3. Blockchain and smart contracts This article is the third chapter of a series about web decentralization. Here we will focus on one of the most trending buzzwords of the year: . While it has real and unquestionable potential, it also has significant limits. We will have a look at the main public blockchains (meaning available to everybody) and see when it can be a clever choice in a project. the blockchain Series articles Introduction File storage Blockchain and smart contracts Databases Before going further, if you have no idea what blockchain is, watch this 2 minutes video to get the main principles: A brief history of the blockchain 1995 — The first signs For the anecdote, the first known blockchain has been created in 1995 and its ledger was… a newspaper. Stuart Haber and Scott Stornetta, two researchers in cryptography, decided to use the NOTICES & LOST AND FOUND section of the to timestamp and certify data. What is the link with the blockchain everybody is speaking about nowadays? Well, it has the same characteristics: Information is encrypted and stored in a timestamped block (here an edition of the newspaper and will be distributed to a network (newspaper readers). This process makes it almost impossible to falsify data. Indeed, one could print a backdated version of the newspaper and change its content. But it would be extremely easy to verify if a version is fake or not by looking at many archives. New York Times To be precise, the information stored in the newspaper is just a hash that allows verifying the integrity of the data that is stored "off-chain". Otherwise, they would need much more space in the newspaper! You can read more about the process . here 2009 — And God created Bitcoin Bitcoin is a created in 2009 by someone under the name Satoshi Nakamoto. Its real identity is still unknown and subject to as many debates than the street artist Banksy. to read about the best conspiracy theories. But for sure, he is probably extremely rich now as he mined about a million blocks at the very beginning (the exchange rate fluctuates a lot, but makes him multi-billionaire). decentralized digital currency Search "Satoshi Nakamoto identity" on Google What makes Bitcoin revolutionary is the fact it is decentralized: it isn't owned by any bank or organization, and anyone can be part of the network. Transactions are verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. You might wonder how we can get a consensus without a centralized trusted entity? To achieve that, miners (a.k.a. full nodes, they are rewarded to write data) have to provide a (PoW) in order to append new data into the blockchain. A PoW is the result of a complex calculation (time and energy consuming) that can be easily verified. To sum up, a single node will spend resources to append data to the blockchain, which integrity can be verified by any node. Bitcoin uses the PoW and constantly adapt the calculation difficulty. Proof of Work HashCash The two main drawbacks of the Proof of Work consensus algorithm are the following: Mining consumes a lot of energy due to the calculation complexity. Even though the currency is purely virtual, it consumes more energy than 159 countries (not combined though). It isn't sustainable nor desirable and is even more regrettable since the computations are totally useless (they aren't helping science for instance). In reality, Bitcoin full nodes aren't that much decentralized because big mining pools have more chances to get their work rewarded over individual miners. Here is the last year pools distribution: — Last year 58% of the blocks were mined by only 4 mining pools Mining pools distribution It is vulnerable to 51% attacks. To make it simple, if a group was able to control the majority of the mining nodes, they would be able to compromise the whole system integrity. It is, of course, a very expensive attack, but given the current distribution, hackers would "simply" have to take control of a few organizations to make it possible. I won’t spend too much time on Bitcoin which is mostly limited to financial transactions (even though and ). it has a scripting language it is technically possible to write smart contracts 2015 — Ethereum extends the potential of the blockchain Vitalik Buterin, a programmer interested in Bitcoin, saw a much broader potential for the technology behind this crypto-currency. He and his team introduced a new blockchain aiming to create . Instead of sticking to a basic set of operations, like in Bitcoin's scripting language, Ethereum offers a Turing-complete language. To make it simple, that means you can theoretically solve any computational problem in a assuming you have enough computation resources. Let's be clear, you will face computational limits much faster than in most languages because executing code in Ethereum has a cost (called ) and will take more time. So it is up to the developer to keep a low complexity into the program (avoid nested loops or loops with a high number of iterations). Decentralized Applications smart contract, gas The smart contracts can be written in various languages, the most popular one being . They are then compiled in an Ethereum-specific bytecode and executed in the (EVM), similarly to Java. The concept of smart contract might still be abstract in your head. If you are curious about what does a smart contract can look like, . Solidity Ethereum Virtual Machine