Table of Contents

Open all
Close all
Foreword
21
Preface
25
1 Introduction
29
1.1 What Is Blockchain?
29
1.1.1 Challenges of the Internet
29
1.1.2 The Blockchain
32
1.1.3 The Blockchain as a Problem Solver
35
1.2 History of Blockchain
36
1.2.1 Pioneers of Blockchain
36
1.2.2 Bitcoin
37
1.2.3 Altcoins
41
1.2.4 Blockchain 2.0
43
1.2.5 The Present and the Future
46
1.3 Application of Blockchain Technology
47
1.3.1 Decision Criteria for the Blockchain
47
1.3.2 Blockchain Variants
49
1.3.3 Industries with Blockchain Potential
52
1.3.4 Real-Life Examples of Blockchain Applications
57
1.4 Summary
66
2 The Basics: How Blockchain Works
69
2.1 Cryptography Basics
69
2.1.1 Introduction to Cryptography
69
2.1.2 Elliptic Curve Cryptography
73
2.1.3 Cryptographic Hash Functions
76
2.2 The Blockchain
81
2.2.1 Transactions
82
2.2.2 From Block to Blockchain
87
2.2.3 The Blockchain System
90
2.2.4 Evolution of the Bitcoin Blockchain
103
2.3 Alternative Consensus Models
111
2.3.1 Proof-of-Stake
112
2.3.2 Delegated Byzantine Fault Tolerance
114
2.3.3 Proof-of-Activity
115
2.3.4 Proof-of-Importance
115
2.3.5 Proof-of-Authority
116
2.3.6 Proof-of-Reputation
116
2.3.7 Proof-of-Capacity or Proof-of-Space
117
2.3.8 Proof-of-Elapsed-Time
118
2.3.9 Proof-of-Burn
118
2.4 Blockchain Security
119
2.4.1 Blockchain and Information Security
119
2.4.2 Attack Scenarios
121
2.5 Summary
128
3 Ethereum: Blockchain 2.0
131
3.1 Basics of Ethereum
132
3.1.1 State Machine
132
3.1.2 Merkle Patricia Trie
132
3.1.3 Accounts and State Trie
135
3.1.4 Transactions and the Transaction Trie
138
3.1.5 Receipts and Receipts Trie
142
3.2 From Blocks to Blockchain 2.0
144
3.2.1 Execution Payload and Execution Payload Header
144
3.2.2 Beacon Block Body
147
3.2.3 Beacon Block and Beacon Block Header
149
3.3 The Blockchain System 2.0
152
3.3.1 The Node
152
3.3.2 The Ethereum Virtual Machine
155
3.3.3 The Network
157
3.3.4 Proof-of-Stake: The Consensus Mechanism
160
3.4 Further Development of the Ethereum Platform
170
3.4.1 Vulnerabilities and Problems
170
3.4.2 Additional Services: Swarm and Ethereum Name Service
171
3.4.3 Layer 2: Bringing Ethereum to the Next Level
173
3.4.4 Danksharding: A Scalable Future
175
3.4.5 Is the Future Stateless?
176
3.5 Summary
177
4 Fundamentals of Creating Your Own Blockchain
179
4.1 Transactions: The Smallest Units of a Blockchain
181
4.2 Block Header: Calculating the Block ID
183
4.3 Chaining Blocks
184
4.4 Storing the Blockchain State Persistently
186
4.5 The Genesis Block: Initializing a Blockchain
188
4.6 Pending Transactions
189
4.7 The Difficulty of a Blockchain
191
4.8 Let’s Mine: The Miner Thread
192
4.9 Summary and Outlook
196
5 Implementing a Web API for the Blockchain
199
5.1 The Endpoints of the Web API
200
5.1.1 Implementing the Endpoint for Blocks
202
5.1.2 Implementing the Endpoint for Transactions
204
5.2 Deploying the Web API
205
5.2.1 Creating the Configuration for Resources
205
5.2.2 Preparing an Embedded Tomcat Server
207
5.2.3 Verifying the JSON Representations
207
5.3 Sending Transactions via a Web Interface
209
5.4 Implementing Your Own Block Explorer
212
5.4.1 Exploring Transactions
213
