I have created custom blockchain using go-ethereum
My network has 2 miners nodes with unlocked accounts and then a public node with a locked account that only broadcast transactions to the miners
I run the public node like this:
geth --datadir standard1/ --syncmode 'full' --port 30392 --rpc --rpcport 9578 --rpccorsdomain '*' --rpcaddr 'MY PUBLIC ADDRESS HERE' --ws --wsaddr "MY PUBLIC ADDRESS HERE" --wsorigins "*" --wsport 9579 --wsapi 'db,eth,net,web3,txpool,miner' --networkid 22 --gasprice '1'
The thing is that if someone sends a contract creation to the public node (using MyEtherWallet for example) the contract submition will be broadcasted and mined.
I found this: https://ethereum.stackexchange.com/questions/11091/is-there-any-way-to-disable-contract-creation-on-a-private-network
But..
a. how can a miner filter the transactions? do i need to create my own fork of go-ethereum with specific logic for this?
b. Is there any way to limit the contract creations? or a way to allow only one contract deployed?
c. I can query the transactions using web3js and check for contract creations, but is there a way to delete the contracts if i own the mining/sealers nodes?
d. Maybe i can ban an address that is submitting a contract? is that possible?
I think in Ethereum it is not possible to control who can send transactions as it is an open network and public blockchain. If you are looking to implement this think you have to switch to a private blockchain, I'd recommend hyperledger.
Even if you fork geth anyone who has access to the genesis file and everything can connect to the network and then mine the contract creation transactions on his nodes.
If you are willing to put in some development work, you can fork geth to remove the CREATE and CREATE2 opcodes. By doing so you could remove the ability to create new opcodes.
If you control the majority of hash power on your chain, you could prevent all others from mining transactions with these Opcodes. If someone connects to your chain and mines an invalid transaction, your nodes would drop this block as invalid and continue to mine your blocks.
Related
I am trying to fulfil requests on my local test chainlink node on rinkeby (following https://docs.chain.link/docs/fulfilling-requests/) but can't see any job runs appear on my operator ui.
The Oracle contract is at 0xA66f738a4688A9E51c2c6FF901CC3B11ce31AE6C
The ATestnetConsumer contract is at 0x977129EE2f404F4327A2A60C5fD9E57890D85FD0
My job toml screenshot below
Have confirmed my .env that it is running the rinkeby wss url from infura and the chain is 4 and the link token contract address is 0x01BE23585060835E02B77ef475b0Cc51aA1e0709
My node wallet has ETH and LINK. Both the contracts have Link too (but no ETH).
I run the setFulfillmentPermission function in remix with my Node wallet address and true
When I execute the requestEthereumPrice function with my oracle address and job id, I can see the LINK being sent by the ATestnetConsumer contract to the Oracle contract but no job run gets created in my local Chainlink node.
Confirming that the job hasn't run, I get the 0 value when I run the currentPrice function on ATestnetConsumer.
Can anyone please point me to where I am going wrong? Thanks in advance!
Finally got it to work. Posting my two findings as I do think the documentation needs an update to account for these.
The external job id in the Jobs screen on the Operator UI has dashes in them. To use them in the ATestnetConsumer contract you need to remove the dashes (so 0e84f38985eb4edb98c2e2a09b589666 and not 0e84f389-85eb-4edb-98c2-e2a09b589666).
The direct request toml doesn't seem to work as is. I had to append allowunrestrictednetworkaccess="true" to the fetch section so it becomes
fetch [type="http" method=GET url="$(decode_cbor.get)" allowunrestrictednetworkaccess="true"]
I'm working on something, just a proof of concept, where people are rewarded for sharing metadata about their IP location. In this case (please ignore the code errors for now), someone would submit their ip, I would send it to an oracle that would resolve it and send back metadata about the ip, then would send the address and metadata to another contract.
