Developer Mindset - Reading Assignment

Actually private function can’t be called you are right, but you can see private variable
Have a look at this challenge it’s interesting
https://ethernaut.openzeppelin.com/level/0x76b9fade124191ff5642ba1731a8279b30ebe644

strong text****Why does smart contract development require a different mindset than regular programming?
Because the cost of failure can be high, and change can be difficult. Therefore, the developer must learn a new way of development.
Argue with your own words why clarity in your code is more important than performance.
Code that is complex increases errors. Clarity in code comes when logic is simple, functions small and compartmentalized. Therefore, clarity is recommended than performance.
As the article says, all data and functions are public in a smart contract.

What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
Private data in smart contracts are viewable and could be considered malicious.

Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

Simplicity is a smart tradeoff to complexity. Coding is simplistic by being upgradeable, reused and self-contained.

1. Why does smart contract development require a different mindset than regular programming?

The cost of failure can be high, and change can be difficult.

2. Argue with your own words why clarity in your code is more important than performance.

If the code is too complex it will take more time fix an issue and/or can increase the likelihood for other potential issues.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

The private data in smart contracts is also viewable by anyone. The public functions are public, and may be called maliciously.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

There are important exceptions where security and software engineering best practices may not be aligned. In each case, the proper balance is obtained by identifying the optimal mix of properties (Rigid versus Upgradeable, Monolithic versus Modular, Duplication versus Reuse).

I don’t think so. Regular programming basically requires the same mindset.

You always have to evaluate what risks there are when your software fails and how you can mitigate problems. You can’t base the standards on “hobby”-programmers and argue that regular programming is to write crappy software. Unfortunatelly we only have a only a small fraction of good developers in the world, meaning that about 90% (don’t nail me on this figure) are programmers that can write an initial solution but are not able to refactor even their own code.

Programming is not about taking some courses and you are done. It means that you need a lot of practice and experience to become a professional programmer.

If you say that everybody can programm is like saying everybody can become a surgeon.
Sure everybody can (theoretically) but you need to teach them and they need to practice.

In programming, most of the time is not about writing code, it’s about reading and understanding code.
The highest costs in software development are caused by unreadable code not by bad performance.

The biggest false belief could be to think that anything that is declared “private” is somehow hidden and can only be read by the creator. Everything your smart contract does is exposed to the public.

Another point that is also crucial is that the whole processing of the data is public, meaning that you can’t even process sensitive data in a contract without exposing it to the public.

This is very philosophical question.
Basically i think this is because of human experience. Everything has a tradeoff.
There is no single solution to a problem. There are always multiple solutions with different trade-offs.

Every coin has two sides. Even a bitcoin.

Great answers @matren

I totally agree with your point

Why does smart contract development require a different mindset than regular programming?

Extra effort should be put into designing and testing smart contracts due to the fact that they have cost built in to the execution of code and are not be updated as frequently as other programs.

Argue with your own words why clarity in your code is more important than performance.

Clean well structured code will likely have less bugs in than code that is optimised for speed which can more complex to read and may also have duplicated code.

As the article says, all data and functions are public in a smart contract.
What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

Everything on a public blockchain can be viewed including private variables and functions. Just because a variable has private visibility to other contracts does not mean it cannot be viewed from the outside.

Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

Things that are important considerations for smart contracts
e.g Clean code, Code reuse with modules.

Are not compatible with increased security

A monolithic block of code will often be more secure due to that fact that there are not multiple files to consider.
Also in cases where existing contracts cannot be used libraries can be used.

Why does smart contract development require a different mindset than regular programming?
Because the lockchain programs are very new and highly experimental, they are constantly changing. And not having the right mindset can come at a high cost.

Discuss in your own words why clarity in your code is more important than performance.
If another programmer wants to contribute or continue programming the smartcontract, its clarity will help as a guide. The most difficult thing is not to create the code is to understand the code that is already created.

As the article says, all data and functions are public in a smart contract. What false beliefs could someone have about private data and private functions in a smart contract that could have dangerous consequences?
You may mistakenly believe that by declaring functions private or private data you will already be protected. The detail is to remember that everything in the blockchain is publicly accessible and that includes the code of the smartcontract, as well as the information that it handles. Therefore the importance of which information will go to the chain and which to a company server.