5.4.2 Exploring Blocks
214
5.4.3 Implementing a Landing Page with Search Bar
217
5.5 Summary and Outlook
219
6 Implementing a Peer-to-Peer Network
221
6.1 Configuration of the Peer-to-Peer Framework
222
6.2 Broadcasting Transactions to the Network
225
6.3 Broadcasting Blocks to the Network
228
6.4 The Longest Chain Rule
229
6.4.1 Storing and Switching Chain Forks
229
6.4.2 Synchronizing Pending Transactions after Switching Chains
232
6.5 Adding New Nodes to the Network
233
6.6 Summary and Outlook
235
7 Introducing Accounts and Balances
237
7.1 Rewarding Miners
238
7.1.1 Assigning Accounts to Miners
238
7.1.2 Storing Accounts Persistently
239
7.1.3 Assigning Miners to Blocks
240
7.2 Managing Accounts
241
7.2.1 Storing Accounts
241
7.2.2 Initializing and Updating Accounts
243
7.2.3 Providing Account Data via the Web API
244
7.3 Integrating Accounts
245
7.4 Integrating Accounts into the Block Explorer
246
7.4.1 Account Lookup via Block Explorer
246
7.4.2 Generating Accounts via a Web Client
248
7.4.3 Linking and Searching Accounts via the Block Explorer
250
7.5 Summary and Outlook
251
8 Implementing Verification and Optimizations
253
8.1 Signing Transactions
253
8.1.1 Introducing Digital Signatures to the Web Client
254
8.1.2 Supporting Digital Signatures in the Backend
255
8.2 Enforcing Constraints
256
8.2.1 Verifying Transactions
257
8.2.2 Verifying Blocks
258
8.3 Locking and Unlocking Balances
258
8.4 Optimizing Performance via Merkle Trees
261
8.4.1 Creating the Structure of a Merkle Tree
261
8.4.2 Using the Merkle Tree via the Web API
263
8.5 Optimizing Storage by Shortening the Public Keys
264
8.6 Supporting Initial Balances in the Genesis Block
265
8.7 Additional Optimizations
266
8.8 Summary and Outlook
267
9 Smart Contract Development
269
9.1 Smart Contract Basics
270
9.2 Simple Smart Contracts with Bitcoin Script
272
9.2.1 Introduction to Bitcoin Script
272
9.2.2 Smart Contracts with Bitcoin Script
275
9.2.3 Higher Programming Languages for Bitcoin
278
9.3 Advanced Smart Contracts
279
9.3.1 Bitcoin Extensions
279
9.3.2 Smart Contracts with Ethereum
281
9.4 Contract-Oriented Programming
282
9.4.1 Similarities to and Differences from Object-Oriented Programming
282
9.4.2 Developing Meaningful Contracts
283
9.4.3 Composability of Smart Contracts
285
9.5 The Challenge of Random Number Generators
287
9.5.1 Using Block Variables
287
9.5.2 Using Sequential Numbers
288
9.5.3 Using Two-Stage Lotteries
288
9.5.4 Determining Randomness Off-Chain
289
9.6 Trusting Off-Chain Data
291
9.7 Time Dependencies
292
9.7.1 Checking Time Dependencies via the Block Time
292
9.7.2 Using Off-Chain Services
292
9.8 Summary and Outlook
293
10 Integrated Development Environments and Frameworks
295
10.1 Integrated Development Environments
295
10.1.1 Remix: The Official IDE
295
10.1.2 ChainIDE: A Cloud-Based, Multichain IDE
297
10.1.3 Tenderly Sandbox: An IDE for Fast Prototyping
297
10.1.4 Additional Web-Based IDEs
298
10.1.5 Desktop IDEs
298
10.1.6 Choosing Your IDE
299
10.2 Contract-Oriented Frameworks
300
10.2.1 The Truffle Suite
300
10.2.2 The Hardhat Development Environment
304
10.2.3 The Modular Toolkit Foundry
308
