【原创】深入浅出区块链系统:第二章

使用Solidity创建以太坊(Ethereum)智能合约(Smart Contract)

引言

前面第一章 (位于微博上的链接)主要介绍了区块链的概念,我们知道区块链分为两大类,一是以公有链为代表的无权限控制区块链,第二是有权限控制的区块链,这个又包括了私有链(Private Blockchain,以Overstock为代表)和联盟链(Consortium Blockchain,以R3为代表),相对于公有链来说,这些链一般都是没有电子货币,因为他们不需要像公有链那样要靠电子货币作为挖矿的奖励来激励参与,所以速度也是比较快的。

上一章都是讲的抽象的概括,下面我们就深入讲一些具体的东西,这样以便于大家有一个形象的概念,方便理解。我们这一章主要讲讲公有链,以方便讲解以及大家去继续研究,尝试,这里选择在公有链领域社区最为活跃以太坊(Ethereum),对于中国用户来说,其于2016年9月19号刚刚在中国上海举办了DevCon 2区块链峰会,很多人可能有所印象。第一步,这个东西怎么读啊?其实这是新构造的一个单词,而非一个已有的英语单词,其读作[i’θi:’riəm]。接下来我们会一起过一下涉及的一些概念,后面我会介绍几个如何进行太坊开发的技术工具,以及两个比较好用的应用框架。

大家都知道,学习一个新技术最好的方式就是亲自动手试一把,几乎学习所有新编程语言上来都会写个HelloWorld并运行一把,在这一章最后一部分我会手把手的带领大家创建并运行一个智能合约。

概念

Ethereum:

Ethereum (官方链接) ,是个区块链公有链解决方案,如果比特币的区块链称作区块链1.0的话,那Ethereum可以称为区块链2.0 。 其主要特色就是支持可编程的智能合约。这个开源的系统相当于计算机中的操作系统一样,其是一个平台,提供了API及接口,以供其上运行不同的程序共享使用。同时因为它本质上是去中心化的区块链,因此号称是零宕机,零审查,以及不会有欺诈与人为篡改。就像所有的公有链需要激励机制的“代币”一样,它除了底层的区块链外,还有自己的加密电子货币,Ether,即以太币,在国内有些人戏称为“姨太”。目前一个“姨太”大约11美元,实时的价格趋势可以参见 这个交易所链接

智能合约

智能合约 (解释链接 ),其实这个概念本身是远远早于区块链产生的(早在1994年就出现了)。智能合约,说白了就是自己写的一段代码放到区块链上,在这里可以添加自己需要的业务逻辑等,只是这段代码在创建后不像传统应用是部署到服务器上运行,而是放到区块链上,并且自动执行(其运行部署都会消耗Gas(气,也就是若干的以太币))。各个参与方不需要像以前需要一个或若干个中心节点/服务器,大家都各自在自己那里完全按照“合约”执行,中间没有人可以去篡改或者停止,此设计会大大提高flexibility(灵活性)以及互相不信任的问题。比如有一个智能合约定义的逻辑是:当A收到钱后,B就会收到货物,这些操作都是按照合约自动执行,中间不再会有违约或者被人为修改的风险。

这些智能合约是以DAPP (Decentralized Application)的形式存在。智能合约是部署在区块链上,由于区块链的透明性,这些合约对任何人都是可见的,当然这个有利有弊。如果其有bug或者漏洞,就有可能被人抓住并利用,比如2016年6月的The DAO攻击,就造成相当于5千万美元的以太币丢失,这也直接导致了以太坊后面的一次更分叉,这块笔者后面会撰文详解。

Web 3.0

大家可能听说过web 1.0, 其是指之前传统的网页技术,比如HTML,传统的JavaScript,VBScript,CSS。而web 2.0 是使用所谓的DHMTL,HTML5, Ajax,等众多的JavaScript技术,来创作类似于桌面程序效果般的网页应用。Web 2.0这些技术有个问题,就是过于依赖中心化的服务器/第三方机构,比如除了其应该做的提供网页访问服务外,还有验证,用户行为记录分析等。 而这里提出的web 3.0是有如下几个特性,首先是去中心化,比如通用的后台端,使用Swarm与bzz来作为内容寻址的存储系统,基于区块链的共识形成机制,基于Whisper的异步消息机制等,这样具体的业务逻辑都会分发到每个客户端去执行,而非位于昂贵且易于出问题的少数中心节点。

