const data = [ { id: 1, name: 'Fabio Berger + Remco Bloemen', content: '

\n' + '

\n' + '

\n' + '

Fabio\n' + 'Berger + Remco Bloemen

\n' + '

\n' + '

What type of apps do you\n' + 'build?

\n' + '

0x - Decentralized exchange\n' + 'protocol. It is a set of smart contracts that handle standard\n' + 'transactions in an order format.

\n' + '

The key advantage here is that\n' + 'these smart contracts leads to shared liquidity

\n' + '

We also achieve increased security\n' + 'and network liquidity through our architecture.
We launched the network in August\n' + '2017.

\n' + '

It works, but is V1. We are working\n' + 'on V2 which helps people build hybrid stations, supports new token\n' + 'standards, and makes the contract more gas efficient.
V1 only allows humans to create\n' + 'orders; V2 will allow new smart contract to create orders. This is\n' + 'HUGE.

\n' + '

Notes:

\n' + '

We’re building the protocol;\n' + 'designing the standard; building dev tools for anyone to build a\n' + 'decentralized exchange.

\n' + '

Orders may become invalid for any\n' + 'reason:

\n' + '

Order being filled
Griefing attacks
We’ve now built an OrderWatcher\n' + 'that keeps relayers updated on the state of orders.

\n' + '

We’re using contract Events as a\n' + 'proxy for state changes.
Can do a diff between state trees\n' + 'and between block headers.

\n' + '

We also have a set of smart\n' + 'contracts to handle settlement;

\n' + '

Everyone who wants to trade is\n' + 'setting allowances on a smart contract.

\n' + '

We want upgradability.

\n' + '

What are the\n' + 'tools/libraries/frameworks you use?

\n' + '

EthereumJS / truffle hardwallet\n' + 'provider / Typedoc (to generate documentation) /
We don’t use Truffle\n' + 'anymore

\n' + '

Not reliable – can have race\n' + 'conditions;
Artifacts don’t allow you to have\n' + 'versions of the contract on different networks

\n' + '

You don’t run into this stuff if\n' + 'you’re just building a “hello world”

\n' + '

Overwriting parts of the\n' + 'contracts;

\n' + '

We rolled our own. It’s open-source\n' + 'but not documented. We have other things that are keeping us\n' + 'busy.
The problem is that Truffle has too\n' + 'much functionality –– we would like to see more of a Unix\n' + 'philosophy.
Cannot support different versions\n' + 'of Solidity.

\n' + '

Version management doesn’t\n' + 'exist.

\n' + '

EthPM –– doesn’t have versioning\n' + 'either? It’s going through a big refactor, so we held off. We need\n' + 'the NPM package manager.
We have built a lot of developer\n' + 'tools to interface with the smart contracts ourselves.
We have also built own deployer and\n' + 'migration tool, as truffle’s did not suit our needs.

\n' + '

What are your biggest\n' + 'frustrations?

\n' + '

Getting a simple experimental\n' + 'environment up is hard

\n' + '

Remix is there; but it’s not\n' + 'enough.

\n' + '

Tracing and profiling is not\n' + 'existent.

\n' + '

Remix does it, but can’t do it\n' + 'locally.
“Code coverage” tool exists but\n' + 'inserts console.logs in

\n' + '

Adding up gas costs per line of\n' + 'code.

\n' + '

Need to do profiling, because gas\n' + 'costs depend on inputs.

\n' + '

Solidity language\n' + 'itself:

\n' + '

Crashed the Solidity compiler twice\n' + 'today.

\n' + '

E.g. AbiEncoderV2 is pretty new and\n' + 'hard to understand/use.

\n' + '

The code that it produces is\n' + 'inefficient.
There is a stark stack limit in\n' + 'solidity

\n' + '

All the variables are locally\n' + 'scoped.
Un-intuitive as it is a curly\n' + 'braced language.
The lifecycle hook value_of is\n' + 'within a function.
Can only access top 16 slack slots.\n' + 'Including input and output.
We need to implement a graph\n' + 'coloring register allocator – to find out what the lifetime of the\n' + 'variables is.

