Smart Contracts:
An Introduction

Miguel Palhas

@naps62

Crypto

Blockchain

Ethereum

Solidity

Crypto

Blockchain

Ethereum

Solidity

What is a blockchain?

- Un-hackable *

- Fully Decentralized P2P network

- Ordered list of transactions

- Transactions grouped in blocks

- Append-only

- It solves the problem of time

Mining

Merkle Trees


Cryptography
 

Eliptic curves

Proof-of-work

Proof-of-stake


Cryptography
 


Cryptography
 

Wallets

Hardware/Network Layer

Consensus / Mining

Semantic

Smart

Contracts

go here!

Crypto

Blockchain

Ethereum

Solidity

BEGIN TRANSACTION;
UPDATE users
SET admin = 1
WHERE username = 'naps62';

UPDATE users
SET admin = 0
WHERE username != 'naps62';
COMMIT;

But what is it for?

A Web of
TRUST

Economic Systems

Insurance Policies

Proof of Existence

What (really) is a
Smart Contract?

- A piece of code

- Lives on its own, in the blockchain

- A first-class citizen

- Keeps its own state

- Defines the rules to mutate that state

Crypto

Blockchain

Ethereum

Solidity

1. Contracts

contract Bank {
  function Bank() {
    # this is a constructor
  }
}

2. Instance Variables

contract Bank {
  string name;
  mapping (address => uint256) balances;
}

2. Instance Variables

contract Bank {
  string name;
  mapping (address => uint256) balances;

  function Bank(string _name) {
    name = _name;
  }
}

3. Pure Functions

function balanceOf(address account)
public pure returns (uint256)
{
  return balances[account];
}

4. Payable Functions

function deposit()
public payable
{
  balances[msg.sender] += msg.value;
}

5. More functions

function withdraw(uint256 amount)
public
{
  msg.sender.transfer(amount);
  balances[msg.sender] -= amount;
}

Whoops!

5. Fail Early. Fail Hard

function withdraw(uint256 amount)
public
{
  // Ensure we have enough ether
  require(balances[msg.sender] >= amount);

  msg.sender.transfer(amount);
  balances[msg.sender] -= amount;
}

Re-entrancy attacks

- Give me 1,000,000.00 COP

Let me check your balance...
ok, there you go.

Do you want to do anything else?

- Actually... give me another 1,000,000.00 COP!

Let me check your balance...
ok, there you go.

Do you want to do anything else?

I'm good now.

Ok, I'll just update your balance...
here's your card. have a nice day!

Re-entrancy attacks

function withdraw(uint256 amount)
public
{
  // Ensure we have enough ether
  require(balances[msg.sender] >= amount);

  msg.sender.transfer(amount);
  balances[msg.sender] -= amount;
}
contract Bank {
  function withdraw(uint)
  {
    require(balance...);

    msg.sender.transfer(..);

    balances[...] -= amount;
  }
contract TotallyLegitUser {
  function steal()
  {
    bank.withdraw(100);
  }
  // fallback function
  function()
  {
     steal();
  }
function withdraw(uint256 amount) {
  require(...)
  msg.sender.transfer(amount);
  balances[msg.sender] -= amount;
}
function withdraw(uint256 amount) {
  require(...)
  balances[msg.sender] -= amount;
  msg.sender.transfer(amount);
}

So... yeah, this is ending on a low note

PYTHON

HASKELL

Thank you

Miguel Palhas

@naps62

An Introduction to Smart Contracts - ScaleConf Colombia 2018

By Miguel Palhas

An Introduction to Smart Contracts - ScaleConf Colombia 2018

  • 328
Loading comments...

More from Miguel Palhas