Devcon2

19 Sep 2016

Notes on presentations

Day One, 19 September 2016

### Martin Becze

He is researching on EVM 2

### Peter Szilagyi

Team GO

Sorry for network problem

Jeff had a baby (main release) and Peter is in charge of the project now

### Christian Reitwiessner

Cpp Team

Working on accelerated interpreter

Remix, mix restart from scratch => serverless IDE

Solidity more flexible and safer

Alex Van de Sande

MIST started from go team and become stand alone team

Vitalik Buterin

He is on research of future protocol feature. He and Vlad are working on sharding (there is a test client)

Peter Van Valkenburh

Regulatory considerations for Dapp development

CoinCenter promote regulatory climate preserving freedom to innovate. There are a lot of bitcoin company supporters.

Like Ferdinando they commented ESMA consultation.

They was bitcoin only 2 years ago, (Washington DC at least know it) but now also ethereum and Consensus Open network

They test if something is a good investment under US security laws.

After Paycoin they created a Framework for securities regulations of cryptos, what is less likely to treated as securities:

• Token purchased of use value not for profit expectation
• Token purchased after is already up and running
• Token value is dependent on owners efforts so, things to avoid
• Initial coin offering
• Profit sharing
• Endorsing of unregistered securities

Available to contact for any doubt of offering

Vitalik Buterin

Ethereum in 25 minutes, a guided tour through the depths of the Merkle underworld

During 2013 people start thinking blockchain is useful for stuff: Colored coins, dns… But most blockchain single purpose device. They are calculator or swiss army knife.

Ethereum is like a Windows Phone (platform for application)

The State is the current information

• Balances
• Nonces
• Contract code and storage

History = things happened

• Transactions
• Receipts

Full node keep state and optionally history, every account object has:

• Nonce
• Balance
• Contract code (empty for user)
• Contract storage root trie

Every node process all tx

Future:

• PoS
• privacy support, zk-snark precompiles ring sig, not at base protocol level
• blockchain representation, vm upgrades
• More flexible use of storage
• Scalability (Sharding)

Panel: Evolving the EVM

• Greg Colvin CPP
• Martin Ethereum JS
• Pawel Bilica EVM JIT
• Christian Reitwiessner Solidity
• Alex Beregszaszi Solidity

EVM 2 will use WebAssembly.

Transpiler is needed from EVM to WebAssembly. Why? Because you are backward compatible with existing smart contract.

Why WebAssemply? Code format for browser fast/efficent/portable designed to run on untrusted environment. Once using WebAssemply you can use any language to write smart contracts.

### Philip Daian

IC3 initc3.org

• Scaling / Performance
• Correctness
• Confidentiality
• Authenticated data

The problems are bugs, security more closely tied than anywhere (attacker anonymously monetize, code is public)

• Formal verification
• Way to escape (curators…)
• Bug bounties

Good practices:

• Specification, the more rigorous the better.
• English
• formal (their work Oyente “Making Smart Contract Smarter”)

Escape hatches, you need a human in the loop

Aron Fischer and Viktor Tron

Swap, Swear and Swindle, Swarm incentivization

Swarm is storage solutios for Ethereum, whisper Get data, calculate H of data and the closest node should store that. Routing continuosly ask nearest peer that gives nearest and so on…

Accounting of used bandwith to reward good behavior and penalize bad ones.

Chequebook smart contract used to not pay for every content served. Only the last cheque is payed. Cheque are different from channel. They are basically trusted promissory notes of small value.

If peers get paid they are incentivized to keep popular content. There are no guarantee that less popular content will remain available -> pay nodes to keep your content.

To guarantee that unpopular content remain available over time, challenge the swarm for proof of custody for the data still available, the proof of custody release the payment. What if you can’t find the data you paid for? Security deposits for insurance -> Swindle.

To ask proof of custody you don’t have to keep all the original file but only a small part and make the challenge of a small subset of the small part of the data.

