solidity pt 1 solidity idity
play

Solidity Pt. 1 Solidity idity Javascript-like programming language - PowerPoint PPT Presentation

Jan 23, 2023 •315 likes •763 views

Solidity Pt. 1 Solidity idity Javascript-like programming language for writing programs that run on the Ethereum Virtual Machine Domain-specific language that supports abstractions required for operation of smart contracts e.g.

  1. Solidity Pt. 1

  2. Solidity idity  Javascript-like programming language for writing programs that run on the Ethereum Virtual Machine  Domain-specific language that supports abstractions required for operation of smart contracts  e.g. contracts, addresses, ownership, payments, hash functions, block information  Will incrementally learn language using lessons from a guided, on- line Solidity CTF  6 lessons Portland State University CS 410/510 Blockchain Development & Security

  3. Lesson 1-2 Basic language features, modifiers, special functions, Web3 events Mappings, msg object, inheritance, importing code, asserts, exceptions, custom modifiers, storage/memory, calling other contracts

  4. Contrac tract t set setup up  pragma statement to identify compiler version  Note that the syntax of Solidity has changed significantly over time  Language is a moving target  Will learn the version used in the CTFs  contract keyword pragma solidity ^0.4.25; contract HelloWorld { } Portland State University CS 410/510 Blockchain Development & Security

  5. Da Data ta ty type pes  Note: Contract state variables stored on blockchain!  Boolean ( bool )  Signed integers of various widths  int = 256 bits  Can also use smaller versions (to save gas)  int8 , int16 … etc.  Unsigned integers of various widths  uint = 256 bits  Can also use smaller versions (to save gas)  uint8 , uint16 … etc. pragma solidity ^0.4.25; contract ZombieFactory { bool myBool = true; uint my256BitUnsignedInteger = 100; uint8 my8BitUnsignedInteger = 5; } Portland State University CS 410/510 Blockchain Development & Security

  6.  Aside: Typecasting between integers  Must understand the rules for correctness  Implicit cast to higher precision when types mixed uint8 a = 5; uint b = 6; // Type of a * b ?  Throws an error when types not compatible  Product returns a uint not a uint8 // throws an error uint8 c = a * b;  Must perform explicit cast to make work uint8 c = a * uint8(b); Portland State University CS 410/510 Blockchain Development & Security

  7.  Bytes  Dynamic array of bytes  Individual bytes accessed via [] indexing  Strings  Array of characters  Address  20 byte Ethereum address used to send and receive Ether (in units of wei) pragma solidity ^0.4.25; contract ZombieFactory { bytes bytearray = 0xFFFFFFFF; string myName = "Wu-chang Feng"; address myWalletAddr = 0xe9e7034AeD5CE7f5b0D281CFE347B8a5c2c53504; } Portland State University CS 410/510 Blockchain Development & Security

  8.  Arrays  Fixed arrays // Fixed array of 2 unsigned integers uint[2] uintArray; // Fixed Array of 5 strings: string[5] stringArray;  Dynamic arrays // Dynamic array of unsigned integers (can keep growing) uint[] dynamicArray;  Add via Array's built-in push() method dynamicArray.push(5); dynamicArray.push(10); dynamicArray.push(15); Portland State University CS 410/510 Blockchain Development & Security

  9. Arithm ithmetic tic ope perat rator ors + - * / % ** (exponentiation) pragma solidity ^0.4.25; contract ZombieFactory { uint number1 = 10000; uint number2 = 16; uint result1 = 0; uint result2 = 0; result1 = (number1 + number2) * (number1 - number2); result2 = 2 ** 3 ; // 2^3 == 8 } Bi Bitw twis ise e operat erator ors & | ^ ~ << >> Portland State University CS 410/510 Blockchain Development & Security

  10. Logi gical cal ope perat ator ors  Boolean results  Negation, AND, OR ! && ||  Equality and inequality == !=  Magnitude comparisons == != <= >= < > Portland State University CS 410/510 Blockchain Development & Security

