Developer Mindset - Reading Assignment

1. Because rules are way different, therefore programmers need to operate differently.

2. Because then its easier to notice any errors and potential improvements, we need to keep the code and logic simple.

3. Private functions can still be called.

4. Its an inverse proportionality between flexibility and security.

1. Because of the value handled by smart contracts. While non-blockchain programming rarely leads to loss of funds, the very definition of token contracts is about storing and handling assets. As such smart contracts become a magnet for hackers to attack and any bugs that might make the code fail in unexpected ways can result in a loss of funds with dire consequences for its users. Hence the security mind-set is much different from non-blockchain contracts and a disciplined and controlled approach to security in smart contracts is of paramount importance.
2. Clarity of code is a best practice in solidity as it shows that the developer has taken the time to layout the programming logic clearly and make it a simple as possible to avoid complexity. Complex code is much more error-prone than simple contracts. As such clarity is more important than performance because it is easier to read and spot potential bugs. In a world where assets are exposed to risk of being lost, performance is less important than safety through simplicity.
3. A common pitfall of understanding smart contracts is that the visibility denominator “private” actually means removed from the sight of prying eyes. But this is not true as it doesn’t mean that the function can not be viewed but that the function can only be called from within the contract. As such, and due to the publicly accessible nature of information on a public Blockchain like Ethereum, programmers need to be aware that even a private function or state variable, while not executable by anyone, is still accessible for viewing (understanding the underlying logic). -> “Everything you use in a smart contract is publicly visible, even local variables and state variables marked private.”
4. Immutable code of public blockchains needs to strike a balance between opposing qualities of what can be achieved with code as it can’t be achieved simultaneously. Depending on each use case, carefully balancing these opposing qualities is a tricky task and requires deep insight how trade-offs affect the final goal of code functionality.

1. Because we are “prgramming money”. Errors cannot be rolled back. We have to pay special care, because bugs or exploits can lead to loss of funds. Also a Dapp is not something that we role out following “agile methodologies” and update frequently based on user input (updates are hard, the blockchain is immutable). Dapps are deployed once, and they can for example manage money independently. We want this to be a safe experience for all our users.
2. You want the code to be clear, so that it is easier to test, audit and verify. Clear code is less error prone (less potential errors, bugs exploits).
3. Data in a smart contract is not private. It is written to a public blockchain (at least in case of Ethereum, and similar chains). Private functions only refer to whom is allowed to call that function programatically.
4. You need to find a balance between security, efficiency, flexibility (or upgradeability). Pushing any of these aspects will have implications on the other 2. For example:
   • when you make a contract upgradeable, you will have much more moving parts, hence you introduce some potential security risks
   • if you want your code to be efficient and use less gas, you will probably sacrifice clarity, make it more complex, hence put security at risk
   • and if you want to have the most secure contract, then you can write a contract that is not upgradeable, that has no loops, no logic, no nothing. You write an empty contract. But then who uses it?

1. The risks are far greater as there is money on the line. Therefore more caution is necessary. Also, upgrading or bug fixing is a lot more difficult than simply updating conventional code. Also, the code and ecosystem that uses the code is new and every expanding/changing. One needs to keep up to date with these changes as new bugs and risks get discovered.

2. It’s easier to understand the code if it’s simple. Complex code tends to cause confusion, esp. when developers other than the creator need to work on it. I guess it’s more important to know and understand what’s going on than to have a high performance smart contract that no-one understands - what if something goes wrong and needs to be fixed.
   Also, the chances of error are raised with more complex code.

3. The might think that only they can see their data and enter personal information on a platform that is extremely public. Private functions for example refer to how and when a function is called and does not make it invisible.

4. It all depends what you want; what you’re willing to risk, or not risk. If you want a flexible contract it’s going to come at a (potential) cost of securtiy, because the contract is no longer immutable. I
   If you want ultimate security reuse code from deployed contracts that you own - more work. If you prefer speed and ease you can duplicate library code; just make sure it’s been tried and tested.

1. Why does smart contract development require a different mindset than regular programming?
   Cost of failure can be high and change can be difficult.