But if storing just a partial content and if no one answer correctly to the proof of custody there are no way to recover the original data.

Private talk with Joseph Poon

He’s interested in atomic swap between chains, this requires software talking and he is here to let someone code this for him. They probably have 12 persons working on lightning network and they will be probably not in the lab for the hackaton after scaling.

Greg Colvin

Making the EVM scream

From infinite precision to 512 bit gas from 256 to 64 bits Other changes granting lots of improvement on speed

Heiko Hees

Raiden Network, Off-chain state network

Problems are: throughput, finality, confidentiality, cost.

Scaling to 1M+ tx/s, ERC20 compatibilities, Atomic Swaps

They already have a working prototype, showing us an IoT demo on using Raiden Network to pay for electricity

Collaborating with swarm guys

On chain Exchange -> maker broadcast offer, taker ask for atomic token Swap Problem of free option, party that commits first offers free options. Tokens locked till timeout. Possible solutions is commitment deposits from a third party but Limited trust required

Christian Reitwiessner

Truebit: Trying to fool a blockchain

Wokrs by doing a 1M step computation of the state root hash by both parties. at some time they differ and I don’t understand why this is useful

Viktor Tron

Towards web3 infrastructure

Swarm build on chunks of 4Kb. Chunks hashes build a merkle tree granting compact merkle proof and built-in integrity. Who/How the merkle tree is stored???

TJ Saw

Parity’s launch

Gavin Wood is not available because he is becoming dad. Written in Rust, language from Mozilla foundation.

UI running on a web browser from localhost:3000 very cool

Jeff Coleman

State channels: making your application practical

Contract between two parties transacting directly Judge not in the blockchain, in the end multisig with judge outside state channel parties must be online or the can leave promises with hired “bystanders”.

concrete example: etherdice. user submit bets, and hashes for random. bets stop, bets confirmed, preimage communicated, winner executed. Lot of tx lot of Problems.

With state channel zero tx or almost zeros

Martin Becze and Alex Beregszaszi

Ethereum WebAssembly

VM is the core. Performance are needed

EVM has 256 bit words of computation

It has special instructions GASLIMIT, BALANCE, SHA3, they should’t be missing instructions.

WebAssembly has: portable size, Efficient load time. Secure sandbox. Toolchain compatibility, RISC, compact binary representation, fast decoding, single pass validation, Integer and Float operations.

(the latter not included in EVM2).

Defines as AST abstract state machine which easily processed and transformed.

Already implemented in Chrome, Firefox nightly, edge, nodejs 7.0,

It is Proposed replacement for current EVM, restricted set of WASM, ex no float point operations. Defines backward compatibility for existing smart contract code with EVM2WASM translate from evm to wasm producing very fast code. 5000 line of wasm, 400 of js.

Metering injection, decoupling from VM. Inserting calls for gas calculation at run time.

EEI Ethereum interface VM semantic 3 new rules

1. check contract for ewasm signauture
2. call EVM2WASM
3. use sentinel contract

Light client easily written integrating the kernel <1000 lines of WebAssembly.

Zcash could be build on WebAssembly

There is a ewasm-libc so you can write smart contract in C.

GAS on EVM1 calculated by benchmarking on Vitalik’s laptop. With WASM gas cost will be based on the cycle count. The gas cost table will be stored in a contract so any client shouldn’t changes for changes in gas (it’s an update on data not an update on code).

Web assembly use less cycle for example for sha256 that could be implemented as real instructions not special precompiled one.

Vlad Zamfir

A Correct-by-Construction Asynchronous Casper Protocol

Byzantine consensus safety on 2/3 in async network, 1/2 in sync one estimates are non finalized decisions or decision proposals adversary try to change an estimates.

He is trying to demonstrate proof of stake validity in asyncronous network (even if a syncronous assumption could be enough for crypto network) because is more general assumption (isn’t solving proof of stake enough?)

