Devcon 4 report: Day 4

Previous days:

Today is a shorter update. I spent a lot of time in meetings with different tools teams (Truffle, Zeppelin, EthPM) about how to better do contract upgrades in a DevOps manner. Expect more from me once I get it working and write it up 😉

Internet archive

Brewster Kahle

Distributed web version of IA

Told a story where back in the day they started taking Bitcoin, so they had some young guy come in and help them set up their initial wallets. It was Vitalik 🙂

Instead of the world wide web where we have lots of blogs, everything has collapsed into Facebook and Twitter. People are building castles. The web is being turned into a global surveillance tool
Internet Archive is getting involved in the decentralised world to help try and affect change.
The goal is: Universal access to all knowledge. Want to be the library of Alexandria version 2.

He loaded up
Showed that the first HTML page is a bootloader. Loads up the JS libraries to access IPFS, torrets.
Browsed around the site, loaded videos. It all just worked.

More privacy. Reader privacy, and no third party storing of data.
People being rounded up based on what they’ve read, has always led to bad things.

13 challenges (I missed some)

  • Naming of decentralised websites
  • Permissions, auth and key management
  • Identity & reputation
  • How do you manage & name mutable data at scale?
  • The web beyond advertising: who will pay for what and how.
  • How do we make the decentralised web work in browsers today
  • Storage in the DWeb
  • Governance in the DWeb
  • Defining D-terms
  • Rethinking UI and UX for a decentralised web

Money is the killer Ðapp: crypto in Venezuela

Venezuela has issues with their currency and government controls and corruption.
Bitcoin is the most liquid in Venezuala, about $1m being traded a day.
Crypto is being used for:
Earning across borders.
Storing value (safer than banks)
Defeating extortion, when crossing boarders.
Providing aid to families in different locations.
Open money initiative. They have a wiki for Venezuelans to use and learn how to use crypto

Self-Sovereign Sexuality

Ameen Soleimani, Chelsea Palmer

Will talk about how the Ethereum community, and the sex worker community are aligned. It was easier to just take a photo of each slide for this talk, as they have written down for each aspect how they are alike.
Where is blockchain adoption going to happen first? He realised that this community that has been ostrasied from traditional financial system was a great place to start.

About a year ago, he was feeling pretty depressed. Wasn’t spending time on Tinder because he was working a lot. He wasn’t having luck talking with girls and was getting more and more nervous over it. He had a lot of money and was lonely, so started looking up sex workers in his local area. Made a meeting with a local escort. But when he went to get cash out, he was at his daily ATM cash out limit. He couldn’t get enough money out and had to change his 2 hour apointment down to 1 hour. He met the escort, talked about crypto, got her on board, and paid her by cypto.
Morality does not equal legality.

Was a sex worker. Wish she had crypto back when she was working. Now she is a crypto educator.


Needing to trust and verify.
Vetting a new client for first time, need to get a referral from another escort. Difficult for 1st time customers.

Sex workers are cypherpunks. They use proton mail, loads of crypto currencies.

Sex workers can be immediately blocked by most traditional financial systems.
Sex work criminalisation, currently stops sex workers from calling local police if they have things to report. As it is more likely that they will just be arrested than helped.

Devcon 4 report: Day 3

Previous days:


Building the Ecosystem for the Next Wave of Users


Creating a story and personality for what you build
They found that adding a background and story behind the cats helped with the adoption. The breeding concept gave a good anchor point.


Users were burning gas without realising. Were sending 10x more gas price than required.
User education and guidance was required quickly after launch to help teach.
Adding more feedback after a transaction to the user to make them more comfortable. Sending emails when things happened and what will happen next after breeding cats.
-Users need guidance when they’re in unknown territory.


Teaching a user that is interested in the service, that they need something called a wallet, they need cryptocurrency. Bit of a learning curve.
People came to the service because they wanted to buy cats. But now they’ve got a PhD in cryptoeconomics, which is not what they were after. Created a massive drop off rate of new users through the signup process.


Making the Web Distributed Despite Itself

Dietrich Ayala, Mozilla

“We are committed to an internet that promotes civil discourse, human dignity, and individual expression”
What does it take to be a 100 year organization.
The web is ~25 years old, and its not going to well. Being used a misinformation platform, fueling hate.

There is WAY more information and web apps available online via web browsers, than there are available via apps on iPhone & Android (~5 billion pages).
URLs are what made the web powerful and universally accessible. Urls are understood by technology people, but “normal people” don’t really know what a web browser is, or where things are stored. Same with domain names.

What does re-decentralizing the web look like?
Current web is centralised. Browser request, response. Easy to censor.
All the power resides on one side, on the server. The browser doesn’t have any say.
While we have that centralisation chokepoint, we won’t be able to get away from centralised services like Facebook.

How do we go about creating a decentralised browser to give control back to users?
Need to think how to build things for century long longevity. Whatever we build now will need to be supported.
Start with protocol primitives that can be built up on.

