O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Mastering Ethereum

Book Description

Ethereum represents the gateway to a worldwide, decentralized computing paradigm. This platform enables you to run decentralized applications (DApps) and smart contracts that have no central points of failure or control, integrate with a payment network, and operate on an open blockchain. With this practical guide, Andreas M. Antonopoulos and Gavin Wood provide everything you need to know about building smart contracts and DApps on Ethereum and other virtual-machine blockchains.

Discover why IBM, Microsoft, NASDAQ, and hundreds of other organizations are experimenting with Ethereum. This essential guide shows you how to develop the skills necessary to be an innovator in this growing and exciting new industry.

  • Run an Ethereum client, create and transmit basic transactions, and program smart contracts
  • Learn the essentials of public key cryptography, hashes, and digital signatures
  • Understand how "wallets" hold digital keys that control funds and smart contracts
  • Interact with Ethereum clients programmatically using JavaScript libraries and Remote Procedure Call interfaces
  • Learn security best practices, design patterns, and anti-patterns with real-world examples
  • Create tokens that represent assets, shares, votes, or access control rights
  • Build decentralized applications using multiple peer-to-peer (P2P) components

Table of Contents

  1. Preface
    1. How to Use This Book
    2. Intended Audience
    3. Conventions Used in This Book
    4. Code Examples
    5. Using Code Examples
    6. References to Companies and Products
    7. Ethereum Addresses and Transactions in this Book
    8. O’Reilly Safari
    9. How to Contact Us
      1. Contacting Andreas
      2. Contacting Gavin
    10. Acknowledgments by Andreas
    11. Acknowledgments by Gavin
    12. Contributions
    13. Sources
  2. Quick Glossary
  3. 1. What Is Ethereum?
    1. Compared to Bitcoin
    2. Components of a Blockchain
    3. The Birth of Ethereum
    4. Ethereum’s Four Stages of Development
    5. Ethereum: A General-Purpose Blockchain
    6. Ethereum’s Components
      1. Further Reading
    7. Ethereum and Turing Completeness
      1. Turing Completeness as a “Feature”
      2. Implications of Turing Completeness
    8. From General-Purpose Blockchains to Decentralized Applications (DApps)
    9. The Third Age of the Internet
    10. Ethereum’s Development Culture
    11. Why Learn Ethereum?
    12. What This Book Will Teach You
  4. 2. Ethereum Basics
    1. Ether Currency Units
    2. Choosing an Ethereum Wallet
    3. Control and Responsibility
    4. Getting Started with MetaMask
      1. Creating a Wallet
      2. Switching Networks
      3. Getting Some Test Ether
      4. Sending Ether from MetaMask
      5. Exploring the Transaction History of an Address
    5. Introducing the World Computer
    6. Externally Owned Accounts (EOAs) and Contracts
    7. A Simple Contract: A Test Ether Faucet
    8. Compiling the Faucet Contract
    9. Creating the Contract on the Blockchain
    10. Interacting with the Contract
      1. Viewing the Contract Address in a Block Explorer
      2. Funding the Contract
      3. Withdrawing from Our Contract
    11. Conclusions
  5. 3. Ethereum Clients
    1. Ethereum Networks
      1. Should I Run a Full Node?
      2. Full Node Advantages and Disadvantages
      3. Public Testnet Advantages and Disadvantages
      4. Local Blockchain Simulation Advantages and Disadvantages
    2. Running an Ethereum Client
      1. Hardware Requirements for a Full Node
      2. Software Requirements for Building and Running a Client (Node)
      3. Parity
      4. Go-Ethereum (Geth)
    3. The First Synchronization of Ethereum-Based Blockchains
      1. Running Geth or Parity
      2. The JSON-RPC Interface
    4. Remote Ethereum Clients
      1. Mobile (Smartphone) Wallets
      2. Browser Wallets
    5. Conclusions
  6. 4. Cryptography
    1. Keys and Addresses
    2. Public Key Cryptography and Cryptocurrency
    3. Private Keys
      1. Generating a Private Key from a Random Number
    4. Public Keys
      1. Elliptic Curve Cryptography Explained
      2. Elliptic Curve Arithmetic Operations
      3. Generating a Public Key
      4. Elliptic Curve Libraries
    5. Cryptographic Hash Functions
      1. Ethereum’s Cryptographic Hash Function: Keccak-256