Interesting that Vlad wrote on twitter that privacy and anonimity of zcash could be dangerous, and from zcash blog post he is one of the investor

Jan Xie

Ethereum on Ruby

Core principle of Ruby is happyness -> readability and flexibility

Teth is a smartcontract testing Framework. Test runs without chain and mining. Emulates the EVM to run unit tests.

Zooko Wilcox

Zcash + Ethereum = <3

Blockchain properties:

• Append only - immutability
• Canonicity - single source of truth
• Encryption for privacy and selectively disclosure

Zcash first of his kind to have all this properties! Zooko has no idea what you can do with this.

Privacy is fundamental human right. It has: individual, social, business and economic value.

If you encrypt transaction, how nodes could validate transaction? zk-SNARK! With ZKP you can make crypto proof so they know noone can know that proof without knowing the private key of that output.

How to combine privacy & programmibility? Baby ZoE add zsnark precompiler in Ethereum.

Project Alchemy, include verify zcash pow in solidity, like BTCRelay this is ZRelay. Smart contracts could fullfill orders (decentralized exchanges) but also ethereum contracts could send and receive zcash.

Zcash launches on 28 October. Bitmex already trade Future Zcash today and they are priced at around 0.08 BTC

Lucius Greg Meredith

#### Types for tokens (on agenda: Behavioural types for smart contracts)

Colletive intelligence, swarm intelligence in bees is like global consensus. So it’s present in nature!

We need new kind of disciplines, not just data access errors. A lot of verification is possible at compile time.

We need formal verification for mission-critical systems, formal verification need to lower the cost to achieve global adoption. When you recode the DAO bug in rholang is a Race condition.

Rholang is synereo’s blockchain-based social contracting language with a built-in behavioral typing mechanism. All programming languages are generated by monads that are an abstraction. The reason to achieve this level of abstraction is because you can make formal verification easier.

Bob Summerwill

Ethereum for resource-limited devices

CEO of doublethink

Resource-costrained device are less capable then desktop machine, limited in cpu, memory, storage, connectivity, batteries or operating system.

Why ethereum on this devices? ie. mobile computing is today mainstream computing.

Java Ring, in 1998 public key encryption and lot of things we are talking now!

2016, samsung watch, ESP8266 2$ wifi enabled chip

Ethereum scale of options, sign locally trusted sever, light client, full node, archival node, cross-cpp-ethereum to cross build in various env, also arm linux. Go version already work on android. Ethereum light client run on raspberry 25MB binary 50Mb chain cpu 12% ram 162MB, 9 min sync

Whisper development has been restarted

Virgil Griffith and Vikram Verma

Designs fot the L4 contract programming language

legalese.com is developing a software translating a smart contract to english legalese.

how do you call a runtime debugger? litigation

Vitalik Buterin

The Mauve Revolution

What sucks on Ethereum:

1. Privacy (Zcash and ring signature)
2. Scalability
3. PoS because PoW Cost
4. Latency

Virtual Mining (PoS)

• pow 1000$ miner
• pos 1000$ => 83 ETH => virtual miner

Casper PoC3 approach

A special contract could be invoked with some ether deposited. With Parameter validation_code, random source, withdrawal address, if the call is made in epoch 1 you became a validator at the start of epoch+2.

While in the pool you could be assigned to create a block with a probability proportional to ether deposited.

A block must contain a signature of the validator (using Lamport signature which are quantum resistant)

If you want you can withdraw the eth (which you can’t with physical miner) and the effects after 2 epoch. you get your deposit + rewards - penalties

Validator selection:

• Stake grinding
• Marginal cost => marginal revenue?
• Only the validator of the next block is know
• What if validator selected is not available, a list of validator is selected, every one has 4+8i time to answer
• nothing at stake
• In PoS you can vote for 0.9 chain A AND 0.1 chain B (in PoW you have to choose A or B). We need Dunkles, if you make a block that doesn’t go in the chain you lose the block rewards (penalties)
• In Casper wins the blockchain with most value at loss backing wins. How much validator will have to lose…? Finality why? make rollbacks expensive. Light client syncing in O(1)

Sharding

onchain scaling to tens of thousands tx every node keep small tx of the transaction but can merkle verify any tx There is home shard

Joseph Poon

State channels security considerations and solutions

On the Blockchain economic considerations are security considerations.