How do we get those lower primitives prototyped and built, so others can start building higher level primitivies
As a browser vendor they could do it as part of the browser engine, or JS APIs, or extensions. Makes sense for them to do it via extensions, to give everyone a bit more flexibility while experimenting

Announcing libdweb extension


IPFS team took it, got IPFS running in it. Got IPFS running completely within a browser.
But now they have a bunch of new things they need to think about. What is the origin of a website loaded by a IPFS hash. This has an impact on local storage, cookies, certs, etc. What is the threat modelling for this.

Use what you make, if you don’t use it why would others. Build for the long web. The web was (originally) built with redundancy built in. Are there multiple implementations of your software.


Privacy for Everyone, Recent advances in privacy

Zookoo Wilcox, Zcash

Released Zcash 2.0, 4 days ago. “Sapling”
They reduced the time complexity required to generate a ZK proof down dramatically. Should enable them to be generated on a mobile phone now.

They did this by replacing the hash function that is used when creating a ZK circuit.
This reduced the time required by 75%. Took it from ~40secs to 10secs. But still too much time. So replaced some of the ECC functions used to reduce to 5 secs. Then did split circuit design to half it to 2.3 seconds.

One of the troubles they have had, is ZK-SNARKS required the “toxic waste” which was the secret string to provision the system. They went through an elaborate ceremony to create it to try and ensure that it could never be created by any 1 person at any time. But still has a cloud over it as you can’t convince everyone of it.
ZK-STARKS doesn’t have any “toxic waste”. But the proof size is orders of magnitude too big to be used in a blockchain in every single transaction.

They could try changing their Blockchain away from Bitcoin software based, to make it higher bandwidth so they could put in STARKS.

Common thoughts are “regulators are scared of privacy” and don’t like things like zcash. But the regulators in USA have been fine with it.
New York requires cryptocurrency companies to register for a “Bit license”. Zcash is the 7th cryptocurrency that has been explicitly approved to be used and traded, and they called out the privacy preserving aspects.

Previously SSL encryption was scary and governments were worried that it could be used by criminals, but is now required by governments. Blockchain encryption will probably be the same thing.
The regulators even told them “We don’t want the pocketbooks of our children and family open to everyone on the internet”
It is not okay for our society to go down the path where everyone’s privacy is read by 2 or 3 centralised services, it is wrong and dangerous.


Lex cryptographica : the legal challenges of new blockchain-based lifeforms

Primavera De Filippi

Properties of Blockchain:

  • Blockchain is a decentralised database
  • Networks are global and transnational
  • Blockchain is resilient
  • Tamper resistant
  • Transparent
  • Non-repudiable (need to use private key, can’t deny it later)
  • Pseudonymous
  • Guarantee of execution

Blockchain code can be written to include traditional law, it only cares about what the code says.
Code is trustless and allows disintermation and autonomy.
Conflict between the rule of code, and the rule of law

Governments use the law to put pressure on centralised companies via regulators to say what the code can do.
Can the new wave of crypto-anarchist effect change in the new decentralised web.
Traditional property rights. Are defined by law, and can be taken away by the law.

It is now possible to deploy Autonomous Agents. They can hold property, and can execute smart contracts.

Created blockchain based “Plantoids”. They can’t breed by themselves and need others help.

1. capitalisation. Collecting cryptocurrency to repoduce. It tries to loook pretty to encourage people to donate ether to it.
2. if it has funds, then it can ask people to vote on the new artist to create its child
3. it will use a smart contract to hire the artist to create the new plant model.

Artist gets royalties from how much the plant earns as an incentive to make good ones, and for them to breed.
Now instead of sending money to artists, you send money to the art pieces. A different funding model.

The plantoids can have requirements put upon them. Its children need to be based on its rules (requirements for decorative elements) and artists can put new requirements on the ones they create. Will make different species emerge.
Requires “Holographic consensus”
COALA (Coalition of Automated Legal Applications) is a global research initiative.



Decentralize, Democratize, or Die

Cory Doctorow, EFF

EFF origin stories from 25 years ago.
The original “crypto wars”. NSA put restrictions on civilian use of cryptography.
Gov tried to lock everything down to just DES-50 encryption. EFF tried to show that DES was insufficient and built hardware that could crack the entire DES space in 2 hours.
But govs said ‘well, we need it otherwise criminals will go dark’
The technical arguments didn’t work. So EFF posted the source code for stronger encryption online on usenet, then argued under free speech that it was fine. Was the way EFF allowed people to use encryption higher than DES-50.

Showing that there are more tactics in your toolchest than just “deploying code”.
Main ways:
Deploying code and hardware.
Markets. Getting partners to go in and argue.
Norms. What is socially acceptable. Moving encryption from just nerds, to making it mainstream.
Law. Whats legal.

You can’t make everyone you communicate with use crypto, something will leak
You can’t audit all of your hardware.
You can’t verify every cypher algorithm is solid and sound.
OPSEC is not going to save you. Security favours attackers. Defenders need to be perfect all of the times, attackers only need to find a mistake once.

