation of invariables at the EVM bytecode level.
Before Solidity v0.6.5, the constant value that could be determined when the contract was constructed could only be expressed by the state variable of the contract. Writing state variables during contract creation requires considerable Gas, and reading state variables during contract execution also consumes a lot of Gas (compared to PUSH instructions of the constant). The immutable state variable introduced in Solidity v0.6.5 effectively solves this problem by modifying the contract runtime bytecode (replacing placeholders) when the contract is deployed. In OneSwap, we used immutable state variables as much as possible, and also explored the "Immutable Forwading" mode, which is one of the reasons for the low Gas consumption in OneSwap. In subsequent articles, we will introduce more details on the implementation of the OneSwap project.

References

submitted by OneSwap to defi [link] [comments]

Top 10 of the Best Tools for Blockchain Development

Top 10 of the Best Tools for Blockchain Development
Blockchain has completed its journey of a decade. In this span, despite facing a lot of resilience, technology has overcome all the challenges and become one of the leading technologies. As per Upwork, Blockchain was one of the fastest-growing skills in 2008. Knowing its importance and growth that it has to offer, many individuals are now opting for Blockchain courses. There are specified Blockchain courses for Blockchain developer, Blockchain engineer, and other associated profiles. You can pick the one you interest you and start the journey to become a successful blockchain developer. While you pick up the Blockchain training, it also becomes crucial that you must acquire the knowledge about Blockchain tools. In this blog, we will discuss ten different Blockchain tools that will help you become a proficient Blockchain developer.
https://preview.redd.it/98ir6txo1jf51.jpg?width=1280&format=pjpg&auto=webp&s=7d0e5e32f552febd9084afae29c79c29cc7b5a7d
Top 10 Blockchain tools:
1. Geth- The first tool that we are discussing here is Geth; it is an implementation of Ethereym node and is written in the Go programming language. It acts as a node for Ethereum Blockchain. One can easily mine token, transfer the tokens, and also create smart contracts using Geth.
2. Solidity- if you are planning to become an Ethereum expert, you must have expertise in Solidity. It is one of the most popular programming languages. It supports the OOP paradigm and is mostly used for writing smart contracts. Blockchain developers can use Solidity to write applications. It is useful in creating contracts for voting, multi-signature wallet, and blind auctions.
3. Mist- This is the official Ethereum wallet that is available on Windows, Mac, and Linux. One of the key things you must know about Mist is that once you have created the password for it, you have to remember it, as you cannot change it.
4. Solc- or Solidity Compiler is written in C++. It converts solidity scripts into a more readable format. The smart contracts written in Solidity must be converted into a format that can be easily read by the EVM, and here Solc comes into the picture.
5. Remix- It is a browser-based Blockchain tool. This is also used for the creation of smart contracts. This one is written in Javascript. It is used for testing, troubleshooting, and debugging the smart contracts written in Solidity.
6. Metamask- It is a wallet which acts as a connecting line between a browser and Ethereum Blockchain. It acts as a browser extension.
7. Truffle- It is an Ethereum Blockchain framework used to create a development environment for developing applications based on Ethereum. Blockchain developers can access a vast library. This is used for developing complex Ethereum dApps. It can also perform automated contract testing using Mocha and Chain.
8. Ganache- You can create a private Blockchain using this tool. This can be used to test dApps and execute commands.
9. Blockchain Testnet- Blockchain developers develop apps, but it’s important for them to check if the app is free from error or not, with the help of Blockchain Testnet, you can test the applications before making them go live. You can check for the bugs or other errors.
10. Blockchain-as-a-Service (BaaS)- This works similarly as that of SaaS. You can leverage cloud-based solutions to build and hose custom-made Blockchain applications.
Wrapping up-
These were some of the important Blockchain tools. If you are planning to enroll in Blockchain training, you must also develop expertise in using these tools. They will help in better implementation of technology.
Moreover, with the right set of skills, you also become eligible for a better Blockchain developer salary. Blockchain development is not just about learning the concepts. Still, it is also about implementing the concepts; Blockchain Council is the platform that will provide you all the information and knowledge about Blockchain courses. If you wish to become an expert Blockchain developer, Blockchain certification will give you the right direction.
submitted by Blockchain_org to BlockchainStartups [link] [comments]

QuarkChain Staking 1.0:A DeFi Product Helps Miners and Holders Achieve Cooperation

QuarkChain Staking 1.0:A DeFi Product Helps Miners and Holders Achieve Cooperation

https://preview.redd.it/t92ibbuv9a851.png?width=690&format=png&auto=webp&s=625d423d5351efd31b9b18ecf080da3d7dc11f9c