这是刚刚提到的架构图

Solidity

上面说到的这些智能合约一般来说是使用一种特殊的编程语言来创建的,即Solidity,这个语言是以太坊提出并创造的,面向对象的DSL特定领域编程语言(Domain Specific Language),它是以太坊支持的4种语言(另外三个是Serpent, LLL 和 Mutan),只不过其是最流行的一个语言。从技术上来讲,solidify源代码会编译成字节码,然后运行于EVM(Ethereum Virtual Machine)上面。如果你看到源代码后就会觉得其实Solidity是与JavaScript十分类似的语言,如下是一段代码:

Gavin Wood (Solidity之父)说Solidity就是根据ECMAScript(是JavaScript,ActionScript等的标准祖先)所创建的,这样对于大多数开发人员来说学习曲线会很平滑。

开发工具

由于发展时间不是很长,目前市面上可用的开发环境IDE不太多。下面介绍下稍微比较成熟可靠的开发工具。

Microsoft Visual Studio Ethereum 插件

没错,就是那个市面上已经非常常见的visual studio,也就是dot net的开发工具,不是一个全新的开发工具。此开发集成环境只需要安装solidify插件即可。 这个也从侧面可以看到微软对于以太坊以及区块链的野心。

安装此插件后在微软的Visual Studio后就可以在新建项目时的模板里看到这个Solidity 选项:

当选择此模板后,visual studio他会自动构造出一个应用的基本文件结构。这样你可以省去一些每次开发一个智能合约都要重复的工作。你就可以集中时间精力到真正业务代码上。

如下就是这个IDE自动生成的代码

Ethereum Studio

除了背靠微软这个大旗的visual studio集成开发环境外,还有一个方便大家使用的免费的IDE。这个是基于Cloud9平台的一个在线IDE,其完全运行于浏览器中,不用安装,可以用于任何的操作系统。如下就是这个在线集成开发环境的样子。这个还是比较推荐的开发环境:

智能合约应用开发框架

目前比较常用的智能合约构架有如下几个,都是开源并且免费的。这里我们来手把手的创建并运行一个智能合约,来体会一下。

Embark

首先推荐的是这个叫做Embark的框架,他是一个让你可以轻松开发部署Dapps的平台,它支持的功能包括,在JS代码中部署智能合约,智能合约的热部署,可以集成grunt等构造工具。支持TDD(即测试驱动的开发)比如支持mocha等测试框架,可以方便的使用IPFS等去中心化的系统,支持增量,智能的部署修改过的智能合约等。这个工具是使用nodejs写的,因此你需要先安装nodejs的环境。这个平台会在你本地启动一个区块链服务模拟器,这样你就可以完全在本地开发测试,大大提高了工作效率。如下是启动后的截图。Embark的安装及源代码位于Gitub这里

首先你需要来安装Embark以及区块链模拟器。

# 安装Embark
npm -g install embark-framework

# 安装区块链模拟器
npm -g install ethersim

# 启动RPC模拟器
embark simulator

启动的模拟器是下面这个样子

然后我们去创建一个新的智能合约:

# 创建一个叫做demo的智能合约基础结构
embark demo
# 进入这个目录,下面含有配置文件 embark.yaml
cd embark_demo
# 启动应用
embark run

启动后,首先在后台看,Emark帮忙使用coffee script等构造并部署了合约。

你可以使用浏览器试验一下,比如打开http://localhost:8000,然后你可以试着输入个数值,去试试看看它是不是已经能够响应处理你的输入了:

