What it looks like to interact with a smart contract for day to day events.
Introduction
I am currently working with Ethereum London meetup to manage their huge waiting list with an event management smart contract called BlockParty.
In their September meetup, we rolled out at a smaller scale where five people participated.
Since we are aiming to gradually increase the capacity, I would like to walk you through what it is like (right now) for people to interact with such smart contracts.
This article is intended for non technical readers. If you know Ethereum enough to participate in an ICO, probably you understand some technical aspects.
What is BlockParty?
(You can skip this section if you already know what it is)
I have been working on an event management DApp (Distributed App) called “BlockParty”. You pay a small deposit when you register. You lose your deposit if you do not turn up. You will get your deposit back + we split the deposit of whom did not turn up. Simple!
I’ve been using the dapp on the mainnet (with real ether at stake) since DevCon2 to host small parties (we used to put ETH1 per person as a deposit!).
For more detail, please watch my talk which I gave at Ethereum London meetup back in April.
Going 100% at Ethereum CodeUp, Ethereum London’s small brother
Ethereum CodeUp is a monthly (ish) study group I’ve been organising over a year. Unlike Ethereum London, our meetup has less than 30 signups but getting a bit too big for the venue we host which have maximum of 20 people. I’ve already piloted (meaning non mandatory) BlockParty back in June so this time I made it mandatory. I managed my company to sponsor some pizza for the first (and probably the last) time so having exact number of participants was more important than ever to have no pizza waste.
How people participated during CodeUp
Block Party still lacks a lot of functionalities as a meetup page, so we are still relying on meetup.com for things like announcing an event and managing its waiting list.
To make Block Party as a primary registration tool, I only let myself reserved so that everybody else stayed on the waiting list.
We had over 25 people on the waiting list but the actual registration on BlockParty went very slowly, only 8~9 signed up until a few days before the actual meetup date. This was expected as people were reluctant to register until they were sure to come, allowing people who found out the event later on can still secure a spot.
I received a couple of comments about having problem registering the events.
When I looked at the transactions, some failures were due to setting gas limit too low.
When you register, it usually takes 150,000 gas but looks like the transaction above only set 100,000 leading to "Out of gas" error. You have to bear in mind that you still lose the gas in such a situation. This user set transaction gas relatively high (27Gwei), so ended up losing $0.68. I assumed that client wallets such as MetaMask and Mist would warn user if gas price was too low, but I am guessing that the estimate was not that accurate.
Remember, this is the magic formula of the maximum you pay to Ethereum network (not to me).
Actual Tx Cost/Fee = Gas price * Gas limit
A few of my colleagues also registered the event but he made a classic mistake, sending the transaction from an exchange. I figured out because its input data shows almost no data.
One of our regular participants also did some unexpected thing. He registered without intention to attend, deliberately leaving extra deposit to share. I may add this as an extra “sponsor” feature to make this more explicit while not taking up the actual spot.
In the end, 13 people registered and 12 people showed up. There was one person who could not register because he did not understand the rule of the registration process, so I need to make the description a bit clearer.
Are BlockParty smart contracts secure?
I’ve been working on this project for over a year and have deployed the contract for 3 times. Every time after each event, I (or someone else) ended up finding some security vulnerabilities, so for me deploying smart contracts is a nerve wracking thing.
Fortunately none of them lead to losing participant’s money but I have a fear that it’s matter of time that deposits in the smart contract gets stuck due to a bug of the contract or drained by someone exploiting the bug.
Even though I have terms and conditions stating that I have no responsibility for the use of the software, I still feel responsible for any damages caused by my coding. At the same time, I don’t have enough Ether to cover user’s loss unlimitedly.
So far, the current participants of BlockParty have been innovators who understand the risk (or people who literally thinks “Code as law”). As the target users shift to early adopters, we need a way to be more tolerating against such risks.
As someone who works at an insurance company, I started wondering if I can offer some sort of insurance policy and I wrote a gist offering a sum of loss to be covered up to ETH 1 only for people who pays the premium of ETH 0.0032, which is about 6% of the deposit.
It was not a smart contract partially because I did not want to write something I don’t even know if people want, but also wanted to avoid the situation that my insurance contract contains bugs and get exploited.
So did people buy the insurance policy?
No one.
The insurance deposit was relatively small and some people paid more to Ethereum network by paying higher gas price.
I asked to the participants why no one was interested. The response was simple. People said that they trusted me. Though most of the meetup participants knew how to read Solidity code, none of them even looked at the code hosted on Github.
Ironically it actually had a security vulnerability.
This was the first bug that anyone, whether they have registered the event or not, could drain money.
Fortunately this could be exploited only if I decided to cancel the event and let all participants to withdraw their deposit equally.
For more technical detail of the incident, please read my another blog post “Performance tuning smart contracts for fun and profit (with some horror)”.
Piloting at Ethereum London
One week after the CodeUp, there was Ethereum London. Ethereum London is one of the biggest Ethereum community in the world with over 5,000 members. For the September meetup, there were 260 registrations with over 500 people on the waiting list.
Though it is technically possible to use BlockParty to manage over 300 people, we started small by having only 10 spots among people who already have spot on the event, and 5 people actually registered.
How does BlockParty sign you in?
By default, the contract owner (me) has an ability to mark each participant as attended. This is okay for smaller events but may not be scalable (plus costly for the contract owner) as the number of participants grows. My dream solution is to have some sort of “Proof Of Presence” either via NFC(Near Field Communication) or BlueTooth combined with IoT to automatically let you in only if you are within a certain range from the venue.
The alternative, more analogue way, was to issue an unique one time confirmation for each participant.
The code could be any random string but we decided to use the public address of ether cards with CryptoCompare custom design and gave away to each participant. This way, you can still reuse the card as a normal gift wallet as you haven’t peeled off the private key yet.
This method is okay when as long as we have enough ether cards to give away but may eventually run out. Even a lot simpler approach can be to use one time password across all the participants and share it on screen as a QR code. The downside is that there are risk of people sharing on social network and non participants could attend, but there are economic incentive not to do so to maximise each participant’s payout. What do you think?
What’s next?
I must admit that the usability of interacting with smart contract is still not easy. People could waste their gas for easy mistake or lose the entire deposit due to bugs.
It may take a bit while to make BlockParty good enough to use 100% for Ethereum London Meetup. So how can you contribute?
- Join via BlockParty at the next Ethereum London or CodeUp events and give us as much feedback.
- Interested in using BlockParty at your local meetup? Register your interest here .
- Are you a smart contract developer? Please have a look into the actual contract code, and provide peer reviews.
- You can’t code but could help financially? If you are willing to contribute to bug bounty pots, please contact me via makoto_inoue . I once setup bug bounty with ETH1 but no one paid attention. It may be the time to revive it again.