Crypto and privacy tools can help protect and shelter you for short periods of time. Can help protect you while you have discussions that you aren’t ready to have public.
There are many things that used to be illeagal which are now embraced and considered normal (being gay, interraccial marriage, weed).
They happened because people could have secret communities that they could whisper and have secrets with people. Social progress was able to continue.

DMCA was used to stop people reversing engineering DRM.
So anyone what didn’t want you to modify hardware, would just put a tiny layer of DRM on top of the hardware. To make it impossible to modify without “breaking DRM”.
Insulin machines using cartridges that have DRM, so it is illegal to bypass the DRM to use alternatives.
Now that everything has a DRM chip in it, make it really difficult for researchers to do anything without it being illegal.
DRM in browsers. No browser vendor promised to not use DRM to prevent security researchers from disclosing vulnerabilities.


Attacking. You want to make it so that the cost of attacking a system, costs more than the expected economic return.
This works, until the value of the thing you are protecting suddenly goes up (such as a cryptocurrency suddenly spiking).
For crypto people, it means the cost you should put in to protecting your computer is going up, because the vaule of what you’re holding is going up.
This means new 0-days for attacking machines are becoming more valuable, as the expected return is going up as there is more chance you could find private keys.
The rule of law is the best way to get things changed. We love code, but need to find ways to help the law change towards how we want it seen.


P2P Networking in Ethereum 2.0

Jannik Luhn, Kevin Mai-Hsuan Chia

Very short session

Validators are a new class of node. Similar to a shard node but only downloads recent history, and switch between shards regularly and randomly.

Networking protocol requires 3 things. Discovery protocol for discovery. Gossip protocol to distribute data. And RPC calls to sync data history.
Gossip will pass things out to a few neighbours to help it get diseminated throughout the network.


They used GossipSub by libp2p (rather than devp2p).
Did simulations for 1,000 nodes to see how things would work. Found that nodes didn’t go over 60% capacity. None hit 100% which meant that things weren’t being bottlenecked.

Cranked it up to 10,000 nodes

P2P implementation
They are using libp2p. Allows them to switch out the protocols like TCP, etc
Requirement for the networking layer was that clients should be able to subscribe to one or more shards. And the client should only receive data for shards it has subscribed to, and not others.
They have implemented the essential funcions like joining sharding network, subscribing to multiple shards, etc.


Managing upgradeability and EVM packages with ZeppelinOS

Facundo Spagnuolo, Open Zeppelin

Tutorial blogs are online

ZeppelinOS. Open source platform to help you build smart contract systems.


How to do upgradeability
npm install -g zos
zos init my-project

Write the smart contract (MyWallet contract)
zos add MyWallet
zos push -n ropsten
zos create MyWallet -n ropsten
> 0x23abba13

Later find there is a bug in the wallet.
Update the source code.
zos add MyWallet
zos push -n ropsten
zos update MyWallet -n ropsten
> 0xccab2314

This is all done using proxies
ZeppelinOS provides a standard way to fix bugs, and add new functionality.

EVM Packages
EVM packages are upgradeable on-chain packages of smart contract code

Can have your code depend on other packages and link to them. Later they can be upgraded.

How do we know these packages online are correct? ZeppelinOS Vouching system.
Will allow users to back the quality of an EVM package. Signal your support. First step towards a curated on chain packages system.


Unscrambling an Egg: Decentralization and the Zcash Foundation

Josh Cincinnati

Are we decentralised yet

What is the goal, what are we really after?
Zcash want to be used for the public good. The foundation is there to help guide and make sure the zcash company are on the right path.


CBC Casper Design Philosophy

Vlad Zamfir


“Correct by Construction” protocol design is a process of protocol specification which guarantees that the resulting protocol definitions satisfy desired properties.
As opposed to a process of iterated trial and error.

He spent 5 minutes talking about defining undefined, and how you can define the most undefindness you can have. I just got lost (a common theme throughout this talk)

“Bottom times bottom, is more defined than bottom”
“bottom times empty set is more defined than bottom times bottom”
(you can see why I’m getting lost here)

CBC protocol design, goes from defining the most simple things, and then define things on top of the previous definitions.

“sometimes CBC design isn’t quite straight forward”

The beauty of using CBC, is that the protocol is defined by the definition. Means there can’t be ambiguity, it just does exactly what it says it should do. Makes it easy to prototype and test, and things just work.
Thinks like not needing to worry about consensus protocols as much, as it all just work out. Showed an example prototype where shards can just keep becoming the new root that others build off, and them continuously rotating around with new roots.


Ethereum 2.0 randomness

Justin Drake


They use randomness in 2 places.
One in sampling to select validators.
Can also be used to expose randomness to EVM apps.

Goals for randomness is to make it unpredictable, unbiasable, and unstoppable
In RANDAO proposers are given slots. And they can reveal a secret to seed the randomness.
Gives the last revealer 2 numbers to pick from, the current random seed, or what they would add.