10.2.4 Local Blockchain Nodes
311
10.2.5 Choosing Your Framework
312
10.3 Summary and Outlook
313
11 An Introduction to Solidity
315
11.1 The Basics of Solidity
315
11.1.1 Structure of a Source File
316
11.1.2 Creating Your First Smart Contract
316
11.1.3 Deploying Your First Smart Contract Locally
317
11.2 Elements and Data Locations of a Contract
319
11.2.1 Understanding Data Locations
320
11.2.2 Specifying Visibility in Solidity
322
11.2.3 Using and Defining Modifiers
323
11.2.4 Declaring and Initializing State Variables
325
11.2.5 Creating and Destroying Contracts
325
11.2.6 Implementing Functions
326
11.2.7 Defining and Using Events for Logging
327
11.3 Available Data Types
331
11.3.1 Using Primitive Data Types
331
11.3.2 Defining Addresses
332
11.3.3 Creating and Using Arrays
333
11.3.4 Multidimensional Arrays and Their Limitations
335
11.3.5 Defining Structs and Enums
336
11.3.6 Understanding Mappings
338
11.3.7 Defining Storage Pointers as Function Parameters
339
11.3.8 Using Functions as Variables
339
11.4 Additional Features of Solidity
340
11.4.1 Understanding L-Values
340
11.4.2 Deleting Variables and Freeing Storage
340
11.4.3 Converting Elementary Data Types to Each Other
341
11.4.4 Utilizing Type Inference
342
11.4.5 The Fallback and Receive Functions
342
11.4.6 Checked versus Unchecked Arithmetic
344
11.4.7 Error Handling with Assert, Require, Revert, and Exceptions
345
11.5 Creating Inheritance Hierarchies of Smart Contracts
347
11.5.1 How Does Contract Inheritance Work?
348
11.5.2 Using Abstract Contracts
348
11.5.3 Defining Interfaces in Solidity
349
11.5.4 Applying Polymorphism Correctly
350
11.5.5 Overloading Functions
351
11.6 Creating and Using Libraries
352
11.6.1 Implementing Your Own Library
353
11.6.2 Using Libraries in Contracts
354
11.6.3 Extending Data Types with Libraries
356
11.7 Summary and Outlook
356
12 Digging Deeper into Solidity
359
12.1 Low-Level Functions in Solidity
359
12.1.1 Low-Level Functions for Address Payable
360
12.1.2 Low-Level Functions for Any Address Type
361
12.2 Using Assembly in Solidity Smart Contracts
363
12.2.1 Applying Inline Assembly
363
12.2.2 Transient Storage Opcodes
365
12.2.3 Accessing Variables in Inline Assembly
366
12.2.4 Using the Functional Style for Inline Assembly
367
12.2.5 Using Instructions for Inline Assembly
369
12.2.6 The Yul Intermediate Language
371
12.3 Internal Layouts of Data Locations
371
12.3.1 Internal Layout in Storage
371
12.3.2 Internal Layout in Memory
373
12.3.3 Internal Layout in Calldata
374
12.4 Understanding the Contract ABI
375
12.5 Understanding the Bytecode Representation of Smart Contracts
376
12.6 Summary and Outlook
378
13 Testing and Debugging Smart Contracts
381
13.1 Testing Contracts with Remix
382
13.1.1 Writing and Running Solidity-Based Unit Tests in Remix
382
13.1.2 Writing and Running JavaScript-Based Unit Tests in Remix
385
13.1.3 Using the Command Line Interface for Remix Tests
386
13.2 Implementing Tests with Foundry
386
13.2.1 Writing Common Unit Tests
387
13.2.2 Using Cheatcodes in Foundry
389
13.3 Implementing Tests with Hardhat
391
13.4 Debugging Smart Contracts
394
13.4.1 Debugging Contracts in Remix