Today let us proudly introduce QuarkChain Staking 1.0, a product that offers a way for miners to find the staked QKC tokens and the QKC holders to get extra income.
In addition to improve the flexibility through heterogeneous sharding technology, QuarkChain’s unique consensus algorithm, PoSW (Proof of Staked Work), becomes the basis to realize a cutting-edge DeFi system, which enables a division-and-cooperation mechanism that miners and token holders can work together on mining efficiently and share the profit afterward.
Unlike the high inflation rate of PoS with an obvious Matthew effect, PoSW still requires miners to compete with hash power. The total mining amount of QKC is 4 billion, and ~245 million has been mined in the first year. The annual mining output will be fixed to 88% of the previous year. that is to say, the new-generated token rate by PoSW will be much lower than PoS.
Read more: About PoSW
PoSW allows miners to enjoy the benefits of lower mining difficulty by staking mainnet QKC tokens. After the mining function on QuarkChain mainnet is enabled, miners and token holders have spontaneously formed a cooperative relationship that benefits both of them. However, a lot of small token holders are hard to meet the minimum requirement of the staking amount set by miners, which prevents them from participating in staking activities. After the QuarkChain Staking 1.0 smart contract is launched, multiple small and medium-sized token holders can stake QKC together into the same contract which cumulatively meets the requirement of minimum staking amount. More QKC holders can participate and share mining rewards, and the miners can also find enough staking tokens more easily.
Reward base: The reward is based on the efficiency difference between QuarkChain mainnet staking mining and non-deposit mining.
Miner participation: Minors provide mining machines, deploy the contracts according to the consensus, and set a revenue share ratio.
Token holder participation: Token holders choose a credible contract with official verification and transfer the mainnet QKC into the contract address after confirming the profit-sharing percentage with miner after confirming the profit-sharing percentage with miner(s).
Return ratio: It should be negotiated by both parties.
Earnings acquisition: Token holders deposit the returns into the contract real-time, and withdraw the tokens at the agreed time with the miner(s).
Contract address example: pragma solidity >0.4.99 StakerInfo) public stakerInfo; address[] public stakers; address public admin; uint256 public…
Redemption: After negotiating with miners, shut down the mining machine for redemption.
This cooperation model is simple and user-friendly. The token holders only need officially verified contracts and QKC tokens on the mainnet. There is no need for other tokens during the whole process. The currently launched contract is our first available version. QuarkChain will make further improvements on it, and bring to our users a dApp with customization and matching functions in the coming two quarters. Then miners can issue staking smart contracts more easily, and token holders can directly select contracts on the dApp page and complete the deposit with fewer steps.
The most important thing to the public chain is the forward-looking layout of specific functions. QuarkChain has realized the value of DeFi and joined in this game from the first day we set off. Now, we are creating future DeFi with the eco-partners from various fields together.
In the next generation of DeFi, QuarkChain will achieve more breakthroughs in efficiency, ease of use, and security. You can learn more about this from our previous article:
https://docs.google.com/document/d/1CggTWPpO92zCT-H1eLTm37Z9hF7keJ87bmmqG1W7iGM/edit#heading=h.jx7bb77e5zia

Staking Pool Contract User Guide

DISCLAIMER: THIS IS A REFERENCE IMPLEMENTATION AND NOT AUDITED. USE IT AT YOUR OWN RISK. WE WILL NOT ACCEPT RESPONSIBILITY FOR COSTS YOU MAY INCUR AS A RESULT OF USING THIS CONTRACT. 

Deploy Contract

  1. Use your favorite Ethereum tooling like solc and remix to compile the StakingPool contract, copy the byteCode, and abi.
  • Paste your smart contract code in Remix and compile the smart contract. Click on start to compile your smart contract. QuarkChain VM hasn’t supported Istanbul, compiler version should be <= 0.5.13
  • Choose the contract name that we want to deploy from the left dropdown and click on the details tab. You will see the bytecode and ABI while you scroll down the details.
  • Copy ABI by clicking on the ABI.
https://preview.redd.it/5g7udyh5aa851.png?width=1400&format=png&auto=webp&s=f9df21c379faad71b9183f38564e62b51184b333
  1. Go to the Deploy tab and deploy the contract on testnet.
https://preview.redd.it/f6o4ovu6aa851.png?width=1400&format=png&auto=webp&s=e5ebc5aae6384ae2268199bccf78f9c016eb3b3c
  1. Admin should be a trusted entity (preferably on the staker side). He/she can adjust minerFeerateBp by using the method adjustMinerFeeRate which could prevent miners from doing evil. For example, miners don’t stop mining when stakers want to withdraw their stakes. Max feeRateBp is 10000 which equals 100%.
  • Check the transaction on ethers can and copy Input Data.
https://preview.redd.it/4edzazt8aa851.png?width=1400&format=png&auto=webp&s=ce48ff0e032ff90d6f7be046e1115e183e51fa3a
  1. Deploy your contract on QuarkChain Mainet Explorer.
  • Choose the right shard which you want to mine on the Address area.
  • Paste copied Input Data to Deploy tab and set gas limit >= 2000000 (make sure you have enough QKC on this shard), then click the deploy button.

https://preview.redd.it/armzr0xcaa851.png?width=1400&format=png&auto=webp&s=145fa18a7e9528ae95dbe0f270028d6e625763fb
https://preview.redd.it/wtf3kacdaa851.png?width=1400&format=png&auto=webp&s=ab1a26169fb7583b4e0419a73b14ac2a7e4d2c58
  • On the transaction status page, you may find the contract address once the transaction is confirmed.
https://preview.redd.it/9vxs3wpfaa851.png?width=1400&format=png&auto=webp&s=2499ee6f7bb87569d447e5f6a15739cf60acd9cd
https://preview.redd.it/a3yltgchaa851.png?width=1400&format=png&auto=webp&s=a513210190d81bc8c7f45f2808ad096098a18176

