Notes on presentations

Day One, 19 September 2016

### Martin Becze

He is researching on EVM 2

### Peter Szilagyi

Team GO

Sorry for network problem

Jeff had a baby (main release) and Peter is in charge of the project now

### Christian Reitwiessner

Cpp Team

Working on accelerated interpreter

Remix, mix restart from scratch => serverless IDE

Solidity more flexible and safer

Alex Van de Sande

MIST started from go team and become stand alone team

Vitalik Buterin

He is on research of future protocol feature. He and Vlad are working on sharding (there is a test client)

Peter Van Valkenburh

Regulatory considerations for Dapp development

CoinCenter promote regulatory climate preserving freedom to innovate. There are a lot of bitcoin company supporters.

Like Ferdinando they commented ESMA consultation.

They was bitcoin only 2 years ago, (Washington DC at least know it) but now also ethereum and Consensus Open network

They test if something is a good investment under US security laws.

After Paycoin they created a Framework for securities regulations of cryptos, what is less likely to treated as securities:

Available to contact for any doubt of offering

Vitalik Buterin

Ethereum in 25 minutes, a guided tour through the depths of the Merkle underworld

During 2013 people start thinking blockchain is useful for stuff: Colored coins, dns… But most blockchain single purpose device. They are calculator or swiss army knife.

Ethereum is like a Windows Phone (platform for application)

The State is the current information

History = things happened

Full node keep state and optionally history, every account object has:

Every node process all tx


Panel: Evolving the EVM

EVM 2 will use WebAssembly.

Transpiler is needed from EVM to WebAssembly. Why? Because you are backward compatible with existing smart contract.

Why WebAssemply? Code format for browser fast/efficent/portable designed to run on untrusted environment. Once using WebAssemply you can use any language to write smart contracts.

### Philip Daian


The problems are bugs, security more closely tied than anywhere (attacker anonymously monetize, code is public)

Good practices:

Escape hatches, you need a human in the loop

Aron Fischer and Viktor Tron

Swap, Swear and Swindle, Swarm incentivization

Swarm is storage solutios for Ethereum, whisper Get data, calculate H of data and the closest node should store that. Routing continuosly ask nearest peer that gives nearest and so on…

Accounting of used bandwith to reward good behavior and penalize bad ones.

Chequebook smart contract used to not pay for every content served. Only the last cheque is payed. Cheque are different from channel. They are basically trusted promissory notes of small value.

If peers get paid they are incentivized to keep popular content. There are no guarantee that less popular content will remain available -> pay nodes to keep your content.

To guarantee that unpopular content remain available over time, challenge the swarm for proof of custody for the data still available, the proof of custody release the payment. What if you can’t find the data you paid for? Security deposits for insurance -> Swindle.

To ask proof of custody you don’t have to keep all the original file but only a small part and make the challenge of a small subset of the small part of the data.

But if storing just a partial content and if no one answer correctly to the proof of custody there are no way to recover the original data.

Private talk with Joseph Poon

He’s interested in atomic swap between chains, this requires software talking and he is here to let someone code this for him. They probably have 12 persons working on lightning network and they will be probably not in the lab for the hackaton after scaling.

Greg Colvin

Making the EVM scream

From infinite precision to 512 bit gas from 256 to 64 bits Other changes granting lots of improvement on speed

Heiko Hees

Raiden Network, Off-chain state network

Problems are: throughput, finality, confidentiality, cost.

Scaling to 1M+ tx/s, ERC20 compatibilities, Atomic Swaps

They already have a working prototype, showing us an IoT demo on using Raiden Network to pay for electricity

Collaborating with swarm guys

On chain Exchange -> maker broadcast offer, taker ask for atomic token Swap Problem of free option, party that commits first offers free options. Tokens locked till timeout. Possible solutions is commitment deposits from a third party but Limited trust required

Christian Reitwiessner

Truebit: Trying to fool a blockchain

Wokrs by doing a 1M step computation of the state root hash by both parties. at some time they differ and I don’t understand why this is useful

Viktor Tron

Towards web3 infrastructure

Swarm build on chunks of 4Kb. Chunks hashes build a merkle tree granting compact merkle proof and built-in integrity. Who/How the merkle tree is stored???

