2. CONTRACT
• What’s a contract?
• voluntary arrangement between two or more parties
• legally binding agreement
• buying, selling, renting, leasing, insurance, investment, etc.
• actively or inactively perform
6. • What differences does it make?
• value of Blockchain
• whom to trust?
• a person?
• a company?
https://en.wikipedia.org/wiki/Financial_crisis_of_2007–08
• government?
https://en.wikipedia.org/wiki/Watergate_scandal
• or program and mathematics?
• its totally up to you
• reach an agreement with untrustful party
smart contract on blockchain
7. • https://www.thenewslens.com/article/11796
• a washing machine that can buy detergent itself if needed
• without blockchain
• cash flow :
• online payment -> companies that sells detergent -> transportation companies
• what’s the cost?
• time, efforts on checking status and verify
• what if something went wrong?
• how long does it take to find out the problem?
• who will find out the problem?
• how long do I have to wait?
smart contract on blockchain
8. • https://www.thenewslens.com/article/11796
• a washing machine that can buy detergent itself if needed
• with blockchain
• cash flow :
• online payment -> companies that sells detergent -> transportation companies
• what’s the cost?
• transaction fee
• what if something went wrong?
• how long does it take to find out the problem?
• who will find out the problem?
• how long do I have to wait?
smart contract on blockchain
10. • IOT
• a device connecting to Internet?
• machine to machine
• how does it make sure it is not talking to a malicious node?
• can try
• how to make sure what it says is true?
• share same information
• distributed?
• can an IOT device provide such capability in its storage unit?
• decentralized?
BLOCKCHAIN + IOT?
11. • main problems in IOT
• Security
• hardware resource
BLOCKCHAIN + IOT?
13. CHALLENGE
• External Information
• Liquidity
• has no control beyond ledgers
• say you start a bet on tomorrow’s game score…
• how do you provide the score to smart contract?
• fetch the source from outside?
• which source to trust?
• can everyone fetch from the same source?
• will it expire? disappear? change from time to time?
• for now, smart contracts on blockchain can not fetch external information itself
• provided by third party
14. CHALLENGE
• External Information
• Liquidity
• has no control beyond ledgers
• suppose you start an insurance contract with insurance
company, is the money you pay monthly going to stay in there
indefinitely?
• no, like deposit in a bank, the company will make the best
out of the money which means the money will only be
there when something happened…
• then, how can the terms in smart contract be enforced?
15. CHALLENGE
• External Information
• Liquidity
• has no control beyond ledgers
• How do you enforce in the real world? probably by litigation
• but how is smart contract different from legacy contract?
17. Ethereum smart contract
• Turing Complete
• conditional branching
• loop
• ability to change arbitrary amount of memory
18. Ethereum smart contract
• Bitcoin
• Turing incompleteness
• OP_IF, OP_NOTIF, OP_ELSE, OP_ENDIF
• stateless
• stack-based language
• no loop
• made purposely
• prevent costly and infinite computation
19. Ethereum smart contract
• Turing Complete
• conditional branching
• loop
• ability to change arbitrary amount of memory
• powerful
• how to deal with malicious code, e.g. infinite loop?
• gas
• each operation has a price(gas)
• pay for gas where user decides how much to pay per unit gas
• pay with ether
22. Ethereum smart contract
• How does it work?
• 1. write your contract
• 2. compile it to byte
code
• 3. broadcasted and
mined
23. Ethereum smart contract
• How does it work?
• 1. write your contract
• 2. compile it to byte
code
• 3. broadcasted and
mined
• 4. invoke transaction
25. Ethereum smart contract
• How does it work?
• 1. write your contract
• 2. compile it to byte code
• 3. broadcasted and mined
• 4. invoke transaction
https://ethereum.github.io/browser-solidity/
https://github.com/ethereum/go-
ethereum/wiki/Building-Ethereum
https://github.com/ethereum/mist/releases
27. living example : DAO
• Decentralized Autonomous Organization
• by slock.it
• crowdfunding
• vote by your share
• profit by your share
• child DAO
• to prevent abuse of majority voting
28. living example : DAO
• Recursive calling vulnerability
• propose a split -> execute the split -> withdraw
• propose a split -> execute the split -> propose a split ->
execute the split -> withdraw
31. living example : DAO
• function payOut
problem1
• address.call.value(amount)
• supply with enough gas
• if address refers to a contract, it triggers fallback function
• do what whatever you want as long as enough gas remaining
• call to splitDAO again in fallback function
32. living example : DAO
• function splitDAO
problem2
• cleans up his/her balance after sending the money
33. living example : DAO
• counter measure :
• use address.send(amount)
• 2300 gas
• don’t execute address.call.value(amount) to untrusted code
• limit gas in address.call.value(amount)
• address.call.gas(gas_amount).value(amount)
• cleans up the balance before sending money
• then check if sending succed, if not ,rollback
34. living example : DAO
• what happens after?
• votes for hard fork
• choose to stay, becomes ETC
• choose to fork, becomes ETH
• Ethereum foundation, token holders, immutability believers
• too much money to fail? lawsuits?
• what do you believe?