      2. Which Hash Function Am I Using?
    6. Ethereum Addresses
      1. Ethereum Address Formats
      2. Inter Exchange Client Address Protocol
      3. Hex Encoding with Checksum in Capitalization (EIP-55)
    7. Conclusions
  7. 5. Wallets
    1. Wallet Technology Overview
      1. Nondeterministic (Random) Wallets
      2. Deterministic (Seeded) Wallets
      3. Hierarchical Deterministic Wallets (BIP-32/BIP-44)
      4. Seeds and Mnemonic Codes (BIP-39)
    2. Wallet Best Practices
      1. Mnemonic Code Words (BIP-39)
      2. Creating an HD Wallet from the Seed
      3. HD Wallets (BIP-32) and Paths (BIP-43/44)
    3. Conclusions
  8. 6. Transactions
    1. The Structure of a Transaction
    2. The Transaction Nonce
      1. Keeping Track of Nonces
      2. Gaps in Nonces, Duplicate Nonces, and Confirmation
      3. Concurrency, Transaction Origination, and Nonces
    3. Transaction Gas
    4. Transaction Recipient
    5. Transaction Value and Data
      1. Transmitting Value to EOAs and Contracts
      2. Transmitting a Data Payload to an EOA or Contract
    6. Special Transaction: Contract Creation
    7. Digital Signatures
      1. The Elliptic Curve Digital Signature Algorithm
      2. How Digital Signatures Work
      3. Verifying the Signature
      4. ECDSA Math
      5. Transaction Signing in Practice
      6. Raw Transaction Creation and Signing
      7. Raw Transaction Creation with EIP-155
    8. The Signature Prefix Value (v) and Public Key Recovery
    9. Separating Signing and Transmission (Offline Signing)
    10. Transaction Propagation
    11. Recording on the Blockchain
    12. Multiple-Signature (Multisig) Transactions
    13. Conclusions
  9. 7. Smart Contracts and Solidity
    1. What Is a Smart Contract?
    2. Life Cycle of a Smart Contract
    3. Introduction to Ethereum High-Level Languages
    4. Building a Smart Contract with Solidity
      1. Selecting a Version of Solidity
      2. Download and Install
      3. Development Environment
      4. Writing a Simple Solidity Program
      5. Compiling with the Solidity Compiler (solc)
    5. The Ethereum Contract ABI
      1. Selecting a Solidity Compiler and Language Version
    6. Programming with Solidity
      1. Data Types
      2. Predefined Global Variables and Functions
      3. Contract Definition
      4. Functions
      5. Contract Constructor and selfdestruct
      6. Adding a Constructor and selfdestruct to Our Faucet Example
      7. Function Modifiers
      8. Contract Inheritance
      9. Error Handling (assert, require, revert)
      10. Events
      11. Calling Other Contracts (send, call, callcode, delegatecall)
    7. Gas Considerations
      1. Avoid Dynamically Sized Arrays
      2. Avoid Calls to Other Contracts
      3. Estimating Gas Cost
    8. Conclusions
  10. 8. Smart Contracts and Vyper
    1. Vulnerabilities and Vyper
    2. Comparison to Solidity
      1. Modifiers
      2. Class Inheritance
      3. Inline Assembly
      4. Function Overloading
      5. Variable Typecasting
      6. Preconditions and Postconditions
    3. Decorators
    4. Function and Variable Ordering
    5. Compilation
    6. Protecting Against Overflow Errors at the Compiler Level
    7. Reading and Writing Data
    8. Conclusions
  11. 9. Smart Contract Security
    1. Security Best Practices
    2. Security Risks and Antipatterns
    3. Reentrancy
      1. Real-World Example: The DAO
    4. Arithmetic Over/Underflows
      1. Real-World Examples: PoWHC and Batch Transfer Overflow (CVE-2018–10299)
    5. Unexpected Ether
      1. Further Examples
    6. DELEGATECALL
      1. Real-World Example: Parity Multisig Wallet (Second Hack)
    7. Default Visibilities
      1. Real-World Example: Parity Multisig Wallet (First Hack)
    8. Entropy Illusion
      1. Real-World Example: PRNG Contracts
    9. External Contract Referencing
      1. Real-World Example: Reentrancy Honey Pot
    10. Short Address/Parameter Attack
    11. Unchecked CALL Return Values
      1. Real-World Example: Etherpot and King of the Ether
    12. Race Conditions/Front Running
      1. Real-World Examples: ERC20 and Bancor
    13. Denial of Service (DoS)
      1. Real-World Examples: GovernMental
    14. Block Timestamp Manipulation
      1. Real-World Example: GovernMental
    15. Constructors with Care
      1. Real-World Example: Rubixi
    16. Uninitialized Storage Pointers
