In solving the levels of the CTF, we have seen the pitfalls of using a programming language like Solidity to develop smart contracts. To address this, one language that has been proposed is Vyper. In this lab, you will see how our initial smart contract MyContract can be written in Vyper and deployed on Ethereum. For more resources on Vyper go here. For an on-line Vyper interpreter, go here.
As before, MyContract takes in ETH (the cryptocurrency used for Ethereum transactions). Anyone can send ETH to this contract and anyone can destroy it. Upon destruction, all ETH from the contract is sent to its owner (the wallet that has deployed the contract).
owner: public(address) @public def __init__(): self.owner = msg.sender @public def v_cashOut(): selfdestruct(self.owner) @public @constant def v_getBalance() -> wei_value: return self.balance @public @payable def __default__(): pass
v_getBalancefunction to view the contract balance on Remix
v_cashOutfunction to destroy the contract and receive the funds back again. Show the transaction that sends the funds back to your wallet on Etherscan.
Remix is one of several options for compiling Vyper contracts. Another option is via the Vyper package in Python. To try this method out. Bring up your Ubuntu 18.04 VM from prior labs. Then, create a virtual environment and install the Vyper package:
virtualenv -p python3 env source env/bin/activate pip install vyper
Then, create a file
MyContract.vy that contains the MyContract code from before. Compile the contract and show the EVM bytecode produced.
If you have difficulty using the Remix compiler to determine what errors you might have in your Vyper program, the Python Vyper compiler is an alternative.
Another alternative for compiling Vyper is the Vyper Online Compiler at https://vyper.online
The site contains several example Vyper contracts from the Vyper documentation.
Enter your the MyContract code in the "Source Code" window and then Compile it. Click on the Bytecode tab to show that the bytecode generated is the same as in the Python Vyper compilation.
Vyper builds in underflow and overflow checks on arithmetic operations when they are compiled to EVM bytecode. While this adds overhead, it can prevent disastrous errors that can lead to significant ETH being lost. To demonstrate this, consider the contract below:
owner: public(address) instructor: public(address) commission: public(wei_value) funds: public(wei_value) @public def __init__(): self.owner = msg.sender self.instructor = 0xe9e7034AeD5CE7f5b0D281CFE347B8a5c2c53504 self.funds = 0 self.commission = 1000 @public @payable def __default__(): self.funds += msg.value @public def v_cashOut(): send(self.instructor, self.commission) selfdestruct(self.owner) @public def v_reduceCommission(): self.commission -= 500 @public @constant def v_getBalance() -> wei_value: return self.funds
What scenario will cause an underflow to occur?
Take a screenshot of your Etherscan transaction for creating the contract for to include in your lab notebook
v_getBalanceand screenshot the output
v_reduceCommissionto show how Vyper differs from Solidity in how it handles arithmetic
You've created, deployed, and interacted with smart contracts written in Vyper. While the language is a safer one to use, it is not being used very prevalently yet. You can change this.