Zilliqa Update #3 — March 1
We’re heading into March and the pace of development at Zilliqa is picking up. We’re actively hiring new developers, marketing people, and operations staff for our third-generation blockchain platform.
One of the topics that we are going to start discussing much more in the coming weeks and months is: security. As many in our community know, Zilliqa is built to solve the scalability problem of public blockchain platforms without exposing the system to security vulnerabilities. Most of the founding Zilliqa team are experts in cybersecurity in addition to blockchain technology. We will look to share more thoughts and start discussions about security in blockchain very soon.
To learn more about Zilliqa or to discuss technical aspects of our project, feel free to connect with us in any of our official channels below:
Telegram: https://t.me/zilliqachat
Slack: https://invite.zilliqa.com/
Twitter: https://twitter.com/zilliqa
Reddit: https://www.reddit.com/r/zilliqa/
Github: https://github.com/Zilliqa/zilliqa
Blog: https://blog.zilliqa.com/ (In order to target a larger audience we now have our technology blogs available in Chinese and also Japanese)
Community Updates
Our CEO Xinshu gave a presentation on blockchain technology and Zilliqa to the Singapore Tourism Board. We had engaging discussions on possible applications of the blockchain technology to the tourism industry. A big thank you to all at the Singapore Tourism Board that participated in the session!
Amrit joined our partner, Bluzelle, on their Telegram Live show to discuss Zilliqa, blockchain technology and other topics. Here is the transcript of the converversation: https://blog.bluzelle.com/2018-3-1-telegram-live-summary-ft-zilliqa-69663152c38a
We also published Yaoqi’s video presentation from NEO Devcon in January: https://www.youtube.com/watch?v=UTZJkKbNstg&t=643s
Upcoming Meetups
Join us in Taipei on March 3
We will be hosting a Zilliqa meetup in Taipei at the BITZANTIN Crypto Cafe on March 3. Join us to talk about any topic related to Zilliqa: https://www.facebook.com/events/1671072562938496/.
Join us in Shanghai on March 12
We will be hosting a meetup in Shanghai on March 12. Please register via the QR code at http://www.sei.ecnu.edu.cn/Data/View/2953.
Join us in Beijing on March 14
We will be hosting a meetup in Beijing on March 14.
Europe in late March
We will also be in the following European cities — London, Berlin and Amsterdam in late March. Details will be released very soon.
Zilliqa Community Ambassador Program
We have a strong, growing community of supporters who are excited about Zilliqa and our technology. Very soon we will be announcing details of a new ambassador program, designed to promote educational meetups and workshops about Zilliqa around the world.
We have already been trialling the program with our friend and colleague, Dr. Ratul Saha, who has been travelling around India for the past month giving presentations about blockchain technology and Zilliqa at universities (including IIT Madras, Chennai, PES University, and soon at places like IIT Bombay), as well as events and meetups. Through his outreach we have begun to foster relationships with businesses, local organizations and student groups looking to research and build applications on Zilliqa. We are getting interest in our project from some of the most talented young programmers in the world.
Tech Updates
We’re making progress towards releasing Zilliqa testnet v1.0 in March. Here is a list of issue fixes and features implemented:
- Prototype implementation of JSON-RPC server on lookup nodes.
- Conversion of DSBlock / TxBlock into its JSON form on JSON-RPC server.
- Conversion of received transaction in JSON format to C++ class Transaction.
- Fixed Accountstore deserialization bug.
- Minor fix to lookup local scripts and AWS scripts.
- Revamp new node synchronization with better polling.
- Sync DS information to lookup nodes during bootstrapping.
- Validation for user input available with simpler routing for wallet.
- Wallet able to import and export json keystore file with passphrase.
- Enable unit test in Travis.
- Various build script enhancements and fixes.
- Experimental build for Mac OS X.
Let us take the first item and expand on that further. This JSON-RPC server is a critical component on a lookup node, which is used to connect to wallets and block explorers. The JSON-RPC server receives requests from wallets such as submitting a new transaction, or checking the balance of an account. It then parses such JSON-formatted requests before conveying the information to the blockchain network.