\n' + '

“This stack slot was used in the\n' + 'first half –– the second half you can use”
Or implement register\n' + 'splitting.

\n' + '

Function inlining is frustrating\n' + 'sometimes:

\n' + '

E.g. SafeMath –– turns every\n' + 'operator into function call – which is a huge gas sink.

\n' + '

How Solidity optimizes could be\n' + 'improved:

\n' + '

It focuses on the code size (which\n' + 'makes sense since it’s minimizing the state tree); but sometimes\n' + 'you need to optimize size of tx gas (e.g. 0x needs optimized\n' + 'fillOrder call)

\n' + '

ABI doesn’t implement\n' + 'introspection

\n' + '

EIP 165

\n' + '

E.g. “does this contract implement\n' + 'ERC20, or ERC223?”

\n' + '

Solidity should have this\n' + 'in-built.

\n' + '

Should be built into the API spec\n' + 'and compiler.

\n' + '

Inheritance:

\n' + '

Interface or abstract contract –\n' + 'e.g. Solidity automatically creates getters for state functions ––\n' + 'collides with
Contract which implements an\n' + 'interface – public or external for abstract functions – they\n' + 'collide

\n' + '

ERCs – there is not a formal way to\n' + 'describe the interface for contracts.

\n' + '

Have a standard repo –– this will\n' + 'lead to a canonical ABI definition –– can have semantic rules\n' + 'around this. Could run some specific unit tests against

\n' + '

How do you handle\n' + 'testing?

\n' + '

Testrpc has gotten better\n' + '––

\n' + '

Increases the speed at which you\n' + 'can dev.

\n' + '

Blockstream is really cool. Written\n' + 'by Mica (from Augur?), under the EthereumJS lib.
Good dealing with block re-orgs and\n' + 'changes in state.
Continuous Integration:

\n' + '

Doesn’t really work for smart\n' + 'contracts.
We just use testrpc.
Neufund was different than\n' + '0x:

\n' + '

Neufund was a trustee for tokens ––\n' + 'it was centralized by definition.
This made it simpler: I could\n' + 'create “open-ended” contracts –– a switch statement, that the\n' + 'default would send to another proxy contract.
But wouldn’t be able to do this\n' + 'with 0x –– e.g. if we wanted to add Shnorr signatures –– because\n' + 'it’s a governance / security issues.

\n' + '

How do you handle smart contract\n' + 'verification and security?

\n' + '

Code audits before\n' + 'deployment
Want to add a formal verification\n' + 'tool to our deployment tool.

\n' + '

By analyzing the code, you can find\n' + 'patterns.

\n' + '

I manually did an audit in v0 of\n' + '0x:

\n' + '

Make sure all functions have a\n' + '“Read -> Write -> External Call” pattern, so you don’t have\n' + 'any race conditions.

\n' + '

Other bounties?

\n' + '

Rest of the bounties from\n' + 'Remco
State-watching –– built-in\n' + 'diff’ing of state trees

\n' + '

Should be implemented in the\n' + 'Ethereum clients – Geth and Rust.
They want this feature for\n' + 'OrderWatcher.

\n' + '

EIP process is\n' + 'suboptimal:

\n' + '

Lacks in consensus-building.\n' + 'There’s vocal people who don’t have good ideas; there’s a lot of\n' + 'noise.
To improve: committee-based\n' + 'approach (reputable stakeholders from reputable projects who get\n' + 'together?).
Problems are getting solved at the\n' + 'wrong abstraction level.

\n' + '

E.g. NFT standards.

\n' + '

Neufund was largest Solidity\n' + 'project before –– tokenized equity.

\n' + '

You want a EuroToken. You don’t\n' + 'want your company valuated in Ether.
What if blockchain forks; which\n' + 'token is actually tied to the company?

\n' + '

Bounty approach gives many\n' + 'different styles within the codebase.

\n' + '

This is a problem; e.g. OpenSSL\n' + 'codebase after Masters / PhDs.

