Skip to content

Curated summaries, best practices, readings & resources on beginner to advanced concepts of web3 ecosystem

Notifications You must be signed in to change notification settings

SaadAAkash/web3-resources

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
 
 

Repository files navigation

Web3-Resources

Basic Concepts

Decentralization & Web3

Networks, tools & processes not controlled by a central entity

Readings:

Blockchain
  • A database formed by a sequence of entries (blocks)
  • Blockchains are special computers that anyone can access but no one owns
  • A decentralized system of peer to peer (P2P) network
  • Immutable, shared & distributed ledger
  • Key Features
    • Immutable
    • Traceable
    • Secured

Readings:

Permissionless & Trustless
  • Permissionless means the ability to participate in a network without the need for application or approval.
  • Trustless means "trust" is established in a decentralized way, for example via decentralized identity and verifiable credentials.
Digital Assets, Tokens & Coins
  • An asset normally refers to a physical resource with economic or financial value which is expected to provide benefits to the owner(s) in the future. Assets can be either owned or controlled to produce value and can be either tangible or intangible.
  • A coin is the official digital currency used by a cryptocurrency platform (i.e. Ether/Eth in Ethereum, XRP in Ripple)
  • A token is a scarce digital asset that exists on top of an existing coin or blockchain
Smart Contract A smart contract is a tamper-proof program that runs on a blockchain network when certain predefined conditions are met
Protocol
  • A protocol is digital infrastructure with a set of rules for how people interact with it. Those rules determine how the system works.
  • A blockchain protocol is the rules that govern the blockchain network
  • Protocols aren't exclusive to cryptocurrency. They’re fundamental to how the internet works, governing the transmission of data from one computer to another. Email, for instance, is based on several sets of protocols. The HTTP stands for “hypertext transfer protocol.”
Fungibility
  • The ability of a good or asset to be interchanged with other individual goods or assets of the same type
  • It implies equal value between the assets
  • Simplifies the exchange and trade processes
  • To put it into perspective, the fungibility of money refers to the fact that all money is the same. It doesn't matter whether you have one $100 bill or one hundred $1 bills. You can use both of them to purchase the same product
Non-Fungible Token (NFT)
  • A unit of ownership on the internet Ref
  • NFTs are unique cryptographic tokens that exist on a blockchain and cannot be replicated
  • NFTs can be used to represent real-world items like artwork, real-estate, tangible items like collectibles
  • "Tokenizing" these real-world tangible assets allows them to be bought, sold, and traded more efficiently while reducing the probability of fraud
  • Possession does not equal ownership. NFT decouples these two concepts.
  • NFTs are just digital abstractions used to represent assets that are one of a kind
  • NFTs can make fractionalized ownership more accessible. With NFTs, you can also prove that the item is real and tamper proof. This is an issue in the physical collectibles space.
  • Some have speculated that NFT can be viewed as a tradable API key with limited supply that gives you access to multiple services run by different companies Alex Atallah, Co-Founder & CTO of OpenSea on Twitter

Readings:

Decentralized Autonomous Organization (DAO)
  • Decentralized means Online, global, uncensorable. Autonomous means Self-governing. And Organization means Coordination & collaboration around shared objectives
  • A DAO is an internet/online community with a shared interest and a shared crypto wallet/bank account
  • Cryptoeconomics and monetization strategies in DAOs is a key differentiating factor that make them different from traditional professional working groups and special interest communities

Readings:

Decentralized Finance (DeFi)

Financial instruments without relying on intermediaries such as brokerages, exchanges, or banks by using smart contracts on a blockchain

Readings:

Regenerative Finance (ReFi)
  • The abbreviation of ReFi is a signal to it’s origins in DeFi (decentralized finance)
  • Regenerative Finance uses money as a tool to solve climate change, environmental conservation and biodiversity
  • The primary type of ReFi instrument that in use today are carbon offset credits.
  • ReFi projects aim to address the existing fraud or double-counting of carbon credits in unregulated carbon credit markets
  • On-chain carbon credits are traceable and immutable, meaning that no two people are able to claim the same credit twice
  • Thus, the ReFi movement uses programmable carbon to integrate climate finance into the fabric of economic transactions

Readings:

Basic Web3 Concepts Reading Lists
Wait. Web5?

