Get an NFT at All Things Open 2022

You can get a free commemorative NFT if you met me at All Things Open Conference in Raleigh, NC.

  • Enter your Ethereum address (or ENS/Email)
Mint POAP NFT
  • Check [Free minting on Gnosis] for free minting of NFT on xDAI chain
    • If you uncheck this box you can migrate to Ethereum mainnet now but you will have to pay for that transaction. You can also migrate to mainnet later if you wish.
  • Click on Mint POAP button

Your NFT will be confirmed after the minting is complete.

POAP NFT Confirmation

POAPs are Non Fungible Tokens (NFT) issued on the blockchain. Learn more of POAPs here : https://poap.xyz/

Security Analysis of Etheruem Smart Contracts with Mythril

Mythril is an open-source security analysis tool for EVM bytecode, courtesy of ConsenSys. It is also a component of their Security Analysis Service – Mythx. Mythril detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.

Vulnerabilities found by Mythril are reported with reference to the weaknesses listed on the Smart Contract Weakness Classification Registry (SWC Registry). I will use two entries from SWC Registry for the examples in this article:

  • SWC-106 – Due to missing or insufficient access controls, malicious parties can self-destruct the contract.
  • SWC-107 – One of the major dangers of calling external contracts is that they can take over the control flow. In the reentrancy attack (a.k.a. recursive call attack), a malicious contract calls back into the calling contract before the first invocation of the function is finished.

Install Mythril on Windows

> docker import mythril/myth

https://mythril-classic.readthedocs.io/en/master/installation.html

Get test files from github

Source code for these tests is on github : mythril-tests. Clone the repo locally and adjust the paths in the commands below to match your local environment.

Analyze a local smart contract

Analysis of SelfDestructMultiTxFeasible.sol

> docker run -v E:\share\:/data mythril/myth -v4 analyze /data/mythx-tests\05222022-25/SelfDestructMultiTxFeasible.sol

Mythril reports an instance of SWC-106 vulnerability:


Analysis of SimpleDAO.sol

> docker run -v E:\share\:/data mythril/myth -v4 analyze /data/mythx-tests\05222022-25/SimpleDAO.sol

Mythril reports three instances of SWC-107 and one instance of SWC-105:

Analysis of a flatenned contract file

File containing the two test contracts returns five instances of vulnerabilities of both contracts:

> docker run -v E:\share\:/data mythril/myth -v4 analyze /data/mythx-tests\05222022-25/flatenned-01.sol

Analyze a contract with imported contract

Most smart contracts import other contracts to reuse functionality. You do not have to flatten the contracts into one file. Mythril can work with contracts with imports specified in them : SimpleDAOWithImport.sol

> docker run -v E:\share\:/data mythril/myth -v4 analyze /data/mythx-tests\05222022-26/SimpleDAOWithImport.sol

Analyze a contract with @OpenZeppelin style import

Mythril relies on solc for compiling contract source code. For @OpenZeppelin style imports, you have to specify –solc-json file containing remapping for solc to locate the referenced files : SimpleDAOWith-OzImport.sol

> docker run -v E:\share\:/data mythril/myth -v4 analyze /data/mythx-tests\05222022-26/SimpleDAOWith-OzImport.sol –solc-json=/data/solc-args.json

Analyzing On-Chain Contracts

Mythril can analyze contracts deployed on the blockchain directly. You do not need source code of the contract. Support for infura is built-in, you can also use custom RPC endpoint. Replace INFURA_ID with your Infura project id and CONTACT_ADDRESS with the address of your contract on the blockchain :

> docker run mythril/myth -v4 analyze –rpc infura-rinkeby –infura-id INFURA_ID -a CONTACT_ADDRESS

KHEL Coin on Ethereum

KhelCoin (KHEL) is an ERC-20 token available on Ethereum blockchain. It is a Smart Contract created with Solidity, OpenZeppelin, Truffle, Ganache, Remix, web3.js and VSCode. It is currently available on Rinkeby test network. It will be launched on the Mainnet in the near future.

You can get KHEL coins from this website – KHEL Coin ICO

%KhelCoin 
The Game Coin 
Metamask is needed to view your balance or buy KHEL Coins 
Click here to download Metamask 
METAMASK

Head over to the ICO website. You will be prompted to install Metamask and connect to your account on Rinkeby testnet. Click on “Buy KHEL Coins” button to get your own coins!

Source code is on github – https://github.com/ashtewari/khelcoin

Puzzle Icon Credit: https://www.flaticon.com/free-icons/puzzle

Getting started with Blockchain

Washington DC – May 2019

In this session, we will introduce you to the world of Blockchain technology. We will start with the fundamentals and explain the characteristics and use cases of Blockchains and Decentralized applications. We will explain public Blockchains as well as permissioned Blockchains – with examples from Ethereum and Hyperledger. You will learn how to create a private blockchain to get started. You will learn about Ethereum and how to program Smart Contracts for Ethereum Blockchain. We will also share best practices for secure and effective Smart Contracts development.

Image Credit: DavidstankiewiczBlockchain Illustration 2CC BY-SA 4.0

TRINUG – Programming Smart Contracts on Ethereum Blockchain

TRINUG – Main Meeting : Programming Smart Contracts on Ethereum Blockchain – August 2018

In this session, Ash will introduce you to the world of Blockchain programming. You will learn about Ethereum and how to program Smart Contracts for Ethereum Blockchain. You will learn how to deploy and test your Contracts on a public Ethereum Testnet. Ash will share best practices for Smart Contract development. You will be able to participate in a hands-on walk-through in the latter half of the session.

ppt-20180808

Charlotte IOT – Programming Smart Contracts on Ethereum Blockchain

Charlotte IOT – July 2018

You will not want to miss this chance to learn about Blockchain, a technology enabling an entire IoT ecosystem! It has a distributed database for all the transactions, which eliminates the need for the third party to authenticate the transactions. The database ledger is a continuously growing list of records, called blocks, which are linked and secured using cryptography.
Charlotte IoT wants to thank Ash Tewari for traveling from Raleigh to share his extensive knowledge and experience around Blockchain. In this session, Ash will introduce you to the world of Blockchain programming. You will learn about Ethereum and how to program Smart Contracts on Ethereum Blockchain. You will learn how to deploy and test your code on a public Ethereum Testnet. Ash will complete the session with sharing some best practices for Smart Contract development. You will be able to participate in a hands-on walkthrough in the latter half of the session.

ppt-20180710