Category Archives: smart contracts

How I sold 5 Acres of Land Using BitBay’s Trustless Smart-contracts:

How I sold 5 Acres of Land Using BitBay’s Trustless Smart-contracts:

Have you ever wondered why there are so many hoops to jump through when purchasing or selling high-value items? Have you ever bought a house and wondered why you have to sign heaps of paperwork and sometimes wait months for a transaction to close?

In essence, it all boils down to two things:

- The involvement of middlemen (banks, real estate agents, title companies, escrow agents, attorneys etc.)

- A lack of trust between two parties.

Fortunately, there’s another, vastly improved process evolving as we speak. It’s called trustless smart contracts. With BitBay, I was able to easily create a custom trustless smart contract, which enabled me to sell a 5-acre property located in Southern California, to an international buyer located halfway across the world in Norway.

This was all done with a peace of mind and without hassle.

Now, before we get into this…. the words and ideas in this article are solely based on my own opinion and experiences. I am not an affiliate of BitBay, and these opinions are not a reflection of any organization or entity. I’m only here to express my personal approach to real estate transactions and how I would like to see the industry change in a sustainable way. Closing real estate transactions using crypto-currency is still relatively new, and can carry substantial risk. Government regulation, accuracy of information, and volatile currency rates can all change overnight, which can either make or break the deal. BitBay is one of the few platforms out there changing this right now.

Also, I understand that many of the middlemen and systems within the real estate industry have originally been designed for a purpose… to ensure strict legal security and structure for all transactions. I believe this purpose is a good thing… However, I also see how these outdated systems can cause a blockage in the flow of both information and money from both the buyer and the seller, while charging high fees in the process. In an age where consumers can order almost anything online and have it delivered in a day or two, why does it have to take weeks or months to buy some land or a house?

So what is BitBay you might ask? From their website: “Bitbay is a working real-world cryptocurrency powering a fully-functional decentralized marketplace that allows you to buy and sell goods and services easily, securely, and anonymously.”

I first discovered BitBay markets while perusing some forums on cryptocurrency investing, and after reading several recommendations, decided to give it a look. After checking out their project, I decided to buy come BAY currency, thinking I would HODL it and nothing more. However, upon realizing that their client had a built in wallet, I went a bit further to download it in order to securely store the coins. In all honesty, my first impression of the BitBay client was fairly unimpressive. The general feel of the user interface seemed a little outdated, and had a strong “Windows ‘95” feel to it. However, after watching a few tutorial videos (which I highly recommend) I quickly realized that this is a very powerful tool, which can be used for almost any type of transaction in the world. David Zimbeck, the developer and his team have spent almost 100% of their focus on the function and security of the software, before making it visually appealing. Function before fashion, I absolutely love it.

(note: A brand new, more visually appealing user interface is going to be launched Q1, 2018)

After a few days had passed, I was really curious to see the software in action. I wanted to see if these “trustless smart contracts” were actually a legitimate process for business, and the only way to do that was to list something on their decentralized marketplace. In order to truly test this out, I needed to sell something large, something that would normally require a sizable amount of trust; an item that typically included middlemen, central authorities, and high fees. It so happened that I had a 5-acre parcel of land I needed to sell, which would be perfect for this experiment.

That afternoon, I sat down with a cup of tea at my desk, thinking that creating this market listing would take the rest of the day. However after few clicks, I had my property listing up on the decentralized marketplace. The most time consuming part for me was deciding how to tailor the double deposit escrow (DDE). The way this trustless system works is that both buyer and seller deposit a set amount of money into an encrypted account. If either party decides to cheat one another, the deposits are destroyed, and both lose money. This conveniently prevents fraud, as there is no financial or physical gain for dishonesty. Additionally, this also completely eliminates the need for a costly third-party escrow service. The double deposit escrow can be set up a number of different ways, depending on the seller’s risk tolerance and value of the item being sold.

After a few days of having the land listed on the marketplace, I opened my computer to find that someone had accepted my smart contract. Not only that, but it was a buyer located on the other side of the planet, in Norway! My first thought was “Is this even legal?” However, what really found surprisingly surreal was the feeling of trust that came with this contract acceptance. I had comfort knowing that the deal would be followed through to completion. (note: BitBay offers automatic price tracking, so if the currency value changes before a contract is accepted, you will still receive the equivalent amount for the deal. You can also use fiat for the purchase price and BAY for the deposit to ensure minimal price change upon contract completion. The rolling peg will also create an incentive to use BAY instead of fiat.)

Once I confirmed the legality of foreign citizens purchasing real estate in the U.S., I mailed the deed and paperwork out to the buyer. This was the slowest part of the transaction. The county that this property is located in requires a “wet signature” on all recorded documents, so an electronic signature was out of the picture. Once the buyer signed the documents, he then had to send them back to the U.S. for recording. Someday, when the counties update their policy, e-signatures will make the process incredibly faster. To take it one step further, imagine if the counties could integrate their records onto the blockchain… Then an accepted smart contract on BitBay could seamlessly be updated in the county records. I digress. Once the county received and recorded the deed, the buyer then sent the payment of BAY currency to my BitBay wallet address within the client. At that time we both received our deposits back, and the transaction was complete.

Over all, this transaction was about as smooth as I could have ever hoped. With the custom smart contract templates, the possibilities are infinite. The only frustration I experienced was where the ultra-efficiency of BitBay met the clumsiness of the county’s recording system. I can also see how there would be other roadblocks with various real estate industry middlemen (i.e. title companies) that have not adapted to advancement in technology. I look forward to seeing all components of real estate transactions placed onto the blockchain in the future. One other aspect that I could see posing an issue is government regulation. The US federal government currently classifies cryptocurrency as property, requiring citizens to pay capital gains taxes on both cryptocurrency and real estate. In my case, if I were to convert the profits from my land sale to US Dollars, I could be potentially taxed (15–20%) for both the sale of the land and the “conversion of currencies”. If this changes, transactions like this will be much simpler and more cost effective to complete. Until then, I will continue to HODL and use this amazing platform called BitBay.

If you’re curious, here are several of the many features that make it so unique:

Double Deposit Escrow — both parties have to put money in the deal, and if anyone backs out, both parties lose. This creates a synergistic relationship between both sides, and automates enforceability of the contract.

Dynamic Rolling Peg — The automated control of supply and demand. This keeps the currency stable, so users don’t have to worry about huge market fluctuations during transactions. For a better understanding check this out. (This will be implemented in Q2, 2018)

Built-in wallet to the client — This is a very secure wallet, which interacts perfectly with the marketplace. There is the option for staking as well. (Web wallet is soon to be released)

Custom Smart Contract Templates — This is huge, because it allows you to easily create set your own transaction. You can use literally any currency, or none at all. You can barter…you can trade…all anonymously and safely knowing that the other party will fulfill their end of the bargain. The possibilities are endless!

Also, here’s what they have in the works for this next year:

Decentralized workforce

Blockchain and Smart Contracts develop every day. They help to build truly decentralized workforce networks. As for a decentralized workplace, it is a gathering together workers, and they are not controlled by a central authority and have no need in «boss».

Using the Smart Contracts and Cryptocurrencies permit to build special decentralized and self governing networks. In these ecosystems, employers post tasks and any worker can do it. After that another users check the results and decide it to be payed or not. In the case of success, the payment will be done with the help of Blockchain.

It seems to be the same situation when in the Old West people tried to catch the criminal together, and the fastest person wins. Nowadays freelancers are trying to «catch the task» and do it as fast, as possible to get their money.

Now, by means of decentralizing workforce it is possible to solve any problem. For sure, such unites as consulting, marketing, and software development are some of the industries that would get a great benefit from decentralized workforce.

Of course, there are some difficulties. For now, the biggest aim is to think over how to encourage people who check ready works, we can name them ‘job reviewers’. There are some platforms where users are allowed to get some bounties for their reviews. In such services, submissions sending automatically that might to be reviewed by other users.

One of the important tasks will be to setup a proper rewards structure. It is necessary to create system where money will pass from the employer to the worker after the supervisionof a task. Usual currencies in such systems aren’t quoted. For this purpose cryptocurrency is an ideal option. As an example transactions can be done by Ethereum or Bitcoin.

In recent years, the branch of online freelance has received unreal popularity in the World. For workers and employers are offered the comfortable working conditions. Further, thanks to a blockchain, the entire branch will become decentralized, all problems will be fixed. It will attract even more people in network workforce.

With the help of our decentralized platform you can create your own market and sell any goods, without visiting any pestered office, spending no time to get to work, and all of this you will have at your PC .

Follow Storiqa on Facebook, Twitter, LinkedIn;

Join our conversation on Telegram;

Subscribe to get special offer on our website.

Decentralized workforce

Blockchain and Smart Contracts develop every day. They help to build truly decentralized workforce networks. As for a decentralized workplace, it is a gathering together workers, and they are not controlled by a central authority and have no need in «boss».

Using the Smart Contracts and Cryptocurrencies permit to build special decentralized and self governing networks. In these ecosystems, employers post tasks and any worker can do it. After that another users check the results and decide it to be payed or not. In the case of success, the payment will be done with the help of Blockchain.

It seems to be the same situation when in the Old West people tried to catch the criminal together, and the fastest person wins. Nowadays freelancers are trying to «catch the task» and do it as fast, as possible to get their money.

Now, by means of decentralizing workforce it is possible to solve any problem. For sure, such unites as consulting, marketing, and software development are some of the industries that would get a great benefit from decentralized workforce.

Of course, there are some difficulties. For now, the biggest aim is to think over how to encourage people who check ready works, we can name them ‘job reviewers’. There are some platforms where users are allowed to get some bounties for their reviews. In such services, submissions sending automatically that might to be reviewed by other users.

One of the important tasks will be to setup a proper rewards structure. It is necessary to create system where money will pass from the employer to the worker after the supervisionof a task. Usual currencies in such systems aren’t quoted. For this purpose cryptocurrency is an ideal option. As an example transactions can be done by Ethereum or Bitcoin.

In recent years, the branch of online freelance has received unreal popularity in the World. For workers and employers are offered the comfortable working conditions. Further, thanks to a blockchain, the entire branch will become decentralized, all problems will be fixed. It will attract even more people in network workforce.

With the help of our decentralized platform you can create your own market and sell any goods, without visiting any pestered office, spending no time to get to work, and all of this you will have at your PC .

Follow Storiqa on Facebook, Twitter, LinkedIn;

Join our conversation on Telegram;

Subscribe to get special offer on our website.

CyberMiles 为什么与众不同?

CyberMiles 的区块链与代币有什么特别的地方?为什么我们说 CyberMiles Token (CMT) 是电子商务世界的“储备货币”?加入我们的代币认购活动

  1. CyberMiles 是一个以运营智能合约为主要功能的基础链,就像以太坊(ETH)一样。但是 CyberMiles 的“智能商业合约“远比以太坊的智能合约强大。CyberMiles 是下一代以太坊。
  2. Cybermiles 专门为电商的应用进行优化。提供电商的智能商业合约模版,可以大幅降低电商应用的开发成本。
  3. Cybermiles 合作伙伴 5miles 会安全地在 CyberMiles 网络上引入上千万美国用户的身份,信用,名誉,与货币结算信息。这是为什么其他电商项目会都上 CyberMiles 网络建立应用的原因。
  4. 与以太坊相似,使用 CyberMiles 智能合约的项目(比如电商项目),可以直接使用 CMT 进行 ICO,并可以对后续的收益结算等提供无缝支持,这是一个超过10万亿的市场。
  5. Cybermiles 采用市场上最先进成熟的POS共识引擎,可以支持每秒上万个交易。相比之下,今天以太坊只支持每秒十个交易。
  6. PoS共识的特点是今后几年增发的CMT是按比例给CMT持币者的。所以参加 ICO 的持币者可以持续地从网络获益
  7. 由于 CyberMiles 是专门为电商优化的,CMT 的另一个主要应用是作为商业交易的结算货币。就像瑞波币(XRP)一样。但是 XRP 只对银行之间结算,CMT 对个人与商家结算
  8. CMT 会成为第一个过千万人使用的数字货币,5miles 承诺将其1200万用户迁移至 Cybermiles 上,并全局使用 CMT。就这一点,其网络规模已经超过以太坊几倍

详情请参见我们的技术白皮书项目白皮书


CyberMiles 为什么与众不同? was originally published in CyberMiles on Medium, where people are continuing the conversation by highlighting and responding to this story.

CyberMiles 为什么与众不同?

CyberMiles 的区块链与代币有什么特别的地方?为什么我们说 CyberMiles Token (CMT) 是电子商务世界的“储备货币”?加入我们的代币认购活动

  1. CyberMiles 是一个以运营智能合约为主要功能的基础链,就像以太坊(ETH)一样。但是 CyberMiles 的“智能商业合约“远比以太坊的智能合约强大。CyberMiles 是下一代以太坊。
  2. Cybermiles 专门为电商的应用进行优化。提供电商的智能商业合约模版,可以大幅降低电商应用的开发成本。
  3. Cybermiles 合作伙伴 5miles 会安全地在 CyberMiles 网络上引入上千万美国用户的身份,信用,名誉,与货币结算信息。这是为什么其他电商项目会都上 CyberMiles 网络建立应用的原因。
  4. 与以太坊相似,使用 CyberMiles 智能合约的项目(比如电商项目),可以直接使用 CMT 进行 ICO,并可以对后续的收益结算等提供无缝支持,这是一个超过10万亿的市场。
  5. Cybermiles 采用市场上最先进成熟的POS共识引擎,可以支持每秒上万个交易。相比之下,今天以太坊只支持每秒十个交易。
  6. PoS共识的特点是今后几年增发的CMT是按比例给CMT持币者的。所以参加 ICO 的持币者可以持续地从网络获益
  7. 由于 CyberMiles 是专门为电商优化的,CMT 的另一个主要应用是作为商业交易的结算货币。就像瑞波币(XRP)一样。但是 XRP 只对银行之间结算,CMT 对个人与商家结算
  8. CMT 会成为第一个过千万人使用的数字货币,5miles 承诺将其1200万用户迁移至 Cybermiles 上,并全局使用 CMT。就这一点,其网络规模已经超过以太坊几倍

详情请参见我们的技术白皮书项目白皮书


CyberMiles 为什么与众不同? was originally published in CyberMiles on Medium, where people are continuing the conversation by highlighting and responding to this story.

