Blockchain Assignment & Demo
[A] Quorum Blockchain Network Demonstration
Basic Quorum System Components
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More โ
- GoQuorum
- Consensus and Execution layer for the blockchain
- Tessera
- Private transaction manager
- Transaction Manager
- Enclave - secure processing environment
- Cakeshop
- Uses JSON RPC to connect to GoQuorum Node
- Set of tools for working with GoQuorum Nodes
- Load / txn monitoring
- Contract sandbox and monitoring
- Basic wallet function
Production System Components
- Quorum Key Manager - Key management
- Orchestrate
- Transaction management
- Txn Sentry
- Account management
- Smartcontract Mgmt - deploy + decode logs
- Faucet
- Hosting infrastructure
- Multiple environments
- eg. Kubernetes
- Secrets management
[B] GETH API and Blockchain Transaction Demonstration
- Inspecting nodes/peers information
| Function |
Command |
| Node Client Version |
curl -X POST --data '{"jsonrpc":"2.0","method":"web3_clientVersion","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
| Peer Count |
curl -X POST --data '{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
- Inspect chain, block, txn info
| Function |
Command |
| Recent Block |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
| View Block by # |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["0xf9b", true],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
| View Txn |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getTransactionByHash","params":["<hash>"],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
- Create Wallet / account and transfer Ether
| Function |
Command |
| View managed Accounts |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_accounts","params":[],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
| Create account (docker CLI) |
geth account new |
| View accounts (docker CLI) |
geth account list |
| Import account via file (docker CLI) |
geth account import <keyfile> |
| Send ether |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sendTransaction","params":[{"from": "0xc9c913c8c3c1cd416d80a0abf475db2062f161f6","to":"0x7275724EC53C249791F9fD43Dd0417f4f6fe807c","gas": "0x76c0","gasPrice": "0x0", "value": "0x1", "data": ""}],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
| Get Balance |
curl -X POST --data '{"jsonrpc":"2.0","method":"eth_getBalance","params":["0xc9c913c8c3c1cd416d80a0abf475db2062f161f6", "0x11ac"],"id":1}' -H 'Content-Type: application/json' http://localhost:8545 |
[C] DApps & Smart Contract Development
Smart Contract Demonstration
- Transfer of tokens
- Simple ERC20 token with 'TEST' symbol and 1 decimal place. Sends 1,000,000 tokens to contract deployer.
- Adapted from solmate's ERC20, removed EIP-2612
- Deploy token contract via remix
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More โ
- Transfer tokens via remix
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More โ
- View test result in Metamask
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More โ
Development stack
- Solidity libraries
- OpenZeppelin
- Boring
- solmate as reference for gas-efficient contracts
- Patterns and references
- Some common ones at fravoll's github
- eg. Eternal Storage as a design pattern
- Checks Effects Interaction as a security pattern
- Development Frameworks
- Hardhat
- Foundry
- web3 interface
- Ethers.js / web3.js
- web3 library for specific language
- Automated Testing
- Unit Tests
- Truffle / Ganache / web3.js / Chai + Mocha
- Hardhat / ethers.js / Chai + Mocha
- Foundry
- Integration Tests
- web3 scripts with specific setup
- eg. python scripts that spin up containers and redeploy contracts using web3.py
- Security tools
- Static security analysis
- Fuzzing
[D] DevSecOps Pipeline Demonstration
Hardhat + Ethers - Full featured
- Use GitHub for SCM
- Github Actions for CI/CD
- yarn for package management
- hardhat for building, running tests in Mocha/Chai
- hardhat + ethers.js for deployment
- Demo: https://github.com/flaskr/contracts-cicd/actions
- Artifact Management
- Possible to use npm repo / github sub-modules for dependency management
Lightweight alternative
- Still use GitHub + GitHub Actions
- foundry for building, testing, and fuzzing
- Use GitHub sub-modules for dependency management
- Setup github action using following:
- example of actions: https://github.com/flaskr/nft-lend-v2
[E] Building Secure, Resilient & Highly available Infrastructure
- Use a fault tolerant consensus protocol - not QBFT as it's in early access
- Establish members' network SLA
- Other qualitative measures
Node Security
- Operating Systems
- industry best practices
- Keep updated
- Disable direct remote network access to host management interface
- Use a IDS to monitor node host
- Use host-based firewall rules to whitelist trusted systems
- Run hosts that have SLA to defend against DoS
HA for Nodes
GoQuorum
- Put two or more behind a load balancer
- They should have the same private txn manager public key, and share access to key vaults
- Must share same private state
- Can use a local Tessera Node, or a HA Tessera Node
- They must have different node keys
Tessera
- Two or more nodes can serve as privacy manager
- They share same public/private keypair in password protected files or external vaults
HA Cloud infrastructure
- Leverage Kubernetes
- Config/code as infra
- Keep environments consistent to improve test quality
- Distribute env across service providers
- Try running the nodes using the guide here:
- Use reference implementations to guide configuration using Helm:
- Prepare the build for production using
Appendix
Preparing demo on local
- Start 4 terminal tabs
- Node containers:
./resume.sh
- View of Quorum members 1-3:
./attach.sh <#>
- Start Cakeshop
- Open Docker CLI to Quorum member 1
- Open Remix and point Quorum plugin to ``
References
โHackMD
