Ethereum allows for distributed applications and smart contracts to be built and run on a decentralized blockchain network. It provides a virtual machine that allows code to be run and maintain its own balance of funds. The currency powering the Ethereum network is Ether, which can be used to pay for transactions. A major hack of a decentralized autonomous organization called The DAO compromised $50 million worth of funds, leading to debates around how to respond and potential changes to the Ethereum network. While still early, Ethereum aims to enable new types of decentralized applications, but currently faces challenges around usability and security.

1. Jelqing With
Ethereum
July 1, 2016

2. Ethereum Overview
● A year ago, Ethereum docs were all like:

3. Ethereum Overview
● Bitcoin is a distributed transaction ledger:
● Ethereum is a distributed ledger & virtual machine:

4. Ethereum Overview
● VM bytecode & state variables live in the blockchain.
– Public functions are called like any other code.
– No daemons, no event-driven calls.
– Code can maintain its own balance of funds and send them
programmatically.

5. Ethereum Overview
● Ether is the currency that powers everything.
– One ether is currently worth $12.35.
– It can be traded just like any other cryptocurrency.
– A small amount is used to execute bytecode.

6. Ethereum Overview
● Block time is 15 seconds.
– Current block reward is 5 ether.
– Stale blocks (“uncles”), up to 6 blocks back, get 4.375 ether.
– Miners can include up to two uncles and get 5/32nds of an ether for each.

7. Ethereum Overview
● The caller pays for opcode execution using gas.
● Ether/gas exchange rate is set by the function caller.
– If price is too low, miners will hate your face and you will bring great shame to your ancestors.
● The caller specifies max gas to be used.
– If max is reached, execution is reverted and all gas is
forfeited (!).
● This insulates execution costs from
fluctuations in ether price.

8. Ethereum Overview
● A spreadsheet online has opcode gas costs:
● The Mix IDE shows gas costs of statements:

9. Ethereum Overview

10. Ethereum Overview
● Advantages:
– If source code is available, anyone can audit it for correctness.
– Extremely high application availability.
– Once launched, code is autonomous and immutable.
● Disadvantages:
– Once launched, code is autonomous and immutable.
– Execution is slow and latency is high.
– All code and variable state is effectively public.
– Complex code is (probably) expensive.

11. Ethereum History
● Ethereum was proposed in early 2014.
● By September 2014, it crowdsourced $18.5M.
●
“Frontier” release made in July 2015.
– Command line tools & mining software released.
● “Homestead” release made in February 2016.
– Some UI tools; originally planned to increase block rewards 10x (???)
– Needed a hard fork.

12. Smart Contract Programming
● This gets you in touch with your inner 1960's computer scientist.
– CPU, memory, and storage are expensive!
– Storage is the most expensive…
● Three high-level languages you can use:
– Solidity: officially supported. Javascript-like, with strong variable types.
– LLL (Lisp Like Language): die in a fire.
– Serpent: based on Python. Nobody uses it.

13. Smart Contract Programming
Solidity example:
contract MyToken {
string public name;
uint8 public decimals;
uint256 public totalSupply;
mapping (address => uint256) public balanceOf;
function MyToken(uint256 initialSupply) {
balanceOf[msg.sender] = initialSupply;
totalSupply = initialSupply;
}
function transfer(address _to, uint256 _value) {
if (balanceOf[msg.sender] < _value) throw;
if (balanceOf[_to] + _value < balanceOf[_to]) throw;
balanceOf[msg.sender] ­= _value;
balanceOf[_to] += _value;
}
[...]

14. Smart Contract Programming
● Solidity kinda sucks right now.
– Hash map keys cannot be iterated!!
– No string concatenation!!
● No string library.
– I hope you like writing your own byte array manipulation functions…
● Compiler gives unhelpful error messages.