TJ Saw

Parity’s launch

Gavin Wood is not available because he is becoming dad. Written in Rust, language from Mozilla foundation.

UI running on a web browser from localhost:3000 very cool

Jeff Coleman

State channels: making your application practical

Contract between two parties transacting directly Judge not in the blockchain, in the end multisig with judge outside state channel parties must be online or the can leave promises with hired “bystanders”.

concrete example: etherdice. user submit bets, and hashes for random. bets stop, bets confirmed, preimage communicated, winner executed. Lot of tx lot of Problems.

With state channel zero tx or almost zeros

Martin Becze and Alex Beregszaszi

Ethereum WebAssembly

VM is the core. Performance are needed

EVM has 256 bit words of computation

It has special instructions GASLIMIT, BALANCE, SHA3, they should’t be missing instructions.

WebAssembly has: portable size, Efficient load time. Secure sandbox. Toolchain compatibility, RISC, compact binary representation, fast decoding, single pass validation, Integer and Float operations.

(the latter not included in EVM2).

Defines as AST abstract state machine which easily processed and transformed.

Already implemented in Chrome, Firefox nightly, edge, nodejs 7.0,

It is Proposed replacement for current EVM, restricted set of WASM, ex no float point operations. Defines backward compatibility for existing smart contract code with EVM2WASM translate from evm to wasm producing very fast code. 5000 line of wasm, 400 of js.

Metering injection, decoupling from VM. Inserting calls for gas calculation at run time.

EEI Ethereum interface VM semantic 3 new rules

  1. check contract for ewasm signauture
  2. call EVM2WASM
  3. use sentinel contract

Light client easily written integrating the kernel <1000 lines of WebAssembly.

Zcash could be build on WebAssembly

There is a ewasm-libc so you can write smart contract in C.

GAS on EVM1 calculated by benchmarking on Vitalik’s laptop. With WASM gas cost will be based on the cycle count. The gas cost table will be stored in a contract so any client shouldn’t changes for changes in gas (it’s an update on data not an update on code).

Web assembly use less cycle for example for sha256 that could be implemented as real instructions not special precompiled one.

Vlad Zamfir

A Correct-by-Construction Asynchronous Casper Protocol

Byzantine consensus safety on 2/3 in async network, 1/2 in sync one estimates are non finalized decisions or decision proposals adversary try to change an estimates.

He is trying to demonstrate proof of stake validity in asyncronous network (even if a syncronous assumption could be enough for crypto network) because is more general assumption (isn’t solving proof of stake enough?)

Interesting that Vlad wrote on twitter that privacy and anonimity of zcash could be dangerous, and from zcash blog post he is one of the investor

Jan Xie

Ethereum on Ruby

Core principle of Ruby is happyness -> readability and flexibility

Teth is a smartcontract testing Framework. Test runs without chain and mining. Emulates the EVM to run unit tests.

Zooko Wilcox

Zcash + Ethereum = <3

Blockchain properties:

Zcash first of his kind to have all this properties! Zooko has no idea what you can do with this.

Privacy is fundamental human right. It has: individual, social, business and economic value.

If you encrypt transaction, how nodes could validate transaction? zk-SNARK! With ZKP you can make crypto proof so they know noone can know that proof without knowing the private key of that output.

How to combine privacy & programmibility? Baby ZoE add zsnark precompiler in Ethereum.

Project Alchemy, include verify zcash pow in solidity, like BTCRelay this is ZRelay. Smart contracts could fullfill orders (decentralized exchanges) but also ethereum contracts could send and receive zcash.

Zcash launches on 28 October. Bitmex already trade Future Zcash today and they are priced at around 0.08 BTC

Lucius Greg Meredith

#### Types for tokens (on agenda: Behavioural types for smart contracts)

Colletive intelligence, swarm intelligence in bees is like global consensus. So it’s present in nature!

We need new kind of disciplines, not just data access errors. A lot of verification is possible at compile time.

We need formal verification for mission-critical systems, formal verification need to lower the cost to achieve global adoption. When you recode the DAO bug in rholang is a Race condition.

Rholang is synereo’s blockchain-based social contracting language with a built-in behavioral typing mechanism. All programming languages are generated by monads that are an abstraction. The reason to achieve this level of abstraction is because you can make formal verification easier.

