How Ethereum and Smart Contracts Work
Distributed Turing Machine with Blockсhain Protection
30 november 2017 :: 186 views :: 6677 words

This is the continuation of Blockchain Inside Out: How Bitcoin Works where basic ideas of blockchain technology – transaction pool, block chains, and mining, were explained. I’d recommend everyone not familiar with these terms read that post first. The following article is more complicated, with programming terminology and links to the first article.

Original article was written in my blog (in Russian). Many thanks to the for this translation.

Ethereum is the second most popular blockchain project in the world and looks like the most interesting from technical point of view.

Bitcoin, the starting point, was not just a system of financial transactions, but a display of the new way of network organization, where security is guaranteed not by “middlemen” and “customer agreement” but pure mathematics. That’s how the world found about blockchain – the constant data list guaranteed from any external data modifications by mathematics.

Ethereum used blockchain idea as the starting point and used it for a wider class of implementations. It became possible to guarantee not only the validity of financial transactions but literally any conditions and agreements. It also made possible automation of creation of such conditions.

In everyday life, we always make agreements based on “if… then” principle, regarding everything, not only finance. “If I help you to write an article then you let me play your Play Station”, “If I get fit by the summer then I get myself a holiday in Hawaii” etc.

The main problems about agreements are that nobody can really guarantee the fulfillment – help friend with the article, but he refused to share his PlayStation, spent time by playing PlayStation instead of going to the gym. But got a flight to Hawaii anyway – to break the agreement with yourself is pure pleasure.

To avoid these problems business uses contracts: trained people fill the papers with special words, cover them with stamps and signatures so that there is something to bring to the court, where agents on salary punish the violator using another special paper. At the end of the performance, everybody gets together and walks laughing all the way to the tax office.

It looks like a ridiculous game where I must trust someone only because he seems to be honest. All the same – agents, fees, arguments, and promises which looks just like the problem solved by blockchain technology.

That’s what authors of Ethereum were thinking of, and so appeared smart contracts.

Alex and smart contract

Let’s start with the very common situation: our old friend Alex is going to visit another city and rent an apartment there. Some web browsing and he finds the following ad – girl named Kate offers an apartment in the very center for $300. Kate and Alex ain’t familiar so couldn’t trust each other. Kate is afraid that Alex could change his mind at the very last moment. Alex knows very well about the situation when nickname Kate is used by a swindler who has no apartment at all but is good in getting away with other people’s money.

There are two traditional ways to get the things sorted:

1 Alex and Kate sign a long agreement, with ID details, TOS, fees, penalties and other scary things. Finally, Alex agrees to pay $100 in advance and hopes that Kate is a real girl.

2 They find an agent who agrees to get all responsibility but wants 50% commission. Alex and Kate feel secure but have much lighter pockets.

It is not the best solution. It would be much better to have the system where both could set very strict scheme with logical rules and conditions that don’t rely on a piece of paper, like this:

In our scheme, the prepayment is a bit of extra caution exclusively for Kate’s peace of mind. The algorithmic agreement guarantees the fulfillment of all the conditions laid down in it.

Alex cannot suddenly take his money from the virtual wallet. Kate can’t slip Alex with the wrong code or apartment address as then she doesn’t get anything.

This set of conditions is the simplest one-time smart contract. In the Ethereum network, instead of lawyers and paper document, its execution is guaranteed by the blockchain – transparent and protected from forgery. When Alex creates a transaction in the blockchain “here are my $100 of prepayment” with the condition “to return back if Kate deceives me” – nobody can change this logic.

All we need is to add the implementation of these conditions to the blockchain. That’s what Ethereum does – this smart contract can be described using few lines of code written in Solidity – special language very similar to Javascript.

With such a system Kate just has no need to generate a new contract for every Alex. And nobody has, as it’s possible to describe the logic of the typical rent agreement for everyone – deposit money to the wallet, door combination is generated and if the apartment is available for selected dates – voilà! This contract will be kept in the system forever and it’s possible to apply some discounts, rate change depending on the season and change of conditions by direct request by Kate.

It’s even possible to upload code to GitHub and to create a universal contract for safe rental of any apartment by any Kate. When Alex transfers money to such contract he can feel safe that logic of contract won’t change.

The vital point is that while smart contract coding languages are simplified to the very extent, they’re Turing complete. It means that it’s possible to implement any programmable logic.