Components:

  1. Decentralized Identifiers
  2. Verifiable Credentials
  3. Decentralized Web Nodes

Readings:

Critiques
Zero Knowledge Proof (ZKP)

The Web3 Stack

Web3 Stack by Layers

The OSI and TCP/IP models are logical and conceptual model that defines network communication used by systems. The TCP/IP Protocol Stack is made up of 4 primary layers:

  1. Application
  2. Transport
  3. Internet/Network
  4. Link/Network Interface/Physical

And the OSI divided the architecture into these 7 different layers:

  1. Application
  2. Presentation
  3. Session
  4. Transport
  5. Network
  6. Data Link
  7. Physical layers

Differences between OSI Reference Model & TCP/IP Coneptual Layes

For blockchain-based systems, the web3 stack can be divided into 5 layers based on the functionalities defined by the aforementioned models:

  1. Application
  2. Presentation (+Session) Layer
  3. Transport/Blockchain Interaction Layer
  4. Network/Protocol Layer
  5. Infrastructure

Application Layer

Acesss

  • Wallet: Metamask, Walletconnect, Coinbase Wallet, Rainbow, Phantom
  • Browser: Brave
  • Aggregators: Dappradar, Zapper

Use Case

  • DeFi: UniSwap, Aave
  • NFT: OpenSea, Raribale,
  • Content/Social: Lens, Mirror
  • Gaming: Decentraland, Axie Infinity

Presentation+Session Layer

  • Client: Web3JS, EthersJS
  • Development Environment: Hardhat, Truffle, Foundry, Brownie
  • File Storage: IPFS, Arweave, Filecoin, Filebase

Transport/Blockchain Interaction Layer

  • Data Access: The Graph, Chainlink, Ceramic, Alchemy
  • Block Explorer: Etherscan, Snowtrace, Polygonscan

Network/Protocol Layer

  • L1: Ethereum, Solana, Near, Avalanche, Polkadot, Celo
  • L2: Polygon, Arbitrum, ZkSync, Starknet
  • Bridge: Synapse, Anyswap, Hop

Infrastructure

  • Identity & Auth: ENS, SpruceID, Ceramik SelfID
  • Node Provider: Alchemy, Moralis, Infura, Thirdweb
Tech Stack Readings

Starter Developer Resources

Tutorials
Common Developer Resources
  • Solidity - The most popular smart contract language.
  • Metamask - Browser extension wallet to interact with Dapps.
  • Truffle - Most popular smart contract development, testing, and deployment framework. Install the cli via npm and start here to write your first smart contracts.
  • Hardhat - Flexible, extensible and fast Ethereum development environment.
  • Cryptotux - A Linux image ready to be imported in VirtualBox that includes the development tools mentionned above
  • OpenZeppelin Starter Kits - An all-in-one starter box for developers to jumpstart their smart contract backed applications. Includes Truffle, OpenZeppelin SDK, the OpenZeppelin/contracts-ethereum-package EVM package of audited smart contract, a react-app and rimble for easy styling.
Cheatsheets, Terminologies, Glossary

Patterns & Best Practices

Patterns for Smart Contract Development
Upgradability & Proxy Patterns

In a scenario of a deployed smart contract with user funds having a vulnerability, a hot fix should be required to be deployed without delay. Traditional smart contract patterns don’t allow such hot fixes. Instead, the developers need to deploy a new contract every time they want to add a feature or fix a bug. To address this, upgradability patterns have been introduced. Upgradability means that the client always interacts with the same contract (proxy), but the underlying logic can be changed (upgraded) whenever needed without losing any previous data. There are three types of proxy patterns:

  • Diamond pattern : EIP-2532
  • Transparent proxy pattern : EIP-1967
  • Universal upgradeable proxy standard (UUPS): EIP-1822

OpenZeppelin suggests using the UUPS pattern as it is more gas efficient. One of the main caveats is that because the upgrades are done via the implementation contract with the help of upgradeTo method, there’s a higher risk of newer implementations to exclude the upgradeTo method, which may permanently kill the ability to upgrade the smart contract.

