Ethereum - Smart Contracts and Blockchain Principles

Ethereum is the most interesting blockchain platform right now. I have lots of interest in IOTA and HashGraph because they claim to solve scalability problems that ethereum and pretty much most of platforms/token have, however they don't have as big adoption and rich ecosystem as ethereum has. Blockchain got popular in 2009 thanks to Bitcoin paper but the market and development industry still pretty new. Ethereum allows us to create Smart Contracts which are far more powerful then what you got when you work with bitcoins. Most of the ideas in blockchain and ethereum platform are not new, they are pretty old concepts like Cryptography, Immutability, Distributed Computing, and Consensus Algorithms. Clearly, the Financial sector was the first application field for blockchain, however, we are not limited to financial applications and we could use for many other industries like HealthCare, Agriculture, Energy, Real estate, Legal, Insurance, Education, Gov and many others. Here you can check out other uses cases. Today I want to share some insights with you about Solidity which is an Ethereum high-level language for smart contracts that run on EVM(Ethereum Virtual Machine).


What is blockchain all about?

Basically in one word: "trust" or lack of "trust". It's all about "trust". The blockchain is about distributed ledger which means that all peers have access to read the ledger. Transactions are cryptographed so no one can see who is who. Another very important aspect about blockchain is the fact that is immutable, once you write something in a "block" you cant rollback. You will need to write another block or deploy a new version of a smart contract that knows how to deal with a "potential" change or mistake you made. You might be wondering that distributed systems are not new at all - so whats the difference? Let's think about Peer-2-Peer systems, well they are not that different but blockchain also is about immutability and the ability to check if the data was "changed" thanks to the cryptography you can prove is correct and have not been changed. Why is all that? It's all about of lack of trust, so you don't trust a central server and lots of servers can read and write the blockchain. What applications can I build? What is the killer APP? - Well, there is no killer app - you build the similar application as you would do without blockchain but with more "transparency".

Some people might claim that blockchain also provides an interface for autonomous systems, let's say a self-driving car could use ethereum to pay a toll or pick the cheapest road all driven my ethereum smart contracts and APIS. However, same could be archived without ethereum or any other blockchain but in a "centralized" non-trusted-traditional-fashion.

What about Security - Could we remove fraud?

Some people claim that blockchain is more secure and fix some problems we have in real life, however, this is not 100% true since the border between something that is not on the blockchain and the moment it enters on the chain is a moment where "cheat" can happen. You might say but I mine and with mining, it can be 100% guarantee that block is mine - that's true but this is not the case. Also, you might say I have a wallet with 3 different passwords(good luck if you lose the password :D), what If I manage to get your 3 passwords with simple social engineering technique? Or if you are passing WRONG information. So Fraud can happen folks. There is no system that is 100% PROF against fraud.

Public and Private Networks

Most of the people think they need a "Coin" for all the things. That's not necessarily true. Also, we don't need use ethereum public network and we can set up a private network where we only allow some parts to join the network. Needless to say that private networks are more secure and more easy to manage and control. Ethereum public network makes sense if you want to create something that the whole world can access and consume pretty easily. Let's say we are building a B2B solution and we just need 100 companies to access this data so we can perfectly make a private network, even if we need 1K or100K people to access if we could make with a pivate network. So is all about privacy and permissions control at the end of the day. But is important to consider this as a design element we should not consider that in ethereum everything needs to go to public network.

Solidity 101

Ether is the Cryptocurrency of Ethereum. Everything you do in an ethereum solidity smart contract cost gas(ether). There are 2 big entity involved in transactions(messages) which are wallets and smart contracts.

We are just getting started with Solidity. I don't mean in this block post but I mean in the market, currently:

"94% of the contracts were called less than 10 times
5% of the contracts were called between 10 and 100 times"
-- Source.

Solidity has lots of constructs like other languages such as:

  • Primitive Types
  • Strings
  • IF/Else
  • For Loops
  • Mappings(K/V stores like Maps/Dicts)
  • Arrays
  • Structs
  • Contracts (like classes)
  • Multiple Inheritance(Contracts can extend other contracts)
  • Events
  • require (in order to do validations)
  • and much more

Smart Contracts are like classes and they can have public or private methods. You also can enforce some method to be called only if there is an external transaction(internal | external). Solidity compiles the contracts and performs checks for us. Solidity syntax is similar to JavaScript.

Contracts might call another contract just call themselves if needed. You also create "libraries" which allow you to make the reusable code in ethereum or "frameworks". Ethereum is pretty annoying is because you can make some math overflows but there are libraries that can help you with that. Like SafeMath for instance.