They have variables, functions, conditions, loops and even some imitation of classes and inheritance.

In theory, smart-contract can be written for any algorithm that looks pretty much like a brave new world without obscure agreements and paper documents. But with some limitations.

Who and How Executes Smart Contracts?

It is difficult to understand all Ethereum at once. In contrast to Bitcoin, many things are incrementally dependent on each other. In particular smart contracts have a lot of restrictions that are related to the features of Ethereum blockchain that guarantees the execution of these smart contracts.

Let’s figure out smart contracts first. It is hard to understand the altered Ethereum blockchain and other things straight away. I’ll tell you later, I promise.

Technically it is better to think of smart contracts not as signing a contract but as executing pieces of code. As a matter of fact, the contract is just a simple code with a result fixed forever in the blockchain.

A contract can be executed by making any network transaction to its address just as a function which returns result or error.

I read few articles where authors hated a “simple code” term. As they say that it is a sort of “smart code that gives guarantees and blah blah blah.” Do not listen to them. This is poured into your ears by marketing experts who want to look smart and sign you to their ICO service. For techies, this is a simple code executed inside of the virtual machine. No magic.

However, a smart contract cannot be written in your favorite programming language. And that’s why:

1 Every operation in the contract must be able to dismiss/roll back all changes at any time as if they did not exist. When someone calls a smart contract function, all the miners in the network at the same time try to execute the code of this function to include its result in the new block. But only one miner will add this block while all others will have to forget all the changes. It will be discussed in more details in the Mining section.

So if you add two numbers to the computer you can easily remove and forget the result. But if you can make an HTTP request then this operation is irreversible. As a result, each miner performs this HTTP request on his computer and for the server with the site it’s DDoS.

2 2. Execution of every contract operation – condition, condition check or function call is not free. The one who calls the contract must pay. In our case, both Alex and Kate will pay few pennies to miners for their calls.

This is done to avoid endless cycles and overly complex computations. After all, the code is executed on the computers of the miners and they can simply hang and not be able to continue mining.

To do this, Ethereum uses the so-called Gas – this is a small piece of Ether (ETH) – the domestic currency. The gas is paid for using of CPU of the miners but only the one who finds the block gets the real penny – he includes it as his commission.

Each operation inside the virtual machine has its own “price”, which is as simple as this: it costs 1 cent to execute 1 line. To execute 15 lines, you need to put 15 cents into the transaction call. It is not necessary to remember the prices when creating a smart contract. The author automatically considers everything.

So after all, the code of smart contracts has access to data and calls within the Ethereum blockchain. You can call the function from another smart contract but you cannot read the file from the disk or go to the Internet to see the dollar rate.

Anyone who wants to call a function of a smart contract is required to send a little money (Gas) along. Usually, this amount is minimal and you can earn it simply by including in the Ethereum Wallet application a mining for a couple of minutes.

Each line of the code spends the Gas attached to the transaction. If it suddenly ends – the execution is terminated and the transaction is canceled. If the code has been successfully executed but Gas still remains. It is returned to the sender as unused. Everything is fair.

Smart contracts in Bitcoin
— Info for the most curious readers can be skipped

In fact, the basics of smart contracts were laid back in Bitcoin’s blockchain. Remember that every miner should verify the signature for each transaction to make sure that the sender does not try to pay with other people’s money?

So this calculation of hashes in bitcoin is realized by calling a set of instructions which returns 0 or 1 depending on the result. In theory, it is possible to add own logic to this set – there are operators of branching, variables and the same kind. No wonder it’s called Script and is similar to the ancient language of Forth.

If you really had a strong intention a smart contract with a lease can be made on bitcoin but Script language has neither cycles nor recursion which deprives it of completeness by Turing while Ethereum has everything needed and the whole virtual machine in addition.

Two types of accounts

So far, we have had only wallets, transactions, and blocks. So a smart contract is a wallet. It is called an account here.

If an ordinary wallet is managed by a pair of public and private keys to it – the smart contract is a hash from its own code. Changing at least one symbol in a smart contract (even a comment in the code) creates another smart contract. So they are guaranteed to be unique.

Smart contracts are created once and for all. Blockchain remembers everything and nothing can be modified.