\n' + '

', }, { id: 2, name: 'Leo Logvinov', content: '

\n' + '

\n' + '

\n' + '

Leo\n' + 'Logvinov

\n' + '

4/24/2018 - Robbie, Parker,\n' + 'Andy

\n' + '

\n' + '

Who are you and what are you\n' + 'working on?

\n' + '

Started in blockchain 2 years ago\n' + 'in Berlin, working on Ethereum devtools, building solidity plugin\n' + 'for IntelliJ, built by him and an Australian.
Working on truffle, did some PRs,\n' + 'improving speed, usability, error handling.
Started working on 0x, primary\n' + 'role: devtools team.

\n' + '

What are your biggest\n' + 'frustrations?

\n' + '

Event watching - unreliable, no\n' + 'support for backfills etc.
Build tool for statically typed\n' + 'contract (ABI gen that generates contracts), build out the\n' + 'statically typed libraries
Negative experience with web3js\n' + 'team - unresponsive.
Frustrated with truffle because it\n' + 'is hard to contribute with so many packages these days.

\n' + '

Hard to debug and understand it all\n' + '- so needed a smaller truffle for the specific use\n' + 'cases.
Need to standardise their artifact\n' + 'format (currently in talks about it).

\n' + '

Solidity coverage tool: built at\n' + 'hackathon (at least the profiler which is not super useful),\n' + 'standardise on artifacts format so that it works across\n' + 'tools.

\n' + '

Which line of solidity is covered\n' + 'by tests?

\n' + '

EIP712 - standardised signing for\n' + 'structured data, also helped finalise 721 at ETHDenver.
Solidity plugin for\n' + 'IntelliJ IDE

\n' + '

One did not exist at the time. Did\n' + 'not have too much stuff in it really: simple formatting,\n' + 'definitions, highlighting. Not “a super interesting” project, but\n' + 'has 36 000 users (some duplicates).

\n' + '

VMs

\n' + '

Been wanting to speed up tests\n' + 'recently. Bottleneck is code execution in Ganache VM (90%). We want\n' + 'to get down to 1-10s test runs.
GAS PRICES ARE NOT THE SAME!!!!\n' + 'Arghhhhh!
We need JIT compilation in more\n' + 'performant language (currently just executed in JS).
Project called EthJIT VM,\n' + 'transpiles to LLL, then optimizes contract so that it is\n' + 'precompiled and then runs much faster.

\n' + '

Would be great to see the\n' + 'integrated in ganache (snapshots and time travel make this a nice\n' + 'tool than geth to use currently).
Even better to have pluggable VMs,\n' + 'have spoken to the Foundation about this too.

\n' + '

What tools don’t exist at the\n' + 'moment?

\n' + '

Prettier type plugin for\n' + 'solidity. I don’t have time to write it but\n' + 'Prettier has a good API.

\n' + '

Other bounties?

\n' + '

There is a limit on local variable\n' + 'numbers (have a limit of 16, which influences how you write the\n' + 'code).

\n' + '

Solidity doesn’t push variables\n' + 'down the stack, so you can’t go more than 16 deep. This is an\n' + 'implementation detail in current compiler that needs to be\n' + 'improved.

\n' + '

ABIv2 - experimental feature for\n' + 'half a year or so - return structures and bus structures as\n' + 'parameters. 0x are planning to use it to make their code easier to\n' + 'audit especially.

\n' + '

C++ devs needed

\n' + '

Other domain specific\n' + 'questions?

\n' + '

What has your experience been\n' + 'like working on EIPS?

\n' + '

Working on EIP 712 - signing\n' + 'structured and typed data
Quite hard with monetary prospects\n' + 'and no established legislation process - need better ways of\n' + 'governing and enforcing the process.

\n' + '

Really helped to have everyone in\n' + 'one room at ETHDenver and align on angles of attack.
Room at ETHDenver from commenting\n' + 'on a thread in GH. Started unstructured and moved into structured\n' + 'discussion by defining the interface, which helped identify all the\n' + 'different parties’ motivations. This revealed some inertia on some\n' + 'teams’ behalf, which was interesting to see.
Lot of discussions about metadata\n' + '(of tokens, which is also important for other parts of\n' + 'tokens)
GH PRs are one single wall of text\n' + 'and the comments need to be better moderated, especially for trolls\n' + 'or tangential discussions/ideas (especially tangential ideas need\n' + 'to be collapsed).
Creators need to moderate/create a\n' + 'TL;DR section to help people better and more easily grasp what they\n' + 'are working on.