Ref: Using the UUPS proxy pattern to upgrade smart contracts - LogRocket

Security Best Practices & Resources
Technical Architecture of Full Stack dApps
Gas Optimizations

Developer Tools

Smart Contract Languages
  • Solidity - Ethereum smart contracting language
  • Vyper - New experimental pythonic programming language
Frameworks
  • Truffle - Most popular smart contract development, testing, and deployment framework. The Truffle suite includes Truffle, Ganache, and Drizzle. Deep dive on Truffle here
  • Hardhat - Flexible, extensible and fast Ethereum development environment.
  • Brownie - Brownie is a Python framework for deploying, testing and interacting with Ethereum smart contracts.
  • Embark - Framework for DApp development
  • Waffle - Framework for advanced smart contract development and testing, small, flexible, fast (based on ethers.js)
  • Dapp - Framework for DApp development, successor to DApple
  • Etherlime - ethers.js based framework for Dapp deployment
  • Parasol - Agile smart contract development environment with testing, INFURA deployment, automatic contract documentation and more. It features a flexible and unopinionated design with unlimited customizability
  • 0xcert - JavaScript framework for building decentralized applications
  • OpenZeppelin SDK - OpenZeppelin SDK: A suite of tools to help you develop, compile, upgrade, deploy and interact with smart contracts.
  • sbt-ethereum - A tab-completey, text-based console for smart-contract interaction and development, including wallet and ABI management, ENS support, and advanced Scala integration.
  • Cobra - A fast, flexible and simple development environment framework for Ethereum smart contract, testing and deployment on Ethereum virtual machine(EVM).
  • Epirus - Java framework for building smart contracts.
IDEs
Ethereum
Wallet
Faucet
Others (Custom RPC, ABI, etc.)
Steps to add Custom RPC (i.e. Celo Alfajores Network) on Metamask
  • After opening up Metamask wallet account, open the Chrome extension & click on the network dropdown
  • Click on "Custom RPC"
  • Put "Alfajores Network" as Network Name (you can put anything else to your own convenience)
  • Put this URL as New RPC URL
  • Put 44787 as Chain ID
  • Currency Symbol & Block Explorer URL are fields optional
Convert a contract into an interface/Generate a Solidity interface from a given ABI

Or,

  • forge inspect CONTRACT abi > abi.json
  • cast interface abi.json > IFace.sol

References:

  1. Transmissions11
  2. Cast Interface - Foundry Book

Q&As/Interview Questions

Fundamentals

Briefly explain Consensus mechanism in Blockchain

A consensus algorithm is a method through which all the peers of the blockchain network reach a standard agreement of the present state of a distributed ledger. It achieves high reliability and establishes trust between unknown peers in the distributed computing environment.

There are different types of consensus algorithms:

  • Proof-of-Work(PoW)
  • Proof-of-Capacity (PoC)
  • Proof-of-Activity (PoA)
  • Delegated Proof-of-Stake(DPoS)
  • Proof-of-Stake(PoS)
  • Proof-of-Authority
  • Proof-of-Burn
  • Unique Node Lists
  • Proof-of-Weight
  • Proof-of-Elapsed Time
  • SIEVE
  • Byzantine Fault Tolerance
What's Markel Tree

Merkel Tree is a data structure that is used for verifying a block.

  • Each leaf node is a hash of a block of transactional data
  • Each non-leaf node is a hash of its leaf node
  • The Merkel root or hash root is the final hash root of all the transaction hashes. It encompasses all the transactions that are underlying all the non-leaf nodes.

The importance of a Merkle tree in the blockchain is that if anyone wants to verify the specific transaction in a block, they can download the chain of block headers instead of downloading every transaction and every block.

In what order blocks are linked in blockchain? All the blocks in the blockchain are linked in the backward order or each block links with its previous block.
What's a 51% attack/double-spend attack? A 51% attack or double-spend attack occurs when a group of miners on a blockchain controls >50% of the network’s mining hash rate or computing power. They can reverse completed transactions & thus double-spend coins.
  • In a PoW, Any malicious user would need to have 51% of computation power to solve the problem and thereby add the wrong block.
  • In a PoS, any malicious user would need to have 51% of the total money on the network to add a wrong block.
What does nonce mean?

A nonce is an abbreviation for "number only used once". A blockchain nonce is a number added to a hashed—or encrypted—block in a blockchain. A single-use arbitrary string or number generated for verification purposes to prevent replaying past transactions.

What's an oracle? Entities that can prove provenance and properties of online data from existing data sources or legacy systems. They act as on-chain APIs you can query to get information into your smart contracts. Oracles can also be bi-directional, used to "send" data out to the real world.

