Sabbatical 2022
Sabbatical 2022
After seven years of heads down building stuff, I took a break at the end of 2021. I planned a full 1-year sabbatical for the year 2022. This post is a collection of projects that I did during that time.
I didn't intend to finish most of them or make them production ready. Instead, these half-baked prototypes aim to help me build intuition about complex topics. I develop a deeper understanding when I implement the concepts I am learning.
Inspired by the Gradual Dutch Auction spec, I wanted to explore the mechanism. Paradigm's blog post describes two novel auction mechanisms suitable for fungible and non fungible tokens. I quickly implemented and tested the basic functionality thanks to the original post's precise specification and reference implementations. The blog had all the details about the pricing function. All that was left was to implement the math equations in solidity.
It led to another rabbit hole. That is to understand how math libraries work in solidity, especially WAD arithmetic. I first started using PRBMath to implement Discrete GDA and continuous GDA contracts. Soon after, I familiarized myself with various techniques to implement mathematical functions in solidity. Finally, I replaced the PRB math library with my custom implementation of muldiv
, exp
, pow
etc., for fixed-point numbers in the format 59x18 (using the last 18 digits for decimals). I still need to optimize these functions for gas usage. This may be a topic for a future project.
The project's purpose is to go through the CRDTs theory and implements basic CRDTs as specified here.
Currently, this repo contains the implementation for G Counter, PN Counter, G Set, 2PSet, LWW set, OR Set, and an experimental mix of 2P Set with vector clocks.
This repo also has code for vector clocks with basic functionality such as incrementing and merging different clocks, including benchmarking for these operations.
In the future, this will be a playground to experiment with more complex CRDT-based algorithms such as RGA and WOOT. And even more complex sequential CRDTs such as trees and graphs.
The goal of this project is to build the EVM from scratch. This project doesn't aim to be feature complete, performant, or production ready.
The specification in the Ethereum Yellow Paper is extremely rigorous. At the same time, it is a dry read and difficult to understand.
With this project, I want to create a playground to tinker with EVM primitives. The main purpose is to understand the internals and the core concepts underpinning the EVM.
This repo is a collection of solidity contracts. The main purpose of this project is to be a playground for experimenting with different defi primitives on EVM based chains.
The contracts are compiled and tested using hardhat. Typechain is used to generate Typescript types for the solidity contracts, which makes it convenient for writing tests and scripts.
Staking Pool is a contract that allows users to deposit and withdraw ETH or native tokens of other EVM chains. It also allows an admin to add funds to this contract to distribute the rewards to incentivize the depositors. The rewards that an individual depositor receives are proportional to their deposited stake.
The Staking Token contract is similar to Staking Pool contract it but also mints ERC20 tokens for the depositors. Later, the depositors can later redeem their sTokens for the native tokens they deposited plus the rewards accrued.
Damn Vulnerable DeFi is a set of challenges for practicing the security aspect of smart contracts.
The challenges demonstrate using DeFi primitives like flash loans, price oracles, governance, lending pools, etc. Most puzzles expose a vulnerable protocol design or an implementation issue.
These puzzles are more advanced than the Ethernaut CTFs. My goal in practicing these challenges is to better understand the primitives, common attack vectors, and common solidity mistakes.
While working on these problems, I found that tracing function calls and trying to call the public functions with different values often led to the right idea. In particular, I often followed these steps:
Understand the problem well enough to be able to draw a diagram to trace all interactions, such as function calls and event emissions.
Drawing the call stack for successive function calls.
Deploy the contracts locally and add logs, especially around constraints (require statements).
Ethernaut CTF is the collection of "capture the flag" puzzles. These are targeted towards solidity or EVM beginners. Most of the puzzles in this collection are inspired by actual exploits that happened in the wild.
Each puzzle exposes some idiosyncratic behavior in the EVM. Smart Contracts in EVM are a different paradigm; not understanding how EVM works often leads to writing vulnerable contracts.
My goal in solving these puzzles is to familiarize myself with common gotchas in the ethereum virtual machine. I also want to understand common attack vectors in smart contracts.