\n' + '

Solidity code coverage - how\n' + 'does that work?

\n' + '

Before each line calling eval, and\n' + 'modifying Eth and ganache code to read the events, much below the\n' + 'current block gas limit and working through everything that comes\n' + 'through.
Take debug transaction with list of\n' + 'opcodes. Also have the source maps, which map back from opcodes to\n' + 'lines of solidity code, and can use that the work backwards from\n' + 'opcodes to understand exactly which line used how much\n' + 'gas.
How do you get the trace after each\n' + 'tx?

\n' + '

We wrote our own provider, whenever\n' + 'call to eth_sendTransaction gone through provider it sends it and\n' + 'then gets the trace.

\n' + '

Calls don’t have traces though, so\n' + 'need to do a snapshot and then send the call as a tx, which gives\n' + 'you the trace back and then you can look at what happened in the\n' + 'call.
Did look at other tools, but felt\n' + 'the performance and reliability of those tools just kinda\n' + 'sucked.

\n' + '

Can you tell us more about\n' + 'Event Watching?

\n' + '

Lacking good open source\n' + 'project^[a]
People don’t have stateful nodes,\n' + 'you need to handle events client side
Ethereum-js blockstream enables us\n' + 'to use stateless nodes after installing all filters. Still not a\n' + 'part of web3.

\n' + '

Working on something called\n' + 'order-watcher: track when the order becomes invalid. Which happens\n' + 'when the user manipulates things. You can validate reactively by\n' + 'watching for events, but you want to actually watch balance changes\n' + 'and events are just an imperfect proxy for this.
People can mint and burn tokens and\n' + 'change balance without emitting events.
Want to track changes in balances,\n' + 'not events. balanceOf() is view function that returns the balance,\n' + 'so we want to track the result of calling that.
Might be inefficient to look at\n' + 'that directly, or we can register callbacks and recompute only when\n' + 'the state used by that function changes.
But how do we know when state\n' + 'changes?
Cannot rely on solidity, but can\n' + 'run function, get trace, see which storage slots the function is\n' + 'reading, and then you for sure know that this function will only\n' + 'change its value when one of those storage slots\n' + 'changes.
Use Patricia tries somehow to watch\n' + 'these storage slots and state changes - allow you to watch\n' + 'efficiently changes on view and pure functions.
Check out EIP 781:\n' + '\n' + 'https://github.com/ethereum/EIPs/issues/781

\n' + '

Can you tell us more about ABI\n' + 'gen for statically typed contracts?

\n' + '

Contracts need to be checked at\n' + 'compile times to ensure parameters etc (strong instead of number or\n' + 'something like that) and being statically typed is much easier to\n' + 'check this.
Inspired by geth\n' + 'tooling, and there are\n' + 'also some JS ones (salt-size etc) but were all very opinionated and\n' + 'made all sorts of assumptions about how you wanted to use your\n' + 'contracts.
With 0x tool: Consensys is using\n' + 'it, Sybil (journalism tools, also with typescript\n' + 'contracts).
Using ethers.js for backend of\n' + 'contracts due to issues with web3 versions (classic).

\n' + '

Best ideas to have in a\n' + 'debugger?

\n' + '

Not writing solidity actively at\n' + 'the moment and I haven’t used one yet because it is such a high\n' + 'level tool (haha).
I feel that this is quite a long\n' + 'way away right now.
Need bytecode, source code, source\n' + 'maps, traces, interruptable VM etc.

\n' + '

Can you tell us more about\n' + 'signing data in Ethereum?

\n' + '

Arbitrary string that people were\n' + 'supposed to sign, but then people figured that you could use it to\n' + 'send ETH, hence the weird prefix that got implemented - not an EIP,\n' + 'it is just a bugfix.
If there is a way to display user\n' + 'data and get them to understand the transaction fully, then they\n' + 'would surely not sign. Prefix doesn’t solve anything, it just\n' + 'postpones the problem.