A traditional user wallet here is called “externally owned account” and created “contract account” in the network of smart contracts. In the following text, they’re called “wallet” and “contract”, for brevity.

Communication with both types of accounts is possible only through transactions

A transaction to a user’s wallet is a transfer of funds. A complete analog with bitcoin. The transfer includes the number of ETHs sent and the address of the recipient.

A transaction to a contract is a call to its method. Therefore it is usually called a “message”. In addition to the quantity and address of the contract, it includes additional call parameters and Gas for code execution.

A transaction without a recipient is the creation of a smart contract.> In such a transaction it is necessary to transfer the compiled bytecode of the contract and Gas for execution of the code for creating the contract (constuctor in OOP terms).

An important feature: timers that trigger on a certain time are impossible in contracts impossible timers. A contract can only be triggered by a transaction which is always launched by a live person. The contract does not work “in the background”. If it was called – it can well cause another contract.

It looks like our example about the refund of the advance payment shows that Alex should request it himself from the contract.

State instead of history
— Understanding Ethereum blockchain system

In my previous post, I told in simple words that blockchain consists of a long chain of all changes – its history. To calculate the current balance of the wallet you need to go through it and put everything down. I received 5 BTC, paid 3 BTC, then received another 4 BTC, total balance is 5 – 3 + 4 = 6 BTC – this was the current state of the wallet.

Ethereum in its white paper dedicates a good deal to explain why the chain of changes and the chain of states are essentially the same thing.

The state is a mold of all changes for a certain moment.

History and States are not some different entities but two approaches to understanding the same thing. Technically, even bitcoin wallets inside themselves turn the history into the state in order to make it simple.

It looks like a war between functional and imperative programming. Two fundamentally different approaches in describing the same – the logic of the problem (hope this analogy is more clear).

Understanding the blockchain as a history of states simplifies the picture pretty much. You no longer have to check complete history and look for unused transactions in order to show the balance. You can simply look at the current state of the network.

Ethereum is a transactional machine of states. A set of current wallet balances and contract data which is changed by creating new transactions.

The creators of Ethereum modified the classic blockchain adding one important feature – the storage, which could be easily described as a single GitHub repository, which is downloaded along with blockchain.

Each transaction writes changes to this repository (very similar to git commits). When Alex calls Kate’s contract, the transaction “Alex called Kate’s contract” is added to blockchain. “On the contract balance now 100 from Alex / on Alex’s balance N-100″ is “committed” to the storage. This is the new state after the changes.

Inside the storage, the Merkle Tree we talked about before, is implemented. Here it is slightly modified to optimize the size and is called Patricia Tree. But the idea is still the same – hash neighbors until we get one main hash. This main hash is the hash of the tree root always included into each new block.

It turns out that knowing one single block we can know the state of the whole system at this point by reading the root of the storage tree from the block.

But it does not mean that when Ethereum is launched we do not have to download the entire blockchain and to check the validity of the entire chain of blocks. Decentralization means that no one can be trusted and we must check if somebody sends a corrupted block. But when it is completed – all extra information can be removed.

The storage is specially implemented so that the new block writes only new changes to it. The old ones stay in their places with links to them created. It saves space a lot.

Transactions as messages

When we have two kinds of accounts and both can accept transactions confusion is quite possible. For convenience transactions between purses of users are called transfers. Transactions with calls to contracts are messages.

Technically, these are still the same objects.

For the common man, the transaction in Bitcoin consists of five basic elements:

Ethereum transactions inherit this logic but slightly change the composition of transactions. We no longer need to collect inputs to prove the availability of funds. Everyone already knows the current state, and therefore the balance of all wallets. If a user tries to transfer money that he does not have in the current state – this transaction will simply be rejected by the miners as erroneous.

Here is the list of the main components of the transaction in Ethereum:

Gas Limit and Gas Price

It is the combination of these two values that is now responsible for the commission unlike the explicit quantity of BTC as in Bitcoin. The Gas attached to the transaction pays for the calculation of the miners as if you paid them.

Gas Limit is the number of units that are paid for the execution of each line of code in smart contracts. The price of each operation is fixed in these units and is the same on all machines. To put it simply: a comparison of the two variables costs 10 Gas, and the creation of a new transaction is 100. In addition, the recording of new data in the system’s storage is paid with Gas too. The call of a smart contract itself also costs some fixed amount of Gas because downloading its bytecode into a virtual machine is also an operation. But there are operations that are intentionally made free. It includes, for example, cleaning temporary data, roughly speaking, a destructor that is done to motivate the creators of contracts to clean the global storage from garbage.

