Published: 2018-05-08

以太坊(ethereum) Q&A

对于不熟悉的事务提问题是了解它最快最有效的方式。 这是一篇记录以太坊 相关内容的Q&A,基于我对相关技术的疑问和解惑。 本文还只是草稿和零碎的记录,会不断补充完善。

Table of Contents

1 以太坊是什么

以太坊是一个去中心化的平台,在上面可以运行应用程序而不会出现宕机、审查、欺骗和第三方的干扰。 这样的程序又称为“智能合约”。

Ethereum is a decentralized platform that runs smart contracts, applications that run exactly as programmed without possibility of downtime, censorship, fraud or third party interference.

2 geth是什么

geth 是以太坊协议的官方Go语言实现版本。

3 geth如何交互

使用 geth 命令启动时,可以加上许多命令行参数来以不同方式运行。参数wiki

采用 json-rpc 方式,文档

geth 启动后,亦可以通过 javascript console 来和 geth 交互。

4 常用javascript console命令

  • web3.eth.coinbase 查看coinbase
  • web3.eth.accounts 查看本节点所有账户
  • web3.eth.getBalance 查看某账户余额
  • web3.fromWei 余额单位转换:wei->ether
  • web3.eth.blockNumber 查看当前区块数
  • web3.eth.mining 查看是否在挖矿
  • miner.start(2) 启动两个线程开始挖矿
  • miner.setEtherbase 设置挖矿的奖励给某个账户
  • web3.eth.pendingTransactions 查看当前未写到区块的交易情况
  • admin.nodeInfo.enode 查看node信息
  • admin.peers 查看配对的peer
  • personal.unlockAccount(someaddress, 'type your password') 解锁账户
  • eth.sendTransaction({from: someaddress, to: anotheraddress, value: web3.toWei(2, "ether")}) 发起交易

5 truffle 常用命令

  • truffle init
  • truffle compile
  • truffle migrate –reset
  • truffle console [SmartToken.address ; JSON.stringify(SmartToken.abi)]

6 如何初始化区块链,并且新建有资金的账号

geth --datadir=./data account new

geth --datadir=./data init genesis.json

geth --datadir=./data --networkid 10092

geth attach data/geth.ipc  # 连接console

7 如何发起一个交易

personal.unlockAccount(some_address, account_password, 0)

var tx = {from: some_address, to: target_address, value: web3.toWei(how_much, "ether")}

personal.sendTransaction(tx, account_password)

8 为什么私有区块链旷工一直在挖空交易的区块

9 如何修改以太坊私有链的miner奖励发放金额

10 solidity里什么是 events

11 什么是智能合约的ABI(Application Binary Interface)

ABI是与合约交互的接口。当和调用合约时,需要知道合约地址和合约ABI

12 mist启动时寻找自定义ipc

默认IPC地址是: /Users/me/Library/Ethereum/geth.ipc

从非默认位置寻找ipc: /Applications/Mist.app/Contents/MacOS/Mist –rpc path/to/ipc

13 remix ide如何连到local geth

14 what is erc20 tokens

ERC20 defines a set of rules which need to be met in order for a token to be accepted and called an 'ERC20 Token'. The standard rules apply to all ERC20 Tokens since these rules are required to interact with each other on the Ethereum network. These tokens are blockchain assets that can have value and can be sent and received, like Bitcoin, Litecoin, Ethereum, or any other cryptocurrency.

15 solidity里关键字 payable 作用是什么

16 以太坊里挖矿的难度是怎么计算的

17 geth new account时填的passphrase是什么,什么是keystore

创建示例

➜  ~ geth account new
INFO [07-30|17:01:21] Maximum peer count                       ETH=25 LES=0 total=25
Your new account is locked with a password. Please give a password. Do not forget this password.
Passphrase:
Repeat passphrase:
Address: {496b86eb87dd71f7f927b18bc86d4a5eaedbf1c6}

简而言之, keystore文件是存储在本地的私钥加密后的文件,想要使用私钥,必须提供创建账户时输入的passphrase。

具体keystore文件各部分作用参见: https://medium.com/@julien.maffre/what-is-an-ethereum-keystore-file-86c8c5917b97