394
13.4.2 Debugging Contracts in Foundry
395
13.5 Fork Testing Ethereum-Based Chains
396
13.6 Summary and Outlook
398
14 Understanding and Optimizing Gas Costs
401
14.1 Understanding Gas Costs in Ethereum
401
14.2 Understanding the Compiler Optimizer
405
14.3 Basic Guidelines for Gas Optimization
407
14.4 Optimizations Derived from Traditional Efficiency Rules
411
14.5 Advanced Gas Optimization
414
14.6 Expert Gas Optimizations
418
14.6.1 Use Access Lists
418
14.6.2 Implement Input Compression
420
14.6.3 Write Yul or Huff Contracts
422
14.7 Additional Optimizations for Different Use Cases
423
14.8 Helpful Tools for Gas Optimizations
424
14.9 Summary and Outlook
425
15 Protecting and Securing Smart Contracts
427
15.1 General Security Recommendations
427
15.1.1 Specify Visibilities Explicitly
428
15.1.2 Define Constructors Only Through the Keyword
428
15.1.3 Always Initialize Storage Pointers
428
15.1.4 Keep Race Conditions in Mind
429
15.1.5 Check Return Values of Low-Level Functions
429
15.1.6 Consider Manipulations by Miners
430
15.1.7 Don’t Expose Data
430
15.1.8 Stay Up to Date with the Smart Contract Security Field Guide
430
15.2 Example Attacks on Smart Contracts
431
15.2.1 Smuggling Ether into Contracts
431
15.2.2 Handling Arithmetic Overflows and Underflows
434
15.2.3 Manipulating State with Delegate Calls
436
15.2.4 Performing Reentrancy Attacks
439
15.2.5 Performing Denial-of-Service Attacks
442
15.2.6 Beware of Gas-Siphoning Attacks
444
15.2.7 Exploiting ABI Hash Collisions
447
15.2.8 Beware of Griefing Attacks
449
15.3 Auditing Smart Contracts via Slither
454
15.4 Summary and Outlook
455
16 Deploying and Managing Smart Contracts
457
16.1 Setting Up MetaMask and Using Accounts
458
16.2 Deploying Contracts with Remix and MetaMask
459
16.3 Deploying Contracts with Foundry
462
16.4 Deploying Contracts with Hardhat
465
16.5 Publishing and Verifying Code on Etherscan
469
16.6 Setting Up and Running Your Own Ethereum Node
472
16.7 Managing Contracts after Deployment
474
16.7.1 Managing Contracts via Remix
475
16.7.2 Managing Contracts via Foundry and Hardhat
476
16.8 Summary and Outlook
476
17 Standards, Libraries, and Design Patterns
479
17.1 ERC-173 Contract Ownership Standard
479
17.1.1 Motivations
480
17.1.2 Specifications
480
17.1.3 Implementations
480
17.2 ERC-165 Standardized Interface Detection
481
17.2.1 Motivations
482
17.2.2 Specifications
482
17.2.3 Implementations
483
17.3 ERC-20 Token Standard
485
17.3.1 Motivations
485
17.3.2 Specifications
486
17.3.3 Implementations
487
17.4 ERC-777 Token Standard
488
17.4.1 Motivations
488
17.4.2 Specifications
488
17.4.3 Implementations
489
17.5 ERC-721 Non-Fungible Token Standard
489
17.5.1 Motivations
490
17.5.2 Specifications
490
17.5.3 Implementations
494
17.6 ERC-1155 Multi-Token Standard
494
17.6.1 Motivations
495
17.6.2 Specifications
495
17.6.3 Implementations
495
17.7 Using OpenZeppelin Libraries
496
17.8 The Publish-Subscribe Design Pattern
496
17.8.1 Understanding the Structure of the Publish-Subscribe Pattern
497
17.8.2 Implementing the Publish-Subscribe Pattern
497
17.9 The Checks-Effects-Interactions Pattern
500
17.10 Summary and Outlook
