Yos Riady software craftsman

Hi! 👋 I'm Yos.

I build software for fun and profit.

Ethereum ERC Standards You Should Know About

Ethereum ERC Standards You Should Know About

The ERC20 token standard has achieved near-complete industry adoption. It defined six minimal requirements for the way tokens behave on the Ethereum blockchain. Anyone could comply with the token standard and implement additional functions as needed. The ERC20 standard ignited the crypto spring, allowing for the creation of core infrastructure and exchanges that continue to be the backbone of the crypto ecosystem today.

In this article, let’s look at some Ethereum ERC standards that you should know about - including standards you’ve probably never seen before!

Read on →

Utility Token Models

Utility Token Models

Relying purely on memes and hype to support a token value, while attractive because of its seeming ability to print money out of thin air, is ultimately quite brittle. Tokens following this pattern may sustain itself for a time due to irrational exuberance, but whenever the market turns sour the risk of collapse hangs near.

For a token to have a stable value, it needs token sinks - places where tokens can be ‘spent’ so the total circulating supply decreases over time. In this article, we’ll examine several real-life token projects and how they make their tokens spendable. We’ll look at three token models: Protocol Tokens, Platform Tokens, and Governance Tokens.

Read on →

Harberger Taxes on Ethereum

Harberger Taxes

Harberger Taxes is an economic abstraction recently highlighted in the book Radical Markets. In this taxation system, asset owners self-assess the value of assets they own and pay a tax rate of X% on that value. Whatever value owners specify for the asset, they have to be willing to part ways and sell it to anyone at that price. Harberger Taxes promises to democratize the control of assets by striking a balance between private and commons ownership.

Blockchains offer a testing ground for experimenting with economic abstractions such as Harberger Taxes, where rules can be enforced with smart contracts.

The emerging field of cryptoeconomics uses both cryptography and economic incentives to design decentralized protocols and applications. Smart contracts defines the rules of an economic game which incentivize rational actors to behave in optimally desirable ways. Decentralized protocols lets us inscribe transparent rules on the blockchain that aligns individual incentives to achieve a common goal.

In this article, let’s look at Harberger Taxes and how we can use it in decentralized applications.

Read on →

Signing and Verifying Ethereum Signatures

Signing and Verifying Ethereum Signatures

An Ethereum transaction needs to be included in a block and mined before it is processed and ‘saved’ on the blockchain. As a result, on-chain transactions takes time and costs gas to compensate miners for their work.

In contrast, off-chain computation lets you perform actions instantly without waiting for transactions to be mined and does not cost any gas.

In this article, let’s look at how you can perform off-chain computation using Ethereum signatures. Cryptographic signatures can be used to validate the origin and integrity of messages. Then, we’ll examine real-life use cases of off-chain computation such as decentralized exchanges, state channels, and meta transactions.

Read on →

Bonding Curves Explained

Bonding Curves Explained

“Show me the incentive and I will show you the outcome.” – Charlie Munger

Bonding curves are an extremely fascinating cryptoeconomic primitive: protocol based incentive systems that enable coordination of network participants to achieve shared goals. Tokens (programmable financial assets) incentivize players in an economic game towards an outcome that can be beneficial for every network participant.

In this article, let’s take a look at what bonding curves are and how it’s used today. Along the way, we’ll learn about automated market makers, token-curated registries, and continuous organizations - three real-life applications of bonding curves.

Read on →

A Whirlwind Tour of Security Token Standards

Automated Regulatory Compliance with Security Token Standards

A crypto token that passes the Howey Test is deemed a Security token. Security tokens are designed to represent complete or fractional ownership interests in assets. While utility tokens have no limitations on who can send or receive the token, security tokens are subject to many restrictions based on identity and jurisdiction.

In the same way that the ERC-20 token standard helped to create a boom in utility tokens, a security token standard will help drive the adoption of security tokens.

In this article, let’s look at the current state of security token standards in the Ethereum ecosystem and each of their approaches to build a self-regulatory governance mechanism for these tokens

Read on →

Upgrading Solidity Smart Contracts

Upgrading Solidity Smart Contracts

Web applications today are built iteratively. With continuous delivery, developers release hotfixes and new features hundreds of times a day. We upgrade our software all the time with little ceremony.

Upgradability is something that you don’t truly appreciate - until you’ve written smart contracts. Why? Because smart contracts are immutable - it’s not possible to upgrade the source code of an already deployed contract. In this aspect, developing smart contracts is closer to hardware programming than web development.

At the same time, decentralized applications and smart contracts are a new and highly experimental space. There are constant changes in the security landscape and the cost of failure are in the high tens or hundreds of millions of dollars. Code will need to be changed if errors are discovered or if improvements need to be made. It is no good to discover a bug, but have no way to deal with it.

As software engineers, we seek to build software systems that is modular and supports upgradable components. To handle the large space of smart contract attack vectors, we need a mechanism through which we can safely and securely upgrade our smart contracts. This is especially true when you build complex, perpetual contract systems instead of one-time token sale contracts.

Read on →

Common Smart Contract Vulnerabilities and How To Mitigate Them

Common Smart Contract Vulnerabilities and How To Mitigate Them

In traditional software development, security vulnerabilities can be fixed by patching. When there’s a bug in your system, you can write a fix, deploy it, and prevent future exploits of that specific bug. Patches are frequent and easy.

Patching security vulnerabilities of decentralized applications on the Ethereum blockchain is not so straightforward. Due to the immutable nature of smart contracts, it’s difficult (and sometimes impossible) to upgrade already deployed contracts.

On the other hand, the potential losses of smart contract hacks can be exorbitant, with losses of more than US$70M for the DAO Hack and US$200M for the 2nd Parity Hack. Considering both the difficulty of upgrading contracts and high exploit risk, smart contract developers need to be vigilant and apply defensive programming techniques when designing smart contracts to prevent vulnerabilities in the initial design.

In this article, let’s look at common security vulnerabilities in Solidity smart contracts and how to mitigate them.

Read on →

The Serverless Landscape in 2018

Learn about the most popular projects and product offerings in the Serverless ecosystem today! (Last updated 19 June 2018.)

Read on →

Best Practices for Building Great API Developer Portals

An API without proper documentation is no better than no API at all. Having a great developer portal is critical part of your API’s developer experience and is instrumental in driving adoption.

The user experience of a developer portal, the completeness of the API documentation, the ease with which you can search for the right solution for their needs, and the speed at which developers can start calling your endpoints are all fundamental to the success of an API product.

This guide documents best practices to having a great API Developer Portal.

Read on →
Going Serverless book

Interested to find out more about serverless? Going Serverless teaches you how to build scalable applications with the Serverless framework and AWS Lambda. You'll learn how to design, develop, test, deploy, and secure Serverless applications from planning to production.

Learn More →