  11. Condi nditionals tionals  Common control flow  if, else, while, do, for, break, continue, return function eatBLT(bool likeBLT, uint numBLT) { if (likeBLT && (numBLT > 0)) { numBLT--; eat(); } } if (coin_balance[userId] > 100000000) { // You're rich!!! } else { // You're poor!!! } Portland State University CS 410/510 Blockchain Development & Security

  12.  Example for loop for creating an array of even numbers uint[] evens = new uint[](5); uint counter = 0; for (uint i = 1; i <= 10; i++) { if (i % 2 == 0) { evens[counter] = i; counter++; } } Portland State University CS 410/510 Blockchain Development & Security

  13. Func unctio tions, ns, pa param rameter ers, s, and nd return eturn values lues  Declared with statically typed parameters & return values  Return value specified in function definition via returns keyword function sum(uint _input1, uint _input2) returns (uint){ return(_input1 + _input2); } Portland State University CS 410/510 Blockchain Development & Security

  14.  Solidity functions can return multiple values function multipleReturns() returns(uint a, uint b, uint c) { return (1, 2, 3); } function processMultipleReturns() { uint a; uint b; uint c; (a, b, c) = multipleReturns(); } function getLastReturnValue() { uint c; (,,c) = multipleReturns(); } Portland State University CS 410/510 Blockchain Development & Security

  15. Inheritance eritance and d po polym ymor orphis phism  is keyword to specify inheritance  Derive specialized contracts from a more generic one contract BasicToken { uint totalSupply; function balanceOf(address who) returns (uint); function transfer(address to, uint value) returns (bool); } contract AdvancedToken is BasicToken { ... }  Can inherit from multiple contracts contract SatoshiNakamoto is NickSzabo, HalFinney { } Portland State University CS 410/510 Blockchain Development & Security

  16. Visi sibility bility mo modif ifie iers  Modfiers applied to functions and variables to annotate them with where they can be accessed from  public  Similar to OO languages  Functions and variables can be accessed either internally or from any other contract including those derived from it (e.g. from anywhere) // Dynamic array of Person structs publicly readable // (e.g. automatically have getter method and viewable // externally) Person [] public people;  private  Callable only within contract  Allows access only to code within contract they are defined in (and not in derived contracts)  Note: Do not confuse this with secrecy  Data resides on blockchain still! Portland State University CS 410/510 Blockchain Development & Security

  17.  If not specified, default public  Any user or contract can call _addToArray uint[] numbers; function _addToArray(uint _number) { numbers.push(_number); }  Use private modifier after parameter declaration to make private  Only other functions within our contract can add to array of numbers uint[] numbers; function _addToArray(uint _number) private { numbers.push(_number); }  Array is still visible to a full node Portland State University CS 410/510 Blockchain Development & Security

  18. Addi dditio tional nal visi sibility bility mo modif ifier iers  external  Declare as part of the contract interface that can be called  Similar to public , but function can *only* be called from outside of the contract by other contracts and via transactions  Can not be called internally unless via " this " (e.g. this.f() )  internal  Similar to private , but allows access both to other code within contract and contracts derived from it via inheritance  Akin to protected visibility of methods in OO languages Portland State University CS 410/510 Blockchain Development & Security

  19.  eatWithBacon() callable from anywhere, but eat() callable only from derived class contract Sandwich { uint private sandwichesEaten = 0; function eat() internal { sandwichesEaten++; } } contract BLT is Sandwich { uint private baconSandwichesEaten = 0; function eatWithBacon() public returns (string) { baconSandwichesEaten++; // We can call this here because it's internal eat(); } } Portland State University CS 410/510 Blockchain Development & Security

  20. Audi uditing ting visi sibility bility mo modif ifie iers s for se security urity  Improper setting of internal/external and public/private are a common source of vulnerabilities  Ensure all public and external function calls are intended to be called by anyone! Portland State University CS 410/510 Blockchain Development & Security

