Ethereum developers reported delay Constantinople hard fork due to a discovered reentrancy vulnerability in the security system, potentially allowing a reentrancy attack using smart contracts.
The presence of a critical error in the code of a planned change (EIP 1283), which reduces transaction costs for some operations, was reported by the audit company Chain Security. The loophole potentially allowed an attacker to steal cryptocurrency from smart contracts on the network by repeatedly requesting funds and transmitting false data about the fraudster’s actual ETH balance. Therefore, the developers decided to postpone the implementation of the system-wide update and hold a meeting on Friday to discuss further actions and agree on a new date..
Moving to Constantinople was supposed to take place on January 16 at block 7 080 000, so some clients on the network have already been updated. In order to avoid an inconsistent hard fork, emergency fixes have been released to postpone the changes. Users can also simply downgrade the client, but the developers do not recommend doing this, so as not to create a mess. Those who do not start the node or otherwise do not participate in the network do not need to do anything.
The project team has already contacted exchanges, mining pools, cryptocurrency wallets and other groups collaborating with the Ethereum network..
Lane Rettig, a member of the Ethereum core, considers Constantinople to be the most intense and controversial of all hard forks in the entire history of the project, and some developers have even suggested calling the changes a less controversial term. «renewal». The crypto community advised the team to test the code ahead of time, rather than on the eve of launch, as EIP 1283 was available for research for a year..
Due to the increased activity of hackers, companies began to spend more money and time on improving security systems, as well as more often integrating the blockchain. According to Gemalto research In 2018, the use of this technology to protect the IoT doubled.
text: Ivan Malichenko, photo: mrcoinpedia, unsplash
Bonds on blockchain, World banks issues millions worth bonds in Blockchain
To organize the whole process, four open source smart contracts were used, and the fifth one will pay off in six months.
The total amount of the issue of securities amounted to 750 million rubles, but its main task was not to attract investments, but to scale up the technology for further application after the formation of the legislative base. NSD spokesman said that using smart contracts can reduce technology costs by 10%.
The partners were able to successfully implement a complete DVP settlement model on the blockchain, which ensures the simultaneous movement of bonds and cash. The list of participants is dynamically changed, confidentiality is ensured and access is open for all parties to the transaction (issuer, investor and NSD). The parties can perform the necessary operations online and exchange documents. At the same time, the whole process is decentralized, transparent and protected by cryptography..
MTS told BitCryptoNews that they installed the software on their own and did not experience any particular difficulties, since no significant software modifications were required. Andrey Kamensky, vice president of finance, investments, mergers and acquisitions of MTS, said that the company plans to use blockchain in the future to increase trust between participants and reduce transaction costs.
Recall that the industrial sector received more than 400 million rubles from Igor Chaika.
Top Smart Contract / Blockchain Development Frameworks for 2021
Smart contracts are most commonly associated with Ethereum. However, the most popular Dapp platform still has disadvantages in dealing with digital contracts. The emerging alternative solutions were reviewed by Michael Mulders, a specialist at The Ledger, the results are presented in the table.
Let’s analyze the working platforms and try to supplement this review a little..
Disadvantages of Ethereum
Ethereum smart contracts are being finalized and improved. They are most often used in ICOs, where guarantees of the high-quality functioning of the system are needed. The ERC20 token standard, which is created by a smart contract, has a serious flaw in the transaction — it takes place in two stages:
Sending a token to a wallet using the transfer () method.
Depositing a token into a contract using approve () + transferFrom () methods.
If the token was sent directly to the smart contract, then it will accept this transaction, but the wallet will not be replenished with tokens. So you can irrevocably lose money, which has already happened more than once..
Possible solutions to the problem were presented back in November 2017. These are new standards:
ERC223 — solves the above problem by combining functions into one — transfer () — to eliminate user error.
ERC777 — will expand the possibilities of mass user adoption by adding transaction processing tools.
Despite these vulnerabilities, the Ethereum smart contract is still considered the most reliable solution for interacting with the blockchain. It is difficult to argue with this, since the errors found are more related to the human factor..
The main advantage of Ethereum smart contracts is flexibility. — absolutely any idea can be programmed into code and then implemented on the blockchain. Proof of this — hundreds of ready-made blockchain applications based on Ethereum.
Nxt smart contracts are available in limited quantities and cannot be modified or new created. But working templates are successfully used in various fields of activity: EPS, trading platforms, instant messengers. To work with these templates, just enter the required parameters.
Benefits of Nxt Smart Contracts:
Cost effective and reliable.
Ease of use.
The success of Nxt depends on the number of ready-made solutions, since there is no provision for writing your own programs.
Neo smart contracts use a virtual machine just like Ethereum. The difference is that VM Neo’s computations are aimed at optimizing the contract code before executing it. Thus, the maximum efficiency is achieved when performing tasks in the blockchain, but it takes more time to prepare them. Smart contracts are programmed in several languages.
Qtum smart contracts are based on Ethereum and are called master contracts. The Chinese platform has implemented a hybrid of ethereum and bitcoin, in which transactions on the blockchain are managed entirely on the sides of the participants..
NEM smart contracts are executed directly in the blockchain code, which makes it possible to update the contract after its implementation on the blockchain. In Ethereum, this requires invoking a new smart contract. Nem also has a smart asset system, thanks to which it is possible to create some types of blockchain applications with a few keystrokes..
Hyperledger smart contracts are called chaincode.
Development is carried out in the Go programming language, which is known for its high compilation speed, which is the advantage of Hyperledger. The project was originally created to implement blockchain into corporate networks, where it found its application..
Mulders notes four main features of chain codes:
change history query.
Hyperledger uses a state database to record keys and key values without affecting the blockchain.
Turing complete smart contracts are not used in the Stellar network, which reduces the level of vulnerability. The payment for the implementation of the contract on the blockchain is much less than that of Ethereum..
Another important advantage is the ability to program in four languages. Such an opportunity can attract developers and popularize the platform, given the good scalability.
Like Hyperledger, this project is focused on introducing smart contracts into business. Neblio alone is going to use as many as eight programming languages, and for work, users need to purchase a wallet in the form of a Raspberry Pi microcontroller. Each user using Neblio will have their own full node, the synchronization with the blockchain of which takes one minute.
Solving the problem of programming language complexity
A barrier arises between humans and smart contracts — knowledge of programming languages. There are several ways to solve this problem:
Study of YP. Problem — it takes a lot of time.
Use of ready-made solutions. Problem — uncertainty about correct code editing.
The use of such templates that Nxt offers. Problem — limited opportunities.
Payment for the programmer’s work. Problem — a high-quality smart contract programmer takes a lot of money for his work, since there is enough work in the crypto world now.
The most optimal solution is created in the project iOlite, which makes an engine to convert an ordinary language to contract code.
This tool is called the Fast Adaptation Engine and aims to replace the work of coders. Language expression structures are linked to pieces of code, then concatenated and reworked to create a coherent program. For this, a huge database is connected. The data is entered into this database by the developers. If a part of the code contributed by the programmer was successfully applied in the development of a smart contract, he receives a bonus in iOlite tokens.
On the one hand, it is more profitable for specialists in this field to carry out private orders, but, on the other hand, it is obvious that programming will be automated as much as possible over time. At the moment, work is underway to translate English into Solidity.
Summing up, it is necessary to highlight Hyperledger Fabric as a platform that is actively used now, providing developers with flexible tools for applying smart contracts..