Smart Contracts can be viewed and pure RPC mechanism(do something write and get out) or also as State Machine where are you write things you might go to the next state and them run other code, but all that in an immutable way(I don't imply a long-running job here).

Ethereum has a browser ide for a development called REMIX(formerly called browser-solidity). Let's see and simple solidity code.



Here we have a solidity smart contract called helloWorld with a public method called renderHelloWorld. This method is "pure" which means they promise not to change the blockchain state and just READ it and this method returns a string.

Gas Consumption

This is one of the most interesting concepts. Basically, every line of code, every instruction you do in solidity cost money. Value is something hard to define sometime but the cost is pretty easy. this is great because now good programming practices make you save money literally. Solidity has this concept of things you do in memory vs things you write on the contract which cost more money obviously.

Ether is the Cryptocurrency of Ethereum. Everything you do in an ethereum solidity smart contract cost gas(ether). There are 2 big entity involved in transactions(messages) which are wallets and smart contracts.

You can use For Loops in ethereum(like in any language) is often a bad idea if you are not sure about how many elements are to be looped. For Loops are O(N) and they also make the execution time unpredictable(a.k.a not contact time) in ethereum this is way worst since it could cost more and more GAS over time.

Ethereum has great toolset so you can see how much money/gas a contact is costing before deploying the contract. This is something we need pay lots of attention. Because is not only about money or saving money but also about bad user experience, since a longer execution time means more latency and often is bad. Some people might consider latency fine and also say that ethereum scales out -- that's why they are making a comparison with old solutions banks use today whoever when we compare to efficient financial systems like VISA/MASTER credit card we can see that ethereum/blockchains don't scale to that level(high-frequency systems).

Microservices and Ethereum

Ethereum is a "distributed" log where everybody can see the DATA. So is like a "distributed" database that can be used as the source of truth for some kind of Data. However, you could build an application just using ethereum, several times applications need additional features like caches to speed up processing time(I'm not saying you can put a cache in ethereum and speed up transactions - because you cant), most of times we need search things, so we might need a search engine or we have so much data we need a queue and throttling. Ethereum is not a NoSQL database, Ethereum is not a full-text search engine. Having said that and considering pretty much all companies have microservices is possible to make microservices talk to smart contract in a kind of hybrid application. You might hide Ethereum networks behind Microservices and make services talk to each other like ethereum don't exist or expose ethereum network direct to clients. It's fine to have interaction between microservices and ethereum - actually that's what I expect. It's hard to see efficient applications just working with ethereum since entering problems won't go away and ethereum is not a silver bullet.

Cheers,
Diego Pacheco

Popular posts from this blog

Kafka Streams with Java 15

Image
Kafka Streams is a Streaming library similar to Spark and Flink which works with Apache Kafka. Kafka stream can be useful to process historical and near-real-time big data workloads but also for non-realtime analytical computations at scale for the online world as well. Kafka-Streams is elastic, highly scalable, fault-tolerant, and fully integrated with Kafka. You can use Kafka Stream with Java, Scala, Kotlin JVM applications and also have exactly-once processing semantics. Kafka-Streams is being used by the New York Times, Pinterest, Line, Trivago, Zalando, and many other companies. Today I want to share a video of Kafka-Streams running with Kafka 2.6 and Java JDK 15. So Let's get started. 
read more »

Rust and Java Interoperability

Image
Rust does not stop for one second to amaze me. It looks like Rust was designed to talk to every other language so easily. No kidding, it's clear way Web Assembly and rust have lots in common. Java is never an easy lang to interop with. Today I will show how easily we can interop Java & Rust. In order to do so, we will need to use the Java and Rust compilers. For Java, we will not require any other lib than the standard JDK. For Rust, we will need to create a lib project in cargo and we will need to use the crate JNI. I love this feature because java does not allow low-level code on the main language. So if we need to do something low level, efficiently Rust is my first choice, not only for safety reasons but because is really fast.  Let's get started.
read more »

HMAC in Java

Image
In 2018 AWS CTO(Vogels) said : "Security is everyone's job". For the last 2 years, there was so many famous and big data leaks and breaks that made that statement be very true more than ever. Security often could mean worst performance and worst user experience so in order to get it right you really need to think about the designs before jumping into to code and consider performance and user experience has main requirements.  I was thinking about writing about how to do HMAC in Java for a while and recently Redis 6.0.0 come out and to my surprise, there was a refactoring on the password part in order to use HMAC.  Security easily could scare engineers often because it is not something well spread yet but I believe this will change soon. It does not matter if you have to deal with PII Data or not, security is super relevant because everybody is running their workloads at the cloud or with IoT and Edge devices which means more distribution, more code, more points of fail
read more »