Verifiable Delay Functions. Takes an input, difficulty, and outputs the value and proof.
Can chain them to make it harder to bias

Need to make sure that good actors can calculate it within a threshold of attackers. They are thinking of creating VDF ASICs that can do it, and then handing them out to many people.

To create the initial random seed that will be used for the VDFs, they will use a RSA creation ceremony with 1024 participants. Just need 1 party to be honest to be successful.


VDF ASIC hardware
Doing it in partnership with Filecoin!


LibSubmarine – Temporarily hide transactions on Ethereum

Prevent reordering attacks. Keeps data private temporarily, can’t see who or what is being committed
Can add it into contracts fairly easily. Can modify ERC721 to add a “sealed bids”


Off chain you generate a submarine address and generate a merkle-patricia proof. Then on chain execute a transaction to commit the submarine tx, and then later reveal the proof.


The Entire History of You Is Being Sold

Jesse Leimgruber

In the USA there are 10,000+ companies currently pooling and selling your data. And it isn’t even being kept securely as Equifax showed. Data leaks are becoming more common occurrences.

Users need to own their data (Bloom app stores the data on your phone)
Limiting access (user is responsible in selecting how it gets shared)
Data reusability. Good UX to allow many apps be able to reuse the data.
They just partnered with BMW to use Bloom for BMW loans.
Also announced partnership with American Express to use bloom for their loans.

Devcon 4 report: day 2 – Ethereum 2.0 keynote

Other days:

Today had less sessions and was less intense. Apart from the keynote by Vitalik and SpankChain sessions there isn’t much to report on.


The MC wrote a song (I tried to take a video but was too far back to get anything good, I’m sure there are videos online).

He is tokenising his songs and putting online

Welcome to Devcon 4

Aya Miyaguchi, Ethereum foundation

Ran through her history of learning about blockchain & Ethereum.
Ethereum has a chance to empower society with it’s decentralisation, but we need to protect against it being used to restrict people by centralised powers (traditional companies and gov). Important for Ethereum community to keep these values as we scale.
Ethereum foundation keeps on making sure it minimises power in individual people. It wants to see itself as helping connect and foster collaboration in the community and connecting dots. But its goal is to grow the Ethereum community, not itself. Is why it didn’t structure itself in the way of a traditional startup or corporate.


She has invited a number of special guest speaker for the week. Like the internet archive

Ethereum 2.0

Vitalik Buterin

It is the 10 year anniverary of Satoshi’s Bitcoin whitepaper.
Ethereum 2.0 is a collection of research projects that have been ongoing over the last number of years.
Back in 2014 he wrote a paper on how slashing could be used in a “proof of stake algorithm”.
There was a bunch of aborted research in 2014 around different scaling mechanisms. Poof of proof of work, Hub & spoke chains, hypercubes.

During 2015-16 was a bunch of quiet research.
Resarch on “consensus by bet”. Some people would bet, which influence others to bet on those blocks, until one of the blocks have enough backing.
Wrote a scalability paper in 2015.
Wrote about the “data availability problem”. Could allow malicious parties to not publish data, which is required in sharding.
Everything got stopped in 2016 after the DAO attack, and the Shanghai DOS attacks.
But still quite worki happening on ewasm.

First Casper FFG paper came out.
At Devcon last year he showed the new sharding design.
Vlad released Casper CBC paper.
End of 2017 they released a Casper FFG proof of concept of a hybrid proof of stake system. Would allow gradual upgrade and migration. This research got very far.
But meanwhile there was a lot of working happening on Sharding. During a retreat in March they had a lot more details solidify. But they realised that there were teams trying to implement hybrid proof of stake inside existing blockchain, then a separate group that is trying to make a sharding system and a validating contract. The 2 groups weren’t really talking to each other. Realised they could reduce a lot of work if they just integrated them better.

It did mean that they lost a bunch of work that had already been done. But it meant that it would be simpler, and be better integrated, and the final state would be much better. (I think they did a great thing being able to step back, not worry about the sunk cost, and made the better overall decision).
Meanwhile LOTS more research happening on things like cross shard transactions and contracts.
Development happening on beacon chain implementations.

Ethereum 2.0’s real name is “Serenity”.
Gets us closer to it being “the world’s computer”


Phase 0 will be part way between main net and test net. The beacon chain will be there and running, but can’t really do anything with it directly.
Phase 1 will do sharding of data. NOT sharding of state. Could do decentralised twitter on the blockchain. But no smart contract applications.
Phase 2: enabling state transitions (smart contracts)


Track overview

Layer 1 (sharding, casper), Layer 2 (state channels, plasma, sidechains), ZK-SNARKS, light clients, etc.
Suggested sessions:
Making sense of layer 2 – Josh Stark
Snarks for mixing signalling – Barry whitehat

Ethereum 2.0 sessions


Designing robust systems


Lots of centralised companies are harvesting our data. We need to take the web back.
Suggested talks:
LibSubmarine – Temporarily hide transactions on Ethereum – Stephane Gosselin 
Plugging the metadata leaks in the ethereum ecosystem – Peter szilagyi

Developer Experience
Suggested session on EthPM

UX design
She just flicked through many session names. Nothing jumped out.