One of the partecipants in channel could allow one party to prove some state otherwise a timeout trigger.

Use relative timestamps the cost of enforcing is smaller, it’s really important to keep it simple, solving the free option problem by requiring 10k steps to realize the tx, so minimizing the free option opportunity

Day two, 20 September 2016

Joseph Chow

Security learning from BTC Relay -> another name

DAO bug could be solved by swapping two lines!

Starting security repo: smart-contract-security-repo

• Prepare for failure
• Roll out carefully, testnet, beta on mainnet, production
• Keep contract simple
• Calling untrusted contract is always dangerous

Examples:

• Function to check balance, checked every second, sending out funds if alarm trigger
• Do not use call.value(), use .send()
• Handle errors in raw calls
• Pull over push for external contract

pull over push is instead of sending, save in an array the amount due to someone, and write a method that withdraw checking the amount due.

Raine Revere

Visualizing Security

How do you spot smart contract security vulnerabilities?

Some attacks:

• Array griefing, array grow enough that cannot iterate over it
• reentrancy
• underflow/overflow example unsigned int check

How to detect:

• Static analysis works without executing
• Solidity parser -> abstract tree
• Solgraph analysis from abstract tree to see Untrusted code. As Example used on DAO will warn on reentrancy
• We need standardized unit testing

There are three developer type:

• Web developer, Java, Python.. simplicity, usability and praticality. They undervalue security
• System engineer c++ assembly. they undervalue abstraction
• Academic formal verification. they undervalue praticality (small group)
• Non developer no ability to understand difficulty

Martin Swende

Ethereum security overview

ISOLATION, in the hot wallet amount spending everyday. The cold wallet is the bank, frozen backups, and in exchange only amount you could lose

cold electronic wallet, ledger nano S first USB armory is a generic computer ORWL backup against fire, electric failure, water, thieves, and brain could failure multi sig contracts, spread across people and devices

Watch out for:

• Randomness
• Sybil attack
• Rage quitting, party quitting locking the contract? operator close and collect money

The web is broken, centralized, competing standard, no governing security model dapp browser, check https, check recipient address match the contract, do not use CDN (other are serving the program). JS injection can execute code and change your address. Audit and test contract, python vm source code is 600 lines have a look. Code usually is not robust against chain reordering (as example in commit and reveal scheme)

Many EIP for finding solution pro security:

• EIP 116 static call to a contract that cannot modify the state of the calling contract
• EIP 101 big arithmetics…

Christian Reitwiessner, Yoichi Hirai @pirapira

Formal verification

Writing correct code is hard.

Correct means the mental model is the same executed by the code. As example, for transfer function (example doesn’t check overflow) formal verification can check that total sum of funds isn’t changed after calling the function (thus discovering the unchecked overflow).

Formal verification is coming in ethereum. Microsoft research INRIA Harvard many are working on

Tools exist for C (Frama-C), Java (Krakatoa), Ada (Spark). This tools works by annotating methods with pre and post condition (why3 compile this in checks and test it). Example of why3 annotation on the before transfer example.

Since Ethereum specification exist and is 32 pages long Yoichi could write a formal verification for it

Arkadiy Paronyan

Parity’s innovations

• Focus on internals, written in rust which grants memory safety and concurrency safety guarantee without GC.
• High throughput, low latency and low footprint
• Secure transaction, signer is in a isolated environment.
• Private chains supported on parity (PoA proof of authority)
• State trie pruning
• Warp sync and other
• Roadmap
• BFT PoA chains
• Stratum protocol
• Light client
• Metropolis

Grant Passmore

Imandra contracts: Formal verification for Ethereum

The state on Ethereum (after the DAO) is a dream for formal verification experts.