Bob Summerwill

Ethereum for resource-limited devices

CEO of doublethink

Resource-costrained device are less capable then desktop machine, limited in cpu, memory, storage, connectivity, batteries or operating system.

Why ethereum on this devices? ie. mobile computing is today mainstream computing.

Java Ring, in 1998 public key encryption and lot of things we are talking now!

2016, samsung watch, ESP8266 2$ wifi enabled chip

Ethereum scale of options, sign locally trusted sever, light client, full node, archival node, cross-cpp-ethereum to cross build in various env, also arm linux. Go version already work on android. Ethereum light client run on raspberry 25MB binary 50Mb chain cpu 12% ram 162MB, 9 min sync

Whisper development has been restarted

Virgil Griffith and Vikram Verma

Designs fot the L4 contract programming language is developing a software translating a smart contract to english legalese.

how do you call a runtime debugger? litigation

Vitalik Buterin

The Mauve Revolution

What sucks on Ethereum:

  1. Privacy (Zcash and ring signature)
  2. Scalability
  3. PoS because PoW Cost
  4. Latency

Virtual Mining (PoS)

Casper PoC3 approach

A special contract could be invoked with some ether deposited. With Parameter validation_code, random source, withdrawal address, if the call is made in epoch 1 you became a validator at the start of epoch+2.

While in the pool you could be assigned to create a block with a probability proportional to ether deposited.

A block must contain a signature of the validator (using Lamport signature which are quantum resistant)

If you want you can withdraw the eth (which you can’t with physical miner) and the effects after 2 epoch. you get your deposit + rewards - penalties

Validator selection:


onchain scaling to tens of thousands tx every node keep small tx of the transaction but can merkle verify any tx There is home shard

Joseph Poon

State channels security considerations and solutions

On the Blockchain economic considerations are security considerations.

One of the partecipants in channel could allow one party to prove some state otherwise a timeout trigger.

Use relative timestamps the cost of enforcing is smaller, it’s really important to keep it simple, solving the free option problem by requiring 10k steps to realize the tx, so minimizing the free option opportunity

Day two, 20 September 2016

Joseph Chow

Security learning from BTC Relay -> another name

DAO bug could be solved by swapping two lines!

Starting security repo: smart-contract-security-repo


pull over push is instead of sending, save in an array the amount due to someone, and write a method that withdraw checking the amount due.

Raine Revere

Visualizing Security

How do you spot smart contract security vulnerabilities?

Some attacks:

How to detect:

There are three developer type:

Martin Swende

Ethereum security overview

ISOLATION, in the hot wallet amount spending everyday. The cold wallet is the bank, frozen backups, and in exchange only amount you could lose

cold electronic wallet, ledger nano S first USB armory is a generic computer ORWL backup against fire, electric failure, water, thieves, and brain could failure multi sig contracts, spread across people and devices

Watch out for:

The web is broken, centralized, competing standard, no governing security model dapp browser, check https, check recipient address match the contract, do not use CDN (other are serving the program). JS injection can execute code and change your address. Audit and test contract, python vm source code is 600 lines have a look. Code usually is not robust against chain reordering (as example in commit and reveal scheme)

Many EIP for finding solution pro security:

Christian Reitwiessner, Yoichi Hirai @pirapira

Formal verification

Writing correct code is hard.

Correct means the mental model is the same executed by the code. As example, for transfer function (example doesn’t check overflow) formal verification can check that total sum of funds isn’t changed after calling the function (thus discovering the unchecked overflow).

Formal verification is coming in ethereum. Microsoft research INRIA Harvard many are working on

Tools exist for C (Frama-C), Java (Krakatoa), Ada (Spark). This tools works by annotating methods with pre and post condition (why3 compile this in checks and test it). Example of why3 annotation on the before transfer example.

Since Ethereum specification exist and is 32 pages long Yoichi could write a formal verification for it

Arkadiy Paronyan

Parity’s innovations

Grant Passmore

Imandra contracts: Formal verification for Ethereum

The state on Ethereum (after the DAO) is a dream for formal verification experts.

They formalized the EVM and now they can do formal verification things like symbol execution!