CyberMiles 为什么与众不同?

CyberMiles 的区块链与代币有什么特别的地方?为什么我们说 CyberMiles Token (CMT) 是电子商务世界的“储备货币”?加入我们的代币认购活动

  1. CyberMiles 是一个以运营智能合约为主要功能的基础链,就像以太坊(ETH)一样。但是 CyberMiles 的“智能商业合约“远比以太坊的智能合约强大。CyberMiles 是下一代以太坊。
  2. Cybermiles 专门为电商的应用进行优化。提供电商的智能商业合约模版,可以大幅降低电商应用的开发成本。
  3. Cybermiles 合作伙伴 5miles 会安全地在 CyberMiles 网络上引入上千万美国用户的身份,信用,名誉,与货币结算信息。这是为什么其他电商项目会都上 CyberMiles 网络建立应用的原因。
  4. 与以太坊相似,使用 CyberMiles 智能合约的项目(比如电商项目),可以直接使用 CMT 进行 ICO,并可以对后续的收益结算等提供无缝支持,这是一个超过10万亿的市场。
  5. Cybermiles 采用市场上最先进成熟的POS共识引擎,可以支持每秒上万个交易。相比之下,今天以太坊只支持每秒十个交易。
  6. PoS共识的特点是今后几年增发的CMT是按比例给CMT持币者的。所以参加 ICO 的持币者可以持续地从网络获益
  7. 由于 CyberMiles 是专门为电商优化的,CMT 的另一个主要应用是作为商业交易的结算货币。就像瑞波币(XRP)一样。但是 XRP 只对银行之间结算,CMT 对个人与商家结算
  8. CMT 会成为第一个过千万人使用的数字货币,5miles 承诺将其1200万用户迁移至 Cybermiles 上,并全局使用 CMT。就这一点,其网络规模已经超过以太坊几倍

详情请参见我们的技术白皮书项目白皮书


CyberMiles 为什么与众不同? was originally published in CyberMiles on Medium, where people are continuing the conversation by highlighting and responding to this story.

Development Update — 13th Oct, 2017

Rocket Pool — Next Generation Ethereum Proof of Stake Pool

Happy Friday Rocket Poolers! With the RPL presale in the rear view mirror, efforts over the last few weeks have been concentrated on working on some core elements of Rocket Pool that will be required for its beta release hopefully on the Kovan testnet in the first quarter of 2018. Some of these core elements are the smart node service scripts and the design / functionality of the Rocket Pool beta UI.

Smart Nodes

Following up on the previous development update, more work has been done on the smart node service scripts. Rocket Pool isn’t only made of smart contracts, but also a network of nodes that can listen to the main smart contracts and receive instructions from those contracts. These scripts also allow the smart nodes to check in with the main contract on a regular basis to report on their server load which helps with load balancing users who stake with Rocket Pool + more.

Currently these beta scripts are functional and will run as a background service on a node. They will automatically run when the smart node is booted up and will wait for the Parity node software to initialise, they will then add event listeners to the Ethereum blockchain which allows for two way communication between the Rocket Pool smart contracts and themselves. The scripts will also process past events in case they incur downtime, so no instructions are missed in the case of hardware faults. Still more work to be done, but the initial beta versions of these scripts are promising and working well initially.

Rocket Pool Beta UI

Development has largely taken a backseat over the past few weeks as we near part one of the Metropolis hard fork, the Byzantium fork. With this upgrade to the Ethereum blockchain happening soon, it will also bring with it several new notable upgrades for smart contracts that will allow huge optimisations to Rocket Pool that I’ll discuss a bit further on. Waiting for these changes to come into play allowed for some initial design work on the beta version of the Rocket Pool user interface for users that wish to stake with Rocket Pool and earn interest on their ether holdings.

Rocket Pool beta menu style and interface.

The aim of the UI is to be big, simple, effective and attractive. A lot of Web3js apps using Metamask and ethereum browsers currently in the ecosystem are fairly clunky, so the aim is to make this UI as smooth and easy to use as possible. Here’s two screenshots of very early prototype designs of the beta style.

Selecting your Ethereum account you wish to stake with.

Not only have designs been undergoing work, there’s also been some initial work on the actual UI animations and JS framework that will power the UI. Currently this is Vue.js, similar to React in some ways, but very powerful and flexible when combined with a global Event Bus (I’m a huge fan of Pub/Sub frameworks and design concepts).

The blurred world map in the previous screenshots will also be an interactive live status of the Rocket Pool networks current capacity and node locations. Click to view animation.

Contract Updates

While a lot of the recent focus has been on the UI, a few but important contract updates have been made.

Rocket Pool was originally designed according to the Mauve Paper specs which specified that Casper would require some parameters that identified a node by a validation code (EVM byte code, like a mini contract). This has since been changed to a normal node account address for the first version of Casper, so Rocket Pool has been updated accordingly and is now compatible with this approach.

Byzantium HF

The first part of Ethereums next major upgrade, Metropolis; is set to begin in just a few days. This update brings with it several new features which will enable Rocket Pool to do across the board optimisations and even some contract restructuring.

Two of the most useful updates are some new opcodes which will now allow contracts to send variable length data between each other. Until now this wasn’t possible and often resulted in some inefficient methods to get the job done. This update will allow dapps that use a modular contract structure, as Rocket Pool does, to achieve much more efficiency. We’ll be looking at starting these optimisations in the near future.

Ethereum Brisbane — Anatomy of a dapp.

Rocket Pool got a special invitation to give a talk on our Dapp + Network to the Brisbane Ethereum Meetup group on the 4th October. Gave a high level overview of the differences betwen PoW/PoS as well as a rundown on what Rocket Pool is, how it works and some general info on decentralised apps.

Had a great turn out of 60-80 people and spent a good hour going over all Rocket Pools tech, how it was made and what it was made using. If anyone wants to view slides from the events, there’s a pdf version available here.

Contact Us

If you’re new to Rocket Pool or have any questions, we invite you to please checkout our website and contact us there or join our slack chat group to get all news and updates before they are posted anywhere else.


Development Update — 13th Oct, 2017 was originally published in Rocket Pool on Medium, where people are continuing the conversation by highlighting and responding to this story.

Papyrus Global Audit by Ambisafe

Upon request from the Papyrus team, Ambisafe has conducted an audit on Papyrus PRP prototype token.

The audit has been conducted by the experienced team of developers at Ambisafe, pioneers in Blockchain Technology and solidity language for Smart contracts.

Ambisafe believes it is essential to have audits conducted so to protect future interest.

Ambisafe reviews smart contracts and tokens for potential bugs and vulnerabilities and write an actionable report of every issue found.

The Papyrus Global security audit is available on Github for those who want to understand the more in-depth report: https://github.com/papyrusglobal/security_audit/tree/6094e17789abcf019210e517dc106a

Here’s our assessment and recommendations:

1. Note: it’s not possible to foresee what solidity version will be used in deployed contract.

2. Ownable.sol

Control over token contract might be lost if owner call transferOwnership()​ ​with wrong address parameter (receiver lost private key, wrong address used etc).

Possible solution: new owner should accept ownership and confirm that he has access to his address.

3. StandardToken.sol.

Minor: lines 22, 37, 39.

Minor: excess SafeMath​ usage (overflow is impossible) because of verifications above (lines 21, 35, 36).

Excess gas will be wasted

4. PapyrusPrototypeToken.sol.

Note: mint()​ function. If _amount.mul(_priceUsd) will be less than 10**18​, then amountUsd​ ​=​ ​0​ and totalCollected​ will not be increased.

5. PapyrusPrototypeToken.sol.

Note: it is recommended to use unified types declaration style, either uint​ or uint256​, for instance lines 13, 23, 28, 37, 93.

Conclusion

In the Papyrus case, after analyzing the standard token, the ownable dimension of it and the Papyrus Prototype Token, the auditing team has concluded that: “Contracts are well-written and all the controlling functions are protected from unauthorized access. Token transfers can be disabled by the contract owner at any moment, which can be useful in an emergency situation”.

Papyrus Global Audit by Ambisafe

Upon request from the Papyrus team, Ambisafe has conducted an audit on Papyrus PRP prototype token.

The audit has been conducted by the experienced team of developers at Ambisafe, pioneers in Blockchain Technology and solidity language for Smart contracts.

Ambisafe believes it is essential to have audits conducted so to protect future interest.

Ambisafe reviews smart contracts and tokens for potential bugs and vulnerabilities and write an actionable report of every issue found.

The Papyrus Global security audit is available on Github for those who want to understand the more in-depth report: https://github.com/papyrusglobal/security_audit/tree/6094e17789abcf019210e517dc106a

Here’s our assessment and recommendations:

1. Note: it’s not possible to foresee what solidity version will be used in deployed contract.

2. Ownable.sol

Control over token contract might be lost if owner call transferOwnership()​ ​with wrong address parameter (receiver lost private key, wrong address used etc).

Possible solution: new owner should accept ownership and confirm that he has access to his address.

3. StandardToken.sol.

Minor: lines 22, 37, 39.

Minor: excess SafeMath​ usage (overflow is impossible) because of verifications above (lines 21, 35, 36).

Excess gas will be wasted

4. PapyrusPrototypeToken.sol.

Note: mint()​ function. If _amount.mul(_priceUsd) will be less than 10**18​, then amountUsd​ ​=​ ​0​ and totalCollected​ will not be increased.

5. PapyrusPrototypeToken.sol.

Note: it is recommended to use unified types declaration style, either uint​ or uint256​, for instance lines 13, 23, 28, 37, 93.

Conclusion

In the Papyrus case, after analyzing the standard token, the ownable dimension of it and the Papyrus Prototype Token, the auditing team has concluded that: “Contracts are well-written and all the controlling functions are protected from unauthorized access. Token transfers can be disabled by the contract owner at any moment, which can be useful in an emergency situation”.

Confideal Weekly Update #1

Last week was quite eventful for our team. We know it is hard to be up-to-date, so in this brief weekly review we’ve summarized the highlights of the previous week. In this short blog post, we’ll talk about our trip to Dublin and Barcelona, how we hit our 45 K likes milestone on Facebook (hurray!) and showcase the top media reviews featuring Confideal. To top it all off, we have some important announcements to share! Let’s get started!

Confideal World Tour Updates

You know from our Facebook and Twitter pages that the Confideal team has embarked on a world tour, presenting Confideal at the most important blockchain events worldwide! We are excited for the chance to see you all there, to answer dozens of questions about our amazing product, and to meet some of the most prominent cryptocommunity speakers and other development teams.

On Tuesday and Wednesday our teammates were at the 2nd Blockchain for Finance Conference, Europe in Dublin.

Dublin, Ireland

On Oct 3–5th some of our team members presented the Confideal project at Blockchain Solutions Forum Barcelona, a part of IoT Solutions World Congress.

Barcelona, Spain

Both visits were fruitful, and we had the chance to discuss the challenges of the universal adoption of blockchain technology, the upcoming milestones of Confideal project, and generally improve team collaboration and communication.

Achievements

At the same time, we suddenly realized we reached 45 K likes on our Facebook page! Congratulate us on reaching this milestone in our Telegram chat.

To-read list

We also endeavor to increase public awareness and understanding of smart contract technology and arbitration, and this week we’ve issued some interesting editorials.

Discover new applications of smart contracts in our article Smart Contracts: How I learned to stop worrying by relying on Blockchain?

Learn why conventional courts fail to resolve problems within the cryptocommunity and what possible solutions can be implemented in the future: “Why is blockchain-based Arbitration the only future for dispute resolution?”

Media about us

In addition, some very reputable periodicals issued their reviews of our services this week. Our work is gaining widespread appreciation, with Confideal mentioned in The Merkle, Cryptonoticias, and the Coinspeaker.

If you want to learn more, we definitely suggest reading these:

The Merkle: Create Anonymous Smart Contracts on the Ethereum Blockchain With Confideal
Coinspeaker: Confideal Makes the Complicated Process of Managing Smart Contracts Easy and Safe
NewsBTC: Confideal — Smart Contract Management Service

If you are fluent in German, don’t miss “Einige aktuelle ICOs: Von einer Online-Bank über Smart Contracts zu Landwirtschafts-Token und einem dezentralen Marktplatz” published on bitcoinblog.de. For our Spanish friends, we have this neat little link: “Confideal, la Plataforma para hacer tratos y arbitraje descentralizado, anuncia ICO”

Announcement

But wait — there’s more! Tomorrow we’ll be holding a Live Facebook Q&A session. Our CEO will speak extensively about the upcoming smart contract revolution and Confideal’s role in it, answer ICO-related questions, and more. If you don’t want to miss the Q&A session, subscribe to our Facebook page to get notifications!

Well, folks… That’s all for this week.

Stay tuned and take care!

With love,

Confideal team

P.S. Meanwhile, we invite you to check out our website and subscribe to the whitelist (Token Sale button) to get the best bonuses during the ICO!

Connect with us!

We encourage you to stay in touch with us to receive updates on our project through the following channels:

Facebook: https://www.facebook.com/confideal.io/

Twitter: https://twitter.com/confideal_io

Bitcointalk: https://bitcointalk.org/index.php?topic=2214619

Reddit: https://www.reddit.com/r/Confideal/

LinkedIn: https://www.linkedin.com/company/confideal/

Telegram: https://t.me/confidealioeng

Confideal Weekly Update #1

Last week was quite eventful for our team. We know it is hard to be up-to-date, so in this brief weekly review we’ve summarized the highlights of the previous week. In this short blog post, we’ll talk about our trip to Dublin and Barcelona, how we hit our 45 K likes milestone on Facebook (hurray!) and showcase the top media reviews featuring Confideal. To top it all off, we have some important announcements to share! Let’s get started!

Confideal World Tour Updates

You know from our Facebook and Twitter pages that the Confideal team has embarked on a world tour, presenting Confideal at the most important blockchain events worldwide! We are excited for the chance to see you all there, to answer dozens of questions about our amazing product, and to meet some of the most prominent cryptocommunity speakers and other development teams.

On Tuesday and Wednesday our teammates were at the 2nd Blockchain for Finance Conference, Europe in Dublin.

Dublin, Ireland

On Oct 3–5th some of our team members presented the Confideal project at Blockchain Solutions Forum Barcelona, a part of IoT Solutions World Congress.

