Blockchain Assignment & Demo

# Blockchain Assignment & Demo ## [A] Quorum Blockchain Network Demonstration ### Basic Quorum System Components ![](https://i.imgur.com/2qeswpl.png) --- * GoQuorum * Consensus and Execution layer for the blockchain * Tessera * Private transaction manager * Transaction Manager * Enclave - secure processing environment * Cakeshop * Uses JSON RPC to connect to GoQuorum Node * Set of tools for working with GoQuorum Nodes * Load / txn monitoring * Contract sandbox and monitoring * Basic wallet function --- ### Production System Components * [Quorum Key Manager]("https://github.com/ConsenSys/quorum-key-manager") - Key management * [Orchestrate]("https://github.com/ConsenSys/orchestrate") * Transaction management * Txn Sentry * Account management * Smartcontract Mgmt - deploy + decode logs * Faucet * Hosting infrastructure * Multiple environments * eg. Kubernetes * Secrets management ## [B] GETH API and Blockchain Transaction Demonstration * Inspecting nodes/peers information |Function|Command| |---|---| |Node Client Version|`curl -X POST --data '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| |Peer Count|`curl -X POST --data '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| --- * Inspect chain, block, txn info |Function|Command| |---|---| |Recent Block|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| |View Block by #|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["0xf9b", true],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| |View Txn|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getTransactionByHash","params":["<hash>"],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| --- * Create Wallet / account and transfer Ether |Function|Command| |---|---| |View managed Accounts|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| |Create account (docker CLI) |`geth account new`| |View accounts (docker CLI) |`geth account list`| |Import account via file (docker CLI) |`geth account import <keyfile>`| |Send ether|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sendTransaction","params":[{"from": "0xc9c913c8c3c1cd416d80a0abf475db2062f161f6","to":"0x7275724EC53C249791F9fD43Dd0417f4f6fe807c","gas": "0x76c0","gasPrice": "0x0", "value": "0x1", "data": ""}],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| |Get Balance|`curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getBalance","params":["0xc9c913c8c3c1cd416d80a0abf475db2062f161f6", "0x11ac"],"id":1}' -H 'Content-Type: application/json' http://localhost:8545`| ## [C] DApps & Smart Contract Development ### Smart Contract Demonstration 1. Transfer of tokens * Simple ERC20 token with 'TEST' symbol and 1 decimal place. Sends 1,000,000 tokens to contract deployer. * Adapted from solmate's ERC20, removed EIP-2612 3. Deploy token contract via remix ![](https://i.imgur.com/nJP0zGK.png) 3. Transfer tokens via remix ![](https://i.imgur.com/HVvAMwj.png) 5. View test result in Metamask ![](https://i.imgur.com/8PvLqPg.png) ### Development stack * Solidity libraries * OpenZeppelin * Boring * solmate as reference for gas-efficient contracts * Patterns and references * Some common ones [at fravoll's github]("https://fravoll.github.io/solidity-patterns/") * eg. Eternal Storage as a design pattern * Checks Effects Interaction as a security pattern --- * Development Frameworks * Hardhat  * Foundry * web3 interface * Ethers.js / web3.js * web3 library for specific language --- * Automated Testing * Unit Tests * Truffle / Ganache / web3.js / Chai + Mocha * Hardhat / ethers.js / Chai + Mocha * Foundry * Integration Tests * web3 scripts with specific setup * eg. python scripts that spin up containers and redeploy contracts using web3.py * Security tools * Static security analysis * Slither * Mythril * Fuzzing * Scribble * Foundry ## [D] DevSecOps Pipeline Demonstration ### Hardhat + Ethers - Full featured * Use GitHub for SCM * Github Actions for CI/CD * yarn for package management * hardhat for building, running tests in Mocha/Chai * hardhat + ethers.js for deployment * Demo: https://github.com/flaskr/contracts-cicd/actions * Artifact Management * Possible to use npm repo / github sub-modules for dependency management --- ### Lightweight alternative * Still use GitHub + GitHub Actions * foundry for building, testing, and fuzzing * Use GitHub sub-modules for dependency management * Setup github action using following: * https://github.com/marketplace/actions/foundry-toolchain * https://github.com/marketplace/actions/slither-action * example of actions: https://github.com/flaskr/nft-lend-v2 ## [E] Building Secure, Resilient & Highly available Infrastructure ### [Consortium]("https://consensys.net/docs/goquorum/en/latest/concepts/security-framework/") * Use a fault tolerant consensus protocol - not QBFT as it's in early access * Establish members' network SLA * Other qualitative measures ### Node Security * Operating Systems * industry best practices * Keep updated * Disable direct remote network access to host management interface * Use a IDS to monitor node host * Use host-based firewall rules to whitelist trusted systems * Run hosts that have SLA to defend against DoS ### HA for Nodes #### GoQuorum * Put two or more behind a load balancer * They should have the same private txn manager public key, and share access to key vaults * Must share same private state * Can use a local Tessera Node, or a HA Tessera Node * They must have different node keys #### Tessera * Two or more nodes can serve as privacy manager * They share same public/private keypair in password protected files or external vaults ### HA Cloud infrastructure * Leverage Kubernetes * Config/code as infra * Keep environments consistent to improve test quality * Distribute env across service providers * Try running the nodes using the guide here: * https://consensys.net/docs/goquorum/en/latest/tutorials/kubernetes/overview/ * Use reference implementations to guide configuration using Helm: * https://github.com/ConsenSys/quorum-kubernetes * Prepare the build for production using * https://consensys.net/docs/goquorum/en/latest/tutorials/kubernetes/production/ ## Appendix ### Preparing demo on local * Start 4 terminal tabs * Node containers: `./resume.sh` * View of Quorum members 1-3: `./attach.sh <#>` * Start Cakeshop * `java -jar cakeshop-0.12.1.war` * open http://localhost:8080 * Open Docker CLI to Quorum member 1 * Open Remix and point Quorum plugin to `` ### References * [Quorum Quickstart Guide]("https://consensys.net/docs/goquorum/en/latest/tutorials/quorum-dev-quickstart/using-the-quickstart/") - https://consensys.net/docs/goquorum/en/latest/tutorials/quorum-dev-quickstart/using-the-quickstart/ * [Security Framework]("https://consensys.net/docs/goquorum/en/latest/concepts/security-framework/") - https://consensys.net/docs/goquorum/en/latest/concepts/security-framework/ * [Cakeshop]("https://consensys.net/docs/goquorum/en/latest/configure-and-manage/monitor/cakeshop/") - https://consensys.net/docs/goquorum/en/latest/configure-and-manage/monitor/cakeshop/ * [Lifecycle of private transactions]("https://consensys.net/docs/goquorum/en/stable/concepts/privacy/private-transaction-lifecycle/") - https://consensys.net/docs/goquorum/en/stable/concepts/privacy/private-transaction-lifecycle/ * [GETH API]("https://github.com/ethereum/execution-apis") - https://github.com/ethereum/execution-apis * [QBFT]("https://consensys.net/docs/goquorum/en/latest/tutorials/private-network/create-qbft-network/") - https://consensys.net/docs/goquorum/en/latest/tutorials/private-network/create-qbft-network/ * [Kubernetes]("https://consensys.net/docs/goquorum/en/latest/deploy/install/kubernetes/") - https://consensys.net/docs/goquorum/en/latest/deploy/install/kubernetes/ * [HA for GoQuorum]("https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/high-availability/?h=ha#tessera-ha-configuration-requirements") - https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/high-availability/?h=ha#tessera-ha-configuration-requirements * [Permissioning]("https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/permissioning/enhanced-permissions/") - https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/permissioning/enhanced-permissions/ * [Other Configuration]("https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/consensus-protocols/ibft/") - https://consensys.net/docs/goquorum/en/latest/configure-and-manage/configure/consensus-protocols/ibft/ * [Hex to decimal]("https://www.binaryhexconverter.com/hex-to-decimal-converter") - https://www.binaryhexconverter.com/hex-to-decimal-converter * [Solidity Patterns]("https://fravoll.github.io/solidity-patterns/") - https://fravoll.github.io/solidity-patterns/ * [Foundry]("https://github.com/gakonst/foundry") - https://github.com/gakonst/foundry