\n' + '

\n' + '

[a]WE can do more research here -- this is a big\n' + 'bounty

\n' + '

', }, { id: 3, name: 'Axel Ericsson', content: '

\n' + '

\n' + '

\n' + '

Axel Ericsson

\n' + '

\n' + '

What type of apps do you\n' + 'build?

\n' + '

0x - Decentralized exchange\n' + 'protocol. It is a set of smart contracts that handle standard\n' + 'transactions in an order format.

\n' + '

The key advantage here is that\n' + 'these smart contracts leads to shared liquidity

\n' + '

We also achieve increased security\n' + 'and network liquidity through our architecture.
We launched the network in August\n' + '2017.

\n' + '

It works, but is V1. We are working\n' + 'on V2 which helps people build hybrid stations, supports new token\n' + 'standards, and makes the contract more gas efficient.
V1 only allows humans to create\n' + 'orders; V2 will allow new smart contract to create orders. This is\n' + 'HUGE.

\n' + '

Notes:

\n' + '

We’re building the protocol;\n' + 'designing the standard; building dev tools for anyone to build a\n' + 'decentralized exchange.

\n' + '

Orders may become invalid for any\n' + 'reason:

\n' + '

Order being filled
Griefing attacks
We’ve now built an OrderWatcher\n' + 'that keeps relayers updated on the state of orders.

\n' + '

We’re using contract Events as a\n' + 'proxy for state changes.
Can do a diff between state trees\n' + 'and between block headers.

\n' + '

We also have a set of smart\n' + 'contracts to handle settlement;

\n' + '

Everyone who wants to trade is\n' + 'setting allowances on a smart contract.

\n' + '

We want upgradability.

\n' + '

What are the\n' + 'tools/libraries/frameworks you use?

\n' + '

EthereumJS / truffle hardwallet\n' + 'provider / Typedoc (to generate documentation) /
We don’t use Truffle\n' + 'anymore

\n' + '

Not reliable – can have race\n' + 'conditions;
Artifacts don’t allow you to have\n' + 'versions of the contract on different networks

\n' + '

You don’t run into this stuff if\n' + 'you’re just building a “hello world”

\n' + '

Overwriting parts of the\n' + 'contracts;

\n' + '

We rolled our own. It’s open-source\n' + 'but not documented. We have other things that are keeping us\n' + 'busy.
The problem is that Truffle has too\n' + 'much functionality –– we would like to see more of a Unix\n' + 'philosophy.
Cannot support different versions\n' + 'of Solidity.

\n' + '

Version management doesn’t\n' + 'exist.

\n' + '

EthPM –– doesn’t have versioning\n' + 'either? It’s going through a big refactor, so we held off. We need\n' + 'the NPM package manager.
We have built a lot of developer\n' + 'tools to interface with the smart contracts ourselves.
We have also built own deployer and\n' + 'migration tool, as truffle’s did not suit our needs.

\n' + '

What are your biggest\n' + 'frustrations?

\n' + '

Getting a simple experimental\n' + 'environment up is hard

\n' + '

Remix is there; but it’s not\n' + 'enough.

\n' + '

Tracing and profiling is not\n' + 'existent.

\n' + '

Remix does it, but can’t do it\n' + 'locally.
“Code coverage” tool exists but\n' + 'inserts console.logs in

\n' + '

Adding up gas costs per line of\n' + 'code.

\n' + '

Need to do profiling, because gas\n' + 'costs depend on inputs.

\n' + '

Solidity language\n' + 'itself:

\n' + '

Crashed the Solidity compiler twice\n' + 'today.

\n' + '

E.g. AbiEncoderV2 is pretty new and\n' + 'hard to understand/use.