Barcelona, Spain

Both visits were fruitful, and we had the chance to discuss the challenges of the universal adoption of blockchain technology, the upcoming milestones of Confideal project, and generally improve team collaboration and communication.

Achievements

At the same time, we suddenly realized we reached 45 K likes on our Facebook page! Congratulate us on reaching this milestone in our Telegram chat.

To-read list

We also endeavor to increase public awareness and understanding of smart contract technology and arbitration, and this week we’ve issued some interesting editorials.

Discover new applications of smart contracts in our article Smart Contracts: How I learned to stop worrying by relying on Blockchain?

Learn why conventional courts fail to resolve problems within the cryptocommunity and what possible solutions can be implemented in the future: “Why is blockchain-based Arbitration the only future for dispute resolution?”

Media about us

In addition, some very reputable periodicals issued their reviews of our services this week. Our work is gaining widespread appreciation, with Confideal mentioned in The Merkle, Cryptonoticias, and the Coinspeaker.

If you want to learn more, we definitely suggest reading these:

The Merkle: Create Anonymous Smart Contracts on the Ethereum Blockchain With Confideal
Coinspeaker: Confideal Makes the Complicated Process of Managing Smart Contracts Easy and Safe
NewsBTC: Confideal — Smart Contract Management Service

If you are fluent in German, don’t miss “Einige aktuelle ICOs: Von einer Online-Bank über Smart Contracts zu Landwirtschafts-Token und einem dezentralen Marktplatz” published on bitcoinblog.de. For our Spanish friends, we have this neat little link: “Confideal, la Plataforma para hacer tratos y arbitraje descentralizado, anuncia ICO”

Announcement

But wait — there’s more! Tomorrow we’ll be holding a Live Facebook Q&A session. Our CEO will speak extensively about the upcoming smart contract revolution and Confideal’s role in it, answer ICO-related questions, and more. If you don’t want to miss the Q&A session, subscribe to our Facebook page to get notifications!

Well, folks… That’s all for this week.

Stay tuned and take care!

With love,

Confideal team

P.S. Meanwhile, we invite you to check out our website and subscribe to the whitelist (Token Sale button) to get the best bonuses during the ICO!

Connect with us!

We encourage you to stay in touch with us to receive updates on our project through the following channels:

Facebook: https://www.facebook.com/confideal.io/

Twitter: https://twitter.com/confideal_io

Bitcointalk: https://bitcointalk.org/index.php?topic=2214619

Reddit: https://www.reddit.com/r/Confideal/

LinkedIn: https://www.linkedin.com/company/confideal/

Telegram: https://t.me/confidealioeng

Thank you to our community

As the CEO of a security company, I’ve spent quite a bit of time with our team considering how best to run a smooth crowdsale for our users that meshes with our fundamental principles of security and scalability.

We value the growing community that we’re building, right now it still feels like a well-kept secret, and I’m happy to have such a great group of people supporting our project to scale smart contract auditing to millions of contracts, and usher in a golden age of mainstream applications built on smart contracts.

As of today, I’m happy to announce that we are officially oversubscribed for our presale cap of $3M before our presale start date of October 9th.

One thing that we’re trying to do now as a company is be very selective about who we let into the presale. We’re looking for people who care about the project, who believe in our long term vision, and who trust us to carry it out to the end, where are eventual goal is to be part of the core Ethereum infrastructure. We’re looking for our true fans who believe in us.

We are also quite bad at marketing, so we’re also looking for people who will help us spread the message. You can actually talk to us in our telegram channel: https://t.me/joinchat/FxIqAguKiGRujsxHpb_j0A

If you want to be with us for the longterm beyond just the crowdsale, here are some really great things about our project:

  1. Our engineers have a 475 combined citations on Google Scholar (an expert in compilers will be joining us very soon).
  2. Evan Cheng, the Director of Engineering of Facebook, has amassed his tremendous technical expertise behind our project. Evan designed and implemented LLVM for Apple, and won an ACM award for this. LLVM (low level virtual machine) is inside your iPhone and Macbook. On a personal note, Evan is truly a great guy who cares. We have been lucky to have such a great group of advisors.
  3. We recently completed an audit for Request Network, a $30M ICO smart contract. They are YCombinator alumni. Steven and I talked with Etienne and Vincent, and they are genuinely great people with a wonderful payment product for normal people, that uses the blockchain. That is the type of project we believe in, the fundamental promise of the blockchain and smart contracts is to improve the lives of normal people. We used our own automated test generator to make many tests as part of this audit. (We are literally eating our own dog food). We have more projects like this in our pipeline planned, with founders we like.
  4. We have made an application to join YCombinator, for the future good of our company. We’d like to build a permanent position in the blockchain industry, and this is one strategy to do it.

Thank you all for your support, we cannot do it without you.

To end, here’s a couple pictures of Steven and Ed hacking away in a computer lab during the audit.

The Million Dollar Homepage Reborn as an Ethereum Smart Contract and DApp

Remember the Million Dollar Homepage? It was an interesting, if not novel concept. But it has since inspired many copycats and imitators. And now we see that its legacy lives on in, of all places, the blockchain. Two software developers from Toronto named Andrey and Max have come up with a new version of the … Continue reading The Million Dollar Homepage Reborn as an Ethereum Smart Contract and DApp

The post The Million Dollar Homepage Reborn as an Ethereum Smart Contract and DApp appeared first on NEWSBTC.

Weekly Briefing №99 | Giving Slack Flak and Praise to Sophia and Smart Contracts

Criticizing unicorns? Check. Highlighting humanoid and smart contract advancements? Check and check. An obscure quote from a 1950’s French film director? Bien sûr. Welcome to edition 99. This week:

  • Slack’s recent raise is nothing to celebrate
  • Sophia the humanoid will likely wow the crowd at UBS’s conference
  • Smart contract progress amidst a Bitcoin beat-down
  • Cybersecurity talent considerations, the finance world’s little-known sage
  • Someone should hand CFTC’s Giancarlo some fintech experiment cash
  • Finns are friendly, but they aren’t procreating: economists are scared
  • Comings and Goings: CleanCapital’s Jurgen Altziebler, LendUp’s Jotaka Eaddy
  • Company of Note: RavenPack

Giving Slack a little flak for being an IPO slacker.

Every time someone signs up to The FR, a notification hits one of our Slack channels. We love that and we love Slack. It’s a great collaboration tool, and unless you work on a rival product from Atlassian, Facebook or Microsoft, you or someone you know probably thinks so too. Plus, its co-founder and CEO has a cool-sounding name: Stewart Butterfield. Putting all that aside, we hate to see a company with huge momentum (annual recurring revenue of $200 million and two million paid users) take an extra $250 million of SoftBank cheddar (at a $5.1 billion valuation) and follow the well-worn path of staying private indefinitely. We get it. Venture dollars are flowing, it’s a hassle to do a regular way IPO, and once you’re public, investors want to you to be a true unicorn that offers fabulous growth and sparkly consistency. Otherwise, you get put in the Snap penalty box for being overvalued on IPO day. But here’s the rub: thanks to the terms that often accompany unicorn private rounds, incentives and valuations get warped, which in turn can lead to problems down the road. That’s because things usually don’t unwarp themselves with the passage of time, as growth rates inevitably slow with size. To be fair, it’s not all doom and gloom in the IPO market this year, and we expect to see MongoDB, which has made public its plans to go public this week, do well. But our message to the uni-procrastinators (and their venture backers) is this: stocks are at all-time highs, volatility is low and lazy, and equity supply is shrinking at a rapid pace. Or to put it another way courtesy of an Old Milwaukee advertisement and a George Jones album, it doesn’t get any better than this.

READ MORE

Desperately seeking Sophia.

For those who can’t attend UBS’s upcoming technology conference in Hong Kong, we’re happy to feature a recent demonstration video featuring Sophia, the humanoid robot from Hanson Robotics who’s almost certain to woo UBS’s guests. After all, she’s wowed audiences on “The Tonight Show” and at SXSW with her wry humor, a sometimes lovely British accent and her Audrey Hepburn resemblance. A less charming matter that needs immediate attention is AI ethics guidelines. Specifically, when a US government-funded study wants to research human beings, institutional review boards (IRBs) must first bless the study. However, when AI-based experiments are conducted, no such ethical review applies. That’s because the rules governing these studies were designed decades ago. So while it’s fun/scary to think about what Sophia will be like at UBS’s 2022 event, we’d suggest that you take note of another Sophia, Sophia Chen, who wrote a great article for Wired on AI research regulation.

READ MORE

Smart contracts advance amidst Bitcoin invective.

This week, Ray Dalio entered the global public square over Bitcoin when he called Bitcoin “a bubble.” James Mackintosh, a Wall Street Journal senior columnist, joined the naysayers by stating that Bitcoin is “probably worth zero.” Jamie Dimon, meanwhile, tripled down on his previous comments that Bitcoin is worthless. But amid this rising march of skepticism over cryptocurrency’s reigning monarch, blockchain progress continues. A few noteworthy developments: 1) the announcement of Sierra Leone’s ambitious plan to partner with RippleNami in a bid to transform the entire nation into a “smart contract country” (see below); 2) AXA’s beta roll-out of Fizzy, which provides insurance for delayed flights thanks to self-executing smart contracts triggered by pre-set parameters; and most importantly, 3) Pythagoras Pizza laid out plans for a tokenized pizza profit-sharing mechanism by issuing (what else?) a white paper.

READ MORE

IN BRIEF

Cybersecurity talent war seems almost certain.

Hackers have run the table as of late. The Equifax situation continues to reveal new and depressing details, and the SEC’s Edgar system was on the receiving end of a major breach that looks to be the result of multiple critical vulnerabilities. The irony in the SEC hacking is that in 2014, it issued an edict, Reg SCI, that stated that financial services firms had to a) harden their infrastructure and b) promptly tell the SEC if they got hacked anyway. All of this embarrassment, hypocrisy and (justifiable) fear in the air suggests to us that cybersecurity-related investment is in for the mother of all booms. That in turn means that the war for talented cybersecurity professionals is also likely to rise.

READ MORE

An all-points bulletin to every fintech accelerator head.

Make the pilgrimage to Lev Alburt’s apartment on East 83rd Street near Carl Schurz Park. Respectfully tell him that March 5, 1953 (Joseph Stalin’s death) was the best day of your uncle’s life too. Also convey to this legendary chess teacher that your primary goal is to better understand the “beautiful combinations” possible in chess. At that point, carefully but clearly suggest that while Stephen Friedman, Carl Icahn and Doug Hirsch represent great financial innovators of today, your accelerator aspires to build tomorrow’s leading financial revolutionists. Then ask him to be a mentor for your program.

READ MORE

Give the CFTC dough to take on Sandbox Nation.

Why is the chairman of the CFTC, the most forward-thinking modernizer in US financial regulation today, still “working on obtaining the funding to participate in blockchain experiments”? Isn’t there a pork barrel project somewhere, a federally funded barbeque sauce museum or something, that can be cut so that the US can close the gap with Sandbox Nation countries like the UK and Singapore?

READ MORE

No Scandinavian envy here.

It recent years, much of the US media has developed a hard case of Nordic envy, especially when it comes to macroeconomic issues. Norway’s wealth, Sweden’s budget surplus, Denmark’s digital government initiatives… the list goes on and on. The US, of course, is a huge, diverse country, which is why comparing it to our smaller, more homogenous friends really doesn’t cut the sinappi. But that’s not to say that we can’t learn from our Viking brethren. Check out the piece below, which discusses Finland’s alarmingly low fertility rate and the economic challenges it poses. After you do, you’ll find yourself asking, “How can we be less like Finland?”

READ MORE

Your digital espresso shot.

A Financial Revolutionist partner

Newsletters are like coffee. Once you’re hooked, you need a dose every day to keep sharp. That’s why you should read Morning Brew, an insightful general business daily newsletter to kick off your weekdays.

COMINGS AND GOINGS

CleanCapital’s Jurgen Altziebler, LendUp’s Jotaka Eaddy

This week, solar platform CleanCapital announced that Jurgen Altziebler has joined the company to lead creative direction of its energy finance platform. Look for lots of clean lines in its UI/UX design. Also, LendUp, a leading technology and education provider for socially responsible lending, announced that Jotaka Eaddy would assume an expanded role within the company to reinforce its commitment to social impact and financial inclusion.

READ MORE

COMPANY OF NOTE

RavenPack.

Before quantitative trading became a dominant style, New York and Marbella-based RavenPack was working with emerging quant hedge fund and bank traders to provide them with a platform to transform unstructured data into actionable insights. Led by CEO Armando Gonzalez, the company, which was founded in 2003 and recently backed by Draper Esprit, is once again seeking to demonstrate leadership with its push into so-called ‘quantamental’ trading. This trading style, which fuses fundamental analysis with a systematic approach, has continued to attract converts including Blackrock, Third Point and Blue Mountain. In response to the rising demand, earlier this year, RavenPack launched a data and visualization platform that was geared to a broader set of investors than its previous offering. That platform was strengthened this past week when the company released new enhancements to increase its user friendliness. “Professionals beyond hard-core data scientists are now working to quantify everything from news to press releases,” Gonzalez told The FR’s Gregg Schoenberg. “We want to make it as simple as possible for this wider audience to use our technology.”

READ MORE

QUOTE OF THE WEEK

“I prefer to be busy all day long, and when you work for someone else, you’re not busy enough.”

~ François Truffaut

Weekly Briefing №99 | Giving Slack Flak and Praise to Sophia and Smart Contracts

Criticizing unicorns? Check. Highlighting humanoid and smart contract advancements? Check and check. An obscure quote from a 1950’s French film director? Bien sûr. Welcome to edition 99. This week:

  • Slack’s recent raise is nothing to celebrate
  • Sophia the humanoid will likely wow the crowd at UBS’s conference
  • Smart contract progress amidst a Bitcoin beat-down
  • Cybersecurity talent considerations, the finance world’s little-known sage
  • Someone should hand CFTC’s Giancarlo some fintech experiment cash
  • Finns are friendly, but they aren’t procreating: economists are scared
  • Comings and Goings: CleanCapital’s Jurgen Altziebler, LendUp’s Jotaka Eaddy
  • Company of Note: RavenPack

Giving Slack a little flak for being an IPO slacker.