The execution of the contract may not consume all of the attached Gas. If so, the unused balance is simply returned to the sender. The opposite may happen. If there is not enough Gas then the contract gets broken. In this case, the miner will receive all of the attached gas as a payment for his work for nothing. And you are a valuable experience that it is better to send more Gas along.

Gas Price is the price of one unit of gas. It regulates a higher or lower price for each operation. Boosting Gas Price relative to its market value, you can motivate the miners to process your transaction faster. You seem to say “I pay for every line of code 10% higher than the market.”

Sometimes an increase in the gas price is really needed. Remember ICO from Brave who raised $ 36 million in 24 seconds? It is less than two blocks and so buyers with market Gas price could simply not have time to catch the train for two blocks. Miners would have left their transactions “for later” as cheap while the contract was already closed. If Gas Limit is measured simply in “pieces”, Gas Price is in real currency. The price of Gas is always negligible compared to the main currency. Therefore for such insignificant “pennies” there are their own names:

  • 1 Wei – the minimum unit of calculation in the system
  • 1012 Wei = 1 Szabo
  • 1015 Wei = 1 Finney
  • 1018 Wei = 1 Ether (the famous Ether or ETH)

Like any financial system, Ethereum operates only with integers (problems with float and double are known to all normal IT students). In other words, Ethereum processes ETH with an accuracy of 18 decimal places. Much more accurate than the BTC with its 8 digits.

Not quite an obvious detail: to read data from the contract it is not necessary to pay Gas and even make a transaction. For example, to read your balance from an existing contract, you can simply download the current version of the blockchain and find the value of the desired variable in the global repository. This feature is built into Ethereum clients.

Blocks that …

Refreshing in memory. The blockchain is always built in blocks. Miners collect transactions from the pool and try to compose them into a new block to include in the general chain. To do this, they are looking for a random number to add to it, so that the block satisfies certain global complexity rules.

In Ethereum, the blocks are slightly different from the classic Bitcoin.

Know the state of the system

The hash of the entire storage is always added to the block. As if you made a hash of all the data on your hard drive. Such a cast always reflects the exact state of the system at the moment: all contract data and account balances. In Ethereum, it is simply the root of the Merkle tree mentioned above.

Hash of the storage becomes one of the most important components of the block. It is always included in every block found and gets verified by all network members so that no one tries to “forge” the state of the system. Merely the Merkle tree allows you to do this quickly: you only need to check the changed parts of the tree, the hashes of the others remain the same.

Write receipts for transactions

Imagine that you sent a request to execute the smart contract code, and it returned the error (ICO is over, for example). Or you have not attached enough Gas to it and the execution has been interrupted.

In both of these cases, the transaction will be considered successful from the point of view of the block – because the code was executed, the Gas was transferred, and the state was changed. However, for the sender, this transaction should be marked as unsuccessful. But where? To do it, Ethereum introduces one more entity:

In addition to the list of transactions, the execution of results of each of them is added to the block via receipts.

Now if I attached 1000 Gas but the code execution took only 800 – the receipt states that I actually spent 800. 200 will be returned back while the transaction will have 1000 as it was sent.

Don’t forget their roots

When building a new block, miners include not only a reference to its parent but also a list of references to blocks whose parent is equal to the parent of the parent of the current block. They are called “uncles”.

Time to shout “Nooo!”

It’s easier to imagine it as your real uncles and aunts – this block could be my parent if I were mining the neighboring chain (was born in a neighboring family).

The purpose of it will be covered later in the section about Mining and GHOST algorithm.

As a result, the block in Ethereum looks like this:

— A problem of 15 second and resistance to ASIC

Quick reminder – miners are a number of computers around the world. They simultaneously build a new block from transactions and then try to add this block to blockchain.

If the miners start simultaneously announcing their blocks to the network it turns out to the race with the unpredictable result when it is impossible to determine the winner. Therefore, each miner must solve a complex problem with an easily verifiable answer which is written to the found block. The first who found the answer and announced the block receives a reward of 3 ETH.