They formalized the EVM and now they can do formal verification things like symbol execution!

Ultra cool video

Problems: lack of automated audit tools, bugs, risk management, translate tools ie ethereum to consultation-distributed-ledger-technology-applied-securities-markets

Me and Marco thought this presentation and the video was too curated and marketing oriented, but Joey Krug from Augur told us that he tried the resources and are probably the best formal verification tools available for Ethereum right no.

Roman Mandeleil

Full stack of Ethereum

Ethereum studio is a full stack ide, debugging…

EthereumJ is used by many big customer: Deloitte, Clearmatics, Gemini, Santander, Rootstock

Santander is issuing IOU asset on Eth (they are still waiting final permission from the regulator).

hack.ether.camp Virtual Accelerator 50.000$ price in crypto.

Judges are Primavera De Filippi, Adam Draper and others. Valuated by the free market. Very soon they publish white paper, formalizing the process of the virtual Accelerator.

Aaron Davis

MetaMask bridging browsers to blockchains

The core idea is easy of adoption.

It’s online on the chrome store, coming out on opera, firefox and edge. Safari is not supported cause it’s not following extensions standards.

You can create a vault.

How it works without tcp/udp and syncing? With a trusted rpc server.

Zsolt Felfoldi

Building the light client

Quick syncing, from 1 to 5 minutes for sync (cpu bounded on building canonical hash tree).

Low resource requirement: less than 100MB of db 500MB of ram.

RPC compatible with full node (already working with mist)

Peter Szilagyi

Ethereum from Go and beyond

geth started from the beginning, everything built on top in the faster way, network majority prevented to drop features -> it is getting tech debt and using as library is unfeasible

geth 1.5 a new dawn

• Client side account management
  • 10 line for account management without node
• why RPC spec?
  • Remote node API
  • 10 line of code to query blockchain through IPC, Http or WebSocket. With push notification!
• Why Ethereum ABI?
  • Let’s switch to automatic bindings to contracts
  • Native binding generator, with a type-safe Go binding
• why third party node?
  • In process ethereum client
  • run eth node inside a go app

What about Android and iOS?

• Geth 1.3 already ran on mobile, not really embeddable and good for release
• Geth 1.5 runs with full java bindings
• The go wrapper works also as JavaWrapper, so you can ask a contract and call the method in java
• Binding works also on iOS

Daniel Nagy

Scalable decentralized application for Swarm and Ethereum

Things needed for web 3.0

• Swarm (which could adopt same address system used by IPFS, uris begin with bzz
• Blockchain based consensus
• Asyncronous messaging (whisper)
• Business logic on the client (javascript or native app)

URL begins with a collections root hash (in binary, similar to a directory), any change put & delete

Root hashes can be registered in the blockchain name system ENS.

Distributed photo app already exist, web app and data are stored in the same root hash. Generating thumbnails? Created client side at creation phase. So this was easy more computationally expensive task could be built with delegated computation specifying data, task and reward.

Another example is distributed dropbox, or distributed github, or distributed wikipedia with no official truth

Nikolai Mushegai

Dapple Dev workflow

Dapple is a development tool with package dapp descriptor format chain forks and EVM extension

Christian Reitwiessner

New and future features of Solidity

• Inline assembly
• Internal library functions (string utils for example)
• Using x for y (use reference of strings and not copy of it)

Safety: exception on division by zero, failed creation and call to non-contract.

Payable modifier on methods. modifier do not skip anymore the tail part.

