Image for post
Image for post
Image source: Jon Moore Unsplash

Part 1 of an 8-week explainer series based on Dan Boneh’s Crypto I

I hope this serves as a practical, easy-to-understand guide for crypto enthusiasts who want a stronger understanding of ciphers, encryption, number theory, and public-key encryption methods. No coding/math skills required.

This week we cover:

  • Basic symmetric ciphers: OTPs, stream ciphers
  • Security definitions: perfect secrecy, semantic security

Understanding Basic Ciphers

Cryptographic ciphers are algorithms that scramble your secret messages, e.g. “I love dogs!” into nonsensical, random-looking text, called ciphertext.

To the casual observer, the ciphertext alone doesn’t mean anything. Thus if it is leaked, your secret is still preserved. For example, this ciphertext49f56c6c40654f48eccc61b has no standalone meaning.

A cryptographic cipher can be as simple as an alphabetical substitution:

Image for post
Image for post
An example of a (very insecure) Substitution Cipher

Based on the above Substitution Cipher, what does the following encrypted ciphertext say? …


Image for post
Image for post

And how Polkadot & Substrate fits into this ecosystem

I recently gave a talk at Cogx about how blockchains scale. Where, we also discoursed how Polkadot fits into a future ecosystem where many blockchains are operating at scale.

In the same vein, this post relays:

  • A brief history of blockchain scaling solutions
  • Polkadot & Substrate’s role in this ecosystem
  • Polkadot & Substrate’s layer 1 and 2 scaling solutions

Note: Many better articles have previously addressed blockchains scaling issues. If this topic is foreign, I suggest reading the Crypto Canon’s scaling primers here.

Note: My views in this post do not represent that of the company which employs me. …


Image for post
Image for post

This is a somewhat illustrated guide to Zero Knowledge

I recently listened to this ZKFM podcast, which gave practical examples that clearly explained key concepts in zero knowledge. I felt inspired to transcribe them here.

In cryptography, zero knowledge proofs let you convince me that you know something, or have done something, without revealing to me what your secret thing was.

Image for post
Image for post

Practically, zero-knowledge is important because it gives you privacy in situations where you’d otherwise have to reveal confidential information. Examples include:

  • Logging into a website: rather than typing your password into a potentially unsafe website, you can simply send a proof that you “know your password”.
  • Authenticating your identity: rather than giving your mother’s maiden name over the phone to a random, bank call center agent, you can simply send a proof (a cryptographic fingerprint), that you are who you say you are. …


Image for post
Image for post

Learn Ethereum programming by making tests pass

As inspired by Ruby Koans, Solidity Koans guides you through simple, bite-sized programming exercises to learn Solidity the gentle way. The goal is to learn the Solidity language, syntax, structure, and how to create secure and gas-efficient smart contracts. It starts off with the basics and slowly guides you through the inner workings of the EVM, through assembly code and security considerations.

Through tests and exercises, I hope to make you think about edge cases and intrinsic properties of the blockchain and distributed systems. Your goal is to solve each puzzle and make the tests pass, test-driven development style.

How to get started

  1. Clone the Solidity Koans


This is a in-depth series around Zeppelin team’s smart contract security puzzles. I’ll give you the direct resources and key concepts you’ll need to solve the puzzles 100% on your own.

This levels requires you to retrieve a lost contract address to regain the remaining 0.5 ethers.

It’s a common flub for Solidity developers to lose a newly created contract address. This becomes frustrating, especially if you also lose the transaction receipt and other means of retracing your steps.

Here are two methods for finding the contract address, via raw sender information and Etherscan, respectively.

Method 1: calculate the contract address

Contract addresses are deterministically calculated. From the yellow paper:

The address of the new account is defined as being the rightmost 160 bits of the Keccak hash of the RLP encoding of the structure containing only the sender and the account nonce. Thus we define the resultant address for the new account a ≡ B96..255 …


This is a in-depth series around Zeppelin team’s smart contract security puzzles. I’ll give you the direct resources and key concepts you’ll need to solve the puzzles 100% on your own.