Block in 15 seconds

The complexity of the task is set automatically by the network. In Bitcoin, the complexity is set to be huge on purpose, so that on average the block is found once in 10 minutes. In Ethereum, the new blocks are inserted into the block system every 15 seconds.

Remember I said that in bitcoin you need to solve the task of finding such a hash that starts with N zeros, for example, 000000000000000000523... There was Even the interactive search for such hashes.

Well, it was simplified a lot. For a person, it’s easier to understand the phrase “starts at 10 zeros” than “has complexity below the limit”. In fact, these zeros appear in hashes of blocks exactly because such high complexity is established in bitcoin that it can be achieved only by hash with a bunch of zeros at the beginning.

The block hash which is just a number must be less than a certain preset number. So those 10 minutes are guaranteed for which the entire network finds a new block. 15 seconds in Ethereum is nothing, so in Ethereum the complexity is made in a way that you will not find zeros at the beginning of the blocks.

GHOST: The problem of competition

In the Ethereum network, the block is found in 15 seconds and gets spread throughout the network in about 12 seconds. It leads to the fact that the blockhain is more often than usual in the uncertain state. No one can be certain which of the last blocks is correct until they find the next one.

As nobody canceled the rule of the longest chain – as soon as one of the chains of the blockchain becomes longer than the others, it is accepted as the only true one. However with a 15-second mining there may be so many of competing chains, that an uncertain blockchain can live for hours, and eventually rollback and re-run most of the transactions.

It’s not only uncomfortable when you try to pay with ETH and wait for confirmation for half an hour but it also carries a serious danger. If the miners spend most of their time trying to run the blocks in “unnecessary” chains, then they have the motivation to join the pool where they can drive together one particular chain, thereby increasing the chances of success and reward.

The motivation for pooling leads to the possibility of a “51% attack” – when more than 50% of the capacity is concentrated in the hands of one pool manager. With this power, he can change the history of the blockchain and roll back the transactions which ordinary miners will only learn about from the Reddit posts.

Therefore, in 2013, a modified algorithm GHOST – Greedy Heaviest Observed Subtree was proposed. In addition to the concept of the previous block (“parent”) it introduces the concept of “uncle” (or ommer) block.

GHOST has a simple message: to give a small reward including those miners who have found “uncle” – a logically correct block which had just a bad luck to get into the neighbour chain. The uncle receives 12.5% of the cost of a full-fledged block. It motivates the miners to continue to mine independently because you can also make good money looking for uncles.

Resistance to ASIC

In ancient times the grass was greener and bitcoins were mined using CPU. Later bitcoin started to grow and graphics adapters were turned into mining tools. They are not as versatile as the CPU and implement a limited set of operations, but they can do them much faster and in thousands of threads.

The arms race continued with the introduction of the ASIC – Application-Specific Integrated Circuit. The crooks in the cellars built “processors” which were unable to do nothing but to sort through the hashes under bitcoin mining with great speed.

Many consider ASICs as cheating but this is the reality.

In Ethereum, the process of mining presumes not only the selection of hashes but also the code execution of smart contracts which are universal Turing-complete calculations. If you try to build an ASIC under Ethereum – it’s going to be a CPU as you need the stack, the memory and everything else.

And on the eve of the transition to Proof-of-Stake, an idea to build ASIC under Ethereum has no financial sense at all.


Last time I told that classic mining with the search for the answer to a complex problem is called Proof-of-Work. Its main disadvantage is that mankind spends huge resources on its functioning. More precisely, it does not actually have to but everyone wants to snatch their reward. It leads to a permanent arms race and mining farms the size of half of India.

Now, Ethereum also uses Proof-of-Work-Mining. The algorithm is called Ethash but it’s counting its last days. Ethereum has long been going to switch to a new mining algorithm where nobody will need to buy up video cards and build farms – Proof-of-Stake.

Miners will no longer need to go through random numbers at the speed of light to find the desired hash, instead, a “lottery” begins among the miners when they fix transactions on their accounts for a certain amount, hash only them and check whether they won or not.

In Ethereum they named their implementation Casper and wrote about it in details in the official FAQ. Here I do not give a description of Casper because I do not fully understand it myself. If some of the readers could explain it in a few words and write in the comments here that would be very useful.