This is the naive attempt at pseudo code (or non-compiling, at least) I've come up with:
pragma solidity ^0.4.0;
import "github.com/oraclize/ethereum-api/oraclizeAPI.sol";
contract IpMeta is usingOraclize {
uint public metadata;
function Metadata(bytes32 _ipAddress) public {
update(_ipAddress);
}
function __callback(bytes32 myid, string result) public {
if (msg.sender != oraclize_cbAddress()) revert();
bytes32 ipMetadata = result;
/* send address and result to another contract */
}
function update(bytes32 ipAddress) public payable {
oraclize_query("URL", "xml(https://ipresolver.com?ipresolve=" . ipAddress . ")");
}
}
The goal here is to allow people to prove something about their IP address (country, provider, etc) without the actual IP address being stored with the wallet address in the transaction or anywhere else. Is there a way to hide input data? I'm at a loss on research, and it seems like it would be a really useful function if possible. The im/practicalities of anything other than how to keep input data hidden or inaccessible aren't important.
Thanks,
Mark
The EVM is essentially a network composed of nodes of computers. Anyone can run their own node and your smart contract code will get run on those computers if they have a valid node that can receive the transactions. And since the data will also get transmitted to those computers, the owner that sees the code running in his/her computer will eventually have the power to look into the process getting run(by overseeing network, inspecting memory, etc.).
So from my understanding, the difficulty of doing this depends on the implementation of a Ethereum node. Actually Ethereum's protocols handles some level of security by encrypting the p2p connection. However, what makes all these obsolete in your context is that, the input data is serviced and revealed by services like etherscan(random example). I think it's still possible to achieve want you want, but it will only be a workaround and it will be difficult.
I think of Ethereum and its EVM as a transparent computer, basically the data it receives and sends are not secure at all. If you want to achieve security, that's the thing to achieve in somewhere else, for example process the ip related jobs in some other secure place(trusted 3rd party), then store the data without ip onto the blockchain. That's the best I can think of.
When we call a solidity function via web3js, how does the code flows along with data formats during all the process?
For example, if I call a solidity function through web3js, how does it get executed. Can anyone explain the complete flow?
First of all, I recommend taking the time to read How does Ethereum work, anyway?
But for now, a short explanation
When you call a method on a contract through web3.js, the library
will encode your method call as data attribute on the transaction.
Here's a good explanation about ethereum transactions and data
attribute
The ethereum node your web3.js is connected to will receive your transactions and do some basic checks of nonce and balance
Once the basic checks pass, the node will broadcast the transaction to the rest of the network
When a network node receives a transaction with data attribute, it will execute the transaction using the Ethereum EVM. The outcome
of the transaction is modified state of the contract storage. More
about contract storage
The expectation is that the transaction will produce the same state change on every single node in the network. This is how
consensus is reached and the transaction (and the contract state
change) become part of the canonical chain (mined and not belonging
to an uncle block)
I'm developing a Solidity program. I started truffle develop
> truffle develop
Truffle Develop started at http://localhost:9545/
Accounts:
(0) 0x627306090abab3a6e1400e9345bc60c78a8bef57
(1) 0xf17f52151ebef6c7334fad080c5704d77216b732
(2) 0xc5fdf4076b8f3a5357c5e395ab970b5b54098fef
(3) 0x821aea9a577a9b44299b9c15c88cf3087f3b5544
(4) 0x0d1d4e623d10f9fba5db95830f7d3839406c6af2
(5) 0x2932b7a2355d6fecc4b5c0b6bd44cc31df247a2e
(6) 0x2191ef87e392377ec08e7c08eb105ef5448eced5
(7) 0x0f4f2ac550a1b4e2280d04c21cea7ebd822934b5
(8) 0x6330a553fc93768f612722bb8c2ec78ac90b3bbc
(9) 0x5aeda56215b167893e80b4fe645ba6d5bab767de
Mnemonic: candy maple cake sugar pudding cream honey rich smooth crumble sweet treat
truffle(develop)> migrate
Using network 'develop'.
Running migration: 1_initial_migration.js
Replacing Migrations...
... 0x3bfa69d31cbe12e43f20204daaf24e764a084ade586c3b417099d2e2deccc8eb
Migrations: 0x8cdaf0cd259887258bc13a92c0a6da92698644c0
Saving successful migration to network...
... 0xd7bc86d31bee32fa3988f1c1eabce403a1b5d570340a3a9cdba53a472ee8c956
Saving artifacts...
Running migration: 2_deploy_contracts.js
Replacing TutorialToken...