Every time someone signs up to The FR, a notification hits one of our Slack channels. We love that and we love Slack. It’s a great collaboration tool, and unless you work on a rival product from Atlassian, Facebook or Microsoft, you or someone you know probably thinks so too. Plus, its co-founder and CEO has a cool-sounding name: Stewart Butterfield. Putting all that aside, we hate to see a company with huge momentum (annual recurring revenue of $200 million and two million paid users) take an extra $250 million of SoftBank cheddar (at a $5.1 billion valuation) and follow the well-worn path of staying private indefinitely. We get it. Venture dollars are flowing, it’s a hassle to do a regular way IPO, and once you’re public, investors want to you to be a true unicorn that offers fabulous growth and sparkly consistency. Otherwise, you get put in the Snap penalty box for being overvalued on IPO day. But here’s the rub: thanks to the terms that often accompany unicorn private rounds, incentives and valuations get warped, which in turn can lead to problems down the road. That’s because things usually don’t unwarp themselves with the passage of time, as growth rates inevitably slow with size. To be fair, it’s not all doom and gloom in the IPO market this year, and we expect to see MongoDB, which has made public its plans to go public this week, do well. But our message to the uni-procrastinators (and their venture backers) is this: stocks are at all-time highs, volatility is low and lazy, and equity supply is shrinking at a rapid pace. Or to put it another way courtesy of an Old Milwaukee advertisement and a George Jones album, it doesn’t get any better than this.

READ MORE

Desperately seeking Sophia.

For those who can’t attend UBS’s upcoming technology conference in Hong Kong, we’re happy to feature a recent demonstration video featuring Sophia, the humanoid robot from Hanson Robotics who’s almost certain to woo UBS’s guests. After all, she’s wowed audiences on “The Tonight Show” and at SXSW with her wry humor, a sometimes lovely British accent and her Audrey Hepburn resemblance. A less charming matter that needs immediate attention is AI ethics guidelines. Specifically, when a US government-funded study wants to research human beings, institutional review boards (IRBs) must first bless the study. However, when AI-based experiments are conducted, no such ethical review applies. That’s because the rules governing these studies were designed decades ago. So while it’s fun/scary to think about what Sophia will be like at UBS’s 2022 event, we’d suggest that you take note of another Sophia, Sophia Chen, who wrote a great article for Wired on AI research regulation.

READ MORE

Smart contracts advance amidst Bitcoin invective.

This week, Ray Dalio entered the global public square over Bitcoin when he called Bitcoin “a bubble.” James Mackintosh, a Wall Street Journal senior columnist, joined the naysayers by stating that Bitcoin is “probably worth zero.” Jamie Dimon, meanwhile, tripled down on his previous comments that Bitcoin is worthless. But amid this rising march of skepticism over cryptocurrency’s reigning monarch, blockchain progress continues. A few noteworthy developments: 1) the announcement of Sierra Leone’s ambitious plan to partner with RippleNami in a bid to transform the entire nation into a “smart contract country” (see below); 2) AXA’s beta roll-out of Fizzy, which provides insurance for delayed flights thanks to self-executing smart contracts triggered by pre-set parameters; and most importantly, 3) Pythagoras Pizza laid out plans for a tokenized pizza profit-sharing mechanism by issuing (what else?) a white paper.

READ MORE

IN BRIEF

Cybersecurity talent war seems almost certain.

Hackers have run the table as of late. The Equifax situation continues to reveal new and depressing details, and the SEC’s Edgar system was on the receiving end of a major breach that looks to be the result of multiple critical vulnerabilities. The irony in the SEC hacking is that in 2014, it issued an edict, Reg SCI, that stated that financial services firms had to a) harden their infrastructure and b) promptly tell the SEC if they got hacked anyway. All of this embarrassment, hypocrisy and (justifiable) fear in the air suggests to us that cybersecurity-related investment is in for the mother of all booms. That in turn means that the war for talented cybersecurity professionals is also likely to rise.

READ MORE

An all-points bulletin to every fintech accelerator head.

Make the pilgrimage to Lev Alburt’s apartment on East 83rd Street near Carl Schurz Park. Respectfully tell him that March 5, 1953 (Joseph Stalin’s death) was the best day of your uncle’s life too. Also convey to this legendary chess teacher that your primary goal is to better understand the “beautiful combinations” possible in chess. At that point, carefully but clearly suggest that while Stephen Friedman, Carl Icahn and Doug Hirsch represent great financial innovators of today, your accelerator aspires to build tomorrow’s leading financial revolutionists. Then ask him to be a mentor for your program.

READ MORE

Give the CFTC dough to take on Sandbox Nation.

Why is the chairman of the CFTC, the most forward-thinking modernizer in US financial regulation today, still “working on obtaining the funding to participate in blockchain experiments”? Isn’t there a pork barrel project somewhere, a federally funded barbeque sauce museum or something, that can be cut so that the US can close the gap with Sandbox Nation countries like the UK and Singapore?

READ MORE

No Scandinavian envy here.

It recent years, much of the US media has developed a hard case of Nordic envy, especially when it comes to macroeconomic issues. Norway’s wealth, Sweden’s budget surplus, Denmark’s digital government initiatives… the list goes on and on. The US, of course, is a huge, diverse country, which is why comparing it to our smaller, more homogenous friends really doesn’t cut the sinappi. But that’s not to say that we can’t learn from our Viking brethren. Check out the piece below, which discusses Finland’s alarmingly low fertility rate and the economic challenges it poses. After you do, you’ll find yourself asking, “How can we be less like Finland?”

READ MORE

Your digital espresso shot.

A Financial Revolutionist partner

Newsletters are like coffee. Once you’re hooked, you need a dose every day to keep sharp. That’s why you should read Morning Brew, an insightful general business daily newsletter to kick off your weekdays.

COMINGS AND GOINGS

CleanCapital’s Jurgen Altziebler, LendUp’s Jotaka Eaddy

This week, solar platform CleanCapital announced that Jurgen Altziebler has joined the company to lead creative direction of its energy finance platform. Look for lots of clean lines in its UI/UX design. Also, LendUp, a leading technology and education provider for socially responsible lending, announced that Jotaka Eaddy would assume an expanded role within the company to reinforce its commitment to social impact and financial inclusion.

READ MORE

COMPANY OF NOTE

RavenPack.

Before quantitative trading became a dominant style, New York and Marbella-based RavenPack was working with emerging quant hedge fund and bank traders to provide them with a platform to transform unstructured data into actionable insights. Led by CEO Armando Gonzalez, the company, which was founded in 2003 and recently backed by Draper Esprit, is once again seeking to demonstrate leadership with its push into so-called ‘quantamental’ trading. This trading style, which fuses fundamental analysis with a systematic approach, has continued to attract converts including Blackrock, Third Point and Blue Mountain. In response to the rising demand, earlier this year, RavenPack launched a data and visualization platform that was geared to a broader set of investors than its previous offering. That platform was strengthened this past week when the company released new enhancements to increase its user friendliness. “Professionals beyond hard-core data scientists are now working to quantify everything from news to press releases,” Gonzalez told The FR’s Gregg Schoenberg. “We want to make it as simple as possible for this wider audience to use our technology.”

READ MORE

QUOTE OF THE WEEK

“I prefer to be busy all day long, and when you work for someone else, you’re not busy enough.”

~ François Truffaut

Una Solución Más Agresiva para una Época Más Agresiva

Escritor: Efrain Eduardo Silva

Dominio Público: Shutterstock Royalty, con uso permitido.

Nueva Era — Nuevas Medidas!
Seamos realistas: Escribir código a través de la creación e implementación de contratos inteligentes es algo nuevo. El proceso general de mantener dicha información de alto riesgo desde dentro, aunque a menudo rigurosamente exhaustivo cuando se hace a través de los mejores proveedores, todavía está abierto a muchas vulnerabilidades. Neo-hacking, por ejemplo, no es menos en la parte superior de esta lista.

De hecho, muchos ya han hecho una carrera a tiempo completo de aprender a hackear en los contratos inteligentes y redes Ethereum con el fin de acceder a la información de la cuenta monetaria de los individuos e incluso grandes corporaciones. Es por eso que la gente necesita mantenerse informada y actualizada, no sólo con el código y las actuales implementaciones contractuales, sino también mediante la implementación de lo mejor en las medidas de intercambio de la criptocurrencia, preferiblemente mediante el uso de blockchain, bitcoin o algo similar. Intentelo.

Cuando se trata de información cibernética y la seguridad, nunca puede ser demasiado seguro. Es, después de todo, la era de la información, y cualquier cosa puede ir — en dos minutos, el intruso derecho puede colarse y alterar sus contratos inteligentes con cualquier conexión blockchain pertinente — e incluso acceder a sus fondos. No es un chiste.

Expertos Muy Diversos con Soluciones Que Producen!
Es por eso que es importante estar preparado y un paso por delante del juego, amigo, independientemente de si usted es un individuo o propietario individual, una asociación o consenso mutuo, una red de contabilidad de varios afiliados o incluso una corporación multinacional: Usted nunca puede estar demasiado preparado. De hecho, es por eso que varias agencias ahora están contratando a expertos, desarrolladores y revisores independientes para ayudar en estas tareas técnicas altamente cruciales, porque uno no puede poner un precio en la seguridad y la transacción lisa. Y dado que los contratos inteligentes siempre emplearán una aplicación descentralizada, varios de los costos habituales de transacción asimilados a la contratación se eliminan por completo, mientras que estos expertos independientes sólo le cobran lo que necesita para pagar para garantizar su seguridad permanente.

Aunque ningún sistema, experto o contratista es perfecto, la mayoría de los mejores — como Solidified — emplean una gama muy diversa de herramientas. Esto les permite revisar continuamente cada aspecto de su contrato inteligente como un medio de analizar sus subconjuntos y cantidades. Con el servicio continuamente en línea, revisión y revisión, estos profesionales pueden detectar errores, errores y mucho más y hacer que sus posibilidades de ser “hackeado” sean mucho menos probables.

Muchos no han considerado la importancia de revisar y revisar con frecuencia este contrato en línea delicado debido a la ocupación, las preocupaciones de costo u otras cuestiones, pero es sin embargo un componente vital para la seguridad y el éxito de su negocio.

Una auditoría agresivamente independiente — una solución de elección a través de implementaciones variadas?

1. A través de los expertos del blockchain

La palabra clave aquí es “independiente”. El otro es “auditoría”. Para ser incluso pickier, el tercero es “solución”. ¿Obtener la imagen?

Dicen que la revisión por pares es quizás la mejor medicina para un contrato inteligente internamente estable, especialmente uno que espera permanecer intacto para el largo plazo. Y no están equivocados. De hecho, los principales analistas y guías tecnológicos de Solidified saben exactamente de lo que están hablando, y por eso son los mejores.

Si no me crees, simplemente busca lo siguiente a través de Google, “¿Qué es un contrato ‘smart’?” y el nombre de esta empresa aparecerá en primer lugar bajo los resultados de búsqueda de Google. Son empresas como estas a las que quieres dedicar tu contrato; sus expertos elegirán a fondo su contrato — en el buen sentido — para evaluar su cadena de bloqueos y probar su bienestar general de daño. No busque simplemente a ningún experto de la criptocurrencia, pero busque el mejor e invierte en las compañías enumeradas en la tapa de la primera página. Esto garantizará su retorno de la inversión y ofrecerá una sensata tranquilidad para cada contrato.

2. A través de los resultados publicados y de la información / comentarios de los expertos

Uno siempre debe desear saber dónde se dirige su contrato — y qué áreas de la misma requieren análisis, reparación de la violación, implementaciones de adición u otras formas de análisis técnico y revisión. Todo esto se puede controlar de forma segura y remota a través de una auditoría interna de la calidad, pero no sólo por cualquier experto. De hecho, algunos aseguraron que los “expertos” operan de forma subordinada como los mismos hackers que desean hacerle daño. No les dé una oportunidad, pero siempre la búsqueda de Google para los proveedores de calidad que están certificados, capacitados y tienen reseñas pendientes — una vez más, los expertos como Solidified!

3. A través de un proceso de revisión estandarizado y no sólo cualquier proveedor

Un análisis regular y una inspección minuciosa por parte del personal superior de bloque — a través de una revisión por pares detallada — siempre es mejor, y simplemente no podemos traer este punto a casa con suficiente urgencia! Cuando se utiliza un equipo que es fluido, probado en el campo y unificado en todos los frentes, usted recibe no menos de lo mejor en calidad y asegurar la retención estándar de auditoría — un hito para esta industria. A diferencia de un servicio que tiene sus muchas divisiones revisar su contrato inteligente individualmente — y cada uno por su cuenta — puede tener algo más cohesionado y válidamente respaldado por numerosas fuentes.

Por lo tanto, el margen de error se mantiene a un mínimo. Tomamos sus contratos, información y blockchain muy seriamente.

4. En última instancia, a través de una combinación saludable de los tres — y una marca superior que ofrece de todos los aspectos!

Hay buenas noticias: De las pocas empresas suficientemente avanzado y equipado en el ámbito sensible y nuevo de transacción criptocurrencia y su contrato de seguridad en línea, saber de uno que puede ofrecer a los clientes la paz de la mente mediante el suministro de los tres de los factores enumerados anteriormente. Trabajemos juntos para mantener su contrato sólido sólido y completamente intacto ante los innumerables riesgos cibernéticos, obstáculos y amenazas. ¡Es hora de solidificar!

Una Solución Más Agresiva para una Época Más Agresiva

Escritor: Efrain Eduardo Silva

Dominio Público: Shutterstock Royalty, con uso permitido.

Nueva Era — Nuevas Medidas!
Seamos realistas: Escribir código a través de la creación e implementación de contratos inteligentes es algo nuevo. El proceso general de mantener dicha información de alto riesgo desde dentro, aunque a menudo rigurosamente exhaustivo cuando se hace a través de los mejores proveedores, todavía está abierto a muchas vulnerabilidades. Neo-hacking, por ejemplo, no es menos en la parte superior de esta lista.

De hecho, muchos ya han hecho una carrera a tiempo completo de aprender a hackear en los contratos inteligentes y redes Ethereum con el fin de acceder a la información de la cuenta monetaria de los individuos e incluso grandes corporaciones. Es por eso que la gente necesita mantenerse informada y actualizada, no sólo con el código y las actuales implementaciones contractuales, sino también mediante la implementación de lo mejor en las medidas de intercambio de la criptocurrencia, preferiblemente mediante el uso de blockchain, bitcoin o algo similar. Intentelo.