是不是很神奇,短短两三分钟,已经从零开始构造出一个可以运行的以太坊DAPP ,并运行于区块链之上。 接下来我们介绍另外一个框架选择方案。

Truffle

Truffle,是跟前面提到的 Ethereum Studio 同一个公司(ConsenSys)开发的一个框架, 这个跟前面的embark类似,也是可以提供一个智能合约的开发测试平台,他的一个特色就是它可以集成nodejs里面强大的测试功能,比如Mocha, Chai等等. 像Embark一样,你需要另外安装运行其他软件,来启动以太坊客户端模拟器,最常用的是EthereumJS TestRPC Github link, 它会在内存中启动一个Ethereum的客户端, 这样可以快速测试你开发的应用。

因为这个也是使用nodejs创建的应用,因此使用如下命令来安装此程序,安装好了启动此应用

#安装以太坊模拟器
npm install -g ethereumjs-testrpc
# 启动模拟器
testrpc

启动后是这样子的

模拟器启动好了,接下来执行下面的命令来初始化truffle应用。

mkdir firstApp
cd firstApp
truffle init

上面最后一个命令就会自动帮你构造好的程序框架,包括一些最基本的JavaScript文件,几个智能合约源代码,主应用程序的HTML代码及配套的CSS等文件 。如下是这个基本框架:

接下来你可以添加自己的代码到contracts目录下的智能合约文件,也可以什么都不动,因为truffle已经自动生成了最基本的框架。

#这个命令会把智能合约源代码编译成字节码
truffle compile

编译好的代码需要部署到区块链上才可以执行,在truffle中这个工作是由migrates目录下定义的migrate作业执行的,我们去修改文件2_deploy_contracts.js为如下:

module.exports = function(deployer) {
  // deployer.deploy(ConvertLib);
  // deployer.autolink();
  // deployer.deploy(MetaCoin);
  deployer.deploy(HelloEthereum);
};

然后执行如下命令去执行代码部署,它除了把你的智能合约发布到区块链之外,还会做一些相关工作,比如link用到的library等。deployer可以使用promise的方式 (e.g. .then(function(xx)))来执行其他额外的工作等,比如创建一个其他的合约并调用,等。这个便于你来灵活的扩展应用。

truffle migrate
truffle build

结语

好了,至此我们已经了解了什么是以太坊已经其上运行的智能合约,DAPP等概念。后面又介绍了开发智能合约的工具已经可复用的框架,最后又手把手亲自做了一个智能合约。这样大家应该对区块链以及以太坊等公有链有了一个形象具体的感觉了吧。如果这里有什么问题或者建议,欢迎通过下面的联系方式与我沟通。

Referece

联系我:

  • phray.zhang@gmail.com (email/邮件,whatsapp, linkedin)
  • helloworld_2000 (wechat/微信)
  • github
  • [简书 jianshu](http://www.jianshu.com/users/a9e7b971aafc)
  • 微信公众号:vibex
  • webo/微博: cloudsdocker

2021

How to user fire extinguisher

Summary As you know, staff and your safety is paramount. So what if emergency take place, such as fire in office, how to help yourself and your colleagues by...

Deep dive into Kubernetes Client API

Summary To talk to K8s for getting data, there are few approaches. While K8s’ official Java library is the most widely used one. This blog will look into thi...

Whitelabel Error Page

Summary Whitelabel Error Page is the default error page in Spring Boot web app. It provide a more user-friently error page whenever there are any issues when...

Google maps no photos reviews

Summary I found a weird problem of the app Google Maps of my Oppo Android phone. That’s when you search a place in Google map, say “Central Park”, ideally th...

Debts in a nutshell

A debt security represents a debt owed by the issuer to an investor. Here, the investor acts as a lender to the issuer which may be a government, organisatio...

Back to Top ↑

2020

Debug Stuck IntelliJ

What happened to a debug job hanging in IntelliJ (IDEAS) IDE? You may find when you try to debug a class in Intellij but it stuck there and never proceed, e....

Awesome Kotlin

Difference with Scala Kotlin takes the best of Java and Scala, the response times are similar as working with Java natively, which is a considerable advantag...