      1. Real-World Examples: OpenAddressLottery and CryptoRoulette Honey Pots
    17. Floating Point and Precision
      1. Real-World Example: Ethstick
    18. Tx.Origin Authentication
    19. Contract Libraries
    20. Conclusions
  12. 10. Tokens
    1. How Tokens Are Used
    2. Tokens and Fungibility
    3. Counterparty Risk
    4. Tokens and Intrinsicality
    5. Using Tokens: Utility or Equity
      1. It’s a Duck!
      2. Utility Tokens: Who Needs Them?
    6. Tokens on Ethereum
      1. The ERC20 Token Standard
      2. Launching Our Own ERC20 Token
      3. Issues with ERC20 Tokens
      4. ERC223: A Proposed Token Contract Interface Standard
      5. ERC777: A Proposed Token Contract Interface Standard
      6. ERC721: Non-fungible Token (Deed) Standard
    7. Using Token Standards
      1. What Are Token Standards? What Is Their Purpose?
      2. Should You Use These Standards?
      3. Security by Maturity
    8. Extensions to Token Interface Standards
    9. Tokens and ICOs
    10. Conclusions
  13. 11. Oracles
    1. Why Oracles Are Needed
    2. Oracle Use Cases and Examples
    3. Oracle Design Patterns
    4. Data Authentication
    5. Computation Oracles
    6. Decentralized Oracles
    7. Oracle Client Interfaces in Solidity
    8. Conclusions
  14. 12. Decentralized Applications (DApps)
    1. What Is a DApp?
      1. Backend (Smart Contract)
      2. Frontend (Web User Interface)
      3. Data Storage
      4. Decentralized Message Communications Protocols
    2. A Basic DApp Example: Auction DApp
      1. Auction DApp: Backend Smart Contracts
      2. Auction DApp: Frontend User Interface
    3. Further Decentralizing the Auction DApp
    4. Storing the Auction DApp on Swarm
      1. Preparing Swarm
      2. Uploading Files to Swarm
    5. The Ethereum Name Service (ENS)
      1. History of Ethereum Name Services
      2. The ENS Specification
      3. Bottom Layer: Name Owners and Resolvers
      4. Middle Layer: The .eth Nodes
      5. Top Layer: The Deeds
      6. Registering a Name
      7. Managing Your ENS Name
      8. ENS Resolvers
      9. Resolving a Name to a Swarm Hash (Content)
    6. From App to DApp
    7. Conclusions
  15. 13. The Ethereum Virtual Machine
    1. What Is the EVM?
      1. Comparison with Existing Technology
      2. The EVM Instruction Set (Bytecode Operations)
      3. Ethereum State
      4. Compiling Solidity to EVM Bytecode
      5. Contract Deployment Code
      6. Disassembling the Bytecode
    2. Turing Completeness and Gas
    3. Gas
      1. Gas Accounting During Execution
      2. Gas Accounting Considerations
      3. Gas Cost Versus Gas Price
      4. Block Gas Limit
    4. Conclusions
  16. 14. Consensus
    1. Consensus via Proof of Work
    2. Consensus via Proof of Stake (PoS)
    3. Ethash: Ethereum’s Proof-of-Work Algorithm
    4. Casper: Ethereum’s Proof-of-Stake Algorithm
    5. Principles of Consensus
    6. Controversy and Competition
    7. Conclusions
  17. A. Ethereum Fork History
    1. Ethereum Classic (ETC)
    2. The Decentralized Autonomous Organization (The DAO)
    3. The Reentrancy Bug
      1. Technical Details
      2. Attack Flow
    4. The DAO Hard Fork
      1. Timeline of the DAO Hard Fork
    5. Ethereum and Ethereum Classic
      1. The EVM
      2. Core Network Development
    6. Other Notable Ethereum Forks
  18. B. Ethereum Standards
    1. Ethereum Improvement Proposals (EIPs)
    2. Table of Most Important EIPs and ERCs
  19. C. Ethereum EVM Opcodes and Gas Consumption
  20. D. Development Tools, Frameworks, and Libraries
    1. Frameworks
      1. Truffle
      2. Embark
      3. OpenZeppelin
      4. ZeppelinOS
    2. Utilities
      1. EthereumJS helpeth: A Command-Line Utility
      2. dapp.tools
      3. SputnikVM
    3. Libraries
      1. web3.js
      2. web3.py
      3. EthereumJS
      4. web3j
      5. EtherJar
      6. Nethereum
      7. ethers.js
      8. Emerald Platform
    4. Testing Smart Contracts
      1. On-Blockchain Testing
      2. Ganache: A Local Test Blockchain
  21. E. web3.js Tutorial
    1. Description
    2. web3.js Contract Basic Interaction in a Nonblocked (Async) Fashion
      1. Node.js Script Execution
    3. Reviewing the Demo Script
    4. Contract Interaction
    5. Asynchronous Operation with Await
  22. F. Short Links Reference
    1. Smart Contract Security
    2. Tokens
  23. Index