Putting it all together

Let’s try to form a unified picture of the network. Users connect to the network as usual by downloading the application, Ethereum Wallet for example, and can start making transactions.

Any transaction whether transferring funds, calling or creating a contract, gets signed and sent in the same way to a common pool of unconfirmed transactions where it waits until it gets mined. There is no difference from bitcoin, even though it is common in Ethereum to think of “states”. I’m pretty sure that the bitcoin wallets inside turn history into states.

If the transaction is a transfer between users, its mining is almost identical to bitcoin, just instead of the check of inputs here the status of users’ wallets is checked.

Differences begin when a transaction triggers a smart contract. Then the miner computer finds this smart contact in the downloaded storage copy and launches its code with the transferred parameters using its virtual machine (EVM – Ethereum Virtual Machine). Every miner does the same but the result in the network will appear only once. Therefore, all operations in the contract must be deterministic and could be easily forgotten when needed.

Each contract call registers Gas Limit – the number of calculations needed to execute it. If in bitcoin miners collect transactions until they reach the desired block size where they decide how many to include in the block by their total complexity. You can quickly execute hundreds of basic smart contracts or take one “fat” instead.

As a result of the calculations, the miners in addition to the creation of the transaction tree rebuild the tree of states. They generate receipts for each completed transaction and include everything in a new block. Only after that, they try to find a hash of the necessary complexity to include their block into the main blockchain. By the way, instead of the standard SHA-256 in Ethereum, a KECCAK-256 hash is used.

After all, Ethereum blockchain is the same classic blockchain with the addition of the storage and EVM which allows executing arbitrary code of smart contracts on each miner’s computer. It’s useful to fix it in memory.

Yes, in comparison with the bitcoin algorithm, at first it looks like hell and rocket science. But pretty soon you begin to understand that every detail here is really necessary and solves a certain task.

Two stories about smart contracts

The new technology in the hands of the programmer is like a new chainsaw for the Californian maniac. You just can’t wait to try it all at once.

Here I'll tell you two stories about smart contracts that will allow you to better understand the practical possibilities of smart contracts and possible troubles after mistakes.

Success Story: ICO

Now there are dozens of ways to conduct ICO, some are even held on self-made exchanges and have nothing to do with the blockchain. But we will take a look at the example of the classic ICO as they were originally technically conceived – via smart contracts.

ICO is a beautiful example of the use of smart contracts, and by now you most likely guess what it is.

Now Alex is a master for the production of cute plush sharks like this one (original: KATYUSHKA ART DOLLS):

Alex makes plush sharks at home and sells them on the Internet. Sharks became very popular and Alex decided to expand the business but he cannot be born again in a rich family or take a loan from a bank. Alex decides to hold an ICO – to issue his own tokens or in other words, a currency – a shark-coin, sell them and collect some money on it.

Alex creates a smart contract describing a shark-coin, there is even a ready standard for this case – ERC20. The smart contract for the token is absolutely banal, it describes the functions of “buy”, “sell”, “transfer” and “balance.” When someone sends a transaction to the contract with money (ETH) inside the smart contract a simple dictionary is supplemented with “this wallet owns so many shark-coins”. This dictionary is stored directly in the block, in the same Ethereum storage that is visible to all comers.

Alex loads it into the blockchain through Ethereum Wallet and can already go to the forums “guys, buy my tokens.” For the hype, someone will even buy a couple, as happened with Useless ICO when the dude decided to collect his money for a new computer but collected tens of grand USD. This is similar to the issue of shares but is not yet a full-fledged ICO, more like donations for virtual reward.

So-called "ICO-professionals" are now outraged wondering where is the Whitepaper, where the fashionable Landing with the list of Advisors, the contract with the Exchange and the thread from Bitcoin Talk on the stolen account. Yes, everything this is useful but has nothing to the technical side.

For a full-fledged ICO, the logic of the sale itself is missing: how much is a token, what is the sales limit, whether there are discounts to early buyers and other features. Alex can lay the whole logic right in the shark-coin but then it couldn’t be changed either set new limits nor arrange a sale.

Here is a little hint for Alex – it can be resolved by the creation of a second smart contract – a sales contract. It has the whole logic of the ICO inside: the start and end dates, the initial price, the limitation of the number of tokens being sold and so on. Now investors will send money to this contract and it will decide how many shark-coins to give out to everyone and at what price.