here are a bunch of examples When coding smart contracts, security is a primary question because you are dealing with money and a small leak could have huge impacts. One good practice is to reuse libraries that have been audited instead of writing everything by yourself. Take a look to , probably the most popular one: OpenZeppelin _OpenZeppelin is an open-source framework to build secure smart contracts. Reduce the risk of vulnerabilities in your…_openzeppelin.org OpenZeppelin Also, when dealing with Ethereum, the development pipeline can be cumbersome. offers some tools that should make your life much easier: an IDE, a testing pipeline, a simple way to upgrade your contracts (with migrations) and a tool to create a new blockchain on-the-fly for your tests. It is the Swiss army knife of the Ethereum developer. Truffle Suite _The Truffle suite of tools make dapp development easier and more consistent._truffleframework.com Truffle Suite | Sweet Tools for Smart Contracts So, Ethereum looks amazing! You can code everything on it which makes it theoretically possible to decentralize any application! Let's now have a look at the : main limitations . As for Bitcoin, Ethereum uses a and has the same environmental impact issue due to its electricity consumption. The good news is they are planning to move to a (PoS) in 2019 (project name: Casper). What's this? Well, instead of resolving time and energy consuming calculations, the miners (here called validators) will have to deposit an amount of tokens that will be held as long as they are mining. They will then be given some blocks to validate based on two factors: (the more you have to lose, the more you are considered trustworthy) and (otherwise only the richest would be able to validate blocks). Environmental disaster Proof of Work consensus algorithm Proof of Stake the amount of the stake a degree of chance . A transaction takes about . It may be acceptable for some specific use cases, but not to decentralize existing applications which are already immediate. But PoS should solve this issue by reducing the time to 1 second. Slowness 15 seconds to process . For now, Ethereum can support up to 15 transactions per second (1.3 million transactions per day). That's really low compared its potential of use. In comparison, the VISA system can handle 24,000 transactions per seconds (theoretically). The good news here is that Ethereum is aiming to increase this limit to 1 million TPS by combining 2 technological solutions: and a project named . The first one consists of splitting the network into fragments that would only process certain transactions (instead of processing them all), and the second one aims to conduct some transactions on a side chain which should free up the main chain. Casper is planned to arrive during 2019, while we will have to wait until 2020 or 2021 for sharding to show up. Scalability sharding Plasma . Every transaction has a price, called , which amount depends on the complexity of the contract. Users are used to a free and unlimited Internet, so having to pay for every transaction in your day-to-day life application may be a serious obstacle. The . In a chat application where every sent message would be a transaction, it would be quite expensive to use Ethereum! Cost gas average gas price is almost $0.01 While Ethereum has a lot to address to allow their vision, they already have a plan for almost everything. But having to wait 1 or 2 years to see these problems solved, if everything goes well, put them in a risky situation. 2018 — EOSIO, Ethereum on steroids? EOSIO (or simply EOS) has very similar goals to Ethereum. So instead of a full description, I am going to focus on what makes it different: Smart contracts are being executed within (abbreviated Wasm) virtual machine. In short, it is a new web standard allowing websites to run native code in the browser within a sandbox. Wasm could become a concurrent to Javascript for frontend development. In theory, you should be able to write EOS smart contracts in any of (but for now C, C++, and Rust seem to be the most supported). WebAssembly those languages EOS uses (DPoS) as the consensus algorithm. It's very similar to PoS, except that there is a limited number of block producers (21). Even though letting all the power to 21 actors seems very risky, it relies on the community that can vote to fire untrusted producers. It is a new paradigm because the consensus algorithm is a hybrid between democracy where people elect delegates to represent them and a deterministic algorithm between the 21 delegates (which real identities are known). Interesting fact: EOS has a (any change can be applied with 15/21 voters). Delegated Proof of Stake community-written constitution The last point allows EOS to get : up to 6000 TPS, and a transaction only takes about 1 second. much better performances EOS proposes a (no gas to pay to run a transaction), the block producers will be rewarded with 1% of the yearly inflation. fee-less economic model EOS also brings some like account/password recovery, human-readable usernames (instead of some long hexadecimal addresses) and a file storage solution. These features were usually offered by third-party services, having them integrated is an interesting experiment. higher level features One of the biggest criticisms to EOS is that it is . They are definitely doing an interesting trade-off here and it's too soon to know if this choice is viable or not. On the other hand, it will probably make . In many blockchains, some important evolutions require breaking changes which resulted in splitting the community into 2 parts: those who wanted to continue with the old system and those who accept the evolution. Having some delegates should ideally offer more agility. You can read more about the different kinds of forks . too centralized EOS evolution much simpler here , the company behind EOS has closed a $4 billion ICO to develop the ecosystem. The team behind the project is also renowned (CTO Daniel Larimer previously founded BitShares and Steemit). Their project is very ambitious as their main concurrent is already the de-facto solution for lots of blockchain projects. 