JVM热身

此文是作者英文原文的翻译文章,英文原文在:http://todzhang.com/posts/2018-06-10-jvm-warm-up/

Mock in kotlin

Argument Matching & Answers For example, you have mocked DOC with call(arg: Int): Intfunction. You want to return 1 if argument is greater than 5 and -1 ...

Curl

Linux Curl command

AOP

The concept of join points as matched by pointcut expressions is central to AOP, and Spring uses the AspectJ pointcut expression language by default.

Micrometer notes

As a general rule it should be possible to use the name as a pivot. Dimensions allow a particular named metric to be sliced to drill down and reason about th...

Awesome SSL certificates and HTTPS

What’s TLS TLS (Transport Layer Security) and its predecessor, SSL (Secure Sockets Layer), are security protocols designed to secure the communication betwee...

JVM warm up by Escape Analysis

Why JVM need warm up I don’t know how and why you get to this blog. But I know the key words in your mind are “warm” for JVM. As the name “warm up” suggested...

Java Concurrent

This blog is about noteworthy pivot points about Java Concurrent Framework Back to Java old days there were wait()/notify() which is error prone, while fr...

Back to Top ↑

2019

Conversations with God

Feelings is the language of the soul. If you want to know what’s true for you about something, look to how your’re feeling about.

Kafka In Spring

Enable Kafka listener annotated endpoints that are created under the covers by a AbstractListenerContainerFactory. To be used on Configuration classes as fol...

Mifid

FX Spot is not covered by the regulation, as it is not considered to be a financial instrument by ESMA, the European Union (EU) regulator. As FX is considere...

Foreign Exchange

currency pairs Direct ccy: means USD is part of currency pair Cross ccy: means ccy wihtout USD, so except NDF, the deal will be split to legs, both with...

Back to Top ↑

2018

Guice

A new type of Juice Put simply, Guice alleviates the need for factories and the use of new in your Java code. Think of Guice’s @Inject as the new new. You wi...

YAML

Key points All YAML files (regardless of their association with Ansible or not) can optionally begin with — and end with …. This is part of the YAML format a...

Sudo in a Nutshell

Sudo in a Nutshell Sudo (su “do”) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root...

Zoo-keeper

ZK Motto the motto “ZooKeeper: Because Coordinating Distributed Systems is a Zoo.”

Cucumber

Acceptance testing vs unit test It’s sometimes said that unit tests ensure you build the thing right, whereas acceptance tests ensure you build the right thi...

akka framework of scala

philosophy The actor model adopts the philosophy that everything is an actor. This is similar to the everything is an object philosophy used by some object-o...

Apache Camel

Camel’s message model In Camel, there are two abstractions for modeling messages, both of which we’ll cover in this section. org.apache.camel.Message—The ...

JXM

Exporting your beans to JMX The core class in Spring’s JMX framework is the MBeanExporter. This class is responsible for taking your Spring beans and registe...

Solace MQ

Solace PubSub+ It is a message broker that lets you establish event-driven interactions between applications and microservices across hybrid cloud environmen...

Core Java

Annotation retention policy What is Retention policy in java annotations?

Apigee

App deployment, configuration management and orchestration - all from one system. Ansible is powerful IT automation that you can learn quickly.

Ansible

Ansible: What Is It Good For? Ansible is often described as a configuration management tool, and is typically mentioned in the same breath as Chef, Puppet, a...

flexbox

How Flexbox works — explained with big, colorful, animated gifs

KDB

KDB However kdb+ evaluates expressions right-to-left. There are no precedence rules. The reason commonly given for this behaviour is that it is a much simple...

Agile and SCRUM

Key concept In Scrum, a team is cross functional, meaning everyone is needed to take a feature from idea to implementation.

Strategy-Of-Openshift-Releases

Release & Testing Strategy There are various methods for safely releasing changes to Production. Each team must select what is appropriate for their own ...

NodeJs Notes

commands to read files var lineReader = require(‘readline’).createInterface({ input: require(‘fs’).createReadStream(‘C:\dev\node\input\git_reset_files.tx...

