Awesome Solidity
Contributing
Contributors are our favourite people, but we also love you readers too, thank you!
Getting Started
- The Hitchhiker's Guide to Smart Contracts
- Solidity CRUD operations – part1, part2, part3
- Airdrops
-
Note of setting up testing environment – A note of how to set up testing environment and avoid annoying errors (on Windows10). Including a few regular tools: testrpc, truffle, mocha.js,truffle flattener, gas-reporter, coveralls, sol-function-profiler, Parity
-
Testing tool errors - A list of error messages when running testing tools, and the methods of how to deal with them. Update irregular. Contributions are welcome.
Concepts
- Blockchain Oracles, Explained
- ABI
- Keccak256
- A Closer Look At Ethereum Signatures
- Web 3.0 Explained
- Random numbers
- Velocity of Tokens
- HD Wallet explained
Tutorials
- Kauri – Super collection of up-to-date tutorials and tips on How to build on Ethereum
- CryptoZombies: Learn to Code Ethereum DApps By Building Your Own Game
- Ethernaut - Smart Contract Hacking Game
- Hack This Contract Game
- What's Solidity? – Youtube tutorials
- Building a fully decentralized User profile app on Ethereum and IPFS
- Ethereum and Solidity: The Complete Developer's Guide – Udemy course
- Become a Blockchain Developer with Ethereum and Solidity – Udemy course
- Creating your own DAO based on Aragon framework
- Test Driven Development for Solidity
Short answers to some questions
Typical Business logic
- Tokens
- Wallets
- Crowd sale
- Distribution/Exchange
- Vesting/Locking
News
Blogs
- ConsenSys
- Sarah Baker Mills – Design director @Consensys
- David Rugendyke – Rocket Pool developer
- Alex Sherbuck – market news and hacks observation
- Matthew Di Ferrante – Founder @ ZK Labs
- Philippe Castonguay
- Elena Dimitrova – Dev at colony.io
- Aragon techblog
- Eric Elliot's blog about blockchain
Vulnerabilities
-
Consensys: known attacks (updates are irregular)
-
Known hacks
- Integer Overflow (i.e., proxyOverflow Bug) – Found in Multiple ERC20 Smart Contracts
- The DAO Hack
- Parity Wallet Hack
- Parity Wallet Hack II
- How $800K Evaporated from PoWH Ponzi
Best practices
Security
Gas spending
- How to write an optimized (gas-cost) smart contract?
- Gas Costs from Yellow paper
- Under-Optimized Smart Contracts Devour Your Money (.pdf)
- public vs external – latter is twice cheaper (496 vs 261)
Common design principles
- Off-Chain Whitelist with On-Chain Verification for Ethereum Smart Contracts
- Library Driven Development in Solidity, and SOLDOC#Libraries
- Reversing Ethereum Smart Contracts – smart contract reverse engineering
- A Crash Course for Mechanism Design
ERCs
- ERC-20 - original token contract for fungible assets [ The Anatomy of ERC20 / Example ]
- ERC-165 - creates a standard method to publish and detect what interfaces a smart contract implements
- ERC-173 - a standard interface for ownership of contracts
- ERC-223 – contracts with safety methods that allow return tokens sent accidentally to the contract address
- ERC-721 - token standard for non-fungible assets [ Walking Through the ERC721 Full Implementation ]
- ERC-725 - proxy contract for key management and execution, to establish a Blockchain identity
- ERC-827 – transfers/approvals with calls
- ERC-875 - for non fungible tokens and simple atomic swaps
- ERC-918 - mineable Token Standard
- ERC Token Standards for Dummies, Like Me – ERC20, ERC223, ERC827, ERC721 short review with major points and concerns
EIPs
- Ethereum Natural Specification Format
- EIP821 – EIP (not ERC) 821. Contracts for Non Fungible Tokens (NFTs)
- A New Advanced Token Standard – Contract defines operators to send tokens on behalf of another address – contract or regular account
Other
- Style Guide – Follow the style guide to make solidity codes layout look pretty
- Upgradable contracts
Libraries
Standard contracts
- OpenZeppelin Contracts – A framework to build secure smart contracts on Ethereum
- OpenZeppelin Base Tokens – Collection of basic token skeletons to extend
- MiniMe Token – The MiniMeToken contract is a standard ERC20 token with extra functionality
- aragonOS – A smart contract framework for building DAOs, Dapps and protocols
- Gnosis MultiSig – Popular multisig deployed by the likes of District0x, Golem, andon, Bancor, and more
- Status.im Crowdsale – Crowdsale contracts from Status
- cryptofin-solidity - A collection of Solidity libraries for building secure and gas-efficient smart contracts on Ethereum.