Cuando se trata de información cibernética y la seguridad, nunca puede ser demasiado seguro. Es, después de todo, la era de la información, y cualquier cosa puede ir — en dos minutos, el intruso derecho puede colarse y alterar sus contratos inteligentes con cualquier conexión blockchain pertinente — e incluso acceder a sus fondos. No es un chiste.

Expertos Muy Diversos con Soluciones Que Producen!
Es por eso que es importante estar preparado y un paso por delante del juego, amigo, independientemente de si usted es un individuo o propietario individual, una asociación o consenso mutuo, una red de contabilidad de varios afiliados o incluso una corporación multinacional: Usted nunca puede estar demasiado preparado. De hecho, es por eso que varias agencias ahora están contratando a expertos, desarrolladores y revisores independientes para ayudar en estas tareas técnicas altamente cruciales, porque uno no puede poner un precio en la seguridad y la transacción lisa. Y dado que los contratos inteligentes siempre emplearán una aplicación descentralizada, varios de los costos habituales de transacción asimilados a la contratación se eliminan por completo, mientras que estos expertos independientes sólo le cobran lo que necesita para pagar para garantizar su seguridad permanente.

Aunque ningún sistema, experto o contratista es perfecto, la mayoría de los mejores — como Solidified — emplean una gama muy diversa de herramientas. Esto les permite revisar continuamente cada aspecto de su contrato inteligente como un medio de analizar sus subconjuntos y cantidades. Con el servicio continuamente en línea, revisión y revisión, estos profesionales pueden detectar errores, errores y mucho más y hacer que sus posibilidades de ser “hackeado” sean mucho menos probables.

Muchos no han considerado la importancia de revisar y revisar con frecuencia este contrato en línea delicado debido a la ocupación, las preocupaciones de costo u otras cuestiones, pero es sin embargo un componente vital para la seguridad y el éxito de su negocio.

Una auditoría agresivamente independiente — una solución de elección a través de implementaciones variadas?

1. A través de los expertos del blockchain

La palabra clave aquí es “independiente”. El otro es “auditoría”. Para ser incluso pickier, el tercero es “solución”. ¿Obtener la imagen?

Dicen que la revisión por pares es quizás la mejor medicina para un contrato inteligente internamente estable, especialmente uno que espera permanecer intacto para el largo plazo. Y no están equivocados. De hecho, los principales analistas y guías tecnológicos de Solidified saben exactamente de lo que están hablando, y por eso son los mejores.

Si no me crees, simplemente busca lo siguiente a través de Google, “¿Qué es un contrato ‘smart’?” y el nombre de esta empresa aparecerá en primer lugar bajo los resultados de búsqueda de Google. Son empresas como estas a las que quieres dedicar tu contrato; sus expertos elegirán a fondo su contrato — en el buen sentido — para evaluar su cadena de bloqueos y probar su bienestar general de daño. No busque simplemente a ningún experto de la criptocurrencia, pero busque el mejor e invierte en las compañías enumeradas en la tapa de la primera página. Esto garantizará su retorno de la inversión y ofrecerá una sensata tranquilidad para cada contrato.

2. A través de los resultados publicados y de la información / comentarios de los expertos

Uno siempre debe desear saber dónde se dirige su contrato — y qué áreas de la misma requieren análisis, reparación de la violación, implementaciones de adición u otras formas de análisis técnico y revisión. Todo esto se puede controlar de forma segura y remota a través de una auditoría interna de la calidad, pero no sólo por cualquier experto. De hecho, algunos aseguraron que los “expertos” operan de forma subordinada como los mismos hackers que desean hacerle daño. No les dé una oportunidad, pero siempre la búsqueda de Google para los proveedores de calidad que están certificados, capacitados y tienen reseñas pendientes — una vez más, los expertos como Solidified!

3. A través de un proceso de revisión estandarizado y no sólo cualquier proveedor

Un análisis regular y una inspección minuciosa por parte del personal superior de bloque — a través de una revisión por pares detallada — siempre es mejor, y simplemente no podemos traer este punto a casa con suficiente urgencia! Cuando se utiliza un equipo que es fluido, probado en el campo y unificado en todos los frentes, usted recibe no menos de lo mejor en calidad y asegurar la retención estándar de auditoría — un hito para esta industria. A diferencia de un servicio que tiene sus muchas divisiones revisar su contrato inteligente individualmente — y cada uno por su cuenta — puede tener algo más cohesionado y válidamente respaldado por numerosas fuentes.

Por lo tanto, el margen de error se mantiene a un mínimo. Tomamos sus contratos, información y blockchain muy seriamente.

4. En última instancia, a través de una combinación saludable de los tres — y una marca superior que ofrece de todos los aspectos!

Hay buenas noticias: De las pocas empresas suficientemente avanzado y equipado en el ámbito sensible y nuevo de transacción criptocurrencia y su contrato de seguridad en línea, saber de uno que puede ofrecer a los clientes la paz de la mente mediante el suministro de los tres de los factores enumerados anteriormente. Trabajemos juntos para mantener su contrato sólido sólido y completamente intacto ante los innumerables riesgos cibernéticos, obstáculos y amenazas. ¡Es hora de solidificar!

The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes.

The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes. This will not impact the structure of the TRS contract, or the inherent benefits. Given the time horizon that the TRS contract will be in place (1 year), it needs to be as secure as possible and be able to handle changes in Ethereum. With the Byzantium hard-fork imminent we are making changes to strengthen the contract to reduce possibilities of block number based errors.

This means that you will not be able to directly contribute to the TRS contract during the Public Pre-sale, but will be able to do so shortly post-sale. We plan on opening contributions to the TRS contract one week after the close of Pre-Sale.

Further Details

The TRS contract utilizes block numbers to calculate when to withdraw tokens and allocate them to TRS participants. As block times vary, these estimated time intervals will fluctuate as well. In light of the announced Byzantium hard fork, block times could be significantly decreased, resulting in varied TRS payout timelines. Our engineers and auditor identified some potential risks relating to these timelines that we will be addressing prior to launching the TRS contract.

TRS Contract Overview

The TRS contract provides contributors with bonus token allocation over a period of one year. Upon the conclusion of the Public Sale, 50% of the unsold tokens will be distributed to TRS contributors. TRS holders receive 25% of their total token holdings immediately and receive twelve payouts of 6.25% of their total over the course of the next twelve months.

For more information on the Token Release Schedule please refer to: https://aion.network/downloads/aion.network_token-sale-mechanics_en.pdf

For more information on the Byzantium fork and block time impacts refer to: https://github.com/ethereum/EIPs/pull/669

Token Sale Simplification

First of all thanks to everyone who is participating in our Discord channel. Your feedback has driven key decisions about our sale and token offering. When the Public Pre-Sale launches on October 3rd — UTC 1400, there will only be a single address. This address will be published during the Public Pre-Sale at aion.network. Tokens will be minted and distributed after the close of the sale. Those backers wanting to contribute to the TRS contract will be able to do so once we release the TRS, up until a few days before the launch of the Public Sale. These dates will be published on blog.aion.network


The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes. was originally published in Aion | Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes.

The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes. This will not impact the structure of the TRS contract, or the inherent benefits. Given the time horizon that the TRS contract will be in place (1 year), it needs to be as secure as possible and be able to handle changes in Ethereum. With the Byzantium hard-fork imminent we are making changes to strengthen the contract to reduce possibilities of block number based errors.

This means that you will not be able to directly contribute to the TRS contract during the Public Pre-sale, but will be able to do so shortly post-sale. We plan on opening contributions to the TRS contract one week after the close of Pre-Sale.

Further Details

The TRS contract utilizes block numbers to calculate when to withdraw tokens and allocate them to TRS participants. As block times vary, these estimated time intervals will fluctuate as well. In light of the announced Byzantium hard fork, block times could be significantly decreased, resulting in varied TRS payout timelines. Our engineers and auditor identified some potential risks relating to these timelines that we will be addressing prior to launching the TRS contract.

TRS Contract Overview

The TRS contract provides contributors with bonus token allocation over a period of one year. Upon the conclusion of the Public Sale, 50% of the unsold tokens will be distributed to TRS contributors. TRS holders receive 25% of their total token holdings immediately and receive twelve payouts of 6.25% of their total over the course of the next twelve months.

For more information on the Token Release Schedule please refer to: https://aion.network/downloads/aion.network_token-sale-mechanics_en.pdf

For more information on the Byzantium fork and block time impacts refer to: https://github.com/ethereum/EIPs/pull/669

Token Sale Simplification

First of all thanks to everyone who is participating in our Discord channel. Your feedback has driven key decisions about our sale and token offering. When the Public Pre-Sale launches on October 3rd — UTC 1400, there will only be a single address. This address will be published during the Public Pre-Sale at aion.network. Tokens will be minted and distributed after the close of the sale. Those backers wanting to contribute to the TRS contract will be able to do so once we release the TRS, up until a few days before the launch of the Public Sale. These dates will be published on blog.aion.network


The Token Release Schedule (TRS) contract will launch after the Public Pre-Sale closes. was originally published in Aion | Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Development

All that you need to know about the decentralized platform for applications that run exactly as programmed without any anomaly.

Ethereum is swiftly emerging as a revolutionary technology that has the power to disrupt almost all industries. Organisations are recognizing its power and potential to make processes more secure and efficient and are opting for Ethereum development.

Ethereum development facilitates the development of decentralized applications of the next generation. Ethereum development has grown exponentially in terms of scale and interest and promises to overhaul open-source development.

Ethereum development involves creation of a shared platform which is flexible yet secure. Ethereum development facilitates creation of a blockchain protocol using its own native programming language. The application is written on the top. This arrangement is supported by most existing applications and creates development momentum for creation of groundbreaking future applications as well.

What is Ethereum Dapp?

Dapp is decentralized application that serve particular purpose to users. They are built up on a code that runs on a network of blockchain, no single user or entity controls them.

What is DAO?

DAO stands for Decentralized Autonomous Organizations, they are fully autonomous with no single ledger and are run by a programming code on Ethereum blockchain smart contracts.

Benefits of Ethereum Decentralized Platforms?

No Down time : Apps made on Ethereum blockchain can never be switched off or can go down.

Consensus based security : Principle of security is consensus based thereby making censorship possible. Ethereum development also immutable as no changes can be made to the data.

Elimination of central point of failure : Apps developed on Ethereum are protected cryptographically against fraudulent activities.

Can Ethereum development add value to your business?

Ethereum has many benefits such as :

  1. Inhibition of wasteful code and keeping cost of Ethereum development low.
  2. Lower operational costs due to increased efficiency.
  3. Elimination of Third party intermediaries.
  4. Rules of smart contracts are automatically enforced.
  5. No need of legal mediation for enforcement of smart contracts.
  6. Powered by nodes
  7. Nodes are immune to interference and crashing.
  8. Paves way for efficient outsourcing by setting milestones for payment.

Current Uses of Ethereum

  1. Preventing identity theft : Consumer information is secured through cryptographic protocols.
  2. Improving transparency in crowdfunding : Implementation of Ethereum enable refund easily if project goals aren’t met.
  3. Reduction of operational fees : Significant reduction in exorbitant online payment fees, high currency exchanges and complicated remittance processes.

Future of Ethereum Development

It is estimated that within this decade most entrepreneurs will run their business processes on private blockchains. Ethereum is a transformational platform and for Ethereum development many unimagined possibilities await!

“In essence, the fundamental benefits of investing into Ethereum is the cryptographic nature, it’s anonymity, it’s universality, it’s divisibility, and most specifically, its coding language which specifically targets it for automated transactions and contracts.”

Jeff Reed, Investing in Ethereum: The Essential Guide to Profiting from Cryptocurrencies

Originally published at Techracers


Ethereum Development was originally published in TechRacers on Medium, where people are continuing the conversation by highlighting and responding to this story.

On the Origin of Smart Contract Platforms

The extinction of Colored Coins by Ethereum is one small step in the brief evolutionary history of cryptocurrency-based smart contract platforms. Recently this evolution has begun to accelerate with the emergence of new platforms and innovations in the ecosystem, leaving developers and speculators alike wondering which will survive and which will become extinct.

For those investing their money or intellectual capital, keeping up with the torrent of innovation happening in the space can be time consuming. This series of articles will provide analyses of the emerging platforms and technologies in this ecosystem with a focus on their impact to the dominant species, currently Ethereum.

At the present time Ethereum is thriving; it is the second most dominant coin by market cap, has a large and growing ecosystem of DApps, tools, developers, and corporations, and is the preferred home of initial coin offerings. Ethereum’s short history also includes the DAO hack, a contentious hard fork that resulted in a permanent community split, and a Parity multisig wallet bug that put over 200 million USD at risk and resulted in permanent loss of ETH and other tokens.

These events remind us that the dominance of a smart contracts platform delicately hinges on the security of its smart contracts. Research is being done in the Ethereum community on languages and tools to build safer smart contracts, but until these technologies see widespread deployment, Ethereum contracts will remain vulnerable to attack. Similarly, scalability is vital to Ethereum’s success. Key innovations, such as proof of stake, sharding, sidechains, and off-chain computation are under active research and development, but still months to years away from deployment.

Meanwhile, competing platforms, also in various stages of development, are innovating on languages, scaling, security, governance, and usability. They are testing out highly scalable consensus protocols, new paradigms of decentralized governance, and other promising advances. They enjoy the advantage of learning from Ethereum’s experiences while making clean start without billions of USD at risk. In most cases their efforts have been well funded by initial coin offerings, and there is no shortage of hype around them.

“On the Origin of Smart Contract Platforms” will be a series of articles that will track the emergence and evolution of competing smart contract platforms and try to predict their impact to the ecosystem. Each article will evaluate the technology of an emerging platform and assess the threat that the platform will come to dominate and extinguish the incumbent. This threat assessment is not so much a measure of the platform’s innovativeness as it is an estimation of the potential for the platform’s key innovations to displace the incumbent’s network effects before it can adapt by assimilating these advances to preserve its dominance. Adapability for smart contract platforms depends on factors such as network effects, governance, and inertia and is the key to to survival in an ecosystem exploding with innovation.