Talk about Oraclize, the callback function could change and not be fixed like it is now

Iuri Matias

How to develops app using Embark

• First Framework for building dapps.
• Compatible with any build pipeline
• Supports solidity and serpent
• Dependent contract deployment
• Extended use of promises
• Automatic type conversion and parameter
• Supports messaging system with whisper, eth contract or telehash
• Supports storage with IPFS, swarm, smart contract, maidsafe, storj
• Supports distribution deploying on IPFS
• Builds desktop app on mac, windows and linux

Tim Coulter

Truffle development framework

Project has 421 github stars.

ethereumjs-testrpc in memory ethereum client. Instant mining, account creation, hd wallet, programmable. no chain required. Super useful for testing.

You can also fork live chain using onchain data up to the fork.

Nick Johnson

ENS ethereum name systems

Comic:

1. There are 14 domain name server we should have one!
2. We now have 15 systems

What do we need?

• separation of concerns
• distributed authority and implementation
• Forward compatibility
• Efficient on chain search

Registrars -> End Registry -> Resolvers

registry tree structure

• root
  • eth
    • swarm.eth

Names are stored on a flat map: the key is an hashchain of the tree elements sha3(sha3(sha3(swarm) + “eth”) + “root”)

Every name owner has authority on subnodes

Technically is all here, but governance…

When .eth launched registration timeframe open.

Submission for registration during the timespan works with a blind action: the highest bidder wins the name, he pays the second highest bid. Deposits are keeped until you abandon the name (then another auction start).

Loi Luu

Making smart contract Smarter

Oyente analyzer, find popular bugs: TOD, reentrancy …

Puzzle Solver example:

if submit solution and collect rewards happens in the sam block there is a transaction ordering problem.

Oyente from the bytecode and the Ethereum state visualize possible problems.

Symbolic execution take any possible branch caused by input in the program and try all the possibilty.

oyente is under github.com/ethereum

combine static and dynamic code execution

Bin Lu

CarbonVote

CarbonVote working by sending an empty transaction to yes or no, the amount of the sending address is evaluated as weight

During the DAO Carbonvote was:

• 87% Yes for fork
• 13% No

Lefteris Karapetsas

Ethereum meets the outdoors

Sikorka facilitates deploy contracts in real world locations. Proof of presence!

Sikorka is Geobit on Ethereum.

Potential applications: Loyalty programs, attendance in a specific location, augmented reality games

Combination of: geolocation, challenge question/answer, image data

Using specialized hardware: QR code, RFID tag, bluetooth, NFC?

Deployed contracts follow specific interface. Parameters are name, location, question and answer hash.

System allows users to search for nearest Sikorka contracts. There is a modifier if user give valid proof of presence.

Yann Levreau

Remix and other tools

Remix is a rewrite from the beginning of mix, written in js

Alex Beregszaszi

Git on Ethereum, IPFS and Swarm

Git is a versioning system. It was create with distribution in mind, but there was no decentralized tools.

Why Mango?

1. Do not trust github as central repository
2. Every changes has a proof of existence (timestamp) prior art (like Peter Todd git timestamp?)
3. Storing large files as single block (only differences are restored, all same chunk are not restored??? what if content shifted???)
4. Ethereum is decentralized, even the repo should be decentralized

Git is working on local system

Every object is referenced with sha1 compressed hex

Commit is an authorization with name of the editing.

Tree refer to other tree

Merge reference multiple object

Naive implementation store everything in blockchain -> too expensive -> use IPFS and swarm.

But there is an Issue: need to map git identifiers which are sha1. The solustion is a snapshot that is a mapping between sha1 and ipfs multihash.

git push means a call in the contract with the commit hash and the snapshot reference (140k gas)

There is one contract for every repo, managing access control.

Using ENS for symbolic names.