2. Argue with your own words why clarity in your code is more important than performance.
   The cost of failure can be high and clarity reduces the chance of failure. That’s why if there is a choice betwee clarity and performance choose clarity.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

One might think that by making data private in your contract it cannot be read by anyone. For instance if you would store voucher codes as private values on chain thinking that way you could keep them secret. On the blockchain private doesn’t mean secret and secure.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

There are always tradeoffs in software development (using memory/disk, use processing power to decode/use bandwith to send uncompressed) and in that sense smart contract development is no different. In the end it depends on the usecase which choices are made.

Hi, folks!

Why does smart contract development require a different mindset than regular programming?

• SC has to do with financial assets
• hard to make fixes

Argue with your own words why clarity in your code is more important than performance.

• increase level that errors could be appeared

As the article says, all data and functions are public in a smart contract.
What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

• there is public access to all private data in blockchain

Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

• Because we always have triangle of cost, quality and speed

Andrei

1. Why does smart contract development require a different mindset than regular programming?
   Because the cost of failure can be hight, and change can be difficult.

2. Argue with your own words why clarity in your code is more important than performance.
   To avoid complications and bugs.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   Understand that your public functions are public, and may be called maliciously and in any order. The private data in smart contracts is also viewable by anyone.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Simplicity versus Complexity cases. There are multiple fundamental tradeoffs to consider when assessing the structure and security of a smart contract system. The general recommendation for any smart contract system is to identify the proper balance for these fundamental tradeoffs.

1. Why does smart contract development require a different mindset than regular programming?
   Because its a relatively new space, updates to code are difficult, and the cost of failure could be high

2. Argue with your own words why clarity in your code is more important than performance.
   The more complicated your code, the more complicated it is to test it. Testing is a major step in the development in smart contracts.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   Since the word private is involved, one may think that the code is not visible to the public.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Because not every principle is able to be maximized

1. Why does smart contract development require a different mindset than regular programming?
   Smart contracts can be in charge of large amounts funds which are attractive to attackers.
   Consideration of gas fees can have a large impact on performance of contract.
   Not all data needs to be stored on the blockchain.

2. Argue with your own words why clarity in your code is more important than performance.
   It much easier to find bugs and maintain code when code is clear.
   It is also much easier to unit test when designed clearly - and well unit tested code usually has less bugs
   If the shit does it the fan or if theres an emergency then the last thing you wanna be doing is trying to debug highly complex code under duress.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   All data is public on the blockchain.
   timestamps are imprecise on a blockchain.
   Not all data may need to be stored on the blockchain.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   There is never a silver bullet for anything. Every problem faces has some nuances and may require a custom solution depending on the situation.

1. Why does smart contract development require a different mindset than regular programming?

the risk in a mistake is much higher than normal programming.
2. Argue with your own words why clarity in your code is more important than performance.

when you are working in a team adaptions can be made, mistakes will be much easier to find, and you can set out bug bounties, and with no clarity in your code you are more prone to being part of the DAO club
3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

private functions are not accessible to the user of the smart contract but the user can still see what is written in the private functions
4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
there are benifits to both sides of how you design the contract, in the end i think it comes down to what the purpose of the smart contract is.

1.) cost of failure = high. Change is difficult
2.) Performance saves time for actions that happen anyways (even with less performance)
Since there will be bugs guaranteed, clear code makes it easier to find and solve problems which is more valuable. Bugs are more likely to destroy you than performance.
3.) Private data is still publically visible. Example: showing private keys.
4.) The ideal Code for a programmer might not be the most secure code
secure code might be less efficient
Code that focuses on safety might not be too fast and user friendly → less people want to use it

1.The stakes are higher, because money is at risk, not only of the deploying company (like in a traditional situation), but of anyone who invests in the contract. Also, there is a direct and potentially outsized incentive of malicious actors to find vulnerabilities.
2. Clarity makes reveals the underlying suppositions. They can be examined and cases of fault or risk can be hopefully identified. Conversely, if the code and it’s assumptions are obfuscated it will be more difficult to identify potential cases of failure. Since the risk is potentially the total loss of assets invested, no amount of performance increase can outweigh the increase in expected loss if it comes at increased risk of the said loss. ( the previous statement is too absolute, ie.if the investment is limited by amount or deployment time the increased risk may be worth considering).
3. That data stored as a private variable and accessible through functions limited to the owners is secure. (I don’t understand how such data can be accessed, but the text suggests that it can be.)
4. security vs maleability seems the most simple. Transparency and - tied to it - immutability is the fundamental promise of crypto. It’s a hard call to sacrifice even some of it for security. Yet some mechanism of updatability may be necessary to encourage investment in an untested system. + EVM itself may change under the contracts, exposing new vulnerabilities. Etherium is most strongly incentivized to avoid any such change, but it is possible and therefore a risk.