Stake QKC

  • You can interact with your contract on our QuarkChain Mainet Explorer. Make sure you have enough QKC for paying the gas fee on the right chain.
https://preview.redd.it/vn7zaaqlaa851.png?width=1400&format=png&auto=webp&s=d3ede250509f70a3b6dd38c8c7efebe9298e7b34
  • QKC holders can transfer their QKC to the contract address. Please try the contract methods before staking to make sure the contract is working as expected.
https://preview.redd.it/w7a1gl0oaa851.png?width=1400&format=png&auto=webp&s=9cdbdcce5b885ccdb833f4b99d3689e2685e68e5

Mine QKC

Here uses hiveos.farm with ethminer as an example. You may use your own tooling with similar procedures.
  • Paste the contract address to your mining settings instead of the regular QKC wallet address. Start mining. Miner address should be ETH like, so we need to delete the last eight digits of the contract address.
https://preview.redd.it/e31i3j2qaa851.png?width=583&format=png&auto=webp&s=b1867c843e24ce9edadab8a0350a1ab095b8c156
https://preview.redd.it/59q52f2raa851.png?width=1400&format=png&auto=webp&s=05f42d09703ee80278ede30ba8efc465ea2e9046

Withdraw Profits

Staker, Miner, and PoolMaintainer can withdraw their profits by methods withdraw Stakers(amount), withdrawMinerReward, and transferMaintainerFee.
https://preview.redd.it/x6vp6gvsaa851.png?width=1400&format=png&auto=webp&s=2c2472837deb9757eeca2ce35236716b704a1dad
submitted by QuarkChain to u/QuarkChain [link] [comments]

Many solidity version, just one EVM Bytecode?

Technical Question:
I am doing some scientific research on security issues regarding Solidity Code and EVM Bytecode and I came up with a question. (Please correct any wrong statement, it really helps!) So there are a lot of solidity compiler versions which evolved over the past years, based on EIPs. They all co-exist on the blockchain because they are stored as EVM Bytecode. So the question is: Does the EVM Bytecode ever change or does it get edits? I don't think that would be possible because it could end up breaking contracts that already exist. Then do the neweimproved versions of solc just give better and safer ways to arrange the EVM Bytecode to fix Errors and safety threats that are found over time?
If I could find anyone who is into the deep technical stuff, i would really apprechiate an answer!
submitted by simwor to ethdev [link] [comments]

svm: manage multiple installations of the Solidity compiler (solc) on Linux, macOS and Windows

Having worked with Solidity & smart contracts on Ethereum for the last few years, I've accrued lots of different projects, some of which require disparate versions of Solidity, meaning that I need to keep multiple solc binaries on my development machine, and switch between them on a frequent basis. Doing this often involves manually changing my path variable or renaming files & executables, and compiling new solc versions - in short it's been a bit of a pain point when writing smart contracts.
To solve this, I've written svm, a small CLI-based utility which allows you to switch between solc versions with a single command, and to set defaults & aliases - much like nvm for NodeJS, or jabba for Java.
I'm hoping other devs & the rest of the community will find it useful, you can find installation instructions for most mainstream platforms in the GitHub repo linked below:
https://github.com/josh-richardson/svm
submitted by Synchisis to ethdev [link] [comments]

svm: manage multiple installations of the Solidity compiler (solc) on Linux, macOS and Windows

Having worked with Solidity & smart contracts on Ethereum for the last few years, I've accrued lots of different projects, some of which require disparate versions of Solidity, meaning that I need to keep multiple solc binaries on my development machine, and switch between them on a frequent basis. Doing this often involves manually changing my path variable or renaming files & executables, and compiling new solc versions - in short it's been a bit of a pain point when writing smart contracts.
To solve this, I've written svm, a small CLI-based utility which allows you to switch between solc versions with a single command, and to set defaults & aliases - much like nvm for NodeJS, or jabba for Java.
I'm hoping other devs & the rest of the community will find it useful, you can find installation instructions for most mainstream platforms in the GitHub repo linked below:
https://github.com/josh-richardson/svm
submitted by Synchisis to ethereum [link] [comments]

Geth and go-etheruem

I'm totally confused. I install etheruem (geth) via apt-get from the recommended repositories, get a testnet synced, play with the console, and all seems well. then I hop over to a tutorial as I'd like to put a basic contract up and play with it, but every tutorial says install go-ethereum via go install go-ethereum. When I do that, then I have multiple geth executables, so it seems I don't need either the apt-get or the go install go-etheruem. I already have geth installed via apt-get and running as a service.

secondly, all these tutorials say to install go-etheruem, then walk you through an easy .sol file, but abigen isn't installed even with go-etheruem. And then I find I need solc with boost (which I don't want boost on this build), nodejs (which I certainly don't want on this build), that every tutorial so far seems to neglect.

So with all that, whats a good way to get a contract up on testnet? I'm thinking that once the contract is up, I'll be able to interact with it with just Go and Geth. I'm trying to keep a clean build. I'm looking at remix as the alternative to installing solc, but that interface is odd and I'm not sure what I'm looking or if the contract even went anywhere.
submitted by piltwort to ethereum [link] [comments]

How to attack the Ethereum network using a malicious ICO | A malicious smart contract could congest the network to unusable levels for upwards of seven days.