Society & systems
Technology changes society. And society can influence tech.


Events around Prague 

Decentralized development, what does that even mean?

Amber from Clovyr

Web 3.0 is about trying to keep data close to where it resides, decentralisation, data portability,


Development of blockchain clients (Bitcoin, Ethereu, zcash). Funnily enough the core code contributors of those clients are centralised in just a few developers hands. But if you look at something like kubernetes they have sooo many more people contributing.
How about code hosting, 90%+ of projects are all hosted on Github.

Browser 3.0

Mist team.
Current browsers are owned by centralised companies who track (Chrome, Safari, setting default search engine, etc).
Metamask extension was removed from Chrome store for a while. Chrome apps all got killed off.

Lets build our own. Lets start by using Electron.
Current web3 clients on the desktop are Metamask, Brave, Ethereum Mist, Parity. 3 of those 4 were built on Electron. But electron has a lot of security issues which is a bad thing for crypto private keys
Electron keeps lagging far behind the latest versions of chromium, meaning it is vulnerable to known exploits for long periods of time. Mist team don’t want this so they are building their own electron alternative called Tau.

SpankChain: Payment Channels in Production NSFW!


Their “pegged” stable token is called Booty.
It all goes into the “spank bank”.


Took 4 attempts at payment channels.
2nd, the MVP. Was a unidirectional ether only. Issues they had was that querying infura was non-deterministic, and Truffle timeout was 240 seconds which meant things failed in production.
3rd they launched. They got hacked when they unlocked their geth node for the deployment. Was only unlocked for 140 seconds and lost all the funds in that wallet.
4th they upgraded it. Had p2p virtual channels, ERC-20. The contract got hacked “they got spanked”. Worked with the hacker to fix the bugs.

The rewrote the smart contract and the UX. There were issues with the original version trying to get adult performers to join payment channels, as they’d need Eth to pay the gas to run the transaction. So Spankchain would need to send the performers enough gas before the show starts, to open the channel. And then do the same again when they close.

Announcing “ComeSwap” to cash out your booty for Ether

Devcon 4 report: Day 1 – core tool updates

Other days:

The first day of Devcon started at midday, but still had 12 talks. It was a bit of an “updates” session. The main event kicks off tomorrow morning with the keynote by Vitalik.


  • Universal Ethereum Logins was the show stealer for me. The demo blew me away, and there is a full SDK available now to use.
  • Lots of research into switching from Devp2p to libp2p (the networking stack IPFS uses)

EF Grants update

Ken Ng giving an overview of how EF grants foundation has been going since the launch this year.

So far has given out $11,000,000 to 75 projects over 4 waves!
Grants program is to fundamentally empower the Ethereum community and open source development. About creating up the core Ethereum platform, for others to build upon.
Want to help people build their passion projects that will help the Eth community. There will be more waves of funding, be sure to apply.

Ethereum Mist

Everton Fraga from Brazil

Submitting transactions looks scary at the moment.
Currently revamping the transaction window with a lot more details

Syncing improvements. Instead of a full sync, do it in stages.

Ethereum Name Service

Nick Johnson


Making it easy to attach friendly names to Ethereum addresses.
Rolled out with the .eth support with traditional DNS.
Rolling out 2 new domains .xyz & .luxe

Permissionless integration via DNSSEC
Can claim now via or you can use EasyDNS

More researching is ongoing for the registrar. They found that a lot of the names are being owned by just a few people.
Moving to a “yearly rent” style model to prevent squatting. Also help pay for ongoing development

There will be a migration process over to the new domain registrar. If you do it within the first year then you get a year renewal.
Otherwise if you don’t migrate it after a year, the name will be released.


Adding support to into client libraries like Web3.js 1.0, ethers.js. And other projects like Gitcoin.
They are developing a new Dapp interface. It is much slicker and easier to use.


EthereumJS – Our roadmap for 2019

Is an implementation of most of the base Ethereum technologies, implemented in JS (EthVM, merkle trees, etc.)
Used by Truffle, Metamask, Embark, etc.


Ethereum JS virtual machine. 
Is a “web first” library, embedded in Remix and Metamask. Captures Ethereum’s state transition rules.
Looking at integration with ewasm, but there are difficulties in EthereumJS being completely async, but the current specification for ewasm is synchronous.

Ethereum JS client
It isn’t meant to be a R&D platform for new features and research efforts. An educational tool.
The architecture is inspired by bcoin 
It can currently sync to the main net (fast & light syncing).
In browser can sync via libp2p.

Ethereum JS Sharding (ShasperJS)


For the phase 2 Ewasm research, is taking a list of ordered transactions and executing them.
Why Shasper in JS? Because it’ll need to be written and supported so the other tools can use it.
Not much real info in this session.