It’s important to note that a blockchain oracle is not the data source itself, but rather the layer that queries, verifies, and authenticates external data sources and then relays that information. The data transmitted by oracles comes in many forms – price information, the successful completion of a payment, or the temperature measured by a sensor.

What's the oracle problem & how to avoid it? Blockchains cannot pull in data from or push data out to any external system as built-in functionality. At the same time, relying on a single source of truth to provide data is insecure and invalidates the decentralization of a smart contract. This is known as the oracle problem.

The entire point of a smart contract is to achieve determinism in accordance to the contract’s terms as opposed to probabilistic execution carried out by human enforcement. To achieve this end, the blockchain cannot have any single point of failure, i.e. a centralized blockchain oracle. So we can avoid the oracle problem by using a decentralized oracle that pulls from multiple data sources; if one data source is hacked or fails, the smart contract will still function as intended.

Readings & Summaries

DECO: Liberating Web Data Using Decentralized Oracles for TLS
  • DECO (short for DECentralized Oracle) allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret
  • A three-party handshake splits a shared TLS session key between provers and verifiers, where the prover uses a zero-knowledge proof to verify the data without revealing its type or contents
  • The prover cannot forge data, and the verifier cannot access additional data
  • Data validation happens on a public blockchain without revealing the data to anyone, keeping sensitive information secure
  • A single instance of DECO could enable anyone to become an oracle for any website
  • Works with modern TLS versions, requires no trusted hardware and no server-side modifications

Sources:

Town Crier: An Authenticated Data Feed for Smart Contracts
  • Addresses the question of "Who can be trusted to provide data to smart contracts in a trustworthy way?"
  • The Town Crier (TC) system addresses this problem by using trusted hardware, namely the Intel SGX instruction set, a new capability in certain Intel CPUs.
  • How it works:
    • When it receives a query from an application contract, the TC server fetches the requested data from the website and relays it back to the requesting contract.
    • Query processing happens inside an SGX-protected environment known as an “enclave”.
    • The requested data is fetched via a TLS connection to the target website that terminates inside the enclave
    • SGX protections prevent even the operator of the server from peeking into the enclave or modifying its behavior, while use of TLS prevents tampering or eavesdropping on communications on the network
  • DECO and Town Crier
    • The two systems have similar goals, but differ in their trust models and implementations
    • Town Crier can achieve all of the functionality of DECO and more.
    • DECO constrains the Prover to interaction with a single Verifier. In contrast, Town Crier enables a Prover to generate a publicly verifiable proof on data fetched from a target server, i.e., a proof that anyone, even a smart contract, can verify directly.
    • Town Crier can also securely ingest and make use of secrets (e.g., user credentials).
  • The main limitation of Town Crier is its reliance on TEEs.

Sources:

Chainlink 2.0: Next Steps in the Evolution of Decentralized Oracle Networks
  • Decentralized Oracle Networks (DON) are designed to enhance and extend the capabilities of smart contracts on a target blockchain or main chain through functions that are not available natively.
  • They do so by providing the three basic resources found in computing systems:
    • Networking
    • Storage, and
    • Computation
  • A DON acts as a blockchain abstraction layer, providing interfaces to off-chain resources for both smart contracts and other systems.
  • DON improves the scaling of blockchain-enabled smart contracts by shifting the main locus for transaction processing from blockchain to itself
  • Decentralized Oracle Network Transaction-Execution Framework (DON-TEF) or TEF is a design pattern for the construction and execution of a performant hybrid smart contract
  • How TEF works
    • An original target contract SC is refactored into a hybrid contract
    • This refactoring produces the two interoperating pieces of the hybrid contract:
      • A MAINCHAIN contract/an anchor contract: custodies users’ assets, executes authoritative state transitions, and also provides guard rails (see Section 7.3) against failures in the DON
      • An executable on a DON: sequences transactions and provides associated oracle data for them. It can bundle transactions for the anchor contract
  • In TEF schematic, transactions pass through the mempool of a smart-contract enabled blockchain (MAINCHAIN) via Mempool Services (MS) to the DON

Sources: Chainlink whitepaper v2

About

Curated summaries, best practices, readings & resources on beginner to advanced concepts of web3 ecosystem

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published