500
18 Upgrading Smart Contracts
503
18.1 Basics of Upgrade Mechanisms
503
18.2 Performing Contract Migrations
504
18.2.1 Recovering and Preparing Data for Migrations
505
18.2.2 Writing Data and Initializing the State of the New Contract
506
18.2.3 Migrating an ERC-20 Token Contract as an Example
506
18.3 Separation of Data and Business Logic
508
18.4 The Proxy Pattern
513
18.5 The Diamonds Pattern
517
18.6 Additional Mechanisms and Considerations
520
18.7 The Metamorphic Smart Contract Exploit
521
18.8 Summary and Outlook
526
19 Developing Decentralized Applications
529
19.1 What Is a Decentralized Application?
529
19.2 The Development Process for a DApp
530
19.3 Developing the Smart Contracts of Your First DApp
533
19.4 Developing the Off-Chain Elements of Your First DApp
537
19.5 Hosting the Frontend of Your First DApp in a Decentralized Manner
543
19.6 Setting Up ENS Domains
545
19.6.1 Introduction to ENS Domains
545
19.6.2 Registering an ENS Domain
547
19.6.3 Linking an ENS Domain to an IPFS Content Hash
549
19.7 Summary and Outlook
550
20 Upgrading Your First DApp to a DAO
553
20.1 What Is a Decentralized Autonomous Organization?
553
20.2 Implementing a Governance Contract for Your DAO
554
20.3 Implementing the Frontend with Vue.js and Ethers.js
558
20.3.1 Introduction to Ethers.js
558
20.3.2 Implementing a Vue Frontend with Components
559
20.3.3 Additional Features of Ethers.js
567
20.4 Ideas for Additional Backend and Oracle Services
568
20.5 Deploying Your DApp and Assigning an ENS Domain
569
20.6 Additional Frameworks, Tools, and Libraries
569
20.7 Summary and Outlook
571
21 Reverse Engineering Smart Contracts
573
21.1 Why Reverse Engineer?
573
21.2 Manual Reverse Engineering
575
21.3 Manual Recovery of a Contract ABI
586
21.4 Tools for Reverse Engineering Smart Contracts
590
21.5 Summary and Outlook
594
22 Additional Contract-Oriented Programming Languages
595
22.1 Yul: The Intermediate Language for Different Backends
596
22.1.1 Implementing Yul Contracts
597
22.1.2 Compiling Yul Contracts
599
22.1.3 Deploying Yul Contracts
600
22.1.4 Testing Yul Contracts
602
22.2 Huff: Highly Optimized Smart Contracts
605
22.2.1 Implementing Huff Contracts
607
22.2.2 Compiling Huff Contracts
608
22.2.3 Deploying Huff Contracts
609
22.2.4 Testing Huff Contracts
610
22.3 Vyper: Smart Contracts for Everyone?
610
22.3.1 Goals of Vyper
610
22.3.2 Limitations of Vyper
611
22.3.3 The Syntax of Vyper
612
22.3.4 The Development Cycle
613
22.4 Comparison of Gas Costs
614
22.5 Summary and Outlook
615
23 Applying Blockchain Technologies
617
23.1 Decentralized Finance
617
23.1.1 Decentralized Finance Use Cases
618
23.1.2 Decentralized Exchanges
620
23.2 Developing and Minting NFTs
622
23.2.1 Creating NFTs on OpenSea
623
23.2.2 Generating Huge NFT Collections
624
23.3 Ethereum Layer 2 Solutions
629
23.3.1 Arbitrum
630
23.3.2 Optimism
630
23.4 Other Blockchain 2.0 Projects
631
23.4.1 Solana
631
23.4.2 Avalanche
632
23.5 A Different Blockchain Approach: Ripple
633
23.5.1 The Idea of Ripple
633
23.5.2 The Ledger and the Network
634
23.6 Summary
635
Appendices
637
A Bibliography
637
B The Authors
639
Index
641