The threat of dominance posed by any emergent platform will change over time, often quickly and dramatically, as research progresses and influential events unfold. To capture the dynamic nature of this evolution, we’ll assign each competitor an “Dominance Threat Level” that estimates, at the present time, the platform’s potential to supplant the incumbent as the dominant smart contracts platform. We’ll use a color-coded scale (inspired by the the IUCN Red List) as described below:

Thanks to Zero-Hour-Zulu for his input on early drafts and assistance in formulating the theme of this series.

Special shout out to DecStack, the Virtual Co-Working Spot for CryptoCurrency and Decentralized App Projects, for their help and encouragement.


On the Origin of Smart Contract Platforms was originally published in On The Origin of Smart Contract Platforms on Medium, where people are continuing the conversation by highlighting and responding to this story.

Genesis Vision Smart Contracts Security Analysis

Abstract

In this report we consider the security of the Genesis Vision project. Our task is to find and describe security issues in the Smart Contracts of the platform.

Procedure

In our analysis we considered Genesis Vision whitepaper and Smart Contracts code (version with latest commit 1ecf99d on 28 Aug 2017). We used several publicly available automated Solidity analysis tools. Also, we scanned project’s Smart Contracts with our own tool. All the issues found by tools were manually checked (rejected or confirmed). Contracts were manually analyzed, their logic was checked and compared with the one described in the whitepaper.

Automated Analysis

We used several publicly available automated Solidity analysis tools. Here are the combined results of their analysis.

All the issues found by tools were manually checked (rejected or confirmed). Cases when these issues lead to actual bugs or vulnerabilities are described in the next section.

Manual Analysis

Contracts were completely manually analyzed, their logic was checked and compared with the one described in the whitepaper. Besides, the results of automated analysis were manually verified and taken into account.

The analysis showed that the project does not contain any serious vulnerabilities. No discrepancies were found between the Smart Contracts and the whitepaper.

However, here are the list of minor issues that are to be fixed.

Warning: empty method

GVTTeamAllocator.sol, line 16:

function GVTTeamAllocator() {
unlockedAt = now + 12 * 30 days;
owner = msg.sender;
//ToDo Fill allocations table
//allocations[0x0] = 50; 50% of team tokens
}

The constructor of the GVTTeamAllocator contract is not finished yet. The method should be implemented before the deploy. Besides, it is highly recommended to check the project for todo’s before the deploy.

Warning: same addresses

2_deploy_contracts.js, line 5:

const team = accounts[0];
const gvAgent = accounts[0];
const migrationMaster = accounts[0];

The three constants: team, gvAgent and migrationMaster are assigned the same value accounts[0]. The variables should be assigned their actual values before the deploy.

Warning: misleading check

ICO.sol, line 156:

require(icoState == IcoState.Running || icoState ==
IcoState.RunningForOptionsHolders);

This check is in the buyTokensInternal method, which means it should be passed when the ICO is running. On the other hand, the

icoState == IcoState.RunningForOptionsHolders

condition implies that the check can also be passed during the presale for option holders. This does not lead to an exploitable vulnerability since the method is private. However, the check is misleading and thus should be removed.

Warning: unchecked math

In GVOptionProgram.sol, line 105:

remainingCents = usdCents - (executedTokens / optionPerCent);

and in many other places of code unchecked math operations are used. In the current version of code it does not lead to any vulnerabilities. However, in future versions some bugs may appear. It is recommended to consider using SafeMath library. This will increase the amount of gas needed but will improve the system security.

Warning: misleading comment

ICO.sol, line 100:

uint totalAmount = mintedTokens * 4 / 3; // 125% tokens

The number of minted tokens is multiplied by 4/3 while comment says it is multiplied by 5/4. The comment is misleading and should be changed.

Checked vulnerabilities

The problems that we have found in Genesis Vision are described above. We should also describe vulnerabilities that we searched and haven’t found in Genesis Vision, and thus the probability of their appearance in the code is low.

We have scanned Genesis Vision Smart Contracts for commonly known and more specific vulnerabilities. Here are some of the commonly known vulnerabilities that we considered (the full list includes them but is not limited to them).

Reentrancy (not found)

Any interaction from a contract A with another contract B and any transfer of Ether hands over control to the contract B. This makes it possible for B to call back into A before this interaction is completed. Furthermore, you also have to take multi-contract situations into account. The called contract (B) could modify the state of third (C) contract you depend on.

https://media.readthedocs.org/pdf/solidity/develop/solidity.pdf

Timestamp Dependence (not found)

The timestamp of the block can be manipulated by the miner, and so should not be used for critical components of the contract. Block numbers and average block time can be used to estimate time, but this is not future proof as block times may change.

https://github.com/ethereum/wiki/wiki/Safety#timestamp-dependence

Gas Limit and Loops (not found)

Loops that do not have a fixed number of iterations, for example, loops that depend on storage values are insecure. Due to the block gas limit, transactions can only consume a certain amount of gas. Either explicitly or just due to normal operation, the number of iterations in a loop can grow large enough, so required amount of gas exceed block gas limit. This cause the complete contract to be stalled at a certain point. This may not apply to constant functions that are only executed to read data from the blockchain. Still, such functions may be called by other contracts as part of on-chain operations and stall those.

http://solidity.readthedocs.io/en/develop/security-considerations.html#gas-limit-and-loops

DoS with (Unexpected) Throw (not found)

Vulnerability of this type are intended to make the contract unavailable to achieve the purpose for which it is designed. In this case it is due to the unexpected throw.

https://github.com/ethereum/wiki/wiki/Safety#dos-with-unexpected-throw

DoS with Block Gas Limit (not found)

Each Ethereum block can process a certain amount of computation. If you try to go over that, your transaction will fail. This can lead to problems even in the absence of an intentional attack. However, it’s especially bad if an attacker can manipulate the amount of gas needed.

https://github.com/ethereum/wiki/wiki/Safety#dos-with-block-gas-limit

Transaction-Ordering Dependence (not found)

Since a transaction is in the mempool for a short while, one can know what actions will occur, before it is included in a block. This can be troublesome for things like decentralized markets, where a transaction to buy some tokens can be seen, and a market order implemented before the other transaction gets included.

https://github.com/ethereum/wiki/wiki/Safety#transaction-ordering-dependence-tod

tx.origin (not found)

Using tx.origin for authorization is insecure.

http://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin

Exception disorder (not found)

In Solidity there are several situations where an exception may be raised, e.g. if (i) the execution runs out of gas; (ii) the call stack reaches its limit; (iii) the command throw is executed. However, Solidity is not uniform in the way it handles exceptions: there are two different behaviours, which depend on how contracts call each others. The irregularity in how exceptions are handled may affect the security of contracts.

https://eprint.iacr.org/2016/1007.pdf

Gasless send (not found)

When using the function send to transfer ether to a contract, it is possible to incur in an out-of-gas exception. This may be quite unexpected by programmers, because transferring ether is not generally associated to executing code. The reason behind this exception is subtle. This is due to the fact that function C.send (amount)is compiled in the same way of a call with empty signature.

https://eprint.iacr.org/2016/1007.pdf

Conclusion

In this report we have considered the security of Genesis Vision Smart Contracts. We used several publicly available automated Solidity analysis tools as well as our own Smart Contracts Security tool. All the issues found by tools were manually checked (rejected or confirmed). Besides, contracts were completely manually analysed.

Smart Contracts logic was checked and compared with the one described in the whitepaper. No discrepancies were found.

The analysis showed high code quality and security of the project. However, several minor issues are to be addressed. The list of commonly known vulnerabilities that the project does not contain can be found above.

After the described issues are fixed, the Smart Contracts of the platform will be secure.


Genesis Vision Smart Contracts Security Analysis was originally published in SmartDec on Medium, where people are continuing the conversation by highlighting and responding to this story.

Opporty — The Future of Small Business on the Blockchain

Hello world!

Opporty team is excited to introduce our service-focused, blockchain-powered, knowledge-sharing marketplace to the cryptocurrency community. In this article, we would like to share our vision of the project — a self-governed, decentralized platform for small and medium-sized business owners, individual service providers, and customers — and explain how Opporty plans to revolutionize the way of doing business for B2B and B2C interactions, by means of smart contracts and Escrow.

Opporty is a unique project in the ICO space. Unlike most projects, Opporty does not focus on cryptocurrency alone, but strives to bring the underpinnings of cryptocurrency (i.e. blockchain, smart contracts, DAO) to the business world for mainstream adoption. Specifically, Opporty binds blockchain-powered smart contracts and DAO-enabled Escrow to a service marketplace for small businesses. So far, Opporty is available in beta here.

Opporty is ready to move forward to the next stage in its launch — an Initial Coin Offering. The Opporty team strives to accelerate the development of the platform (e.g. gamification, chatbots, AI, DAO) and power its growth overseas.

Opporty’s Blockchain-Powered Marketplace Meets the Needs of Today’s On-Demand Economy

The Opporty team is convinced that blockchain technology (specifically that behind Ethereum) that allows for massive decentralization and unhinged self-governance perfectly meets the needs and demands of today’s on-demand economy. Blockchain promises to disrupt and potentially revolutionize the way we conduct business. That is why we are preparing to launch the Opporty (OPP) token and move to the adoption of smart contracts, Escrow and DAO at our service marketplace. We believe that the future of Opporty strongly depends upon a self-governed, decentralized community, which is only possible on the blockchain.

Opporty Business Model

Once we fire up our ICO and introduce the OPP token to the world, we expect to gain access to an entirely new crypto market, with a powerful, lucrative community behind it. Safe, indestructible, and immutable blockchain-powered smart contracts bound together with a smart rewards system will allow Opporty to disrupt traditional marketplaces and lead-generation platforms.

Transition to the OPP token and smart contracts will foster a climate where business owners, service providers, and customers can trust each other. This guarantees better management, increased transparency, and a more secure platform.

Opporty will support both cryptocurrency and fiat. Users will be able to purchase tokens, pay for Opporty services with tokens, or exchange their tokens into fiat through buybacks. Moreover, users will be able to earn OPP tokens by completing certain actions at the marketplace. Specifically, they will be able to contribute to Opporty’s knowledge-sharing platform.

Put most simply, Opporty creates a healthy, enriching environment for companies and their clients. By introducing trust and transparency, it meets the requirements of the on-demand economy for faster and more secure transactions, with safer and more flexible deals.

The History Behind Opporty’s Pivot to Blockchain

Imagine a small business owner who needs to order a high-quality service from a trusted vendor. What is he or she going to do? Follow up on search results on Google? Look for decent options in directories, listings, and lead-gen platforms? Ask advice from family and friends?

While common, these options do not guarantee results. Free and paid promotion channels are generally controlled by big companies and corporations who are not interested in taking on a small business as their client.

Moreover, should a small business land a good deal and sign a contract, nobody (aside from centralized control systems like government and the courts) can guarantee that a rendered service will be of high quality, and will be provided precisely as outlined in the initial contract. The problem is that any contract can be altered, modified, and misinterpreted.

What You Can Do at Opporty

Blockchain-powered smart contracts solve this problem. Programmed and executed in code, smart contracts remove ambiguity from the picture and reduce the risk of any party claiming that the initial contract was misunderstood or misinterpreted. Smart contracts are immutable and are protected from any form of interference by a third party.

Opporty’s support of both an on-demand business model and blockchain enables small business owners and service providers to interact with one another and their prospective customers in an efficient, safe and secure manner.

Opporty ICO

Opporty will fire up its ICO on October 18th. The hard-capped amount of tokens offered during Phase I is 400 million OPP. All unsold tokens will be locked for at least one year to be later offered during Phase II in 2018.

An additional 50 million OPP will be issued for the Bounty rewards program that will continue after the Initial Coin Offering, to help us ramp up operations and attract more users from the cryptocurrency community.

The total amount of issued tokens will be 1 000 000 000 OPP.

The initial rate will be 1 OPP = 0.0002 ETH.

Opporty Community

The Opporty team strives to build a strong community that consolidates both cryptocurrency adopters and ordinary business owners. Our ultimate goal is to unite both sides of the table by making cryptocurrency payments, smart contracts, and DAO-enabled voting standard procedure in the growing sharing economy.

Opporty is in its beta stage but already has a community of early adopters. Many are lawyers who have already registered their companies at Opporty marketplace and have tested how it works.

If you would like to learn more about Opporty, please check out our website: https://opporty.com/

To have an in-depth look at Opporty, we strongly encourage you to read our ICO landing page and White Paper.

To find out more, check out the resources below:

Website: https://opporty.com/ico/

White Paper: https://opporty.com/ico/uploads/white-paper.pdf

Facebook: https://www.facebook.com/Opporty-ico-108217263210835/

Twitter: https://twitter.com/Opporty_ico

Slack: https://opporty.com/slackinvite

Telegram: https://telegram.me/opportyico

Medium: https://medium.com/opporty

Steemit: https://steemit.com/@opporty.ico

Reddit: https://www.reddit.com/r/Opporty/

BitcoinTalk: https://bitcointalk.org/index.php?topic=2191132.0


Opporty — The Future of Small Business on the Blockchain was originally published in Opporty on Medium, where people are continuing the conversation by highlighting and responding to this story.

Opporty — The Future of Small Business on the Blockchain

Hello world!

Opporty team is excited to introduce our service-focused, blockchain-powered, knowledge-sharing marketplace to the cryptocurrency community. In this article, we would like to share our vision of the project — a self-governed, decentralized platform for small and medium-sized business owners, individual service providers, and customers — and explain how Opporty plans to revolutionize the way of doing business for B2B and B2C interactions, by means of smart contracts and Escrow.

Opporty is a unique project in the ICO space. Unlike most projects, Opporty does not focus on cryptocurrency alone, but strives to bring the underpinnings of cryptocurrency (i.e. blockchain, smart contracts, DAO) to the business world for mainstream adoption. Specifically, Opporty binds blockchain-powered smart contracts and DAO-enabled Escrow to a service marketplace for small businesses. So far, Opporty is available in beta here.

Opporty is ready to move forward to the next stage in its launch — an Initial Coin Offering. The Opporty team strives to accelerate the development of the platform (e.g. gamification, chatbots, AI, DAO) and power its growth overseas.