This levels requires you to unlock a registrar by abusing a poorly initiated struct.

Best practices when using Structs

Like in object oriented programming, you can create composite datatypes via structs.

Structs can contain functions and other complex datatypes like mappings and arrays. These arrays and mappings can even contain more structs. However, structs cannot directly contain other structs (unless they are values in mappings or arrays).

Let’s step through what to do and what not to do when working with structs:

How to initialize a struct

Here’s an example from Solidity docs on how to declare structs:

struct Funder {
address addr;
uint amount;
}

struct StructOfStructs {
... …


This is a in-depth series around Zeppelin team’s smart contract security puzzles. I’ll give you the direct resources and key concepts you’ll need to solve the puzzles 100% on your own.

This levels requires you to combine knowledge from levels 6 and 12 to claim ownership of the contract.

Refresher on delegatecall

Image for post
Image for post

Recall from level 6:

  • Delegate call is a special, low level function call intended to invoke functions from another, often library, contract.
  • If Contract A makes a delegatecall to Contract B, it allows Contract B to freely mutate its storage A, given Contract B’s relative storage reference pointers.

Hint: if Contract A invokes Contract B, and you can control Contract B, you can easily mutate the state of Contract A.

Refresher on Contract Storage

Image for post
Image for post

Recall from level 12:

  • Ethereum allots 32-byte sized storage slots to store state. …


This is a in-depth series around Zeppelin team’s smart contract security puzzles. We learn key Solidity concepts to solve the puzzles 100% on your own.

This levels requires you to abuse a bad ERC20 implementation and control the NaughtCoin token.

What is ERC20

ERCs (Ethereum Request for Comment) are protocols that allow you to create tokens on the blockchain. ERC20, specifically, is a contract interface that defines standard ownership and transaction rules around tokens.

Image for post
Image for post
From: zeppelin-solidity/contracts/token/ERC20/StandardToken.sol

Contextually, ERC20 was cool in 2015 because it was like an API that all developers agreed on. For the first time, anyone could create a new asset class. Developers came up with tokens like Dogecoin, Kucoin, Dentacoin… and could trust that their tokens were accepted by wallets, exchanges, and contracts everywhere.

Image for post
Image for post
Assortment of ERC20 coins that ICO’ed

ERC20 single-handedly enabled the ICO craze of 2017… as well as the many ICO security issues that followed. …


This is a in-depth series around Zeppelin team’s smart contract security puzzles. We learn key Solidity concepts to solve the puzzles 100% on your own.

This level requires some assembly programming to deploy a tiny contract to the EVM.

Image for post
Image for post
Let’s break this down :)

What happens during contract creation

Recall that during contract initialization, the following happens:

1. First, a user or contract sends a transaction to the Ethereum network. This transaction contains data, but no recipient address. This format indicates to the EVM that is a contract creation, not a regular send/call transaction.

2. Second, the EVM compiles the contract code in Solidity (a high level, human readable language) into bytecode (a low level, machine readable language). This bytecode directly translates into opcodes, which are executed in a single call stack.

Important to note: contract creation bytecode contains both 1)initialization code and 2) the contract’s actual runtime code, concatenated in sequential order. …


This is a in-depth series around Zeppelin team’s smart contract security puzzles. We learn key Solidity concepts to solve the puzzles 100% on your own.

This levels requires you to get familiar with the Ethereum yellow paper and pass three more gates.

Inner workings of contract creation

The yellow paper formally denotes contract creation as:

Image for post
Image for post

Here’s a simplified flow of how contracts are created and what these variables mean:

  1. First, a transaction to create a contract is sent to the Ethereum network. This transaction contains input variables, notably:
  • Sender (s): this is the address of the immediate contract or external wallet that wants to create a new contract.
  • Original transactor (o): this is the original external wallet (a user) who created the contract. Notice that o != …

About

Nicole Zhu

Engineer @ParityTech | I write about cryptography and code | Tweet @nczhu

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store