CORS :Cross-Origin Resource Sharing

Cross-Origin Request Sharing - CORS (A.K.A. Cross-Domain AJAX request) is an issue that most web developers might encounter, according to Same-Origin-Policy,...

ngrx

Why @Effects? In a simple ngrx/store project without ngrx/effects there is really no good place to put your async calls. Suppose a user clicks on a button or...

iOS programming

View A view is also a responder (UIView is a subclass of UIResponder). This means that a view is subject to user interactions, such as taps and swipes. Thus,...

Back to Top ↑

2017

cloud computering

openshift vs openstack The shoft and direct answer is `OpenShift Origin can run on top of OpenStack. They are complementary projects that work well together....

cloud computering

Concepts Cloud computing is the on-demand demand delivery of compute database storage applications and other IT resources through a cloud services platform v...

Redux

whats @Effects You can almost think of your Effects as special kinds of reducer functions that are meant to be a place for you to put your async calls in suc...

reactive programing

The second advantage to a lazy subscription is that the observable doesn’t hold onto data by default. In the previous example, each event generated by the in...

Container

The Docker project was responsible for popularizing container development in Linux systems. The original project defined a command and service (both named do...

promise vs observiable

The drawback of using Promises is that they’re unable to handle data sources that produce more than one value, like mouse movements or sequences of bytes in ...

TypeScript noteworthy notes

Async Await keywords Async Await Support in TypeScript Async - Await has been supported by TypeScript since version 1.7. Asynchronous functions are prefixed ...

JDK source

interface RandomAccess Marker interface used by List implementations to indicate that they support fast (generally constant time) random access. The primary ...

SSH SFTP

Secure FTP SFTP over FTP is the equivalant of HTTPS over HTTP, the security version

AWS Tips

After establishing a SSH session, you can install a default web server by executing sudo yum install httpd -y. To start the web server, type sudo service htt...

Oracle

ORA-12899: Value Too Large for Column

Java Security Notes

Java Security well-behaved: programs should be prevent from consuming too much system resources

R Language

s<-read.csv("C:/Users/xxx/dev/R/IRS/SHH_SCHISHG.csv") # aggregate s2<-table(s$Original.CP) s3<-as.data.frame(s2) # extract by Frequency ordered s3...

SSH and Cryptography

SFTP versus FTPS SS: Secure Shell An increasing number of our customers are looking to move away from standard FTP for transferring data, so we are ofte...

Eclipse notes

How do I remove a plug-in? Run Help > About Eclipse > Installation Details, select the software you no longer want and click Uninstall. (On Macintosh i...

Maven-Notes

Maven philosophy “It is important to note that in the pom.xml file you specify the what and not the how. The pom.xml file can also serve as a documentatio...

Java New IO

Notes JDK 1.0 introduced rudimentary I/O facilities for accessing the file system (to create a directory, remove a file, or perform another task), accessi...

IT-Architect

SOA SOA is a set of design principles for building a suite of interoperable, flexible and reusable services based architecture. top-down and bottom-up a...

Algorithm

This page is about key points about Algorithm

Java-Tricky-Tech-Questions.md

What is the difference between Serializable and Externalizable in Java? In earlier version of Java, reflection was very slow, and so serializaing large ob...

Compare-In-Java

Concepts If you implement Comparable interface and override compareTo() method it must be consistent with equals() method i.e. for equal object by equals(...

Java Collections Misc

Difference between equals and deepEquals of Arrays in Java Arrays.equals() method does not compare recursively if an array contains another array on oth...

HashMap in JDK

Hashmap in JDK Some note worth points about hashmap Lookup process Step# 1: Quickly determine the bucket number in which this element may resid...

Java 8 Tips

This blog is listing key new features introduced in Java 8

IntelliJ Tips

Shortcuts Expand/collapse method body in code editor Cmd + +/- to expand and collapse a method body Show java doc Ctrl+J: To show JavaDoc

Back to Top ↑

2016

Java GC notes

verbose:gc verbose:gc prints right after each gc collection and prints details about each generation memory details. Here is blog on how to read verbose gc

Hash Code Misc

contract of hashCode : Whenever it is invoked on the same object more than once during an execution of a Java application, the hashCode method must consis...

