Learn Solidity

learn

Solidity
Smart
Contract

Ismail Saleem
eBook for learning solidity smart contract basics
 Chapters

1. Introduction: Explanation of smart contracts and their

significance in the blockchain space.
2. The Basics of Solidity: Introduction to the Solidity
programming language, including its syntax and data types.
3. Smart Contract Development: Step-by-step guide to
developing a basic smart contract, including deployment
and testing.
4. Advanced Smart Contract Development: A more in-depth
exploration of Solidity's advanced features, such as
inheritance and polymorphism, with examples of more
complex smart contract development.
5. Smart Contract Security: A discussion of common security
risks and best practices for securing smart contracts.
6. Smart Contract Design Patterns: Introduction to common
design patterns in smart contract development.
7. Smart Contract Interaction: Describing the various ways
that smart contracts can interact with other smart
contracts and external systems, including off-chain and on-
chain communication and oracle mechanisms.
8. Real-World Use Cases: An overview of real-world use cases
for smart contracts, including decentralized finance, supply
chain management, and digital identity.
 Chapter 1: Introduction

What are Smart Contracts

A "smart contract" is simply a program that runs on

the Ethereum blockchain. It's a collection of code
(its functions) and data (its state) that resides at a
specific address on the Ethereum blockchain.

How do smart contracts work?

Smart contracts work by following simple “if/when…

then…” statements that are written into code on a
blockchain. A network of computers executes the
actions when predetermined conditions have been
met and verified.

Smart contract significance in the blockchain space

The significance of smart contracts in the

blockchain space is that they enable the automation
of complex processes, reduce intermediaries, and
increase transparency, security, and efficiency
across various industries. They also enable the
creation of decentralized autonomous organizations
and enable new business models that were not
possible before the advent of blockchain
technology.
 Chapter 2: The Basics of Solidity

The essential concepts of the Solidity Programming

Variables: Solidity variables are used to store values

that can be used throughout a contract. Solidity
provides several data types such as integer, boolean,
address and mapping, that are used to define
variables.

Functions: Functions in Solidity are used to perform

specific tasks and to interact with the contract.
Solidity provides several pre-defined functions like
transfer, balanceOf etc. and also you can create your
own custom functions.

Control Structures: Solidity supports traditional

control structures such as if-else statements and for
loops. These allow you to create more complex smart
contracts that can make decisions and perform
actions based on certain conditions.

Events: Events allow smart contracts to emit log data

that can be recorded on the blockchain. This allows
other contracts and external clients to listen for and
react to events emitted by a contract.
 Chapter 2: The Basics of Solidity

The essential concepts of the Solidity Programming

Inheritance: Solidity supports inheritance, which

allows contracts to reuse code and create more
complex smart contracts. A contract can inherit the
properties and functions of another contract, and it
can also override or add new functionality.

Modifiers: Modifiers can be used to add additional

functionality to a contract. They are a set of pre-
defined statements that can be used to check for
certain conditions before a function is executed.

Types and Memory: Solidity has two different types,

storage, and memory, which are used to define
variables and allocate memory in the contract.
Storage variables are permanent and written to the
blockchain, whereas memory variables are only
temporary and exist only during the execution of a
function.

Security and Best Practices: Solidity provides several

security features, like access modifiers, error
handling, and exception mechanism. It is essential to
know best practices and security considerations, as a
small mistake in the code can lead to vulnerabilities.
Chapter 2: The Basics of Solidity

Solidity Smart Contract Data types

Solidity provides several data types that can be

used to define variables in a smart contract.

Integers: Solidity supports signed and unsigned

integers of various sizes, such as int8, int256, and
uint8.

Booleans: Solidity has a boolean data type that can

have the values "true" or "false".

Addresses: Solidity has an address data type that

represents an Ethereum address. An address can be
used to store the address of another contract or the
address of an external account.

Strings: Solidity has a string data type for storing

sequences of characters.