Hello, everyone! Sorry for the long post, but I think you will all enjoy it and hopefully learn somethings along the way. Here's an image of my Excel calculation results and here's an example contract with another set of numbers. Both files will be helpful later on (you'll see) but aren't necessary to understand this post. TL;DR: An attacker or competing chain could disrupt Ethereum for significant periods by taking advantage of miner's greed, and the best way to prevent it is to reenable dynamic gas limits.
Intro
With the recent congestion issues on the Ethereum network, it has become obvious that there is a serious issue with the current gas payment structure. Not only does the issue pose serious questions about the scalability of Ethereum, it also opens the network up to attacks. I’ll show how a relatively small sum of Ether can be enough to kickstart a miner-enabled DDoS attack. But first we have to understand the problem, and to do that we have to realize where it came from.
Origin of the Problem
Gas, for those that are unfamiliar with the inner workings of Ethereum, is a unit of computation power used to measure the processing requirements of a transaction. A block’s gas limit is the max amount of processing that needs to be done to complete all transactions in the block. Normally, the gas limit would rise and fall with the needs of the network, allowing blocks to expand as the transaction volume increased.
When users need to get their transactions into a block faster, they set a higher gas price. The gas price is the ratio of gas used to the amount of ether paid to the miner as a processing fee (to account for fluctuating values of Ether). Miners ideally try to include as many transactions in a block as they can and prioritize the transactions with the highest gas prices in order to collect as many fees as possible per block. This is where the system breaks.
Some time ago, there was an attack on the Ethereum network involving contracts that would use all the gas in a block on processes that had extremely slow execution speeds, resulting in long block verification times. In order to combat these contracts, miners collectively lowered the gas limits of each block. The default gas limit on new releases of mining software became a fixed value, so the network no longer expanded blocks as they became more filled. The decision reduced the effects of the malicious contracts, but created the situation we are in today.
Recent Developments
Recent ICOs (Initial Coin Offerings, like when a stock goes public but for cryptocurrencies) required that entrants purchase the coins within a certain window of time. This created a race condition: Only transactions processed in that window would be valid purchases, regardless of when they were first sent to a miner for processing. The constant gas limit imposed by the miners meant that there were a limited amount of transactions that could make it into the window. So, entrants increased the gas price of their transactions so they would be processed before the rest. As more people tried to send transactions, the necessary gas price to stay in the window began to skyrocket. Some people paid thousands of dollars in transaction fees to be included in the ICO. If their transactions were too late, they simply wasted their money. The problem wasn’t confined to just the ICO, either.
Since everyone was paying extra to get into the ICO, regular transactions were postponed until they were the most profitable. This meant that any smart contract actions not related to the ICO were put on hold until the congestion cleared, which effectively froze the smart contracts for the duration of the ICO.
While a smart contract delay of several minutes might be inconsequential, a similar network disruption for an entire day (or several) would cripple any business that relied on Ethereum smart contracts for its daily activities (such as with ERP or logistics applications). This has huge implications for the future of Ethereum, since businesses will look to more reliable blockchains or switch to their own, off-chain solution if Ethereum can’t scale to their needs.
Creating Problems to Highlight Problems
Anyone that thinks that these conditions are a fluke is mistaken. The situation has been manipulated by the miners to profit off the limited transaction volume and increased gas prices. You see, it's actually profitable for miners to create these situations: if everyone could fit into the window, they would not need to pay exorbitant gas prices. The longer they keep the gas limits down, the more people are willing to pay to get into these ICO’s. It’s not just enough to change the way we do ICOs: We have to change the conditions that led to this current situation. Until then, an attacker can abuse the current conditions to destroy Ethereum from within. And here’s how:
Creating Our Attack Contract
(Here's where that example contract will be handy) To create our attack, we first start with a simple derivative coin sale contract. We’ll call these DDoS Coins, or DCoins. At the end of the sale, all the DCoins will be converted back into Ether at the rate TotalEtherCollected/TotalCoinsMade.
1) We seed the contract with a starting amount of Ether. This amount will determine the price of entry per generation (higher seed amount means higher prices and incentive to enter).
2) We require that only transactions with less than a certain gas price are allowed to purchase coins, preventing people from spending more gas to get into the sale early.
3) We create a set of ‘generations’ with varying conditions on the sale, where the current generation is determined by the total number of successful purchases. The earlier generations have more favorable terms than later generations.
4) We also require that each transaction in a generation receives the same amount of DCoins regardless of how much Ether is sent with it (as long as it is above the generation’s price).
5) In order to incentivize miners to process the transactions, a percentage of the total Ether in the transaction goes to the block’s coinbase (the miner that mined the block).
6) After a requisite number of generations or blocks have passed, the DCoins can be redeemed.
What the Attack Does
First, the seed Ether creates an incentive to buy DCoins. Since each coin is worth (SumOfPayments+SeedEther)/(NumberOfCoins), it will always be profitable to enter into the contract (though this doesn't have to be the case). Because the early generations have more favorable conditions, it will be most profitable to enter the contract earlier. We limited the gasprice, so the only way to incentivize a miner to process a transaction earlier than any other is to include a higher amount of Ether in the purchase transaction (and therefore send a higher amount to the miner when their percentage is taken out). Additional Ether over the generation’s price that is not sent to the miners is stored in the contract, increasing the value of the contract (and subsequent coins). As the generations pass, the contract stores more and more Ether, becoming profitable to enter even in the later generations.
Since it’s at least profitable to enter the contract, it can be expected that all DCoins will be purchased as they become available. The point of the contract is now to get as many transactions in as early as possible. This creates the same race condition as the ICO mentioned before, and results in the network becoming increasingly congested as more transactions try to be included in the latest block. With enough seed Ether, it is possible to run iterations on this contract indefinitely and effectively DoS the network. How much seed Ether would be enough? According to initial calculations (see spreadsheet results), it would only take around $1M in seed Ether to create enough demand to fill every block on the Ethereum network (at current limits) for two whole days. Which means that it would only cost $3.5M to congest the network to unusable levels for an entire week. To put that in perspective, Poloniex has daily transaction volumes of over $25M in Ether alone, and nearly twice that in Bitcoin. The flash crash shows that there are individuals out there with this level of funding. The capabilities are there, and it is only a matter of time before a someone implements this contract on Ethereum to drive the value of the network into the ground. And this is with a basic smart contract that was coded in a day, not a sophisticated or mathematically optimal exploit.
Conclusion
So, what is the solution to the problem? Simple: Miners just need to dynamically increase block gas limits again. Easier said than done, unfortunately. There are enough reasons for miners to keep the limits low that we may never see 100% consensus on an improved algorithm without another fork. Other methods are likely in the works, but until there is a concrete change, the Ethereum network will continue to be vulnerable to attacks like this thanks to the greed of its own miners.
submitted by lordofthemists to ethtrader [link] [comments]