Ultra cool video

Problems: lack of automated audit tools, bugs, risk management, translate tools ie ethereum to consultation-distributed-ledger-technology-applied-securities-markets

Me and Marco thought this presentation and the video was too curated and marketing oriented, but Joey Krug from Augur told us that he tried the resources and are probably the best formal verification tools available for Ethereum right no.

Roman Mandeleil

Full stack of Ethereum

Ethereum studio is a full stack ide, debugging…

EthereumJ is used by many big customer: Deloitte, Clearmatics, Gemini, Santander, Rootstock

Santander is issuing IOU asset on Eth (they are still waiting final permission from the regulator). Virtual Accelerator 50.000$ price in crypto.

Judges are Primavera De Filippi, Adam Draper and others. Valuated by the free market. Very soon they publish white paper, formalizing the process of the virtual Accelerator.

Aaron Davis

MetaMask bridging browsers to blockchains

The core idea is easy of adoption.

It’s online on the chrome store, coming out on opera, firefox and edge. Safari is not supported cause it’s not following extensions standards.

You can create a vault.

How it works without tcp/udp and syncing? With a trusted rpc server.

Zsolt Felfoldi

Building the light client

Quick syncing, from 1 to 5 minutes for sync (cpu bounded on building canonical hash tree).

Low resource requirement: less than 100MB of db 500MB of ram.

RPC compatible with full node (already working with mist)

Peter Szilagyi

Ethereum from Go and beyond

geth started from the beginning, everything built on top in the faster way, network majority prevented to drop features -> it is getting tech debt and using as library is unfeasible

geth 1.5 a new dawn

What about Android and iOS?

Daniel Nagy

Scalable decentralized application for Swarm and Ethereum

Things needed for web 3.0

URL begins with a collections root hash (in binary, similar to a directory), any change put & delete

Root hashes can be registered in the blockchain name system ENS.

Distributed photo app already exist, web app and data are stored in the same root hash. Generating thumbnails? Created client side at creation phase. So this was easy more computationally expensive task could be built with delegated computation specifying data, task and reward.

Another example is distributed dropbox, or distributed github, or distributed wikipedia with no official truth

Nikolai Mushegai

Dapple Dev workflow

Dapple is a development tool with package dapp descriptor format chain forks and EVM extension

Christian Reitwiessner

New and future features of Solidity

Safety: exception on division by zero, failed creation and call to non-contract.

Payable modifier on methods. modifier do not skip anymore the tail part.

Talk about Oraclize, the callback function could change and not be fixed like it is now

Iuri Matias

How to develops app using Embark

Tim Coulter

Truffle development framework

Project has 421 github stars.

ethereumjs-testrpc in memory ethereum client. Instant mining, account creation, hd wallet, programmable. no chain required. Super useful for testing.

You can also fork live chain using onchain data up to the fork.

Nick Johnson

ENS ethereum name systems


  1. There are 14 domain name server we should have one!
  2. We now have 15 systems

What do we need?

Registrars -> End Registry -> Resolvers

registry tree structure

Names are stored on a flat map: the key is an hashchain of the tree elements sha3(sha3(sha3(swarm) + “eth”) + “root”)

Every name owner has authority on subnodes

Technically is all here, but governance…

When .eth launched registration timeframe open.

Submission for registration during the timespan works with a blind action: the highest bidder wins the name, he pays the second highest bid. Deposits are keeped until you abandon the name (then another auction start).

Loi Luu

Making smart contract Smarter

Oyente analyzer, find popular bugs: TOD, reentrancy …

Puzzle Solver example:

if submit solution and collect rewards happens in the sam block there is a transaction ordering problem.

Oyente from the bytecode and the Ethereum state visualize possible problems.

Symbolic execution take any possible branch caused by input in the program and try all the possibilty.

oyente is under

combine static and dynamic code execution

Bin Lu


CarbonVote working by sending an empty transaction to yes or no, the amount of the sending address is evaluated as weight

During the DAO Carbonvote was:

Lefteris Karapetsas

Ethereum meets the outdoors

Sikorka facilitates deploy contracts in real world locations. Proof of presence!

Sikorka is Geobit on Ethereum.