\n' + '

The code that it produces is\n' + 'inefficient.
There is a stark stack limit in\n' + 'solidity

\n' + '

All the variables are locally\n' + 'scoped.
Un-intuitive as it is a curly\n' + 'braced language.
The lifecycle hook value_of is\n' + 'within a function.
Can only access top 16 slack slots.\n' + 'Including input and output.
We need to implement a graph\n' + 'coloring register allocator – to find out what the lifetime of the\n' + 'variables is.

\n' + '

“This stack slot was used in the\n' + 'first half –– the second half you can use”
Or implement register\n' + 'splitting.

\n' + '

Function inlining is frustrating\n' + 'sometimes:

\n' + '

E.g. SafeMath –– turns every\n' + 'operator into function call – which is a huge gas sink.

\n' + '

How Solidity optimizes could be\n' + 'improved:

\n' + '

It focuses on the code size (which\n' + 'makes sense since it’s minimizing the state tree); but sometimes\n' + 'you need to optimize size of tx gas (e.g. 0x needs optimized\n' + 'fillOrder call)

\n' + '

ABI doesn’t implement\n' + 'introspection

\n' + '

EIP 165

\n' + '

E.g. “does this contract implement\n' + 'ERC20, or ERC223?”

\n' + '

Solidity should have this\n' + 'in-built.

\n' + '

Should be built into the API spec\n' + 'and compiler.

\n' + '

Inheritance:

\n' + '

Interface or abstract contract –\n' + 'e.g. Solidity automatically creates getters for state functions ––\n' + 'collides with
Contract which implements an\n' + 'interface – public or external for abstract functions – they\n' + 'collide

\n' + '

ERCs – there is not a formal way to\n' + 'describe the interface for contracts.

\n' + '

Have a standard repo –– this will\n' + 'lead to a canonical ABI definition –– can have semantic rules\n' + 'around this. Could run some specific unit tests against

\n' + '

How do you handle\n' + 'testing?

\n' + '

Testrpc has gotten better\n' + '––

\n' + '

Increases the speed at which you\n' + 'can dev.

\n' + '

Blockstream is really cool. Written\n' + 'by Mica (from Augur?), under the EthereumJS lib.
Good dealing with block re-orgs and\n' + 'changes in state.
Continuous Integration:

\n' + '

Doesn’t really work for smart\n' + 'contracts.
We just use testrpc.
Neufund was different than\n' + '0x:

\n' + '

Neufund was a trustee for tokens ––\n' + 'it was centralized by definition.
This made it simpler: I could\n' + 'create “open-ended” contracts –– a switch statement, that the\n' + 'default would send to another proxy contract.
But wouldn’t be able to do this\n' + 'with 0x –– e.g. if we wanted to add Shnorr signatures –– because\n' + 'it’s a governance / security issues.

\n' + '

How do you handle smart contract\n' + 'verification and security?

\n' + '

Code audits before\n' + 'deployment
Want to add a formal verification\n' + 'tool to our deployment tool.

\n' + '

By analyzing the code, you can find\n' + 'patterns.

\n' + '

I manually did an audit in v0 of\n' + '0x:

\n' + '

Make sure all functions have a\n' + '“Read -> Write -> External Call” pattern, so you don’t have\n' + 'any race conditions.

\n' + '

Other bounties?

\n' + '

Rest of the bounties from\n' + 'Remco
State-watching –– built-in\n' + 'diff’ing of state trees

\n' + '

Should be implemented in the\n' + 'Ethereum clients – Geth and Rust.
They want this feature for\n' + 'OrderWatcher.

\n' + '

EIP process is\n' + 'suboptimal:

\n' + '

Lacks in consensus-building.\n' + 'There’s vocal people who don’t have good ideas; there’s a lot of\n' + 'noise.
To improve: committee-based\n' + 'approach (reputable stakeholders from reputable projects who get\n' + 'together?).
Problems are getting solved at the\n' + 'wrong abstraction level.

\n' + '

E.g. NFT standards.

\n' + '

Neufund was largest Solidity\n' + 'project before –– tokenized equity.

\n' + '

You want a EuroToken. You don’t\n' + 'want your company valuated in Ether.
What if blockchain forks; which\n' + 'token is actually tied to the company?

\n' + '

Bounty approach gives many\n' + 'different styles within the codebase.