Experimenting with ETH smart contracts on top of IOTA

Here's a way to use ethereum smart contracts on top of iota network. You need evm-tools, basic usage is explained in guide.md, and iota.lib.js. I'll use a slightly modified version of the minimum viable token:
contract MyToken { mapping (address => uint256) public balanceOf; function MyToken() { balanceOf[msg.sender] = 1000000; } function get_balance(address addr) returns (uint256) { return balanceOf[addr]; } function transfer(address to, uint256 value) { require(balanceOf[msg.sender] >= value); require(balanceOf[to] + value >= balanceOf[to]); balanceOf[msg.sender] -= value; balanceOf[to] += value; } } 
You can obtain the contract from e.g. thetangle.org:
  1. call iota.utils.fromTrytes('RCDB9...AWACB'); with the signature, excluding tailing 9s
  2. use the part after c: as an argument to evm --code ...
    evm --datadir evmdata --code 606060...0029
This should print among other things the address of the resulting contract which should be used to call it:
Contract Address: 1F2A98889594024BFFDA3311CBE69728D392C06D 
Call get_balance of the contract by obtaining the required data from thetangle.org:
  1. call iota.utils.fromTrytes('HDD...BWA');
  2. use the part after t: as argument to --to and part after i: as argument to --input
    evm --datadir evmdata --to 1F2...06D --input 1e2...572
Transfer 0xff tokens from address ...572 to address ...571 by calling transfer with its hash + destination address + amount of tokens (padded to 32 bytes with zeros from left) as --input:
  1. call iota.utils.fromTrytes('HDD...CUC');
  2. as above
    evm --datadir evmdata --to 1F2...06D --input a90...0ff
Now you can check the balance of ...571:
evm --datadir evmdata --to 1F2...06D --input 1e2...571 OUT: 0x000...0ff 
while balance of ...572 is f4141 instead of f4240.
If you don't want to execute smart contracts from unknown sources, here's how to do the above locally:
Compile MyToken:
solc --optimize contract.sol --bin --hashes 
The binary should be identical to the one obtained from the top most iota transaction. Solidity also produces hashes which are used to call the contract's functions:
Function signatures: 70a08231: balanceOf(address) 1e279a37: get_balance(address) a9059cbb: transfer(address,uint256) 
The call to get_balance takes as input the hash of get_balance and the address, which by default is echo sender | hexdump -C or 73656e646572, left-padded with 0s to 32 bytes:
evm --datadir evmdata --to 1F2A98889594024BFFDA3311CBE69728D392C06D --input 1e279a37000000000000000000000000000000000000000000000000000073656e646572 
Someone should automate this...
Thanks to one of the iotatoken.nl nodes for doing the PoW for my transactions.
edits: spelling, links, etc.
submitted by iotatili to Iota [link] [comments]