This contract cannot be changed after uploading to the network because it guarantees the honesty of the ICO, but now it works only in the terms established by the author and then you can create a new one by arranging a new round or sale. When conducting an ICO it is standard practice to upload a contract to the network in advance so that users can familiarize themselves with it. Also, a popular practice is to conduct pre-sale creating a temporary discount contract which can only be called for a limited period before the sale. It intensifies the activity of the participants.

After that, the ICO shark-coins exist essentially as records within the contract. Technically, like the basic dictionary {John: 20 coins, Peter: 100 coins} which is now permanently recorded in the global storage. Digits in the dictionary have no floating price because they cannot be bought or sold. They can only be transferred or donated to someone.

To sell the tokens at a price Alex should add them to any stock exchange. In this case, Alex somehow translates all the collected tokens into the account of the exchange (with all the obvious risks of it being closed) which starts to run their price depending on supply and demand.

That’s how ICO is arranged in a few words. Sometime in 2016, it could even be carried out this way but very soon Big Shots(TM) came to this market and the rules of the game became much more complicated. Anyway as an example of using smart contract ICO is awesome.

Story of failure: The DAO

The success of contracts has a downside: the story of The DAO – a good example of how to do everything right but finally get bummed, split the blockchain and lose half of the community.

It was in 2016, ICO was not yet a mass phenomenon but the Ethereum community was already inspired by the idea of total crowdfunding using smart contracts. Then the project of the Decentralized Autonomous Organization was born. The DAO was, in fact, a big smart contract, in which the mechanisms of the classic investment fund were laid: the participants contribute their money, get their share, vote with their votes in which projects to invest the collected funds to cut the profit at the end.

A smart contract was a guarantee that no one will deceive anyone and there will be absolute democracy in all aspects. It even took into account the option that some participants will want to leave the DAO and organize their own funds. For example, if they do not agree with the choice of projects or just want to play for investors themselves. Decentralization within decentralization – crypto-anarchists in ecstasy.

The launch of The DAO was anticipated by almost everyone so immediately after the launch, about $ 165 million was sent to the fund (and at the current rate of the ETH it is more than $ 4.3 billion). This was a great event in the community.

A week after the launch, an error was found in the code of the smart contract for GitHub in the very place where the logic was implemented “to get out and take your share out of the fund.” The essence of the bug was that instead of the address of the recipient of the share, it was possible to use the address of another smart contract which within itself could try again to request a refund before the main contract fixes the first refund. And so it’s recursive to get everything out.

So the hackers brought to their accounts more than $ 65 million. Panic began. Even though the bug was not in Ethereum but in the code of the smart contract, the hysteria hit the creators of Ethereum themselves. The crowd demanded “to close and roll everything off,” which is simply impossible in the blockchain. Desperate situation – you seem to have done well but it’s still to blame.

This is a brief retelling of the story from The DAO.

There were two solutions: surrender and give the stolen money to hackers or “stop” the blockchain renewing all clients, roll back to the early blocks and restart everything – in essence, split the block and make a hard fork. The second option was chosen. So two blockchains appeared – Ethereum and Ethereum Classic.

It was a strong blow to the community. Many people still cannot accept this external interference in their independent decentralized world. “If the creators can do so at any time with our money – how can we trust such a blockchain,” they shouted at the forums and Reddit, and were pretty much right. Imagine what it was like to ordinary users who at this time bought ETH somewhere in the currency exchange kiosk.


There is a popular analogy: “Bitcoins is Gold, Ethereum is Oil”.

Bitcoin is gold. Rare soft metal, useless in everyday life. You can not build a house or make a weapon from it, but it becomes valuable when the whole world agrees to use it as a universal currency for settlements between people. Therefore, gold is very expensive.

Ethereum is oil (although I prefer the analogy with Electricity). Oil can be extracted not merely to sell, you can always use it for heating, generation of energy or gasoline for machinery and plants. Even if nobody wants to buy your oil, it solves real applied problems – it helps people to exist and survive. As well as electricity.

I like this analogy. It shows that there is no competition between Bitcoin and Ether. Nobody can say that tomorrow oil can replace gold or vice versa. These are two independent resources that can move us all forward. And they might collapse tomorrow as the Roman Empire. Who knows. :: telegram :: twitter :: instagram :: facebook :: github