  21. Sta tate e mo modif ifier iers  Modifiers applied to functions to annotate them with whether they access or modify state  view  Does not modify any data in contract string greeting = "What's up dog?"; function sayHello() external view returns (string) { return greeting; }  Can call for free since transaction handled locally on a single node  Make external view functions whenever possible  pure  Does not access any data in contract function _multiply(uint a, uint b) private pure returns (uint) { return a * b; } Portland State University CS 410/510 Blockchain Development & Security

Recommend

Fuzzing the Solidity Compiler Bhargava Shastry @ibags Ethereum Foundation bshastry Fuzzcon

Fuzzing the Solidity Compiler Bhargava Shastry @ibags Ethereum Foundation bshastry Fuzzcon

Fuzzing the Solidity Compiler Bhargava Shastry @ibags Ethereum Foundation bshastry Fuzzcon Europe 2020 | Fuzzing the Solidity Compiler 2 whoami Security engineer, Solidity team Semantic testing of Solidity compiler Find

441 views • 28 slides
Solidity 0.5: when typed does not mean type-safe S. Crafa M. Di Pirro Universit di Padova,

Solidity 0.5: when typed does not mean type-safe S. Crafa M. Di Pirro Universit di Padova,

Solidity 0.5: when typed does not mean type-safe S. Crafa M. Di Pirro Universit di Padova, Italy Kynetics, Italy crafa@math.unipd.it matteo.dipirro@kynetics.com FMBC - 11 October 2019 - Porto Agenda Smart contracts and Solidity

588 views • 32 slides
Ethereum Workshop An Introduction to T ools, Solidity &amp; Smart Contracts 1 / 40 Preparation

Ethereum Workshop An Introduction to T ools, Solidity &amp; Smart Contracts 1 / 40 Preparation

Ethereum Workshop An Introduction to T ools, Solidity &amp; Smart Contracts 1 / 40 Preparation Follow the instructions on: http://bit.ly/2um6cGA 2 / 40 Agenda 1) A brief introduction to Ethereum 2) Setting up a private blockchain 3)

619 views • 40 slides
Solidity Pt. 2 Lessons 3-5 Libraries/OpenZeppelin, SafeMath Time Random number generation

Solidity Pt. 2 Lessons 3-5 Libraries/OpenZeppelin, SafeMath Time Random number generation

Solidity Pt. 2 Lessons 3-5 Libraries/OpenZeppelin, SafeMath Time Random number generation Transfers Tokens Comments Libraries raries OpenZeppelin repository containing source code for implementing commonly used functions in smart

489 views • 33 slides
Smart Contract Security Assessing Solidity smart contracts About Me Evangelos Deirmentzoglou

Smart Contract Security Assessing Solidity smart contracts About Me Evangelos Deirmentzoglou

Smart Contract Security Assessing Solidity smart contracts About Me Evangelos Deirmentzoglou Security Consultant Smart contract audits Nmap/Ncrack contributor Certs: OSCE, OSCP, OSWP Blockchain Basics Front Running

642 views • 30 slides
Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol designed by Satoshi Nakamoto in 2008 https://bitcoin.org/bitcoin.pdf First Bitcoin client launched in 2009 Peer-to-peer no centralized

501 views • 31 slides
2011 half-year results AMSTERDAM, 16 AUGUST 2011 - Focus on both grow th and solidity Floris

2011 half-year results AMSTERDAM, 16 AUGUST 2011 - Focus on both grow th and solidity Floris

2011 half-year results AMSTERDAM, 16 AUGUST 2011 - Focus on both grow th and solidity Floris Deckers, CEO - 2 0 1 1 half-year results Constant Korthout, CFRO - The best private bank in the Netherlands and Belgium Floris Deckers, CEO - Q&amp;A

662 views • 38 slides
2011 annual results AMSTERDAM, 8 MARCH 2012 - Putting solidity before profit Floris Deckers, CEO

2011 annual results AMSTERDAM, 8 MARCH 2012 - Putting solidity before profit Floris Deckers, CEO