Angulary Misc

Dependency Injection Angular doesn’t automatically know how you want to create instances of your services or the injector to create your service. You must co...

Java new features

JDK Versions JDK 1.5 in 2005 JDK 1.6 in 2006 JDK 1.7 in 2011 JDK 1.8 in 2014 Sun之前风光无限,但是在2010年1月27号被Oracle收购。 在被Oracle收购后对外承诺要回到每2年一个realse的节奏。但是20...

Simpler chronicle of CI(Continuous Integration) “乱弹系列”之持续集成工具

引言 有句话说有人的地方就有江湖,同样,有江湖的地方就有恩怨。在软件行业历史长河(虽然相对于其他行业来说,软件行业的历史实在太短了,但是确是充满了智慧的碰撞也是十分的精彩)中有一些恩怨情愁,分分合合的小故事,比如类似的有,从一套代码发展出来后面由于合同到期就分道扬镳,然后各自发展成独门产品的Sybase DB和微...

浅谈软件单元测试中的“断言” (assert),从石器时代进步到黄金时代。

大家都知道,在软件测试特别是在单元测试时,必用的一个功能就是“断言”(Assert),可能有些人觉得不就一个Assert语句,没啥花头,也有很多人用起来也是懵懵懂懂,认为只要是Assert开头的方法,拿过来就用。一个偶然的机会跟人聊到此功能,觉得还是有必要在此整理一下如何使用以及对“断言”的理解。希望可以帮助大家...

Kubernetes 与 Docker Swarm的对比

Kubernetes 和Docker Swarm 可能是使用最广泛的工具,用于在集群环境中部署容器。但是这两个工具还是有很大的差别。

Mac tips

how to show full path in Finder window Open and run following command in terminal window defaults write com.apple.finder _FXShowPosixPathInTitle -bool true; ...

http methods

RFC origion http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.2)

Spark-vs-Storm

The stark difference among Spark and Storm. Although both are claimed to process the streaming data in real time. But Spark processes it as micro-batches; wh...

微服务

可以想像一下,之前的传统应用系统,像是一个大办公室里面,有各个部门,销售部,采购部,财务部。办一件事情效率比较高。但是也有一些弊端,首先,各部门都在一个房间里。

kibana, view layer of elasticsearch

What’s Kibana kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on...

kibana, view layer of elasticsearch

What’s Kibana kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on...

iConnect

UI HTML5, AngularJS, BootStrap, REST API, JSON Backend Hadoop core (HDFS), Hive, HBase, MapReduce, Oozie, Pig, Solr

Data Structure

Binary Tree A binary tree is a tree in which no node can have more than two children. A property of a binary tree that is sometimes important is that th...

Something about authentication

It’s annoying to keep on repeating typing same login and password when you access multiple systems within office or for systems in external Internet. There a...

SQL

Differences between not in, not exists , and left join with null

Github page commands notes

404 error for customized domain (such as godday) 404 There is not a GitHub Pages site here. Go to github master branch for gitpages site, manually add CN...

RenMinBi International

RQFII RQFII stands for Renminbi Qualified Foreign Institutional Investor. RQFII was introduced in 2011 to allow qualified foreign institutional investors to ...

Linux Tips

Get permission denied error when sudo su (or hyphen in sudo command) bash: /home/YOURNAME/.bashrc: Permission denied That’s because you didn’t add “-“ hyphen...

Load Balancing

Concepts LVS means Linux Virtual Server, which is one Linux built-in component.

Python

(‘—–Unexpected error:’, <type ‘exceptions.TypeError’>) datetime.datetime.now()

Microservices vs. SOA

Microservice Services are organized around capabilities, e.g., user interface front-end, recommendation, logistics, billing, etc. Services are small in ...

Java Class Loader

Codecache The maximum size of the code cache is set via the -XX:ReservedCodeCacheSize=N flag (where N is the default just mentioned for the particular com...

Back to Top ↑

2007

Back to Top ↑