Welcome to the discussion thread about this lecture section. Here you can feel free to discuss the topic at hand and ask questions.
Regarding Proxy Contracts, THIS is exactly what I was trying to get at in the ETH 201 course when I was talking about dependency injection. A proxy is a different way of accomplishing the same thing. External contract calls are rather expensive on gas though, so I’d imagine this is used sparingly.
It also occurs to me the increased risk with smart contract programming is in a way a good thing. This forces developers to adopt much better habits. Testing and security are top priorities, so must be considered right from the beginning. This makes better developers.
Hi @filip ,
i have done the Quiz: Developer Mindset and don’t agree with the correct answers:
What is different between smart contract programming and normal programming?
Smart Contracts handle money
Any existing bank-software used is also handling money since many decades.
I would not argue that the software written decades ago are not “normal programming”
Smart Contract systems are public
I do not argue that a blockchain must be public, therefore i also do not argue that smart contract system are always public. They could also be non-public.
Is there a list of solid sources with distilled information to stay up to date on these topics?
I see a mailing list for Truffle/Ganache https://www.trufflesuite.com/docs/truffle/reference/contact-the-developers
Solidity bugs - https://securityboulevard.com/2020/05/solidity-top-10-common-issues/
I would almost assume there would be a site dedicated to this.
Yes, this is one good way to keep yourself updated
Not sure how filtered this is but its not wrong but also not coming directly from the community
you can follow consensys blogs: https://diligence.consensys.net
For solidity: documentation is good enough
Also, you can follow Ivan on Tech youtube channel everyday Pretty sure you are already doing that.
At the same time. stay with as many forum as you can
This Proxy functionality is good to have if it can be entierly trusted. It sort of defeat the object of immutable contracts, When you can have such an easy workaround that could potentially benefit a few with a lot of coin in their wallets long term. And how do you check if a contract includes proxy call functions in its infancy?
In my humble opinion, A Proxy functionality should only be called upon after rigorous process protocols have been adhered to. Maybe have a proxy stearing group in each smart contract to agree and sign off before a proxy can be implemented/deployed.
Do most contracts have this redirect to another contract as back-up or is it mostly for high finance security?
Upgradable contracts should be considered for complex contract (especially if they handle coins) so that you can jump in and fix a bug as soon as you find it.
Is there a dev community where we can tune into regarding Solidity updates? Or basically an active community about smart contract programming in general? I mean, in Reddit they have communities for languages like C++, JS, etc. I saw an Ethereum dev community but it’s not as active as other communities. I wonder if smart contract devs are flocking somewhere else?
@filip are you sure about this?
All smart contracts are open source as far I understand.
You can usually see smart contracts byte code and you can decompile it but you will get something not really close to a readable contract
Developers decide if make the code public by posing it on GitHub and etherscan.
Oh I thought the reason a smart contract is on the blockchain is because it has to be public not just the byte code.