Returning to Ethdev and don't know how to truffle anymore

I've been a bit out of the scene but I start working full-time in the crypto and Ethereum industry as of tomorrow. Right now, though, I'm trying to get some contract integration working for a dApp that just doesn't want to happen. I've been a bit out of touch, but I don't seem to be able to get even basic functionality working.
I'm building a dApp based on the Truffle React box. Not Drizzle, just React. The JS side of things is perfectly fine, I got all the React stuff done quickly and well and then tried to integrate the contract I just got and it's ground to a halt. Web3 is working and the contract deployed. I can console log any of these out and they're all good. But attempting to actually call a function in the contract just gives me the dreaded VM Exception while processing transaction: revert.
For testing purposes, the function I'm trying to call in the contract couldn't be simpler:
function getTest() public pure returns (uint256) { return 123; } 
I've tried the following:
contract.getTest(); contract.getTest({from: accounts[0]}); contract.getTest.call(); contract.getTest.call({from: accounts[0]}); 
None of them did anything different, nothing but revert.
To head off the inevitable questions - yes, contract is declared and is the correct contract, I have deployed, and it does have the getTest function in the deployed contract. The accounts variable is also correct, and is an array of accounts from Ganache.
Versions are all current default:
Truffle v4.1.13 (core: 4.1.13) Solidity v0.4.24 (solc-js) Web3 v0.16.0
All this leads to the next inevitable question which is that this isn't actually what I want to do anyway. The actual goal is that the contract has an array of structs which is public. And I want to get that.
Company[] public companies; 
I eventually got something working, but then I got a bignumber error that I think might have to do with it not knowing how to deal with the return struct.
Is there some setup I need to use here to get this to work? In particular do I need to have web3 using v1.0.0? That seems strange given that actual use with something like metamask will drop it down to 0.16.0 anyway. Am I missing something? Everything?
submitted by mattaugamer to ethdev [link] [comments]

Programmer wants to program Dapp but would love some help

I live in Los Angeles and we have this service called West Side Rentals. It is a sleazy site that has somehow become the trusted way to find decent apartments to rent as well as where land lords feel "secure" in the type of people that will be renting. There is a cost to use this service on both sides.
Seems like a Dapp might be in order? I am pretty darn good at JS and PHP but I am clueless where to begin. Maybe somebody has already embarked on this route and is looking for some help?
submitted by l0c0luke to ethereum [link] [comments]

React + Web3 Example request

Hi all, I'm looking for a working example of an ethereum contract working with react. I'm running versions: Truffle v5.0.1 (core: 5.0.1)
Solidity v0.5.0 (solc-js)
Node v10.15.0
I'm trying to write a simple web interface that just prints the state var to the site and then changes it.
Sample contract:
contract Test { string string1; constructor() public { string1 = "foo"; } function setString(string memory _input) public { string1 = _input; } } 
submitted by crazybrker to reactjs [link] [comments]

How to attack the Ethereum network using a malicious ICO | A malicious smart contract could congest the network to unusable levels for upwards of seven days.

