Skip to content

Motivation

Blockchain technology for other applications.

Develop on top of Bitcoin

Bitcoin Contracts

Cumbersome to use

Limited applications: not even possible to create a simple key-value store.

Requires "thinking as a cryptographer" rather than as a programmer.

Colored Coins

Colored coins allow to use Bitcoin for assets.

Idea: exploit metadata to assign a color to some bitcoins.

Overlay currencies

  • Metadata can store everything, within the size limits.
  • Exploit Bitcoin as a ledger to register the creation and transfers of your own currency
  • Pros: easy to implement, inherits security from Bitcoin
  • Cons: Users need to check the entire blockchain for validating a new transaction

Towards Ethereum

Colored coins and overlay currencies are just workarounds.

Bitcoin scripting language is not very expressive

In 2013, a new blockchain platform was proposed, Ethereum was launched in 2015.

Ethereum is a blockchain platform with a computer embedded in it. Such computer has a state which every node of the network agrees on.

Users can submit requests to perform computations and change the state.

Programs running on Ethereum are called smart contracts.

Ethereum comes with a cryptocurrency called Ether.

Accounts and Transactions

Accounts

Externally Owned Accounts (EOA): similar to Bitcoin accounts, they correspond to a public key pair. Controlled by the owner of the private key.

Contract accounts: accounts associated to smart contracts. Contract accounts do not have an associated key pair, so can not submit transactions to the blockchain. They are controlled by code.

Each account is associated with a balance (amount of Ether owned by the user or contract)

Ethereum uses the account model, instead of UTXO of Bitcoin.

Account Model

In the account model, transactions just update the state.

Transaction

Ethereum transactions can be one of the 3 types:

  • Currency transfer transactions: They just transfer some amount of currency from the sender to the receiver
  • Contract deployment transactions: They register the creation of a new contract in the blockchain.
  • Contract call transactions: They request the execution of a deployed smart contract with the given parameters

Only EOA can send transactions.

Transactions need t be signed by the sender.

Transactions are atomic and are executed sequentially.

On replay attacks:

  • Suppose A signs and submit a transaction where pays B.
  • B may obtain the transaction and resubmit it. Does B get paid twice? NO! Transactions also contain a nonce field which needs to be the same as the nonce of the sender account. Every time a transaction is appended to the blockchain, the account nonce is updated.

Smart Contracts and the Ethereum Virtual Machine

"Contracts" are like "autonomous agents" that live inside of the Ethereum execution environment.

Smart Contracts

Ethereum smart contracts are programs running on the blockchain.

Smart contracts are created and called by users.

A smart contract only gets executed in response to a call from a user or another contract.

Calls to contracts needs to be started by some user.

Smart contracts are executed in a runtime called Ethereum Virtual Machine (EVM)

EVM

EVM executes code written in a stack-based language.

Unlike Bitcoin scripting language, EVM code allows arbitrary jumps (loop)

Operations for:

  • Transferring currency
  • Calling other contracts
  • Access to volatile memory and persistent storage

Storage

Persistent storage is implemented as a key value store

Both keys and values are bitstrings of length \(256\).

Values are initially set to \(0\).

Immutability of Contracts

Once deployed in the blockchain, contracts cannot be modified.

EVM op-code SELFDESTRUCT can be used to kill the contract.

Killed contracts cannot be called anymore, and Ether sent to them is lost forever.

SELFDESTRUCT can only be executed by the contract itself.

Gas

EVM language is Turing-complete, without mechanism for enforcing termination contracts may loop forever. A single buggy contract could stop the blockchain functioning.

Ethereum enforces termination using gas.

  • The idea is that contract execution consumes gas (more executed instructions - more gas spent)
  • Each transaction comes with a GASLIMIT value. If the amount of consumed gas exceeds GASLIMIT the transaction is aborted.
  • Consumed gas is paid in Ether to the block proposer. If the transaction is aborted, the block creator still gets paid.
  • If the transaction terminates correctly, the amount of unspent gas is returned to the caller.

Besides enforcing termination, gas is also a mechanism for rewarding validators for their work.

The caller also specifies a gas price in Ether

The fee is therefore the amount of gas spent times the gas price

Transactions with low gas price may be ignored by validators

Transactions with high gas price are more likely to be added to the next block.

Language - Solidity

On Programming Smart Contracts

Programming directly with EVM op-codes is impractical.

Higher level languages can be compiled to EVM op-codes

New languages: Solidity, Viper...

Solidity

It is an object oriented language influenced by JavaScript, Python and C++

A solidity smart contract consists of state variables, functions and other features.

State variables values are saved in the persistent storage of EVM.

Functions execute their code updating the state variables, transferring currency, calling and creating new contracts.

An Ethereum transaction that calls a contract specifies a function and the parameters.

Solidity Contracts

They are similar to the classes of object-oriented languages.

They contains data fields and functions.

Functions marked as external are part of the contract interface and can be called by users or other contracts.

Types

Value types: bool, int, uint, int8, int16, ...

Value types: address, address payable

Reference types: array, struct, string, ...

Mapping types: mapping

Mappings

Mappings are data structures that associated a value to a key.

Similar to Python dictionaries

Widely used in Solidity for storing balances of custom assets.

Mappings in solidity are necessarily save in persistent storage.

Declaration: mapping(address => uint) myCoinBalance

Assignment: myCoinBalance[addr] = expr

Read: var = myCoinBalance[addr]

Contracts

Contracts can have a constructor, which is called when the contract is deployed in the blockchain

Functions and state variables have visibility rules (public, private, ...)

The special global variable msg contains information about the transaction calling the contract

Functions marked as payable can receive Ether. If msg.value is not empty and the function is not payable, the transaction is reverted.

revert() aborts the current transaction

Receive Function

When a contract receives a payment from a user or from another contract, its receive function is called.

By default, receive does nothing. Can be overriden. Useful to key track of received payments.

Sending Ether

Contracts can send Ether to users and contracts

Transfer and Send -> safe transfer of Ether as they have a small gas limit.

Call -> can call arbitrary function of a contract, possibly with value. If an empty function is specified, receive is called: callvalue: msg.value("")

Other Attacks

Decentralized EXchange (DEX) are smart contracts that allow to buy and sell assets without intermediators.

Prices are automatically updated according to some formula

A bug in the price update function of a DEX called MONOX caused a loss of 30 million$ to investors.