For instance, when a user uses a wallet to submit a new transaction, e.g., A transfers 10 ZILs to B, the wallet will send a request representing the transaction in JSON format to the JSON-RPC server hosted on a lookup node. The server knows the basic information of the network, e.g., the DS nodes and sharding structure. It parses the received request and sends the transaction to multiple nodes (say 20) in the corresponding shard based on its sender’s address. The recipient nodes will further broadcast the transaction to all the nodes in that shard, if the transaction can be validated according to those nodes. We’ve implemented the prototype of the JSON-RPC server with multiple interfaces to wallets/lookup nodes and will complete the integration with more features soon.
In the meantime, we’ve tested the feature of new node joining on the local run, and it works well. We’re also conducting multiple rounds of experiments with 1,800 nodes on AWS EC2 to ensure the stability of this new feature. Furthermore, we implemented several new functionalities of the wallet, e.g., importing/exporting keystore file with passphrase.
Team Updates
Yaoqi and Amrit have taken on their new roles as Head of Technology and Head of Research, respectively. Yaoqi will head up the development team and focus on delivering robust codebase, while Amrit will lead the effort in resolving some of the most challenging problems in blockchain scalability, security, and sharding. Congratulations to both of them!
Hiring Updates — Haichuan Liu is joining the team
Haichuan obtained his Bachelor of Mechanical Engineering (with Honours) at the Nanyang Technological University. He is a winner of the Singapore Enterprise Scholarship and an AWS Certified Solution Architect, and is currently finishing his masters degree in Computer Control & Automation at Nanyang Technological University. In his last role, he was involved in an autonomous vehicle project, and also the development of Mobility on Demand systems using C++. He also led the grounding of DevOps.
Haichuan is highly interested in the realization of large distributed systems, particularly blockchain. His other interests include indie game development and AI technologies. Haichuan will officially join us as a core developer on March 5th.
Join Our Team! Zilliqa is actively hiring: https://www.zilliqa.com/careers.html
Scilla and Smart Contract Security
Two weeks ago, researchers from National University of Singapore, Ilya Sergey (from the Scilla paper), Aquinas Hobor (Zilliqa advisor), alongside Zilliqa Chief Scientific Advisor Prateek Saxena published a very insightful paper, about MAIAN — a new tool they have designed that scans and analyzes smart contracts for a class of bugs called trace vulnerabilities. Roughly speaking, a contract is trace vulnerable if it may show an unexpected behavior over the course of several executions during its lifetime.
The paper particularly focuses on three specific vulnerabilities: contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone. The paper reports that after scanning nearly 1 million public smart contracts, 34,200 contracts were found vulnerable, representing millions of dollars worth of exposed Ether.
The paper is particularly interesting from Zilliqa’s perspective as the design of Scilla, the new intermediate smart contract language to be implemented in Zilliqa considers trace vulnerabilities as a big concern. In fact, eliminating trace vulnerabilities was one of the design considerations in Scilla.
The underlying automata-based design makes Scilla formal verification friendly and hence will make it simpler for developers to formally prove that their contracts are free from trace vulnerabilities. For instance, the Scilla paper presents a Kickstarter contract as an example and proves that (using a proof assistant called Coq) the contract is non-leaky over its lifetime.
The media reported on MAIAN heavily and we plan to discuss this and the topic of security more in detail soon.
- http://www.zdnet.com/article/smart-contracts-leave-millions-of-dollars-in-ethereum-vulnerable/
- https://motherboard.vice.com/en_us/article/8xddka/millions-of-dollars-in-ethereum-are-vulnerable-to-hackers-right-now-smart-contract-bugs?=fhf
Recent Media and Reviews
- http://cryptoincome.io/zilliqa-review/ — CryptoIncome published a comprehensive review of Zilliqa. This article also serves as a great primer to how we are trying to solve for the scalability issue in blockchains.
- https://www.youtube.com/watch?v=2S5fMQevdWA — TechFrontier’s video introducing the Zilliqa team and technology (in Japanese).
- https://www.youtube.com/watch?v=ynPGLn5Ye4I — A project review by a popular YouTuber, CryptoLark.
Thank you! As always, feel free to join our community channels if you have any questions or comments about Zilliqa.