EtherTS (Typescript)
There are lots of EthereumJS that is written Sync, and lots written async. Want to take the learnings from the last 2 years and implement them.
They started by using Typescript to help find bugs by pointing out type issues
*cheers from the crowd for using Typescript*
Will be using more Typescript in the future.


Zlex Beregszaszi, Solidity co-lead.

It is a “Language for language developers”
Last year he did a talk on Julia, but there was a naming conflict, so now it is Yul.
Easier to just show the slides for this bit. They are helping compilers build better code.
Is currently being used by Solidity, Flint, LLL


Making ICOs fair (Reversible ICO)

Fabian Vogelsteller

He has helped build a few important things, like Ethereum wallet, mist browser, web3, ERC-20 standard, ERC-725.
Tokens allow you to own them, and transfer them.
Just a smart contract with an internal list of account balances.

What triggered the ICO explosion was the way that smart contracts could call and integrate with each other. Could creating funding contracts, token issuance, etc.

But people greedy. Were collecting a LOT of money, but maybe without having a solid basis for the proposed project.
So how can we make this more fair, what makes a Fair ICO?

Vitalik wrote an article on “DAICO” as one possible solution, was based on voting on the funding flow from the pool to the developers. Problem is people don’t vote.

Reversible ICO

Funds are given over time based on a “tap”.
Everybody can send his tokens back and get the “not yet given” funds out.

1. allocation phase. Committing funds to the project.
2. distribution phase. Funds are released slowly over time.
2.1 if at some point you think the project has gone off course, you can withdraw your tokens and get back your (not yet given) funding.
3. Swap phase. Swap out for utility tokens to use the final project, or final shares, etc.

He is going to try it out with his own ICO for


SWARM Team update

Decentralised file storage.
Session is a collection of team updates

Warning: <My yearly rant as they never make any real progress>

I still do not understand why they don’t just embrace IPFS as the base decentralised file store layer, and then build Ethereum specific extensions on top of this. It would help ensure there is a critical mass of decentralised file nodes, faster connection times, resolution, etc. Not only that, the community has been building on IPFS for the last 2 years.

The ONE interesting part they were doing was the SWAP/SWEAR/SWINDLE incentive layer. That would have been a great research project to put on top of IPFS, and leveraged what is already built. But this year they didn’t even speak of the incentive layer!

They are just reinventing the wheel, and have delayed their own progress by YEARS.

New release process. It is now in the same repo as geth. Whenever there is a geth release, there is a swarm release.
Whenever there is a swarm release, the nodes at are updated to newest version.
It is easier to install now. Can get via apt-get, docker images, binaries.

Is a pub/sub system.
Is a key/value store.
Each user can only update their own key space, but can read other key spaces..
Could be used for IoT data feeds.


Rolled their own encryption algorithm.
Took an existing crypto algorithm and “tweaked it”.
Missed a screenshot of their variation.

I’m sure nothing has EVER gone wrong with writing your own encryption algorithm.

Access Control
Does it by encypring the data, and giving keys to just the people that should be able to access it.
Accessing content which is “access controlled” is enabled ONLY when using a local node.
Don’t use a public node, as they could read anything you have access to.


Metric logging for swarm nodes. CPU, memory, number of peers, etc.

“yet another messaging system”, why this over Whisper?
Focuses on efficiency over secrecy.
On by default, can’t disable.

Light Node
Only briefly connected clients that spin up, let a user do something, and then usually disappear



Universal Ethereum logins

The bad UX experience of signing up first time to Ethereum is terrible. Requring taking selfies with your passport to sign up for an exchange, to get buy Ether, etc etc etc.
The UX is so bad, that there were more ICOs this year than daily average Ethereum users 😉


Showed an awesome demo of onboarding a new user, completely in browser. No keys or ether. Really watch this session for inspiration.




After Devcon 3, Implemented a libp2p version as an experiment.
It works, but the GO implementation of libp2p isn’t very modular and brings in a LOT of dependencies. This needs to be resolved before it is rolled in.

Devp2p was the Ethereum team created protocol.
Libp2p is the one used by IPFS.

Currently they have implemented libp2p next to existing devp2p implementation. Will slowly migrate it across to libp2p and remove the devp2p stuff.


The are working on the Moon project (This was my #1 thing from last year).

Moon browser: Instead of traditional accounts and passwords, uses crypto signatures.
What if you could fork an entire web application. (not just the front end, but the eth contracts as well).

To enable this, Dapps need a formal specification. A spec of everything this Dapp promises to do.
So to enable moon browser to do something like this they needed to solve this problem.

They looked at a bunch of existing formal spec languages, but non fit. And all were slooooow.

So they created their own called “Formality”

Devp2p development update

Felix Lange, Maintainer of the devp2p specification.

It’s a p2p networking stack.
Doing experiments on running devp2p apps on libp2p. Have an idea how to integrate libp2p into devp2p.