\n' + '

This is a problem; e.g. OpenSSL\n' + 'codebase after Masters / PhDs.

\n' + '

', }, { id: 4, name: 'Fernando Smith', content: '

\n' + '

\n' + '

\n' + '

Fernando Smith

\n' + '

\n' + '

What type of apps do you\n' + 'build?

\n' + '

0x - Decentralized exchange\n' + 'protocol. It is a set of smart contracts that handle standard\n' + 'transactions in an order format.

\n' + '

The key advantage here is that\n' + 'these smart contracts leads to shared liquidity

\n' + '

We also achieve increased security\n' + 'and network liquidity through our architecture.
We launched the network in August\n' + '2017.

\n' + '

It works, but is V1. We are working\n' + 'on V2 which helps people build hybrid stations, supports new token\n' + 'standards, and makes the contract more gas efficient.
V1 only allows humans to create\n' + 'orders; V2 will allow new smart contract to create orders. This is\n' + 'HUGE.

\n' + '

Notes:

\n' + '

We’re building the protocol;\n' + 'designing the standard; building dev tools for anyone to build a\n' + 'decentralized exchange.

\n' + '

Orders may become invalid for any\n' + 'reason:

\n' + '

Order being filled
Griefing attacks
We’ve now built an OrderWatcher\n' + 'that keeps relayers updated on the state of orders.

\n' + '

We’re using contract Events as a\n' + 'proxy for state changes.
Can do a diff between state trees\n' + 'and between block headers.

\n' + '

We also have a set of smart\n' + 'contracts to handle settlement;

\n' + '

Everyone who wants to trade is\n' + 'setting allowances on a smart contract.

\n' + '

We want upgradability.

\n' + '

What are the\n' + 'tools/libraries/frameworks you use?

\n' + '

EthereumJS / truffle hardwallet\n' + 'provider / Typedoc (to generate documentation) /
We don’t use Truffle\n' + 'anymore

\n' + '

Not reliable – can have race\n' + 'conditions;
Artifacts don’t allow you to have\n' + 'versions of the contract on different networks

\n' + '

You don’t run into this stuff if\n' + 'you’re just building a “hello world”

\n' + '

Overwriting parts of the\n' + 'contracts;

\n' + '

We rolled our own. It’s open-source\n' + 'but not documented. We have other things that are keeping us\n' + 'busy.
The problem is that Truffle has too\n' + 'much functionality –– we would like to see more of a Unix\n' + 'philosophy.
Cannot support different versions\n' + 'of Solidity.

\n' + '

Version management doesn’t\n' + 'exist.

\n' + '

EthPM –– doesn’t have versioning\n' + 'either? It’s going through a big refactor, so we held off. We need\n' + 'the NPM package manager.
We have built a lot of developer\n' + 'tools to interface with the smart contracts ourselves.
We have also built own deployer and\n' + 'migration tool, as truffle’s did not suit our needs.

\n' + '

What are your biggest\n' + 'frustrations?

\n' + '

Getting a simple experimental\n' + 'environment up is hard

\n' + '

Remix is there; but it’s not\n' + 'enough.

\n' + '

Tracing and profiling is not\n' + 'existent.

\n' + '

Remix does it, but can’t do it\n' + 'locally.
“Code coverage” tool exists but\n' + 'inserts console.logs in

\n' + '

Adding up gas costs per line of\n' + 'code.

\n' + '

Need to do profiling, because gas\n' + 'costs depend on inputs.

\n' + '

Solidity language\n' + 'itself:

\n' + '

Crashed the Solidity compiler twice\n' + 'today.

\n' + '

E.g. AbiEncoderV2 is pretty new and\n' + 'hard to understand/use.

\n' + '

The code that it produces is\n' + 'inefficient.
There is a stark stack limit in\n' + 'solidity

\n' + '

All the variables are locally\n' + 'scoped.
Un-intuitive as it is a curly\n' + 'braced language.
The lifecycle hook value_of is\n' + 'within a function.
Can only access top 16 slack slots.\n' + 'Including input and output.
We need to implement a graph\n' + 'coloring register allocator – to find out what the lifetime of the\n' + 'variables is.