2011 annual results AMSTERDAM, 8 MARCH 2012 - Putting solidity before profit Floris Deckers, CEO - 2 0 1 1 annual results Constant Korthout, CFRO - Basel I I I Constant Korthout, CFRO - The best private bank in the Netherlands and Belgium

851 views • 44 slides
Com paring psychrom eter and hum idity sensor Com paring psychrom eter and hum idity sensor

Com paring psychrom eter and hum idity sensor Com paring psychrom eter and hum idity sensor

Com paring psychrom eter and hum idity sensor Com paring psychrom eter and hum idity sensor during conventional kiln drying especially at low during conventional kiln drying especially at low tem perature and low relative hum idity tem

189 views • 8 slides
Presentation Q1 2017 1 En drivkraft for vekst p Helgeland Presentation per 31.03.17 (HSB

Presentation Q1 2017 1 En drivkraft for vekst p Helgeland Presentation per 31.03.17 (HSB

Presentation Q1 2017 1 En drivkraft for vekst p Helgeland Presentation per 31.03.17 (HSB Group) Main Features Profit &amp; loss Lisbeth Flgeng Chief Executive Officer Balance Lending Deposits Funding Sverre Klausen Solidity Chief

658 views • 46 slides
Presentation Q2 2016 En drivkraft for vekst p Helgeland 1 Presentation per 30.06.16 (HSB

Presentation Q2 2016 En drivkraft for vekst p Helgeland 1 Presentation per 30.06.16 (HSB

Presentation Q2 2016 En drivkraft for vekst p Helgeland 1 Presentation per 30.06.16 (HSB Group) Main Features Profit &amp; loss Lisbeth Flgeng Chief Executive Officer Balance Lending Deposits Funding Sverre Klausen Solidity Chief

829 views • 45 slides
Presentation Q3 2014 En drivkraft for vekst p Helgeland 1 Presentation Q3 2014 (HSB group)

Presentation Q3 2014 En drivkraft for vekst p Helgeland 1 Presentation Q3 2014 (HSB group)

Presentation Q3 2014 En drivkraft for vekst p Helgeland 1 Presentation Q3 2014 (HSB group) Main features Lisbeth Flgeng Profit &amp; Loss Acting Chief Executive Balance Officer Lending Deposits Ranveig Krkstad Funding Solidity

850 views • 50 slides
Presentation Q1 2016 1 En drivkraft for vekst p Helgeland Presentation Q1 2016 (HSB Group)

Presentation Q1 2016 1 En drivkraft for vekst p Helgeland Presentation Q1 2016 (HSB Group)

Presentation Q1 2016 1 En drivkraft for vekst p Helgeland Presentation Q1 2016 (HSB Group) Main Features Profit &amp; loss Lisbeth Flgeng Chief Executive Officer Lending Deposits Funding Solidity Sverre Klausen Summary Chief

808 views • 42 slides
D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between

D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between

D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between web API and programming language (Web3/Solidity) and underlying execution environment (Ethereum Virtual Machine) Portland State University CS

996 views • 38 slides
Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Presented at FMBC 2020 Formal Formal Specif Specification ication and Verific and Verification ation of Solid of Solidity ity Contracts Contracts with E with Events vents kos Hajdu 1 , Dejan Jovanovi 2 , Gabriela Ciocarlie 2 1

298 views • 14 slides
FY14 Results March 10 th , 2015 FY 2014 Results - Highlights Results confirm and support the

FY14 Results March 10 th , 2015 FY 2014 Results - Highlights Results confirm and support the

FY14 Results March 10 th , 2015 FY 2014 Results - Highlights Results confirm and support the solidity of the growth, in line with long term and healthy growth project, based on exclusive distribution, product excellence, craftsmanship,

710 views • 24 slides
Vyper Labs Lab 4.1: : MyContract ontract in Vype per Write, compile, and deploy a Vyper