15. Smart Contract Programming
● If you want people to trust your contract, you need to publish its
source code. From https://etherscan.io/:

16. Smart Contract Programming
● After the author provides their code:

17. Smart Contract Programming
● Code licensing problem:
– No source code = no trust.
– Source code published = ability to audit & trust = code license is moot.
● Anyone can take the source code and re-publish it.
– You cannot enforce licensing restrictions since you can't take it down.
– Once its in the blockchain, its there forever.

18. Current DApps
● Current distributed apps (DApps):
– Ponzi schemes: they actually make you money… until they don't.
– Simple gambling games: clunky without intergrated UIs.
– The DAO: lol.
– Shit: weird-ass things that don't make sense.
● Listing: http://dapps.ethercasts.com/

19. The DAO
● Decentralized Autonomous Organization
– Basically, a direct-democracy investment firm.
– The crown jewel of Ethereum.

20. The DAO
● It can hire contractors to build products & services, then profit
from them directly.
● It bootstrapped throughout May, raising $162M in ether.
– It was the largest crowdfunding of all time.

21. The Rape of DAO
● On June 17, it got hacked. About $50M stolen.
– A pure shitstorm ensued.
● The DAO was vulnerable to a re-entrancy problem.
– An attacker recursively triggered a withdrawal function.
– The function sent ether before deducting the attacker's account.
● The stolen ether can't be accessed yet. It's locked in a child DAO
for 27 days.
– The community is scrambling to steal the funds back.
– A hard fork seems likely. This will revert the theft entirely.
– People are losing their god-damned minds.

22. The DAO
Example contract vulnerable to re-entrant attack:
contract ReEntrant {
mapping (address => uint) userBalances;
[...]
function withdrawBalance() {
uint amountToWithdraw = userBalances[msg.sender];
if (!(msg.sender.call.value(amountToWithdraw)())) // [1]
throw;
userBalances[msg.sender] = 0; // [2]
}
}
Problem: line [1] calls target
contract's default function. The
target can then steal funds by
recursively calling
withrawBalance() since its
state is not updated.
Solution: switch lines [1] and [2].

23. Bitcoin Fucked Up Too
– “In 2010, an exploit in an early bitcoin client
was found that allowed large numbers of
bitcoins to be created.[92] The artificially
created bitcoins were removed when
another chain overtook the bad chain.[93]”
– “In March 2013, a technical glitch caused a
fork in the block chain, with one half of the
network adding blocks to one version of the
chain and the other half adding to another.
For six hours two bitcoin networks operated
at the same time, each with its own version
of the transaction history. The core
developers called for a temporary halt to
transactions, sparking a sharp sell-off.[94]”
● From Wikipedia (https://en.wikipedia.org/wiki/Bitcoin#History):

24. Future Dapps
● Right now, there is no officially supported UI for contracts.
● The Mist browser is landing in the upcoming Metropolis release.
– There is no ETA.
● Mist will provide an HTML/CSS/Javascript interpreter.
– The Ethereum Wallet is actually Mist with one application.
– Mist will integrate the wallet with the browser.
– Scary as fuck.
● Where will UI live? Hopefully in the blockchain!

25. Other Interesting Things
● Whisper: messaging sub-system used for DApp inter-
communication.
– Low bandwidth, uncertain latency.
● Swarm: file/data storage sub-system.
– I don't know anything else about this.

26. Bitcoin Is Jelly
● A startup named Rootstock received $1M in
March to bring smart contracts to Bitcoin via
side-chains.
– Their proof-of-concept supports Ethereum VM's opcodes.
● Another startup, Blockstream, received $76M
as of February to bring side-chains to Bitcoin.
– Side-chains seem to be a key pre-requisite to smart
contracts in Bitcoin.

27. Conclusion
● Ethereum is neat, but not terribly useful. Yet.
● It'll be interesting to see it interact with IoT.
● It will definitely revolutionize:
– Online gambling
– Command & control infrastructure for botnets/malware.

28. Questions?