Why do you think all the fundamental principles mentioned in the article boil down to tradeoffs?
Because I must have a balance when programming smartconracts, like when you balance on a skateboard if you decide on one side more than the other you can fall. In the case of smartcontracts it can cost money or upgradeability.

1 - Why does smart contract development require a different mindset than regular programming?

Smart contract development programs are new and highly experimental, thus constant changes in the security landscape will arrive, as new bugs and security risks are discovered.
New best practices are constantly being developed, so continuous vigilance by developers is of utmost importance.
The cost of failure can be high, and change can be difficult, making it in some ways more similar to hardware programming or financial services programming than web or mobile development.
It is therefore not enough to defend against known vulnerabilities. Instead, you will need to learn a new philosophy of development:
- Prepare for failure
- Rollout carefully
- Keep contracts simple
- Stay up to date
- Be aware of blockchain properties
- Fundamental Tradeoffs: Simplicity versus Complexity cases
- Rigid versus Upgradeable
- Monolithic versus Modular
- Duplication versus Reuse

2 - Argue with your own words why clarity in your code is more important than performance.

Simple, modular code is easy to diagnose. Using already tried and tested libraries does not deviate from simplicity and assists to make the code more rock solid.

3 - As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

Public functions are public, and may be called maliciously and in any order. The private data in smart contracts is also viewable to all.

4 - Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

Smart contract are a balance between security, structure and performance. One is not necessarily more important than the other. Although, security seems to have a slight edge.

1. Why does smart contract development require a different mindset than regular programming?
The landscape is brand new and thus things are changing very rapidly. The cost of failure is much higher than in other development environments. Smart contract code is immutable and thus upgradability is much more difficult and needs to be handled differently.

2. Argue with your own words why clarity in your code is more important than performance.
Given the high levels of risk and potential damage when introducing bugs in smart contracts, readability & clarity should be prioritized over performance to help minimize the probability of introducing bugs.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
One might believe that just because data and their accessor functions are private, the data itself cannot be viewed by humans or programs.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
In software, just as in life, there are always tradeoffs. Improved gas efficiency might require more complex code which is more prone to attack vectors. It is particularly important to index in favor of security and resilience when working with smart contracts.

1. Why does smart contract development require a different mindset than regular programming?
   The cost of failure can be high, and change can be difficult, making it in some ways more similar to hardware programming or financial services programming than web or mobile development, so it requires a different mindset.

2. Argue with your own words why clarity in your code is more important than performance.
   Make your code simple and clear, without too much complexity to avoid the attacks and bug, is much more important than complex code for better performance since it involves money.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   The private data in smart contracts is also viewable by anyone.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   an ideal smart contract system requires the balance of security and performance, the proper balance is obtained by identifying the optimal mix of properties along contract system dimensions such as:

• Rigid versus Upgradeable
• Monolithic versus Modular
• Duplication versus Reuse

1. Why does smart contract development require a different mindset than regular programming?
   The impact of a bug can be far worse and more devastating.

2. Argue with your own words why clarity in your code is more important than performance.
   The absence of complexity makes error checking and identifying far easier, and future code changes easier.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   That the code can still be viewed, but private has to do with scope of permissions for execution.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Security is always a tradeoff with convenience, one should maintain the mindset of the developer.

1. Smart contract development requires a different mindset because it is new and highly experimental - the cost of failure can be high and change can be difficult

2. With a potential high cost to failure, an essential mindset is to keep code as clean and simple as possible in order to reduce complexity and hence reduce potential bugs and improve security. A mindset geared towards performance may require complexity to achieve greater performance, and hence with more complexity there arises more potential bugs and security risks.

3. People may believe private data and functions are not visible as per traditional code, and therefore may store sensitive data as private or code sensitive business logic in a private function. However the data and the smart contract code is fully visible to anyone on the blockchain

4. Standard software development methodologies will emphasise upgradeability, modularity, and code reuse. However the emphasis for smart contract development is simplicity to reduce bugs and costs and hence improve security - this emphasis may lean more towards rigid, monolithic, and duplicated code. Therefore proven standard sofware development methodologies are in a tradeoff with the requirements to build simple and secure smart contracts

1. Why does smart contract development require a different mindset than regular programming?
   They’re new and highly experimental. They also have high cost of failure and hard to fix.