Reading Assignment: Developer Mindset (Answers)

1. The cost of failure could be high and constant change difficult. some is similar to hardware programming and financial services programming.

2. Ensures contract logic is simple, decreasing the likelihood for errors.

3.The fact that private data ;is also viewable by anyone.

4. Because there are important exceptions where security and software engineering best practices may not be aligned.

1. Why does smart contract development require a different mindset than regular programming?

The cost of failure can be high, and change can be difficult, making it in some ways more similar to hardware programming or financial services programming than web or mobile development

2. Argue with your own words why clarity in your code is more important than performance.

To make it easier to check the code against vulnerabilities.

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

People might believe that the private data in a smart contract is not visible by anyone. That is incorrect.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

Tradeoffs are important to ensure the final product is accomplished in the best, secure, simple and upgradable manner.

1.Why does smart contract development require a different mindset than regular programming?
The cost of failure can be high, and change can be difficult, making it in some ways more similar to hardware programming or financial services programming than web or mobile development.

2.Argue with your own words why clarity in your code is more important than performance.
It is easier to find bug in clean code.

3.As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
Private is also visible. It is important how the functions and data are visible.

4.Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
You have to choose what is better-more important at some point. Balanced cost, quality and speed.

1. Why does smart contract development require a different mindset than regular programming?
   It is new and experimental, the cost of failure is high, and change is difficult.
2. Argue with your own words why clarity in your code is more important than performance.
   Clear code makes it easier to spot bugs or vulnerabilities, or even areas where you are increasing the possible attack area.
3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?
   Someone might believe that private functions or private data can’t be seen by others viewing the contract.
4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?
   Sometimes pure software engineering considerations pull in an opposite direction to pure security based considerations - in these cases one has to make a trade-off and find the right balance between the two.

Why does smart contract development require a different mindset than regular programming?

• Because Smart Contract development is relatively new and highly experimental, the cost of failure is high, and change can be difficult.

Argue with your own words why clarity in your code is more important than performance.

• Clarity is more important in the context of smart contract development because having a more straightforward approach in your code will reduce complexity and potential security risks.

As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

• That any private data or private function in a smart contract cannot be seen by anyone and can’t be used as information for malicious intentions.

Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

• Because you have to make considerations of many factors, like the context of what the smart contract is used for, how long the smart contract will be used, how limited the set of functionalities of your smart contract will have, etc.

1. Why does smart contract development require a different mindset than regular programming?

• Smart contracts are difficult to update in production, often have a direct financial loss potential, and requires a lot more up front testing before deployment.

2. Argue with your own words why clarity in your code is more important than performance.

• Clean code enables better collaboration, auditing, and easier troubleshooting of bugs and issues

3. As the article says, all data and functions are public in a smart contract. What false beliefs might someone have around private data and private functions in a smart contract that could have dangerous consequences?

• The word private is a false sense of security, leading people to believe that the data is hidden, encrypted, or somehow access restricted, but in reality, nothing is truly private in a smart contract.

4. Why do you think all the fundamental principles mentioned in the article comes down to tradeoffs?

• There are often trade-offs when given the ability to create something new. It is important to make well-thought through conscience decisions to find the right balance of risk vs reward for your goals. Centralized vs decentralized, integrity vs performance, security vs usability, etc.

Because we’re dealing with programmable money, the risk of failure is high. Also blockchain programs are new and highly experimental.

It’s better to keep the code clean and easy to use, than make it performant but difficult to read. This way finding bugs in the code is easier.

Private functions are only private for a contract to execute. However the visibility of the code is still public. Most public functions execute private functions. That’s why making function private doesn’t completely make it less invulnerable.

Because there is no perfect solution to everything.

1. The stakes are higher and mistakes can lead to total loss.
2. Clean code is easier to read and therefore makes for faster and more thorough troubleshooting.
3. The functions may be “labelled” as private but that does not mean they are encrypted and the information is still available or anyone to see.
4. Because there is not perfect Smart Contract and an opportunity cost always exists when writing code.