Vyper Labs Lab 4.1: : MyContract ontract in Vype per Write, compile, and deploy a Vyper

Vyper Labs Lab 4.1: : MyContract ontract in Vype per Write, compile, and deploy a Vyper version of the MyContract contract previously implemented in Solidity Visit Remix and select the Vyper environment MyContract ontract code de

720 views • 47 slides
Spe c ific a tio n Pr oduc t T ype Size Case ABV SMV Ac idity Name 300ml 12b tl

Spe c ific a tio n Pr oduc t T ype Size Case ABV SMV Ac idity Name 300ml 12b tl

Spe c ific a tio n Pr oduc t T ype Size Case ABV SMV Ac idity Name 300ml 12b tl RAI Junma i 15% +2 1.7 720ml 6b tl De sc riptio n Oze ki e xc lusive ly de ve lo pe d a ne w wa y o f ma king Junma i sa ke to b

369 views • 5 slides
Declarative Static Analysis of Smart Contracts securify.ch Quentin Hibon Blockchain Security

Declarative Static Analysis of Smart Contracts securify.ch Quentin Hibon Blockchain Security

Declarative Static Analysis of Smart Contracts securify.ch Quentin Hibon Blockchain Security Engineer, ChainSecurity Smart Contract Bugs in the News Low-level Code High-level languages Solidity Vyper compilation Low-level code

306 views • 28 slides
Quarterly presentation Q3 2015 Troms/Oslo 29. October 2015 3 rd quarter report 2015 - Group

Quarterly presentation Q3 2015 Troms/Oslo 29. October 2015 3 rd quarter report 2015 - Group

Quarterly presentation Q3 2015 Troms/Oslo 29. October 2015 3 rd quarter report 2015 - Group Profits before tax: NOK 918 mill (1 269 mill) ROE: 10.4 % (15.9 %) Loan losses NOK 108 mill Very good solidity. Satisfactory liquidity

1.05k views • 80 slides
Liq Liquidity Management of US Global Banks: Liq Liquidity Management of US Global Banks: idity

Liq Liquidity Management of US Global Banks: Liq Liquidity Management of US Global Banks: idity

Liq Liquidity Management of US Global Banks: Liq Liquidity Management of US Global Banks: idity Management of US Global Banks: idity Management of US Global Banks: Int Internal capital mar rnal capital markets in s in the Great the Great

568 views • 32 slides
s b t-e t he r eu m &gt; a terminal for the world computer s teve r andy w aldman s waldma n@m

s b t-e t he r eu m &gt; a terminal for the world computer s teve r andy w aldman s waldma n@m

s b t-e t he r eu m &gt; a terminal for the world computer s teve r andy w aldman s waldma n@m change .c om h ttps ://w ww .s bt -e thereu m.i o / h ttps ://w ww .i nterfm u idity .c om / @i nterfm u idity t h e b lo c kc h ai n i s

335 views • 21 slides
Teaching: Art, Craft or Science Shanker Institute Symposium hargreaves@bc.edu April 2019 .. .

Teaching: Art, Craft or Science Shanker Institute Symposium hargreaves@bc.edu April 2019 .. .

Teaching: Art, Craft or Science Shanker Institute Symposium hargreaves@bc.edu April 2019 .. . . Art Craft Science . Art Craft Science Calling Service . Art Craft Science Calling Service Job Solidarity &amp; solidity Our

631 views • 21 slides
S L O V A K R E P U B L I C Investor Presentation, Paris 8-9 November 2018 Debt and Liquidit

S L O V A K R E P U B L I C Investor Presentation, Paris 8-9 November 2018 Debt and Liquidit

S L O V A K R E P U B L I C Investor Presentation, Paris 8-9 November 2018 Debt and Liquidit idity Management Agency Disclaimer THIS PRESENTATION IS NOT AN OFFER OR SOLICITATION OF AN OFFER TO BUY OR SELL SECURITIES. IT HAS BEEN PREPARED FOR

610 views • 32 slides

More recommend