Hello, everyone! Sorry for the long post, but I think you will all enjoy it and hopefully learn somethings along the way. Here's an image of my Excel calculation results and here's an example contract with another set of numbers. Both files will be helpful later on (you'll see) but aren't necessary to understand this post. TL;DR: An attacker or competing chain could disrupt Ethereum for significant periods by taking advantage of miner's greed, and the best way to prevent it is to reenable dynamic gas limits.
Intro
With the recent congestion issues on the Ethereum network, it has become obvious that there is a serious issue with the current gas payment structure. Not only does the issue pose serious questions about the scalability of Ethereum, it also opens the network up to attacks. I’ll show how a relatively small sum of Ether can be enough to kickstart a miner-enabled DDoS attack. But first we have to understand the problem, and to do that we have to realize where it came from.
Origin of the Problem
Gas, for those that are unfamiliar with the inner workings of Ethereum, is a unit of computation power used to measure the processing requirements of a transaction. A block’s gas limit is the max amount of processing that needs to be done to complete all transactions in the block. Normally, the gas limit would rise and fall with the needs of the network, allowing blocks to expand as the transaction volume increased.
When users need to get their transactions into a block faster, they set a higher gas price. The gas price is the ratio of gas used to the amount of ether paid to the miner as a processing fee (to account for fluctuating values of Ether). Miners ideally try to include as many transactions in a block as they can and prioritize the transactions with the highest gas prices in order to collect as many fees as possible per block. This is where the system breaks.
Some time ago, there was an attack on the Ethereum network involving contracts that would use all the gas in a block on processes that had extremely slow execution speeds, resulting in long block verification times. In order to combat these contracts, miners collectively lowered the gas limits of each block. The default gas limit on new releases of mining software became a fixed value, so the network no longer expanded blocks as they became more filled. The decision reduced the effects of the malicious contracts, but created the situation we are in today.
Recent Developments
Recent ICOs (Initial Coin Offerings, like when a stock goes public but for cryptocurrencies) required that entrants purchase the coins within a certain window of time. This created a race condition: Only transactions processed in that window would be valid purchases, regardless of when they were first sent to a miner for processing. The constant gas limit imposed by the miners meant that there were a limited amount of transactions that could make it into the window. So, entrants increased the gas price of their transactions so they would be processed before the rest. As more people tried to send transactions, the necessary gas price to stay in the window began to skyrocket. Some people paid thousands of dollars in transaction fees to be included in the ICO. If their transactions were too late, they simply wasted their money. The problem wasn’t confined to just the ICO, either.
Since everyone was paying extra to get into the ICO, regular transactions were postponed until they were the most profitable. This meant that any smart contract actions not related to the ICO were put on hold until the congestion cleared, which effectively froze the smart contracts for the duration of the ICO.
While a smart contract delay of several minutes might be inconsequential, a similar network disruption for an entire day (or several) would cripple any business that relied on Ethereum smart contracts for its daily activities (such as with ERP or logistics applications). This has huge implications for the future of Ethereum, since businesses will look to more reliable blockchains or switch to their own, off-chain solution if Ethereum can’t scale to their needs.
Creating Problems to Highlight Problems
Anyone that thinks that these conditions are a fluke is mistaken. The situation has been manipulated by the miners to profit off the limited transaction volume and increased gas prices. You see, it's actually profitable for miners to create these situations: if everyone could fit into the window, they would not need to pay exorbitant gas prices. The longer they keep the gas limits down, the more people are willing to pay to get into these ICO’s. It’s not just enough to change the way we do ICOs: We have to change the conditions that led to this current situation. Until then, an attacker can abuse the current conditions to destroy Ethereum from within. And here’s how:
Creating Our Attack Contract
(Here's where that example contract will be handy) To create our attack, we first start with a simple derivative coin sale contract. We’ll call these DDoS Coins, or DCoins. At the end of the sale, all the DCoins will be converted back into Ether at the rate TotalEtherCollected/TotalCoinsMade.
1) We seed the contract with a starting amount of Ether. This amount will determine the price of entry per generation (higher seed amount means higher prices and incentive to enter).
2) We require that only transactions with less than a certain gas price are allowed to purchase coins, preventing people from spending more gas to get into the sale early.
3) We create a set of ‘generations’ with varying conditions on the sale, where the current generation is determined by the total number of successful purchases. The earlier generations have more favorable terms than later generations.
4) We also require that each transaction in a generation receives the same amount of DCoins regardless of how much Ether is sent with it (as long as it is above the generation’s price).
5) In order to incentivize miners to process the transactions, a percentage of the total Ether in the transaction goes to the block’s coinbase (the miner that mined the block).
6) After a requisite number of generations have passed, the DCoins can be redeemed.
So what does this attack do? First, the seed Ether creates an incentive to buy DCoins. Since each coin is worth (SumOfPayments+SeedEther)/(NumberOfCoins), it will always be profitable to enter into the contract. Because the early generations have more favorable conditions, it will be most profitable to enter the contract earlier. We limited the gasprice, so the only way to incentivize a miner to process a transaction earlier than any other is to include a higher amount of Ether in the purchase transaction (and therefore send a higher amount to the miner when their percentage is taken out). Additional Ether over the generation’s price that is not sent to the miners is stored in the contract, increasing the value of the contract (and subsequent coins). As the generations pass, the contract stores more and more Ether, becoming profitable to enter even in the later generations.
Since it’s at least profitable to enter the contract, it can be expected that all coins will be purchased as they become available. The point of the contract is now to get as many transactions in as early as possible. This creates the same race condition as the ICO mentioned before, and results in the network becoming increasingly congested as more transactions try to be included in the latest block. With enough seed Ether, it is possible to run iterations on this contract indefinitely and effectively DoS the network. How much seed Ether would be enough? According to initial calculations (see spreadsheet results), it would only take around $1M in seed Ether to create enough demand to fill every block on the Ethereum network (at current limits) for two whole days. Which means that it would only cost $3.5M to shut the network down for an entire week. To put that in perspective, Poloniex has daily transaction volumes of over $25M in Ether alone, and nearly twice that in Bitcoin. The capabilities are there, and it is only a matter of time before a competing chain implements this contract on Ethereum to drive the value of the network into the ground. And this is with a basic smart contract that was coded in a day, not a sophisticated or mathematically optimal exploit.
Conclusion
So, what is the solution to the problem? Simple: Miners need to dynamically increase block gas limits again. Easier said than done, unfortunately. There are enough reasons for miners to keep the limits low that we may never see 100% consensus on an algorithm without another fork. Other methods are likely in the works, but until there is a concrete change, the Ethereum network will be vulnerable to attacks thanks to the greed of its own miners.
submitted by lordofthemists to ethereum [link] [comments]

Solidity transfer() function not found since upgrading to Truffle 5 beta?

UPDATE: Check the answer on that post. Truffle 5.0 uses Solc 5.0 by default and that version introduced a breaking change that requires all address that you want send Ether to as "address payable" instead of just "address". If you don't want to upgrade to the 5.0 compiler, fortunately Truffle 5.0 has a new feature that allows you to specifiy which compiler you want to use (although it still prints out "v0.5.0" in the status message):
https://ethereum.stackexchange.com/questions/15749/how-do-i-specify-a-different-solidity-version-in-a-truffle-contract
Look for the reply by willjgriff that is not the top-voted answer.
Since I upgraded to Truffle 5.0 beta I am getting a fatal compiler error about the "transfer()" function not being found:
https://ethereum.stackexchange.com/questions/63079/member-function-transfer-not-found-or-not-visible-after-argument-dependent-loo
Is anybody else seeing this too? Also, if anyone can figure out why I'm not seeing an increase in the balance of my payment destination (pre Truffle 5 beta), I'd appreciate some help. This is a real head-scratcher.
BTW, is an EIP the right device for suggesting some way for wallets to easily track payments received from smart contracts via the transfer() function? My understanding is that as of now, they are considered "internal" transactions and therefore don't have a transaction hash that wallet software can use. Unfortunately this leads to a poor user experience equivalent to getting your bank or credit card statement with a note saying "please inspect your balance to see if you have received all expected payments".
I have dApp/game I'll be publishing next month that makes several payments at the end of the game to players and bands. For now, users will have to come to my site to get an accounting of payments and I've already written the back-end software to do that. Still, it would be a vastly superior user experience if they could just jump into Metamask and see their payments.
submitted by vengeful_bunny to ethdev [link] [comments]