He seemed a bit defeatist. “yeah there are a bunch of implementations. Pretty much all Ethereum blockchain implementations”
State of live network. “Well we’re still alive”.
Development update. “This is where we usually talk of what we did in 2018. We finalised writing up the spec! And we have a test suite now”
Geth p2p changes. They implemented mitigations to a responsibly disclosed denial vector.
Sharding research is mostly being done on libp2p at the moment. Peers need to switch quickly for sharding, which doesn’t work too well in devp2p right now.

Special projects

Dr. Virgil Griffith

Is a grab bag of links to cool projects.

  • Moving nash equilibriums.
    Prisoner’s dilemma is non-cooperative. But can change to cooperative if they both pony up a deposit.
  • Created a new frontend for EF grants
  • Created a new wiki
  • ethereum gift cards
  • peaceBridge. ETH-ETC bridge.
  • They just gave Ethereum Classic a $150k grant.
  • can help you create wolframe code. Can use it as an oracle to calculate big numbers
  • Using Intel SGX on desktops, allows you to use any desktop PC as a hardware wallet.
  • helps protect your staking machines in future.
  • The Crypto Paradise of the Caribbean

Community report: Smart cities Blockchain hackathon

I was proud to be a sponsor, trainer and mentor at the Smart Cities Blockchain Hackathon

SmartCitiesHack Melbourne brings together the brightest minds to develop innovative solutions, utilising IOT, Blockchain and Big Data to introduce smart technology to solve real world problems, in one of Australia’s largest cities.

An impressive aspect of the hack is that there were 2 teams from a girls high school, one from a college, and one solo university student. It was great to see younger people getting involved and solving problems from their own unique perspective.

The final demos that interested me the most were:

  • Home stay invest
  • Public works platchain
  • Smart space

And of course there was lots and lots of food sponsored by Microsoft


Kick off

A few guest speakers presented at the beginning of the day to help give insights into what type of challenges cities are facing. One of them was the CIO of the city of Palo Alto

Cities of the future need to focus on 3 key things: Liveability, workability & sustainability.

6% of Australia’s GDP goes through Melbourne
How do you prepare a city for autonomous vehicles.
Digital identity. Who owns it, who can use it.
How can gov policy keep up (some industries will be dead before legislation even comes in)

We have such a massive influx of people moving into the cities. If we think traffic congestion is bad now, wait until the future!
Thinks the issue is climate change trumps any other issue.
Users don’t want to deal with governments in giant waiting queues at centrelink. They want to just pull out a smartphone app and renew their license.


  • 3rd place. My Say
  • 2nd place. Owl
  • 1st place. Smart space



The presentations

Smart space
Decentralised way to list rentable spaces e.g. conference rooms, lecture theatres.
Can book it using blockchain, get a QR code, can enter the room.



Team peak
High school student team
Medical insurance fund
Do it peer to per so that you can reduce costs by removing the massive admin overhead costs of existing insurers.
Have people in community randomly validate claim requests.



Property storage rental.
More and more people are moving into cities, people have less living space. People are looking for storage spaces. Allows people who have spare space to rent it out to others


Smart carbon
Solo 2nd year university student.
Tracking carbon emissions from sensors, and keeping a true record on the blockchain. Built a blockchain solution that would allow sensors to store their data. Allows trusted collection of carbon emissions in real time.


Public works platchain
Try and reduce costs and provide better cost certainty through public works tenders.
Tenders and implementations rely on multiple parties (council, telstra, contractor). At the moment parties can delay without incentive to complete on time.
Can use blockchain as an escrow account for payments, and other stakeholders put in a deposit. If the contractor delays, they automatically get a penalty fee taken out of the escrow account. If the stakeholders (council or telstra) are the cause of the delay, they lose a portion of their deposit.


Team Quatr
Tracking home rubbish bin levels, so that garbage collection trucks don’t need to stop at every home, and can be more efficient. Automatic optimised route creation.
People that recycle get 1 “eco token” per recycle bin collected.


Home stay invest
For international students looking for long term housing. And for Australian’s looking to purchase an investment home.
Allows people to invest in their communities and their schools.
Multiple actors, students, people that want to invest, people who have spare rooms to rent.
Fractional property purchase / fractional sale.



Team Owl
Sensors can create streams of data, that they can sell for tokens.
Others can see on a map the list of streams, can click to purchase access rights to the sensor data stream.
Iota IoT network


Team Mysay
Girls high school team
Electronic voting via the Blockchain. Allow more open democracy. Can use for local council meetings for example

Devcon 3 report: Day 1 – core systems

Other reports:

The 2 talks to watch are: “Regulatory update and look ahead” (covering a security is) & Vitalik’s talk at the end of the day on scaling/sharding & Ethereum 2.0.

Format for the week will be:
Day 1 is core tech
Day 2 is research
Day 3 is Dapps
Day 4 is ?

Ethereum team introduction

Vitalik – Founder
We are working on research into what the future of Ethereum will look like, to support the future of Dapps.
Working on Casper, scalability, etc.

Martin Swende – Security Lead
Is across all the projects, to try and keep across security issues. Especially the network protocol.