2. Argue with your own words why clarity in your code is more important than performance.
   You need to keep things clear and simple to be able to quickly find and fix problems.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   They may be unaware of the vulnerability they face against bad actors. People are able to exploit bugs faster due to the transparency in code.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Due to the blockchain being decentralized and running on ‘code is law’, much of the security depends on the nature of the blockchain as opposed to the programmer. This means that the programmer has to sacrifice some functionalities or features in order to increase security.

1.Because the smart contracts handle money and we have to be careful not to expose users to errors and bugs.The failure of our smart contract could cost us a lot.
2.Code should be make simple and clear to reduce a potential of bugs and errors.
“Everything should be made as simple as possible,but not simpler”-Albert Einstein.
3.We should put out in blockchain only the data that is necessary and should keep the sensitive data as private.
4.The general recommendation for any smart contract system is to identify the proper balance for these fundamental tradeoffs.

• Rigid versus Upgradeable
• Monolithic versus Modular
• Duplication versus Reuse

1. Why does smart contract development require a different mindset than regular programming?
   Because contracts are exposed to new kinds of risk and environment. For example, contracts are public and can be called or reviewed by anyone.

2. Argue with your own words why clarity in your code is more important than performance.
   Clarity is more important because above all we need to ensure the contract have as few errors as possible. Having simple and clear code helps us review the quality.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   People may think that private data stored in their smart contract is not accessible to the public which can lead them to put confidential data into the blockchain which can be viewed by the public.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Because of the need for simplicity and security often require doing things in less efficient ways.

1. Why does smart contract development require a different mindset than regular programming?
Because the stakes are higher when programming a smart contract, you need to have in mind the facts that you program money, that your deployed SC is hard to change and the ecosystem is new and is constantly upgraded.

2. Argue with your own words why clarity in your code is more important than performance.
Clarity comes with its perks, in a clearer code it is easier to find bugs, it is easier to test and usually the complexity of the code increases the likelihood of errors.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
Someone might believe that the private data and private functions are not visible to anyone, this is a false assertion because although the private data and functions are not visible or usable in the interface, they are a part of the open-source code which is visible to anyone and a potential malicious user can try and use your mistake in it’s advantage.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs
Because you have to find the sweet balance by identifying the optimal usage of properties

Q). Why does smart contract development require a different mindset than regular programming?
a). It can potentially include a lot of money and other high value assets.
Q). Argue with your own words why clarity in your code is more important than performance. kEEP IT SIMPLE STUPID (KISS). WILL SAVE A LOT OF TIME AND by keeping it simple we also get clean code as a bonus with better performance.
Q). As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences? private functions are viewable by anyone in the contract. ( not as privateas you might think).
Q). Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
A). you can’t have everything in a contract. In my opinion, THEREFORE APPLY KISS METHOD AS MUCH AS POSSIBLE KISS= ( KEEP IT SIMPLE STUPID).

1. Because smart contracts manage money, therefore, there is a lot of risks involved when the code in a smart contract is vulnerable to attacks and hacking. Secondly, smart contracts are deployed on the blockchain making updates and bug fixes more difficult than normal programming.

2. Clarity makes the code easier to understand, thereby, making it easier to find bugs in the code. It helps other people to audit your code and find bugs as well.

3. Someone might think that functions that for example transfer money can not be excessed by other people.

4. Because blockchain code is immutable. This requires to make decisions based on fundamental principles like performance vs security. All code is opensource making it visible for everybody, mistakes will be seen and exploited.

1. its programming money, the cost of failure is way higher
2. when code is immutable its crucial to be able to easily read and understand whats going on with it to catch potential bugs before they occur, even if it costs a little bit of performance, the benefit is way greater.
3. private data can be viewed by anyone.
4. everything in life is a trade off, here we simply have to decide our security to convenience ratio

1. How does the writer argue that banks protect traditional software from serious hacks?
   Expire the credit card, empty the bank account or even retrace and cancel the transaction.
2. The writer is somewhat against upgradeable contracts, what arguments does he make?
   upgrade will lead to more problems.
3. What comparison does the writer make between smart contracts and Lord of the Rings?
   Their is only one way to approach the final destination in “The Lord of the Ring” and the way is narrow and hard to go through.
   A simple and straight-forward contract with less lines of code will be more safe because there will be less bugs.