Opporty’s Blockchain-Powered Marketplace Meets the Needs of Today’s On-Demand Economy

The Opporty team is convinced that blockchain technology (specifically that behind Ethereum) that allows for massive decentralization and unhinged self-governance perfectly meets the needs and demands of today’s on-demand economy. Blockchain promises to disrupt and potentially revolutionize the way we conduct business. That is why we are preparing to launch the Opporty (OPP) token and move to the adoption of smart contracts, Escrow and DAO at our service marketplace. We believe that the future of Opporty strongly depends upon a self-governed, decentralized community, which is only possible on the blockchain.

Opporty Business Model

Once we fire up our ICO and introduce the OPP token to the world, we expect to gain access to an entirely new crypto market, with a powerful, lucrative community behind it. Safe, indestructible, and immutable blockchain-powered smart contracts bound together with a smart rewards system will allow Opporty to disrupt traditional marketplaces and lead-generation platforms.

Transition to the OPP token and smart contracts will foster a climate where business owners, service providers, and customers can trust each other. This guarantees better management, increased transparency, and a more secure platform.

Opporty will support both cryptocurrency and fiat. Users will be able to purchase tokens, pay for Opporty services with tokens, or exchange their tokens into fiat through buybacks. Moreover, users will be able to earn OPP tokens by completing certain actions at the marketplace. Specifically, they will be able to contribute to Opporty’s knowledge-sharing platform.

Put most simply, Opporty creates a healthy, enriching environment for companies and their clients. By introducing trust and transparency, it meets the requirements of the on-demand economy for faster and more secure transactions, with safer and more flexible deals.

The History Behind Opporty’s Pivot to Blockchain

Imagine a small business owner who needs to order a high-quality service from a trusted vendor. What is he or she going to do? Follow up on search results on Google? Look for decent options in directories, listings, and lead-gen platforms? Ask advice from family and friends?

While common, these options do not guarantee results. Free and paid promotion channels are generally controlled by big companies and corporations who are not interested in taking on a small business as their client.

Moreover, should a small business land a good deal and sign a contract, nobody (aside from centralized control systems like government and the courts) can guarantee that a rendered service will be of high quality, and will be provided precisely as outlined in the initial contract. The problem is that any contract can be altered, modified, and misinterpreted.

What You Can Do at Opporty

Blockchain-powered smart contracts solve this problem. Programmed and executed in code, smart contracts remove ambiguity from the picture and reduce the risk of any party claiming that the initial contract was misunderstood or misinterpreted. Smart contracts are immutable and are protected from any form of interference by a third party.

Opporty’s support of both an on-demand business model and blockchain enables small business owners and service providers to interact with one another and their prospective customers in an efficient, safe and secure manner.

Opporty ICO

Opporty will fire up its ICO on October 18th. The hard-capped amount of tokens offered during Phase I is 400 million OPP. All unsold tokens will be locked for at least one year to be later offered during Phase II in 2018.

An additional 50 million OPP will be issued for the Bounty rewards program that will continue after the Initial Coin Offering, to help us ramp up operations and attract more users from the cryptocurrency community.

The total amount of issued tokens will be 1 000 000 000 OPP.

The initial rate will be 1 OPP = 0.0002 ETH.

Opporty Community

The Opporty team strives to build a strong community that consolidates both cryptocurrency adopters and ordinary business owners. Our ultimate goal is to unite both sides of the table by making cryptocurrency payments, smart contracts, and DAO-enabled voting standard procedure in the growing sharing economy.

Opporty is in its beta stage but already has a community of early adopters. Many are lawyers who have already registered their companies at Opporty marketplace and have tested how it works.

If you would like to learn more about Opporty, please check out our website: https://opporty.com/

To have an in-depth look at Opporty, we strongly encourage you to read our ICO landing page and White Paper.

To find out more, check out the resources below:

Website: https://opporty.com/ico/

White Paper: https://opporty.com/ico/uploads/white-paper.pdf

Facebook: https://www.facebook.com/Opporty-ico-108217263210835/

Twitter: https://twitter.com/Opporty_ico

Slack: https://opporty.com/slackinvite

Telegram: https://telegram.me/opportyico

Medium: https://medium.com/opporty

Steemit: https://steemit.com/@opporty.ico

Reddit: https://www.reddit.com/r/Opporty/

BitcoinTalk: https://bitcointalk.org/index.php?topic=2191132.0


Opporty — The Future of Small Business on the Blockchain was originally published in Opporty on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Hard fork. 2x of all tokens?

Recently I have received many questions about the Ethereum Hardfork: what will happen with all the ERC20 tokens, which basically are smart contracts deployed to Ethereum. Therefore, I decided to perform a quick research and cover this topic as we are getting closer to Metropolis update, everyone should be informed and understand what will happen.

Hard fork

Blockchain miners run the software to maintain the network, confirm transactions and earn mining fees. The software is being maintained and developed by the Network core developers and community. Main incentives for the miners is profit and for the developers is an effective and fast network. Due to that, it is hard to align the incentives.

Miners select which software to run. Therefore, we have issues when developers propose solutions which reduce mining profits and part of the miners disagree with the proposed solution. At a certain time we have a fork, where part of the miners run one piece of software and other part run another software. This leads us to having two separate chains from a certain block and this results in having a chain split.

Source: http://www.investopedia.com/terms/h/hard-fork.asp

Bitcoin and Bitcoin cash

The bitcoin has experienced a hard fork and a chain split lately. That lead people to having Bitcoin and Bitcoin Cash. The chain split occurred because the miners has been divided into two parts and one side did not want to use the new proposed software.

The result is that both networks are being maintained by miners. From a bitcoin owner perspective, your coins are available on both chains and you can start interacting with both networks. The Bitcoin chain split resulted in having the new cryptocurrency with a third size market cap.

Ethereum Metropolis

Ethereum due to high load on the network cannot keep up with the pace and scale enough. Because of that, Ethereum foundation implemented updates to the Ethereum Miner software under the name Metropolis. Accordingly, the upgrade has now been split into two parts named Byzantium and Constantinople.

Byzantium. This upgrade includes fixing various scalability issues:

  • problem of difficulty adjustments
  • ‘returndata’ operations
  • ‘static call’ operations
  • new precompiles
  • a difficulty delay feature

These are small tech things which won’t be obvious to non-developers. To be more exact, it will solve smart contract issues like re-entrance attack (when untrusted code enters a contract to manipulate it), return data in receipts will make it possible for light clients to determine if a transaction was successful or not with no need of actually executing the transaction in a virtual machine.

The main aspect of the upgrade is a reduction in Ethereum issuance to miners through block mining rewards from the current 5 ETH to 3 ETH. As well it will delay the increase in mining difficulty which was placed there for the Proof of Stake (PoS) upgrade. PoS is delayed, so to keep issuance around the same level as it should have been.

Right now, the best-case scenario involves introducing Byzantium on September 22nd, although it may be pushed back to October 27th if needed. Seek updates within Reddit!

Constantinople. Improvements for speed and deep core issues fixing. The release date is not defined yet.

Hard fork and chain split.

It is unlikely that Ethereum will have two valid chains, as the community is waiting for those updates and there is not much opposition to this proposed hard fork. This means that we might have a hard fork to which all nodes within the network switches and we will avoid chain split. Most likely this is what will happen as Metropolis update was planned from the beginning and there is no reasons not to switch to. Also, there is a huge drawback to stay on the old chain: if a miner stays on the old chain, the Ice Age (built in block mining time increase) will force the node owner to switch and start using new software anyway because block times become way too long to be useful.

There were similar rumours with Bitcoin, but now we have Bitcoin cash. Therefore, it is hard to predict what will actually happen.

2x tokens?

Srouce: https://blockchain.wtf/cryptocurrency-blockchain/erc20-tokens-projects/

In case of a chain split interesting thing might happen. From that point in time we would have two Ethereum chains. All contracts would be available at both chains. It means that ERC20 tokens would be available at both chains as well. Assuming, that both would have enough miners and both stays alive, this might lead to huge confusion within the market. It will be up to exchanges to decide whether support both chains and all of its tokens, or stay with the more popular one.

Exchanges

Exchanges may continue trading during the forks, although deposits and withdrawals may be disabled for some time, check their individual announcements for details. It is not recommended to store your Ethers and other ERC20 tokens in the exchange, as in case of the split, the exchange might delay or even decide not to support one or other chain.

What to do

There is a golden rule — keep your private keys with coins to yourself. Leaving it in exchange during a chain split (if that happens) could result in two main things:

  1. Your Ether and tokens balance will stay the same on the chain which wallet provider selects to support and you will be able to use those token as usual on that chain.
  2. Your wallet provider will offer you a chance to keep your token balance on both chains or to choose one of them. However, it might take even a month for exchange to actually enable those tokens transfers.

Enjoyed the article? Please let me know that by recommending it to others by clicking green CLAP below.

Click follow, if you want to get more insights on blockchain and smart contracts!

Sources: Trustnode, Cointelegraph, Reddit

Ethereum Hard fork. 2x of all tokens?

Recently I have received many questions about the Ethereum Hardfork: what will happen with all the ERC20 tokens, which basically are smart contracts deployed to Ethereum. Therefore, I decided to perform a quick research and cover this topic as we are getting closer to Metropolis update, everyone should be informed and understand what will happen.

Hard fork

Blockchain miners run the software to maintain the network, confirm transactions and earn mining fees. The software is being maintained and developed by the Network core developers and community. Main incentives for the miners is profit and for the developers is an effective and fast network. Due to that, it is hard to align the incentives.

Miners select which software to run. Therefore, we have issues when developers propose solutions which reduce mining profits and part of the miners disagree with the proposed solution. At a certain time we have a fork, where part of the miners run one piece of software and other part run another software. This leads us to having two separate chains from a certain block and this results in having a chain split.

Source: http://www.investopedia.com/terms/h/hard-fork.asp

Bitcoin and Bitcoin cash

The bitcoin has experienced a hard fork and a chain split lately. That lead people to having Bitcoin and Bitcoin Cash. The chain split occurred because the miners has been divided into two parts and one side did not want to use the new proposed software.

The result is that both networks are being maintained by miners. From a bitcoin owner perspective, your coins are available on both chains and you can start interacting with both networks. The Bitcoin chain split resulted in having the new cryptocurrency with a third size market cap.

Ethereum Metropolis

Ethereum due to high load on the network cannot keep up with the pace and scale enough. Because of that, Ethereum foundation implemented updates to the Ethereum Miner software under the name Metropolis. Accordingly, the upgrade has now been split into two parts named Byzantium and Constantinople.

Byzantium. This upgrade includes fixing various scalability issues:

  • problem of difficulty adjustments
  • ‘returndata’ operations
  • ‘static call’ operations
  • new precompiles
  • a difficulty delay feature

These are small tech things which won’t be obvious to non-developers. To be more exact, it will solve smart contract issues like re-entrance attack (when untrusted code enters a contract to manipulate it), return data in receipts will make it possible for light clients to determine if a transaction was successful or not with no need of actually executing the transaction in a virtual machine.

The main aspect of the upgrade is a reduction in Ethereum issuance to miners through block mining rewards from the current 5 ETH to 3 ETH. As well it will delay the increase in mining difficulty which was placed there for the Proof of Stake (PoS) upgrade. PoS is delayed, so to keep issuance around the same level as it should have been.

Right now, the best-case scenario involves introducing Byzantium on September 22nd, although it may be pushed back to October 27th if needed. Seek updates within Reddit!

Constantinople. Improvements for speed and deep core issues fixing. The release date is not defined yet.

Hard fork and chain split.

It is unlikely that Ethereum will have two valid chains, as the community is waiting for those updates and there is not much opposition to this proposed hard fork. This means that we might have a hard fork to which all nodes within the network switches and we will avoid chain split. Most likely this is what will happen as Metropolis update was planned from the beginning and there is no reasons not to switch to. Also, there is a huge drawback to stay on the old chain: if a miner stays on the old chain, the Ice Age (built in block mining time increase) will force the node owner to switch and start using new software anyway because block times become way too long to be useful.

There were similar rumours with Bitcoin, but now we have Bitcoin cash. Therefore, it is hard to predict what will actually happen.

2x tokens?

Srouce: https://blockchain.wtf/cryptocurrency-blockchain/erc20-tokens-projects/

In case of a chain split interesting thing might happen. From that point in time we would have two Ethereum chains. All contracts would be available at both chains. It means that ERC20 tokens would be available at both chains as well. Assuming, that both would have enough miners and both stays alive, this might lead to huge confusion within the market. It will be up to exchanges to decide whether support both chains and all of its tokens, or stay with the more popular one.

Exchanges

Exchanges may continue trading during the forks, although deposits and withdrawals may be disabled for some time, check their individual announcements for details. It is not recommended to store your Ethers and other ERC20 tokens in the exchange, as in case of the split, the exchange might delay or even decide not to support one or other chain.

What to do

There is a golden rule — keep your private keys with coins to yourself. Leaving it in exchange during a chain split (if that happens) could result in two main things:

  1. Your Ether and tokens balance will stay the same on the chain which wallet provider selects to support and you will be able to use those token as usual on that chain.
  2. Your wallet provider will offer you a chance to keep your token balance on both chains or to choose one of them. However, it might take even a month for exchange to actually enable those tokens transfers.

Enjoyed the article? Please let me know that by recommending it to others by clicking green CLAP below.

Click follow, if you want to get more insights on blockchain and smart contracts!

Sources: Trustnode, Cointelegraph, Reddit

Render Token Audit

The Otoy team asked us to review and audit their Render Token (RNDR) and crowdsale contracts. We looked at the code and now publish our results.

The audited contract is in the RenderToken/rendertoken repository. The version used for this report is the commit f381ab06d969ab8e4cd7182723edc926ae940f91.

Good job using OpenZeppelin to write minimal extra code!

Here’s our assessment and recommendations, in order of importance.

Low Severity

Misuse of FinalizableCrowdsale

(This was written for the previous version that was audited, and it was later fixed.)
As it is documented in the comments, to use FinalizableCrowdsale you must inherit from it and define a custom finalization function. Instead, finalize was redefined. Although this isn’t causing any problems in the current state of the code, the misuse of the library hinders maintainability and may cause severe problems in future revisions. Remove this function and move the extra minting to a finalization function.