Solidity Mode Flycheck

Hello all,
I'm having an issue getting flycheck to work in solidity mode(https://github.com/ethereum/emacs-solidity).
Here is the important part of my config:
(use-package solidity-mode :ensure t :config (setq solidity-solc-path "/home/emillenode/lib/node_modules/solc/solcjs") (setq solidity-solium-path "/home/emillenode/lib/node_modules/solium/bin/solium") (setq solidity-flycheck-solc-checker-active t) (setq solidity-flycheck-solium-checker-active t) (setq flycheck-solidity-solc-addstd-contracts t) (setq flycheck-solidity-solium-soliumrcfile "~/.soliumrc.json") (setq solidity-comment-style 'slash)) 
I had the same issue in space, vanilla, and now doom emacs.
submitted by Emiller8800 to emacs [link] [comments]

Solidity 0.2.1 released (important optimizer bug fix!)

This release includes three major features and one very important bugfix in the optimizer.
In some situations, the optimizer generated incorrect code. Please always test you code before you use it, unfortunately, we can never guarantee 100% correctness.
We are especially grateful about the many voluntary community contributions this release received. Two fearless individuals dived deep into the solidity code and delivered two major features: Thanks a lot to @VoR0220 for the inline arrays and to @guanqun for the ternary operator! Furthermore, @bobsummerwill spent a lot of free time handling build issues on MacOS and other platforms. Other contributions came from @axic, @chfast, @ethers, @janx, @pipermerriam and @u2.
Features:
Inline arrays, i.e. var y = [1,x,f()]; if there is a common type for 1, x and f(). Note that the result is always a fixed-length memory array and conversion to dynamic-length memory arrays is not yet possible. Import similar to ECMAScript6 import (import "abc.sol" as d and import {x, y} from "abc.sol"). Documentation Commandline compiler solc automatically resolves missing imports and allows for "include directories". Documentation Conditional / ternary operator: x ? y : z 
Fixed bugs:
Several bugs where the optimizer generated invalid code. Enums and structs were not accessible to other contracts. Fixed segfault connected to function paramater types, appeared during gas estimation. Type checker crash for wrong number of base constructor parameters. Allow function overloads with different array types. Allow assignments of type (x) = 7. Type uint176 was not available. Fixed crash during type checking concerning constructor calls. Fixed crash during code generation concerning invalid accessors for struct types. Fixed crash during code generating concerning computing a hash of a struct type. 
https://github.com/ethereum/solidity/releases/tag/v0.2.1
Binaries will be available in the relevant channels shortly (as always, https://chriseth.github.io/browser-solidity will be first).
submitted by chriseth to ethereum [link] [comments]

BlockChain Ethereum Tutorial - Execution of Smart Contract - Part3 Getting Started with Ethereum Blockchain Development Ethereum BlockChain Tutorial - Compilation of Smart Contracts - Part2 Solidity compilers Mutation Testing with Vertigo by Joran Honig

I want to install solc 0.4.24 but the commands given below installs the new version. sudo add-apt-repository ppa:ethereum/ethereum sudo apt-get update sudo apt-get install solc Or sudo snap instal... Note: There is a new version for this artifact. New Version: 0.5.7: Maven; Gradle; SBT; Ivy; Grape; Leiningen; Buildr Ethereum is a global, decentralized platform for money and new kinds of applications. On Ethereum, you can write code that controls money, and build applications accessible anywhere in the world. Etherscan is a Block Explorer and Analytics Platform for Ethereum, a decentralized smart contracts platform. The solc command line compiler is a C++ implementation of the Solidity compiler that can output opcodes for interpretation by the Ethereum Virtual Machine (EVM). There are plenty of excellent resources available covering Solidity, including the Solidity documentation.This article will step through the basics of getting started with solc on Windows. ...

[index] [4397] [3423] [1989] [5626] [4713] [1316] [1065] [7108] [1677] [3509]

BlockChain Ethereum Tutorial - Execution of Smart Contract - Part3

Ethereum Installation - ... Our intention is to make new technologies & emerging tools installation easy for students, beginners & experienced professionals. 1. In this the first part of a series of videos we describe an experimental VS Code extension for Solidity programs that makes greater use of solc's AST and uses a library that I hope will become the ... An introduction to mutation testing and the tool Vertigo, including a discussion where solc, Truffle, and Vertigo could work together. Getting Started with Ethereum Blockchain Development this tutorial will show how to develop your own Blockchain environment with Ethereum by writing, deploy and test your first smart contract ... Our intention is to make new technologies & emerging tools installation easy for students, beginners & experienced professionals. Execution of Smart Contract functionality by deploying smart ...

https://binaryoptiontrade-arabic-trade-brocker.binaryoptionsoftware.co.uk