Enums: Solidity supports enumerated types, also

known as enums. Enums allow you to create a set of
named values.
Chapter 2: The Basics of Solidity

Solidity Smart Contract Data types

Arrays: Solidity supports arrays, which can be used

to store a fixed or dynamic size collection of
elements of the same type.

Mappings: Solidity mappings are similar to arrays,

but they are a collection of key-value pairs where
the keys are unique and can be of any data type.

Structs: Solidity structs allow you to group several

variables together into a single data structure. It
allows you to create complex data structures and
organize data better.
 Chapter 2: The Basics of Solidity

"Hello World" program in Solidity

This program defines a simple smart contract called

"HelloWorld" that has one function called "sayHello" and one
event called "HelloEvent".

The "pragma" line at the top of the program specifies the

version of Solidity that is being used to write this contract.

The "sayHello" function is marked with the "public" visibility,

which means it can be called by any external account. Inside
the function body, we have an emit statement that triggers the
"HelloEvent" event and sends a message "Hello World!" as its
parameter.

The event "HelloEvent" has one parameter "string message"

which will be sent along with the event when emitted.
 Chapter 3: Smart Contract
Development
We can start writing solidity smart contracts using our favorite
IDE also but the easiest way to start writing the code is using
the online “Remix — Ethereum IDE”

Open Remix IDE: Go to https://remix.ethereum.org/ to open

the Remix IDE. This is a web-based development environment
for Solidity smart contracts.

Create a new contract: Click on the "+" button at the top left
corner of the IDE to create a new contract. This will open a
new tab where you can write your contract code.

Write the contract code: In the new tab, write the following
Solidity code for a "Hello World" contract:

Compile the contract: Click on the "compile" button at the top

of the IDE to compile the contract. This will generate the
bytecode and ABI of the contract.
 Chapter 3: Smart Contract
Development
Deploy the contract: Click on the "Run" tab at the top of the
IDE. In the "Environment" dropdown, select "JavaScript VM"
(or "Web3 Provider" if you have a local or remote node set up).
Then click on the "Deploy" button to deploy the contract to
the JavaScript VM. This will deploy the contract to a local
environment, allowing you to test the contract without
spending real Ether.

Test the contract: After the contract is deployed, you can test
it by clicking on the "sayHello" button in the "At Address"
section of the "Run" tab. This will trigger the "HelloEvent"
event and you can see the message "Hello World!" in the
"Logs" section of the "Run" tab.

Deploy to the Mainnet: Once you are satisfied that the

contract is working as expected, you can deploy it to the main
Ethereum blockchain by selecting "Web3 Provider" in the
"Environment" dropdown and providing the endpoint of your
node. Then you can interact with the contract using the same
way as you did with JavaScript VM.
 Chapter 4: Advanced Smart
Contract Development
In this chapter, we will do a more in-depth exploration of
Solidity's advanced features, such as inheritance and
polymorphism.

Inheritance allows a contract to reuse the code and

functionality of another contract, known as the parent
contract. This can be achieved by using the "is" keyword
followed by the name of the parent contract. For example:

In this example, the "Child" contract is inheriting from the

"Parent" contract. As a result, it has access to the
"parentFunction" function, which it can call directly.
Inheritance allows contracts to share common functionality
and reduces the amount of code that needs to be written.
 Chapter 4: Advanced Smart
Contract Development
Polymorphism is a feature of object-oriented programming
that allows objects of different types to be treated as objects
of a common type. In Solidity, polymorphism can be achieved
by using interfaces and implementing them in multiple
contracts. An interface is a contract that defines the functions
that should be implemented by other contracts. For example:
 Chapter 4: Advanced Smart
Contract Development
In this example, the "Shape" interface defines a function
called "area" that should be implemented by other
contracts. The "Square" and "Circle" contracts both
implement the "Shape" interface and therefore must
implement the "area" function. Each contract implements
the "area" function differently based on its specific shape
(square or circle).

