Ethereum & Smart Contracts

CSCE 678

Limitations of Cryptocurrencies

• Cryptocurrencies like Bitcoins (or Zcash/Monero)

only support coin transactions

• <Alice, 50 BTC, Bob>

• Very specific transaction structures

• To extend transactions, you need to fork the network

• What if you want to do other things?

• Examples?

2

Ethereum

• Blockchain + Programmable transactions

• An expressive language for writing Smart Contracts

• Decentralized Apps (DApps):web services without centralized providers (like AWS)

• All DApps can run on a public blockchain

3

Smart Contracts

• Turing-complete programs to process digital assets

• Transferring money

• Storing records

• Selling digital items (in-game sales)

• Online voting

• Think about a Java program:

• Runs in a VM (like a JVM)

• Bytecode instructions

• Some memory and storage

4

Example

contract Notary {

bytes32 public proof;

function notarize(string doc) public {

proof = sha256(doc);

}

}

5

Solidity language(close to Javascript)

Stored on blockchain

Invoke on private account

Example

contract Notary {

bytes32 public proof;

function notarize(string doc) public {

proof = sha256(doc);

}

}

6

Bytecode6060604052341561000f57600080fd5b5b61023b8061001f6000396000f30060606040526000357c0100000000000000000...

PUSH1 0x60PUSH1 0x40MSTORE

CALLVALUEISZERO

PUSH2 0xF...

Disassemble

Solidity language(close to Javascript)

Tx Structure

• Tx consists of:

• Nonce: a random number

• To: destination

• Value: ETHs to transfer

• Data: data for the contract

• Gasprice: number of ETHs per gas unit

• Maxgas: maximum gas units

• Signature: signature of the Tx

7

Return: Tx address

Depends ontransaction types

Deploying a Contract

• Tx consists of:

• Nonce: previous Nonce + 1

• To: N/A

• Value: 0 ETH

• Data: contract bytecode

• Gasprice: number of ETHs per gas unit

• Maxgas: maximum gas units

• Signature: signature of the Tx

8

Return: Contract address

Invoking a Contract

• Tx consists of:

• Nonce: previous Nonce + 1

• To: contract address

• Value: 0 ETH

• Data: {function, input}

• Gasprice: number of ETHs per gas unit

• Maxgas: maximum gas units

• Signature: signature of the Tx

9

Return: Address to retrieve return value

Submitting a Tx to Blockchain

• Very similar to Bitcoin

10

Alice

TxTx

Tx

Tx

Tx

Submitting a Tx to Blockchain

• Very similar to Bitcoin

11

Alice

TxTx

Tx

Tx

Tx

Miner

Tx

TxTx

PrevHash

ThisHash

…

newblock

Miner

New state

(1) Proof-of-Work(2) Execute all Txs(3) Update new state

Submitting a Tx to Blockchain

• Very similar to Bitcoin

12

Alice

TxTx

Tx

Tx

Tx

Miner

Tx

TxTx

PrevHash

ThisHash

…

newblock

Miner

New state

Verify

States in Blocks

• Each block stores a Merkle root of the current state

13

Tx

PrevHash

ThisHash

…

New state

Tx

PrevHash

ThisHash

…

New state

Previous State Current State

Tx

Tx

…

Replicateto miners& users

Bitcoin vs Ethereum

• Bitcoin: miners (& other users) only has to verify if

money is double-spent

• Ethereum: all miners & users who want to verify

need to run every transaction

14

Tx

Tx

…Tx

PrevHash

ThisHash

…

New state

Verify

Tx

Tx

…

Tx

Tx

…

Executing Contract Code

15

PUSH1 0x60PUSH1 0x40MSTORE

CALLVALUEISZERO

PUSH2 0xF...

PC: 0PC: 1PC: 2PC: 3PC: 4PC: 5PC: 6

EthereumVirtual

Machine(EVM)

New state

StackLocal variables

Safe to Execute Contract?

• No memory attack: Type-safe and isolated

• DoS (Denial-of-service) attack:

What if a contract has a infinite loop?

16

Max Gas

• Senders set a max gas to each Tx

• Each instruction has a gas cost

• Tx is abandoned when there is no more gas left

• Each block also has a gas limit

(max total gas spent)

17

Instr Gas

ADD 3

MUL 5

SUB 3

DIV 5

JUMP 8

SLOAD 50

Max Gas and Gas Price

• Set max gas too high:

Expensive Tx fee

• Set max gas too low:

Out of gas

18

Tx fee = gas price (i.e., ETH/gas) * max gas

• Set gas price too high:

Expensive Tx fee

• Set gas price too low:

Miners refuse to run the Tx

https://ethgasstation.info/Gas price information:

Scalability Problem

• Ethereum is NOT scalable

• Every miner and user needs to run every transaction

• Same data is replicated to every node

• Gas limit on each block:

• Too small: cannot run a large contract (like an OS)

• Too big: can’t stop DoS attack

19

Scalability Problem

20

By 2017, Cryptokitties accounts for 10%of transactions on Ethereum.

Scalability Solution: Sharding

• Split the network into partitions

• Each shard has its own blockchain and global state

• User only run part of transactions

• Cross-shard transaction is future work

• Security problem:

• With 100 shards, 51% attack ➔ 0.51% attack

• Solution: randomize sharding, so that users can’t predict which shards they are in

21