2019 will definitely be an interesting year and both platforms will probably have to incentives users and developers to join them. Block.one There are many other competitors like or and I may have forgotten some major ones. Feel free to share your thoughts in the comments. HyperLedger Lisk When should you use the blockchain? First of all, even if we are focusing on because they aim to decentralize the logic of an application, you should know that there is another kind: . They are useful in a project where not anyone should be able to contribute. The limit between these two kinds is not sharp, and there are also semi-pemissioned blockchains. public (or permissionless) blockchains permissioned (or private) blockchains To sum up, here are the main benefits of a blockchain: : When using a system, you don't need to trust a third party and everything is verifiable and transparent. No central authority : Once it is written on the chain, it is theoretically impossible to change it (except in case of an attack). Data immutability : Due to the structure of the blockchain, you can know in a reliable way whether a token belongs to a user or another. Single source of truth These features make blockchain particularly interesting to build traceability systems (in a supply chain for instance). But you can also use it to build the logic of a decentralized app: It helps you to get rid of the code that usually runs on your servers. Here is a landscape of blockchain applications: Source So when should you use it? You will find lots of decision trees helping you to decide whether you should or not use a blockchain in a project. I find this one particularly relevant: More details However, I kinda disagree with the 5th question: Do you intend to store large amounts of non-transactional data as part of your solutions? If you read the , you would know that solutions exist to store large amounts of data in a decentralized way. It is then possible to store the transactions on the blockchain and some encrypted files off-chain. second chapter about file storage Blockchain also brings a lot of complexity While blockchain has a huge potential, don't forget that it will complexify your application: Evolution will be complicated Upgrading your smart contracts won't be very easy. Having a good architecture and thinking about all the features you will implement from day one is important. Security as a priority As we have seen previously, a simple mistake can cost a lot and you won't be able to fix it as easily as with a centralized server. That's why security must be a number one priority, and you should audit your smart contracts before deploying them! More complex architecture For performance and cost issues, you won't be able to handle all the logic of your application within your smart contracts. You will also often have to gather data from 3rd party API. To achieve that kind of things with the blockchain, you will have to use : Oracles An oracle, in blockchain world, is an one-way digital agent that finds & verifies real-world data & cryptographically submits this information to the querying smart contract. An oracle is not the datasource itself ; it’s a translator for information provided by a 3rd-party API that’s to be added to a blockchain. With oracles, smart contracts have a pathway to interacting with data outside of the immediate blockchain environment. — but the layer that interfaces with data-sources & the blockchain Blockchain Oracles: What They Are & Why They’re Necessary A bunch of cool blockchain projects Fizzy is a . If you subscribe to it, it will automatically gather flight data from airlines and immediately compensate you in case your plane was delayed. I like this one because it brings transparency in insurance contracts which are often extremely complicated to decode. If you are interested in the technical implementation, check out . Fizzy flight delay insurance this article FOAM is introducing a solution based on a . We already have GPS, what's the point? Well, GPS is a way for a device to know it's own location, but there is no way for another actor to verify if the coordinates provided by a device are real or not (it could easily falsify them). FOAM relies on a network of beacons that will earn tokens by validating devices location. This could be particularly interesting when used with IOT. FOAM crypto-mapping Proof of Location EXERGY is a . It allows you to buy and sell energy in a secure and transparent way from your neighbors inside a microgrid. What's interesting is that decentralization can also apply to other networks than the internet. EXERGY peer-to-peer energy network