Potential applications: Loyalty programs, attendance in a specific location, augmented reality games

Combination of: geolocation, challenge question/answer, image data

Using specialized hardware: QR code, RFID tag, bluetooth, NFC?

Deployed contracts follow specific interface. Parameters are name, location, question and answer hash.

System allows users to search for nearest Sikorka contracts. There is a modifier if user give valid proof of presence.

Yann Levreau

Remix and other tools

Remix is a rewrite from the beginning of mix, written in js

Alex Beregszaszi

Git on Ethereum, IPFS and Swarm

Git is a versioning system. It was create with distribution in mind, but there was no decentralized tools.

Why Mango?

  1. Do not trust github as central repository
  2. Every changes has a proof of existence (timestamp) prior art (like Peter Todd git timestamp?)
  3. Storing large files as single block (only differences are restored, all same chunk are not restored??? what if content shifted???)
  4. Ethereum is decentralized, even the repo should be decentralized

Git is working on local system

Every object is referenced with sha1 compressed hex

Commit is an authorization with name of the editing.

Tree refer to other tree

Merge reference multiple object

Naive implementation store everything in blockchain -> too expensive -> use IPFS and swarm.

But there is an Issue: need to map git identifiers which are sha1. The solustion is a snapshot that is a mapping between sha1 and ipfs multihash.

git push means a call in the contract with the commit hash and the snapshot reference (140k gas)

There is one contract for every repo, managing access control.

Using ENS for symbolic names.

Future of Mango:

Mango repo

Day 3, 21 September 2016

Marley Gray

A lap around developing cryplets (Microsoft)

Cryplet is a secure execution environment by Microsoft

everything blockchain in Microsoft is called bletchey

Using SGX in its base

secure execution with enclaves on demand, end to end attestation. Today released whitepaper Ethereum consortium Blockchain network.

Alex Van de Sande

Mist Why, How

He build the site, author of claims “How the internet was supposed to work”, “Build unstoppable application”. He is a little bit of sorry for this claims but he still believe they are true.

Client server model has single point of failure and mobile client has more power now. Isolation of information for company interests.

Build the internet like roads usable for centuries not railroad that become unusable if failure/blocked

Fabian Vogelsteller


Ethereum javascript application

Project passed by Jeffrey Wilcke => Marek Kotewics => Fabian Vogelsteller

Christoph Jsntzsch

Smart contract security

possible solution:

Thomas Bertani

A Provably Honest Oracle Model: Auditable Offchain Data Gathering and Computations

Mana Thanabalan


They incorporate companies.

Why the chartered company? We achieve wonderful things because we are organized. This is the best use case for ethereum smart contracts.

In history, growing level of decentralization, chartered company 1268, dutch east company 1602, post war industries, moderna corporation, blockchain, Decentralized autonomous organization.

everything works on The identity smart contract and the company smart contract

### Juan Bennet


Juan announced is going to build filecoin to incentivize the IPFS network upon ethereum


divided in collateral token (like REP in augur) and outcome token can a bet beat alpha go?

David Dias

IPFS + ethereum networking

Build libp2p which is modular and includes (webrtc, torrent, rlp, tls, tcp, pubsub, tor …)

With such infrastructure physical link and virtual link are separated. Virtual can be built on virtually any transport layer.

What do we need to run ethereum in the browser? Run EVM in the browser with the transpiler. Fetch blocks from peers directly from the browser.

Joey Krug (Augur)

Updateable dapps

Private key update the contracts, or multisignature.

Once the EVM run on WebAssembly you can write smart contract on any language for example in Ada which is the language which was always used for mission-critical task and has the most formal verification tool and security process to grant the higher level of security of code ever.

In private talks he is a smart guy.

Roeven Heck and Christian Lundkvist

uPort universal identity platform consensys

key management, UX, dapps on mobile, identity and data ownership.

Key recovery inside android tee? controller contract => Recovery contract => application context

They have built a system where you can delegate key recovery to choosen trusted friends.


You can move token.

At the moment the poll close you get counted.

Extend ERC20 to allow the lock of funds.

Double linked list for votes When counted votes they are removed from the doubly linked list. Then released the token. Using a doubly linked list is perfect in case of finishing the gas in the transaction cause you could resume work in a later transaction.

Edit this page