18 truffle migrate做了哪些事,是怎么管理升级的

简言之是通过Migrations.sol合约管理migrations/下面的升级脚本的执行

合约主要方法

// 记录当前执行到的脚本
function setCompleted(uint completed) public restricted {
    last_completed_migration = completed;
}

// 更新migrations.sol脚本自身
function upgrade(address new_address) public restricted {
    Migrations upgraded = Migrations(new_address);
    upgraded.setCompleted(last_completed_migration);
}

详细参见https://medium.com/@blockchain101/demystifying-truffle-migrate-21afbcdf3264

19 truffle开发中如何获得合约abi

请看demo code

const fs = require('fs');
const contract = JSON.parse(fs.readFileSync('./build/contracts/Bookshop.json', 'utf8'));
var abi = JSON.parse(fs.readFileSync('./build/contracts/Bookshop.json', 'utf8')).abi;

20 truffle console中怎么调用合约

// Bookshop为合约
var address = 'some-address'
var i = Bookshop.at(address)

// 设置两个账户
var account1 = web3.eth.accounts[0]
var account2 = web3.eth.accounts[1]

// 以account2身份调用合约的bookRegister方法
// 注意到结果是个promise, 调用其.then方法获得结果
i.bookRegister("some-params", {from:account2}).then(function (r) {console.log(r.toNumber())})


// 查看合约版本
Migrations.deployed().then( function(ins) {ins.last_completed_migration.call().then(function(v) {console.log(v)} )} )

=> { [String: '2'] s: 1, e: 0, c: [ 2 ] }

21 How to access contract storage

22 Contract account 和 external account 差异

there are some differences between these two kinds of accounts. For instance, the code and storage of external accounts are empty, while contract accounts store their bytecode and the merkle root hash of the entire state tree. Moreover, while external addresses have a corresponding private key, contract accounts don’

23 合约的创建也是一个tracnsaction

The creation of a contract is simply a transaction in which the receiver address is empty and its data field contains the compiled bytecode of the contract to be created (this makes sense — contracts can create contracts too).

24 Storage, Memory and the Stack 差异

25 message calls and transaction 差异

Contracts can call other contracts or send Ether to non-contract accounts by the means of message calls. Message calls are similar to transactions, in that they have a source, a target, data payload, Ether, gas and return data. In fact, every transaction consists of a top-level message call which in turn can create further message calls.

26 Difference between CALL, CALLCODE and DELEGATECALL

27 logs和events可以做什么

https://media.consensys.net/technical-introduction-to-events-and-logs-in-ethereum-a074d65dd61e Three use cases have been presented for events. First, using an event to simply get a return value from a contract function invoked with sendTransaction(). Second, using an event as an asynchronous trigger with data, that can notify an observer such as a UI. Third, using an event to write logs in the blockchain as a cheaper form of storage.

28 清楚gas的花费和区块的gas limit

29 assert和require

在Solidity 0.4.10 中assert()和require()被加入。require(condition)被用来验证用户的输入,如果条件不满足便会抛出异常,应当使用它验证所有用户的输入。 assert(condition) 在条件不满足也会抛出异常,但是最好只用于固定变量:内部错误或你的智能合约陷入无效的状态。

30 Abstract合约和Interfaces

31 常见攻击

重入

跨函数竞态

交易顺序依赖(TOD) / 前面的先运行

时间戳依赖

整数上溢和下溢

通过(Unexpected) Throw发动DoS

32 如何处理合约升级

使用注册合约存储合约的最新版本

使用DELEGATECALL 转发数据和调用

33 合约有问题的控制手段

断路器(暂停合约功能)

速度碰撞(延迟合约动作)

速率限制

34 优化代码 减少gas消耗

35 相关连接

35.1 创世纪区块 genesis.json 文件含义

35.2 go-ethereum 官方docker镜像

35.3 一个有用的docker镜像编排

35.8 web3 javascript api 1.0

35.12 erc20 list

https://eidoo.io/erc20-tokens-list/

Author: Nisen

Email: imnisen@163.com

Emacs 25.2.1 (Org mode 8.2.10)