- Modular Libraries - A group of packages built for use on blockchains utilising the Ethereum Virtual Machine
- DateTime Library - A gas-efficient Solidity date and time library
- Aragon - DAO protocol. Contains aragonOS smart contract framework with focus on upgradeability and governance
- 0x - DEX protocol
- Token Libraries with Proofs - Contains correctness proofs of token contracts wrt. given specifications and high-level properties
Utils
- SafeMath – Safely perform mathematical operations
- Solidity String Utils (use with care)
- Easily Send Many Tokens to Many Addresses
- BytesHelper - library to deal with bytes32
Code and patterns examples
- Bitwise Operations and Bit Manipulation in Solidity, Ethereum
- Upgradable contracts – example
- Solidity Security Exploits: Re-Entrancy, Denial of Service - Gas, Denial of Service - Revert, Force Ether - selfdestruct, Storage Allocation Exploit, Underflow / Overflow, Re-Entrancy Honey Pot, Function Call Honey PotExplanations here
- Not so smart contracts – Another examples of known vulnerabilities
- Changing contract storage from inside of the Library
- Emitting events from the Library
- Chai.js, BDD approach in testing
- Memory vs Storage & How to initialize an array inside a struct
- Multisig contracts – Simpler Ethereum Multisig Contracts
- Self-balancing binary search trees - BST adapted for Solidity and EVM
Tools
Check ConsenSys' Tools List - A great list of frameworks, patterns, and tools from ConsenSys
Testing tools
- Truffle – Truffle is a development environment, testing framework and asset pipeline for Ethereum, aiming to make life as an Ethereum developer easier.
- TestRPC – Fast Ethereum RPC client for testing and development.
- Solhint – Solidity linter that provides security, style guide and best practice rules for smart contract validation.
- Solidity Function Profiler - Analysis report of function signatures, visibility, return values, and modifiers.
Development tools
- pocketh – Toolset, provides a series of cli commands that allow you to quickly operate on a contract
- solc-select – A script to switch between solidity versions, including solc 0.4.x for MacOS
- Web3.js – Ethereum JavaScript API
- ethers.js – Ethereum wallet implementation and utilities in JavaScript (and TypeScript)
- Docker images / Audit repo - Solidity testing environment from us (Blockchain Labs, NZ)
- eth-cli – A collection of CLI tools to help with ethereum learning and development
- 11 Best Ethereum Development Tools
- Solidity Doc generator – from Matt Lough
- Solidity syntax highlighting on Github – howto
Test Ether faucets
Storage
- IPFS - Decentralised storage and file referencing
- IPFS-Store - IPFS Storage service with added search capability
- OrbitDB - Decentralised database on top of IPFS
- JS IPFS API - A client library for the IPFS HTTP API, implemented in JavaScript.
- TEMPORAL - Easy to use API into IPFS and other distributed/decentralised storage protocols
- Infura API - Another API to IPFS
- Swarm - Distributed storage platform and content distribution service, a native base layer service of the Ethereum web3 stack
- Filecoin – "DECENTRALIZED MARKET FOR STORAGE". Blockchain on top of IPFS
Online services
Dapps development
Helpful information about Dapps.
- Web3 Design principles – Dapps development
- Blockchain Design Principles
- How to create a DApp using Truffle, Oraclize, ethereum-bridge and Webpack
- Create Blockchain Dapp with Ethereum and VueJS
Design
Private networks
- Local Raiden - Run a local Raiden network in docker containers for demo and testing purposes
- Private networks deployment scripts - Out-of-the-box deployment scripts for private PoA networks
- Parity Demo-PoA Tutorial - Step-by-Step tutorial for building a PoA test chain with 2 nodes with Parity authority round consensus
- Local Ethereum Network - Out-of-the-box deployment scripts for private PoW networks
- Kaleido - Use Kaleido for spinning up a consortium blockchain network. Great for PoCs and testing
React / Redux
- React boilerplate
- React Truffle Box
- Drizzle - Redux library to connect a frontend to a blockchain
- Vortex - A Dapp-ready Redux Store. Smart and Dynamic background data refresh thanks to WebSockets. Works with Truffle and Embark.
APIs / subproviders
Javascript
- Web3.js - Javascript Web3
- Eth.js - Javascript Web3 alternative
- Ethers.js - Javascript Web3 alternative, useful utilities and wallet features
- Web3Wrapper - Typescript Web3 alternative
- Ethereumjs - A collection of utility functions for Ethereum like ethereumjs-util and ethereumjs-tx
- Subproviders - Several useful subproviders to use in conjunction with Web3-provider-engine (including a LedgerSubprovider for adding Ledger hardware wallet support to your dApp)
- web3-webpacked - JS framework to manage web3 injection
Other languages
- elm-ethereum
- purescript-web3
- Web3.py - Python Web3
- Web3.php - PHP Web3
- Ethereum-php - PHP Web3
- Web3j - Java Web3
- web3swift - Swift Web3
- Nethereum - .Net Web3
- Ethereum.rb - Ruby Web3
- Web3.hs - Haskell Web3
- KEthereum - Kotlin Web3
- Pyethereum - The Python core library of the Ethereum project
- Eventeum - A bridge between Ethereum smart contract events and backend microservices, written in Java by Kauri
- Ethereumex - Elixir JSON-RPC client for the Ethereum blockchain
- EthContract - A set of helper methods to help query ETH smart contracts in Elixir