This allows for a certain level of code reusability across

different contracts and makes it easy to work with
multiple different contracts as if they were the same
type. The "Square" contract calculates the area of a
square using its side length, while the "Circle" contract
calculates the area of a circle using its radius. This is a
simple example of polymorphism in Solidity where the
Shape interface defines a common behavior for different
contracts and those contracts implement the interface in
their own way.

In this example, both the "Square" and "Circle" contracts

inherit the "Shape" interface and implement it in their
own way, and can use the same set of functions defined in
the interface. This way, any other contract or external
client can interact with both "Square" and "Circle"
contracts as if they were both "Shape" contracts.
 Chapter 5: Smart Contract
Security
Smart contract security is a critical aspect of developing
decentralized applications on the Ethereum blockchain. Due to
the immutable nature of smart contracts, any security
vulnerability can have severe consequences, resulting in the
loss of funds or unauthorized access to sensitive information.
Here are some common security risks and best practices to
keep in mind when developing smart contracts:

Reentrancy attacks: A reentrancy attack occurs when a

malicious contract repeatedly calls an external function,
causing an infinite loop that can drain funds from the target
contract. To prevent this, it's best practice to use a mutex (a
mutual exclusion mechanism) to limit access to critical
sections of code.

Integer overflow/underflow: Solidity integers do not have a

fixed range, and it's possible for an attacker to cause an
integer overflow or underflow by sending a large or small
enough number. To prevent this, it's best practice to use the
SafeMath library, which provides a set of mathematical
functions that automatically check for overflow and
underflow.

Unauthorized access: A malicious user may try to gain

unauthorized access to a contract's functions or variables. To
prevent this, it's best practice to use modifiers to define the
visibility of functions and variables and to use access control
mechanisms like roles and access lists.
 Chapter 5: Smart Contract
Security
Unchecked external calls: When a contract calls an external
contract, it's important to check the return value of the call to
ensure that it succeeded. An attacker may attempt to exploit
an unchecked call by making a malicious contract that returns
a false value. To prevent this, it's best practice to use the
assert() function to check the return value of external calls.

Denial of Service: An attacker can create a contract that

repeatedly calls the target contract's functions, overwhelming
it and causing it to become unresponsive. To prevent this, it's
best practice to use a circuit breaker pattern, which allows you
to temporarily disable a contract's functions in case of an
attack.
 Chapter 5: Smart Contract
Security
Here is an example of a smart contract that
implements some of these best practices:
Chapter 5: Smart Contract
Security
 Chapter 5: Smart Contract
Security
This contract implements several best practices,
including the use of the SafeMath library to prevent
integer overflow/underflow, the use of modifiers to
control access to functions, and the use of a circuit
breaker pattern to prevent a denial of service attack.

In this example, the contract has a mapping of

authorized addresses, an owner address, a balance
and a boolean variable to check whether the
contract is paused or not. The owner can authorize
or revoke other addresses. A deposit function is
payable and can only be executed if the contract is
not paused. The withdraw function can only be
executed by authorized addresses and also the
contract should not be paused. The contract also
has the ability to be paused and unpaused by the
owner only, which can be used as a circuit breaker.
 Chapter 6: Smart Contract
Design Patterns
Design patterns are reusable, conventional solutions
used to solve reoccurring design flaws. Making a
transfer from one address to another is a practical
example of frequent concern in Solidity that can be
regulated with design patterns.

There are several design patterns that are commonly

used when programming smart contracts in Solidity:

Behavioral Patterns

Guard Check: Ensure that the behavior of a smart

contract and its input parameters are as
expected.

State Machine: Enable a contract to go through

different stages with different corresponding
functionality exposed.

Oracle: Gain access to data stored outside of the

blockchain.

Randomness: Generate a random number of a

predefined interval in the deterministic
environment of a blockchain.
 Chapter 6: Smart Contract
Design Patterns
Security Patterns

Access Restriction: Restrict the access to

contract functionality according to suitable
criteria.