\n' + '

“This stack slot was used in the\n' + 'first half –– the second half you can use”
Or implement register\n' + 'splitting.

\n' + '

Function inlining is frustrating\n' + 'sometimes:

\n' + '

E.g. SafeMath –– turns every\n' + 'operator into function call – which is a huge gas sink.

\n' + '

How Solidity optimizes could be\n' + 'improved:

\n' + '

It focuses on the code size (which\n' + 'makes sense since it’s minimizing the state tree); but sometimes\n' + 'you need to optimize size of tx gas (e.g. 0x needs optimized\n' + 'fillOrder call)

\n' + '

ABI doesn’t implement\n' + 'introspection

\n' + '

EIP 165

\n' + '

E.g. “does this contract implement\n' + 'ERC20, or ERC223?”

\n' + '

Solidity should have this\n' + 'in-built.

\n' + '

Should be built into the API spec\n' + 'and compiler.

\n' + '

Inheritance:

\n' + '

Interface or abstract contract –\n' + 'e.g. Solidity automatically creates getters for state functions ––\n' + 'collides with
Contract which implements an\n' + 'interface – public or external for abstract functions – they\n' + 'collide

\n' + '

ERCs – there is not a formal way to\n' + 'describe the interface for contracts.

\n' + '

Have a standard repo –– this will\n' + 'lead to a canonical ABI definition –– can have semantic rules\n' + 'around this. Could run some specific unit tests against

\n' + '

How do you handle\n' + 'testing?

\n' + '

Testrpc has gotten better\n' + '––

\n' + '

Increases the speed at which you\n' + 'can dev.

\n' + '

Blockstream is really cool. Written\n' + 'by Mica (from Augur?), under the EthereumJS lib.
Good dealing with block re-orgs and\n' + 'changes in state.
Continuous Integration:

\n' + '

Doesn’t really work for smart\n' + 'contracts.
We just use testrpc.
Neufund was different than\n' + '0x:

\n' + '

Neufund was a trustee for tokens ––\n' + 'it was centralized by definition.
This made it simpler: I could\n' + 'create “open-ended” contracts –– a switch statement, that the\n' + 'default would send to another proxy contract.
But wouldn’t be able to do this\n' + 'with 0x –– e.g. if we wanted to add Shnorr signatures –– because\n' + 'it’s a governance / security issues.

\n' + '

How do you handle smart contract\n' + 'verification and security?

\n' + '

Code audits before\n' + 'deployment
Want to add a formal verification\n' + 'tool to our deployment tool.

\n' + '

By analyzing the code, you can find\n' + 'patterns.

\n' + '

I manually did an audit in v0 of\n' + '0x:

\n' + '

Make sure all functions have a\n' + '“Read -> Write -> External Call” pattern, so you don’t have\n' + 'any race conditions.

\n' + '

Other bounties?

\n' + '

Rest of the bounties from\n' + 'Remco
State-watching –– built-in\n' + 'diff’ing of state trees

\n' + '

Should be implemented in the\n' + 'Ethereum clients – Geth and Rust.
They want this feature for\n' + 'OrderWatcher.

\n' + '

EIP process is\n' + 'suboptimal:

\n' + '

Lacks in consensus-building.\n' + 'There’s vocal people who don’t have good ideas; there’s a lot of\n' + 'noise.
To improve: committee-based\n' + 'approach (reputable stakeholders from reputable projects who get\n' + 'together?).
Problems are getting solved at the\n' + 'wrong abstraction level.

\n' + '

E.g. NFT standards.

\n' + '

Neufund was largest Solidity\n' + 'project before –– tokenized equity.

\n' + '

You want a EuroToken. You don’t\n' + 'want your company valuated in Ether.
What if blockchain forks; which\n' + 'token is actually tied to the company?

\n' + '

Bounty approach gives many\n' + 'different styles within the codebase.

\n' + '

This is a problem; e.g. OpenSSL\n' + 'codebase after Masters / PhDs.

\n' + '

', }, ]; export default data;