Future of Mango:

• Git nodes for viewing repo locally
• Store issues within git
• Store releases within git
• Store pull request within git

Mango repo

Day 3, 21 September 2016

Marley Gray

A lap around developing cryplets (Microsoft)

Cryplet is a secure execution environment by Microsoft

everything blockchain in Microsoft is called bletchey

Using SGX in its base

secure execution with enclaves on demand, end to end attestation. Today released whitepaper Ethereum consortium Blockchain network.

Alex Van de Sande

Mist Why, How

He build the site, author of claims “How the internet was supposed to work”, “Build unstoppable application”. He is a little bit of sorry for this claims but he still believe they are true.

Client server model has single point of failure and mobile client has more power now. Isolation of information for company interests.

• devcon0
• devcon1 ethereum wallet (dynamic interface)
• devcon2
  • Mist light client sync in less than one minute (show parameters)
  • In browser you can paste an hash and the app will be downloaded from swarm (ENS in future) authenticated binaries and interface from swarm.
  • swarm dashboard use resource disk bandwith and rewards
  • erc67, uri scheme to create contract by click

Build the internet like roads usable for centuries not railroad that become unusable if failure/blocked

Fabian Vogelsteller

web3.js

Ethereum javascript application

Project passed by Jeffrey Wilcke => Marek Kotewics => Fabian Vogelsteller

• web3 rewriting. will be sockets IPC and/or WS
• filter system changed
• better modular structure
• going on promises instead of syncronous calls. also for contract calls

Christoph Jsntzsch

Smart contract security

possible solution:

• cap contracts
• check invariants
• centralization, going stepwise from centralization to decentralization (digix is still a central trusted authority)
• establish security patterns
• updateable contracts
• time delays gives central authority time to act (no central auth in splitDAO)
• minimal complexity
• reuse trusted proven code like standard token contract and multising and hopefully one DAO standard framework. This approach could be dangerous because widely used.
• better tools

Thomas Bertani

A Provably Honest Oracle Model: Auditable Offchain Data Gathering and Computations

• Tls notary
• Android Safety new way.
• Intel SGX (enclave remote attestation by intel)
• Oraclize computation through ipfs and aws

Mana Thanabalan

Otomonos

They incorporate companies.

Why the chartered company? We achieve wonderful things because we are organized. This is the best use case for ethereum smart contracts.

In history, growing level of decentralization, chartered company 1268, dutch east company 1602, post war industries, moderna corporation, blockchain, Decentralized autonomous organization.

everything works on The identity smart contract and the company smart contract

### Juan Bennet

IPFS

Juan announced is going to build filecoin to incentivize the IPFS network upon ethereum

Gnosis

divided in collateral token (like REP in augur) and outcome token can a bet beat alpha go?

David Dias

IPFS + ethereum networking

Build libp2p which is modular and includes (webrtc, torrent, rlp, tls, tcp, pubsub, tor …)

With such infrastructure physical link and virtual link are separated. Virtual can be built on virtually any transport layer.

What do we need to run ethereum in the browser? Run EVM in the browser with the transpiler. Fetch blocks from peers directly from the browser.

Joey Krug (Augur)

Updateable dapps

Private key update the contracts, or multisignature.

Once the EVM run on WebAssembly you can write smart contract on any language for example in Ada which is the language which was always used for mission-critical task and has the most formal verification tool and security process to grant the higher level of security of code ever.

In private talks he is a smart guy.

Roeven Heck and Christian Lundkvist

uPort universal identity platform consensys

key management, UX, dapps on mobile, identity and data ownership.

Key recovery inside android tee? controller contract => Recovery contract => application context

They have built a system where you can delegate key recovery to choosen trusted friends.

Colony

• No skewed incentives
• No double vote => Identity to avoid
• No bandwagon vote => Commitment

You can move token.

At the moment the poll close you get counted.

Extend ERC20 to allow the lock of funds.

Double linked list for votes When counted votes they are removed from the doubly linked list. Then released the token. Using a doubly linked list is perfect in case of finishing the gas in the transaction cause you could resume work in a later transaction.