Checks Effects Interactions: Reduce the attack

surface for malicious contracts trying to hijack
control flow after an external call.

Secure Ether Transfer: Secure transfer of ether

from a contract to another address.

Pull over Push: Shift the risk associated with

transferring ether to the user.

Emergency Stop: Add an option to disable critical

contract functionality in case of an emergency.
 Chapter 6: Smart Contract
Design Patterns
Upgradeability Patterns

Proxy Delegate: Introduce the possibility to

upgrade smart contracts without breaking any
dependencies.

Eternal Storage: Keep contract storage after a

smart contract upgrade.
 Chapter 7: Smart Contract
Interaction

There are several ways that smart contracts can

interact with other smart contracts and external
systems, including:

On-chain communication: Smart contracts can

interact with other smart contracts on the same
blockchain network by calling their functions or
sending them transactions. This is known as on-chain
communication.

Off-chain communication: Smart contracts can also

interact with external systems that are not on the
blockchain, such as databases or APIs. This is known
as off-chain communication. One way to achieve this
is by using an "oracle" mechanism.

Oracles: Oracles are external systems that can

provide information to a smart contract by
"signaling" or "verifying" events that happen off-
chain. Oracles can be used to provide information
such as the current price of a stock or the outcome
of a sporting event. They can be implemented as a
separate smart contract or as an external service
that interacts with the smart contract.
 Chapter 7: Smart Contract
Interaction

Cross-chain communication: Smart contracts can

interact with smart contracts on different blockchain
networks through a process called cross-chain
communication. This can be achieved by using a
bridge contract or a relay mechanism that allows for
the transfer of data and assets between different
chains.

Interacting with external APIs: Smart contracts can

also interact with external APIs, such as web services
or databases, to retrieve or update data. This can be
done by using a smart contract that acts as an
intermediary between the external API and the
contract that needs to access the data.

Interacting with off-chain storage: Smart contracts

can interact with off-chain storage solutions such as
IPFS, Swarm, or Sia, to store large amounts of data in
a decentralized way.

Interacting with Decentralized File System (DFS):

Smart contracts can interact with decentralized file
systems like IPFS, Filecoin, etc to store and retrieve
large files.
 Chapter 8: Real-World
Use Cases

Smart contracts have a wide range of potential use

cases, including:

Decentralized Finance (DeFi): Smart contracts are

being used to create decentralized financial
applications, such as lending platforms,
decentralized exchanges, and stablecoins. These
applications allow for peer-to-peer transactions
without the need for a trusted intermediary,
reducing the risk of fraud and increasing
transparency.

Supply Chain Management: Smart contracts can be

used to create transparent and tamper-proof supply
chain management systems. These systems can be
used to track the movement of goods, from the point
of origin to the final destination, and to verify the
authenticity of products.

Digital Identity: Smart contracts can be used to

create decentralized digital identity systems. These
systems can be used to prove the identity of an
individual or an organization without the need for a
centralized authority.
 Chapter 8: Real-World
Use Cases

Real Estate: Smart contracts can be used to

automate the buying and selling process of real
estate, and to create decentralized property
ownership records. This can help to reduce fraud
and increase transparency in the real estate
industry.

Healthcare: Smart contracts can be used to create

secure and transparent medical records systems,
which can be used to track patients' medical history
and securely share medical data with authorized
parties.

Gaming: Smart contracts can be used to create

decentralized gaming platforms, where players can
buy, sell and trade virtual assets, and also create
provably fair games.

Energy: Smart contracts can be used to create

decentralized energy trading platforms, allowing
households and businesses to buy and sell energy
directly, without the need for a centralized utility.
 Chapter 8: Real-World
Use Cases

Voting: Smart contracts can be used to create

decentralized voting systems, allowing for secure
and transparent voting without the need for a
central authority.

Government: Smart contracts can be used to create

decentralized governance systems, allowing for the
decentralized management of public services, and
the creation of transparent and tamper-proof public
records.