... 0x56fb0c0933ee395055db66976427f050e24dadda018b113d8f0cc03dc7229043
TutorialToken: 0x345ca3e014aaf5dca488057592ee47305d9b3e10
Saving successful migration to network...
... 0xf36163615f41ef7ed8f4a8f192149a0bf633fe1a2398ce001bf44c43dc7bdda0
Saving artifacts...
truffle(develop)>
Then I setup MetaMask to connect the Private network of http://localhost:9545/. However, I cannot do any transaction because the MetaMask account has 0 ETH? How to add some test ETH for development?
Update
I realized that the account created by metamask has different addresses than the ten test accounts created by truffle develop. How to import the test account into Metamask?
When you setup Metamask you have to import the existing account (I can't remember the exact wording of the option, but you'll figure it out) and then provide the mnemonic Truffle gave you: candy maple cake sugar pudding cream honey rich smooth crumble sweet treat.
Instead of importing the Truffle test accounts into Metamask, you can start Truffle with a predefined set of test accounts using the --account option. Just specify your private key and the amount of Wei you want to start with.
testrpc --account
"YOUR_PRIVATE_KEY,300000000000000000000"
This will initialize your account with 300 ether. Note that you have to pass in your key, not the address.
You can specify multiple accounts with separate --account options.
Instead of importing testrpc/ganache-cli accounts to metamask, you can start testrpc/ganache-cli giving the metamask's mnemonic seed.
Here's how to do it :
Open metamask
click on the burger menu on the top-right corner of the pop-in
Metamask main pop-in
Choose reveal seed word at the bottom of the settings pop-in
Metamask option bottom pop-in
Enter your password. Seed words should been revealed then. Copy/paste them somewhere safe.
When launching testrpc, here's what you can use :
Here's what i use :
testrpc -m "<seed words>"
if you use ganache-cli, which is the new version of testrpc, that's the same :
ganache-cli -m "<seed words>"
This is what i personally use :
ganache-cli -b 15 --debug -m "<seed words>"
-b 15 means i want 15 second block time. I put this to have some delay as on the main net. When deploying your contracts and making requests you won't have instant answer. If you want you can put decrement this number if you want some delay but not wait too much.
--debug will allow you to have some more information like the assembly instructions made when making a call. It can be useful to know what fails or where the contract instructions stops.
After you run Truffle develop and the console prints out the 10 accounts along with the private keys, copy one of the accounts private keys then go to Metamask > Import Account > Select Type = Private Key then past the copied private key in and then you should see the account with ETH in it.
Note: All 10 accounts should have 100 Eth except the first that used a small amount of Eth to bootstrap the chain.
Using JSON HTTP POST; what online service do I best use to broadcast a Bitcoin Cash transaction?
I'm looking for the equivalent of https://blockchain.info/pushtx
There are a few options to broadcast a transaction for Bitcoin and Bitcoin-Cash. The first, but also the most expensive in terms of time, is to setup a BitcoinABC node on your machine and let it sync. Once that's done you can simply call the sendrawtransaction API call and it'll get pushed to other nodes in the network.
The second option is to use Wladimir's bitcoin-submittx tool to connect to a number of nodes and submit the transaction to them. This tool was originally written for Bitcoin, but works also for Bitcoin-Cash. It requires a number of node addresses, but you can use the DNS seeds to get some:
python2 bitcoin-submittx mainnet ${TXHEX} $(dig seed-abc.bitcoinforks.org)
This should submit the TX to some random nodes in the network.
https://rest.bitcoin.com provides a REST API for broadcasting transactions. This BITBOX code example shows how to construct a BCH transaction then broadcast it using rest.bitcoin.com:
https://github.com/Bitcoin-com/bitbox-javascript-sdk/blob/master/examples/applications/wallet/send-bch/send-bch.js
In particular, look at the last few lines of the example:
// Broadcast transation to the network
const broadcast = await BITBOX.RawTransactions.sendRawTransaction(hex)
console.log(`Transaction ID: ${broadcast}`)
API documentation:
https://developer.bitcoin.com/bitbox/docs/getting-started
If you already have the raw hex and you want a manual way to broadcast it, you can go directly to the endpoint on rest.bitcoin.com, and paste in the hex:
https://rest.bitcoin.com/#/rawtransactions/sendRawTransaction