Notes

  • Keep in mind that it is the transaction sender who will be checked against the whitelist, and not the beneficiary of a purchase. This means that a whitelisted address may buy tokens for a non-whitelisted address. Make sure this is the desired feature.
  • Consider adding events to log when an address is added or removed from the whitelist.
  • What is named “minimum cap” (minCap) is not really a cap, because the word means an upper bound. In OpenZeppelin we use the term “goal” to refer to this concept.
  • RenderToken is an instance of MintableToken, which has a public variable mintingFinished initially set to false. Since this is a public variable that will be shown in interfaces (such as Etherscan’s) it might cause some confusion if it remains false after the crowdsale ends. Consider calling token.finishMinting() at finalization, to set the variable to true and avoid this potential confusion.
  • The final token allocation will be: 25% of total supply will have been sold in the crowdsale, 65% will be held by the foundation, and 10% will be held by the founders.

Conclusion

One low severity issue was found and explained, along with recommendations on how to fix it.

If you’re interested in discussing smart contract security, join our slack channel, follow us on Medium, or apply to work with us! We’re also available for smart contract security development and auditing work.

Note that as of the date of publishing, the above review reflects the current understanding of known security patterns as they relate to the Render Token contract. We have not reviewed the related Render project. The above should not be construed as investment advice. For general information about smart contract security, check out our thoughts here.


Render Token Audit was originally published in Zeppelin Solutions on Medium, where people are continuing the conversation by highlighting and responding to this story.

Render Token Audit

The Otoy team asked us to review and audit their Render Token (RNDR) and crowdsale contracts. We looked at the code and now publish our results.

The audited contract is in the RenderToken/rendertoken repository. The version used for this report is the commit f381ab06d969ab8e4cd7182723edc926ae940f91.

Good job using OpenZeppelin to write minimal extra code!

Here’s our assessment and recommendations, in order of importance.

Low Severity

Misuse of FinalizableCrowdsale

(This was written for the previous version that was audited, and it was later fixed.)
As it is documented in the comments, to use FinalizableCrowdsale you must inherit from it and define a custom finalization function. Instead, finalize was redefined. Although this isn’t causing any problems in the current state of the code, the misuse of the library hinders maintainability and may cause severe problems in future revisions. Remove this function and move the extra minting to a finalization function.

Notes

  • Keep in mind that it is the transaction sender who will be checked against the whitelist, and not the beneficiary of a purchase. This means that a whitelisted address may buy tokens for a non-whitelisted address. Make sure this is the desired feature.
  • Consider adding events to log when an address is added or removed from the whitelist.
  • What is named “minimum cap” (minCap) is not really a cap, because the word means an upper bound. In OpenZeppelin we use the term “goal” to refer to this concept.
  • RenderToken is an instance of MintableToken, which has a public variable mintingFinished initially set to false. Since this is a public variable that will be shown in interfaces (such as Etherscan’s) it might cause some confusion if it remains false after the crowdsale ends. Consider calling token.finishMinting() at finalization, to set the variable to true and avoid this potential confusion.
  • The final token allocation will be: 25% of total supply will have been sold in the crowdsale, 65% will be held by the foundation, and 10% will be held by the founders.

Conclusion

One low severity issue was found and explained, along with recommendations on how to fix it.

If you’re interested in discussing smart contract security, join our slack channel, follow us on Medium, or apply to work with us! We’re also available for smart contract security development and auditing work.

Note that as of the date of publishing, the above review reflects the current understanding of known security patterns as they relate to the Render Token contract. We have not reviewed the related Render project. The above should not be construed as investment advice. For general information about smart contract security, check out our thoughts here.


Render Token Audit was originally published in Zeppelin Solutions on Medium, where people are continuing the conversation by highlighting and responding to this story.

What is NEO, and what is GAS?

An introduction to the cryptocurrency formerly known as AntShares, and it’s friendly sidekick.

Where did it come from!?

There’s a fair amount of confusion surrounding the Neo platform. Not surprising when you consider the project’s complicated history.

Neo began life as AntShares (ANS) in 2014. AntShares, founded by Da Hongfei and Erik Zhang, has been referred to as China’s first blockchain platform. In 2016, supposedly in response to growing interest in AntShares, and a need for blockchain solutions that meet the requirements of both government regulators and private companies, Da and Erik founded Onchain, a venture-backed company that provides blockchain-based financial services. In 2017, AntShares was rebranded as Neo.

Neo and OnChain are based in Shanghai. It’s certainly the case that Chinese regulation can have far-reaching effects on cryptocurrency markets and development. Neo is equal parts vulnerable to, and well-positioned to inform and cooperate with, Chinese oversight.

A Smart Economy

The Neo white paper is our key resource in understanding the platform. unfortunately, aspects of Neo are still in development, and certain details are unclear. At times, the white paper reads more as an overview of smart contracts in general than a specific guide to Neo’s inner workings.

In concept, Neo is a smart contracts ecosystem, similar to Ethereum. It allows users to automate the storage and exchange of digital assets. In order to compete with more established smart contracts implementations, Neo takes advantage of evolving technology and cooperation with Chinese authorities towards the stated goal of a ‘smart economy’.

Digital Identity

In 2005, China’s ‘Digital Signature Act’ allowed digital signatures to be legally binding in theory. The trouble here is that a means of digital identification that meets the requirements of this regulation has been hard to come by. In 2016, partnering with Microsoft China, OnChain founded Legal Chain with the goal of providing this means of identification. Legal Chain intends to apply the immutability and transparency of blockchain systems to meet these requirements, with the aim of integrating face and voice recognition along the way.

This concept of digital identity is a key feature in Neo’s proposed smart economy. Maintaining a trusted link between digital and physical entities means that you should be able to follow abuse of the system right back to a legally-binding identity.

Consensus

Neo employs a consensus mechanism called Delegated Byzantine Fault Tolerance (dBFT). Participants in the system are able to designate certain nodes as bookkeepers. A bookkeeper node must maintain a minimum balance of NEO and meet certain performance requirements.

Bookkeepers are tasked with verifying the blocks that are written to the blockchain. If two-thirds of the nodes on the network can agree with a bookkeeper’s version of the blockchain, consensus is achieved and the proposed version of the blockchain is validated. If consensus fails, an alternate bookkeeper is called and the process is repeated.

Because this consensus only needs to be replicated across a subset of the network, it is said to be more efficient than classic Byzantine Fault Tolerance. The network as a whole consumes fewer resources and can handle higher transaction volumes.

With dBFT and some other key optimizations, Neo claims to be able to handle over 1,000 transactions per second, with a goal of optimizing to over 10,000 transactions per second. Compare that to Ethereum’s current rate of 15 transactions per second.

That’s a big advantage but but it can be argued that these gains come at the cost of centralization. Digital Identification and dBFT may serve to limit control of the system to a select group.

NeoContracts

Neo’s smart contracts are called NeoContracts. One of the big obstacles to designing smart contracts is that their results need to be reproduced reliably across a network.

If a contract is referenced on a blockchain and it yields different results on different systems, the network can’t reliably agree on what the blockchain looks like and blocks will be stalled. But a smart contract can’t perform meaningful operations without accessing some variables.

Timestamps — Maybe you want to use smart contracts to automate weekly payments to an employee or settle an account with a distributor every 30 days. Your contract will need to know what time it is. To provide consistent access to time data, Neo registers a timestamp to every new block that is generated. A new block is added every 15 seconds, so contracts can access the current time to within 15 seconds.

Randomness — Also useful is the ability to generate random numbers. But how do you provide a random number while still ensuring that the same random number is identified across the network? To provide smart contracts with access to randomness, a random number is inserted into the Nonce field of every new block. Contracts can reference this Nonce field to access this random number.

Data Storage- Data in NeoContracts can be stored privately, accessible only to the contract with which it is associated. Data may also be stored in a global context, accessible to all of the contracts on the network. External data must be transferred to the Neo blockchain and passed on to these private or public data stores in order to be referenced by contracts.

The Tokens

The platform involves 2 different tokens. NEO and GAS are the cryptographic currencies that drive the Neo network. Both NEO and GAS are capped at 100 million tokens each.

The NEO token is representative of shares in the NEO market. NEO holders get voting rights in the NEO ecosystem, as well as rights to dividends in the form of GAS. 50 million NEO were distributed through initial crowd funding. These tokens are fixed with a 1-year lockout period, expiring October 16, 2017. The remaining 50 million tokens are managed by the NEO Council (A group of the project’s founders) to support development and maintenance of the NEO ecosystem. NEO tokens cannot be divided.

GAS is generated at a rate of 8 GAS per block with the construction of the NEO blockchain. The rate of production is reduced by 1 token for every 2 million blocks generated. Sometime around 2039, GAS circulation will reach 100 million and production will cease. Unlike NEO, Gas can be divided.

GAS dividends also accumulate as fees to the network. Users pay in GAS to deploy and run smart contracts. Fees are proportional to the computing resources consumed by the contract. These fees are distributed to ‘bookkeepers’ as reward for their activity on the network.

Special Features

In addition to the core protocol, the Neo team champions a handful of side projects that bring various benefits to the Neo Ecosystem.

Superconducting Transactions

In a traditional currency exchange, orders are placed and matched in a centralized marketplace. The process is efficient, but it requires that the user release control of their funds to the exchange.

By automating the placement and matching of orders across a consensus network, you can ensure that orders are matched and processed fairly and transparently, effectively creating a decentralized exchange. But this results in slow transactions, as adjustments must to be validated across the network.

Neo proposes a system whereby exchange transactions are settled on the blockchain, but order matching is handled off-chain by a central exchange. This is intended to provide the efficiency of centralized exchanges with the security of a decentralized exchange. Neo calls these transactions ‘Superconducting Transactions’.

NeoX

NeoX allows transactions to traverse blockchains. I can’t find much in detail about his protocol. Similar protocols involve generating smart contracts that tie up funds on one blockchain in return for access to funds on an alternate chain.

NeoFS

NeoFS allows large files to be divided and distributed across the network. Users can specify the level of reliability they expect of a file. Files with low reliability requirements can be stored and retrieved at minimal cost. For a higher fee, data can be stored on more reliable nodes.

NeoQS

Quantum computers threaten the security of certain cryptographic techniques. Neo uses a lattice-based cryptographic mechanism that it calls NeoQS (Quantum Safe) which is theoretically resistant to attacks from quantum computers. Not likely that quantum computing will affect cryptographic systems in the near future, but it does offer some peace of mind.

Further Reading

https://steemit.com/cryptocurrency/@basiccrypto/almost-everything-you-wanted-to-know-about-neo-part-1-of-2

https://bitcoinmagazine.com/articles/op-ed-chinas-ico-ban-characteristic-not-catastrophic/

https://cryptoinsider.com/byzantine-fault-tolerance-blockchain-systems/

https://steemit.com/neo/@basiccrypto/neo-s-consensus-protocol-how-delegated-byzantine-fault-tolerance-works

NEO, Onchain and its ultimate plan — DNA

https://cityofzion.io/

Etch Payroll overview at UWE Bristol

The University of the West of England held an event on the future of BIM and Smart Contracts in the build environment. Jim Mason of UWE invited Etch to Bristol, to discuss how Etch will transform working relationships with the use of Smart Contracts.

Transcript from Smart UWE talk on BIM and Smart Contracts

Hi everyone, i’m Ben Whyte from Etch. We are developing the world’s first blockchain based payroll system which uses smart contracts to deliver wages and remittance in real-time. We’re also the first project to emerge from the Construction Blockchain Consortium — https://constructionblockchain.org.

Payroll is typically an antiquated, inefficient system with many problems. For employers it’s an administrative burden. One that can very time consuming, staying up to date with hmrc compliance and avoiding potential disputes with employees.

From the employee side, payroll can be an even more strenuous. Many employees live paycheque to paycheque, many more might live hand to mouth. So getting paid your wages late, is not an option. Getting paid the wrong amount is not an option. These are disputes you don’t need to have. Then when you think many workers might be migrant workers who are supporting families back home. Their families needing support not only have to wait but also might lose another week and a significant transaction fee to a remittance service. With today’s technology this doesn’t have to be the case.

A blockchain to put simply, is a transaction ledger. It is the realisation of triple entry accounting. Traditionally there might a party, a counter party and then a middleman to process and bare witness to a transaction. Each would have their own record / receipt of events. Using blockchain technology transactions can be moved onto one single immutable ledger and reduce any accounting discrepancies by and large, the need for a middleman.

Smart contracts are essentially programmable money. It lets you take a unit of value and program conditions into it which will let this unit of value automatically transact when these conditions are met. We use the Ethereum platform to execute the smart contracts needed to make Etch work.

So by using these technologies to unify payroll, payments and remittance, we will deliver greater business efficiency and lower time and cost for payroll, while improving financial security in employees lives. Creating a fairer working contract and removing unnecessary middlemen from the process. We want to maximise the value to both employees and employers.

I’d now like to talk about our technology roadmap.

The first iteration of Etch will involve getting automatic payroll processing right along with a web interface for our dashboard and then introducing the Etch pay cards. We have agreed terms with a card provider so that employees are not only paid in real-time but, every time an employee spends money with their Etch card, they get a paid back a small percentage of what would typically be a bank’s processing fee, along with their employer. So employees are effectively paid slightly more than what their wage should be, while employers pay slightly less.

The second phase of this development will involve releasing a mobile app for monitoring payroll and finances, in addition to the introduction of IoT beacons which can measure employees identities and location.

The third step of our technological development involves enabling performance based contracts in addition to time based ones.

Here is a demo of our pre-alpha platform:

We are currently running our first pilot of Etch at a construction site in Oxford with Aeron Buchanan, who was one of the Ethereum founding team members.

While a payroll platform is industry agnostic and could be applied in nearly any industry, there are several reasons we want to focus on construction as a first vertical. Our CEO Euros Evans is a blockchain expert but has also been in architect and builder for over 20 years and understands the industry deep in.

Our CTO Tomasz Mloduchowski is a blockchain expert who has been involved in the space since 2009 and has consulted on this technology for many large financial institutions, in addition to being on technical committee for the Construction Blockchain Consortium.

The expertise we have across blockchain, construction and finance mean we have a strong understanding on which industries we aim to disrupt. We are confident that will will deliver a tool which helps projects get delivered on time and on budget, in addition to helping create financial security for employees and a more prosperous working relationship.

Thank you.

You can find out more about us at https://etch.work

Etch Work

@benw1911