Peter Szilagyi – Geth team lead
Since Shanghai Devcon 2 last year.
Released mobile library.
Made a new P2P protocol for private networks
Released a light client version
Added Proof of Authority to the plugable consensus, and it is being used by one of the testnets
Focusing a lot on performance bottlenecks.
Reduced DB size by 50%, syncing time by 60%

Zsolt – Geth, Light Client dev
Made lots of progress on light client (syncing, log searching, p2p discovery, etc)
Looking forward to the production release

Dr. Christian Reitwiessner – C++ client / Solidity team lead
Looking to get C++ client working again
Snapshot syncing. Removing race condition bugs.
Improvements to EVM, v1.5
Working on ZK-Snarks

Yoichi Hirai – Formal verification Engineer.
Writes mathematical proofs
Followed the Metropolis changes, wrote test cases against the implementations.
Helping to prove Casper. Will talk further on this later today

Alex Beregszaszi – solidity, eWasm, ethereumJS
Solidity changes so far: Function types, contract metadata, new compiler interface
Solidity futures: new language, new formal verification checker (snt checker?)
EthereumJS – support for Byzanthian fork. Important as other projects rely on it like Remix.

Yann Levreau – C++/Remix developer
Remix is a web based IDE.
Working on improving UI and backend code.

Piper Merriam – Python team lead
Established a spec for packaging smart contracts, and looking to get that implemented across the ecosystem
Responsible for a lot of the Python tooling. Working on bringing it’s quality up to par
Working on an alternative EVM called pyEVM
Looking to bring it online as a new light client

Viktor Tron – Swarm team lead
Swarm has grown beyond the intial scope of a flie store for Ethereum, now covers high bandwidth communication
Tomorrow session will be the main session on it
Developed a network simulation to check things like high node churn.
Main initial release will be around cloud storage to sync between their devices.
3rd party application uses, like live audio streaming.
Working on privacy and censorship resistance communication.

Vlad Gluhovsky – Whisper lead
Whisper is meant to deliver data. Want to make sure no data or metadata is leaked. Tomorrow will talk about this

Everton Fraga – Mist team lead
Been working on bonding some other projects into the Mist browser.
Working on making it more scalable. More info in Friday’s session.

Fabian Vogelsteller – Mist, web3.js
Will do a session later in the week on the 1.0 refactor.
Proposed a new ERC 725 – around identity.

Regulatory Update and look ahead – Jerry Britto
HIGHLY suggest you watch this session if you plan an ICO or any serious Blockchain Dapp

Coin Centre seek to educate policy makers
Year in review:

  • Uniform Law Commission – supplements the money transfer license. Helped define what “control” means, to help be clearer who needs a license. Only if the company “controls” the currency, helps with some exemptions. Defines who is an intermediary and need regulation
  • Helped deliver a bill into congress around tax – examples like using ether to pay for a smart contract execution is technically taxable
    any transaction below $600 you don’t need to track.
  • FCC – talked about securities and tokens.
  • Potential terrorist use of cryptocurrencies – put on a demo day to help educate members of congress. Conclusion at this point, it is a serious potential threat, but isn’t an issue at this moment.


Characterizing issues on the horizons:

  • Regulatory hotspots around securities regulation & AML (Anti money laundering)
  • AML law boils down to Is the token being used as a currency substitute. Is there a centralised issuer tho can also withdraw from circulation. If yes, they are an issuer. Otherwise they are an exchange (like Bitcoin/Ether)
  • Securities law boils down to: is the thing being sold as an investment. Is there a person upon who investors rely?
    No one person is relied on around gold. But a share/stock of Apple is a security, as you rely on the company.
  • Issuer vs. Network
    Money goes in, more goes oug -> Investment
    Money goes in, utility goes out -> Network



Super useful diagram of what is a security.
Coin Center is helping to suggest that FCC should focus on investments controlled by a single issuer, to help protect people, but leave the rest of the ecosystem open.

Ethereum in 25 minutes – Vitalik


In 2013 blockchains are useful for ‘stuff’. Not just money but for thigns like Asset issuance, crowdfunding, domain registration, IoT, voting, etc. More than just transferring BTC
Original Blockchains were single function.
Why not make a protocol that works like a programmable smart phone. So that a single blockchain can run multiple use cases / apps. General purpose computation.
Smart contracts that could control digital assets. When to release assets to other people.
Also to program other business logic, like voting, ENS, etc.
Every transaction specifies a TO address. The code at that address executes. Code can send ETH to other contracts, read/write storage, call other contracts
Every full node on the blockchain execute all transactions.
Halting problem was an issue (e.g. infinite loops). So gas was implemented to help constrain it. Charge a transaction fee per computational step.
Logs are an append only data, not readable by contracts. 10x cheaper than storage. Up to 4 topics for bloom searching. Intended to allow efficient light client access to event records (things happened)
You don’t write in DVM bytecode, instead you code in Solidity, Viper, LLL, Bamboo.
The ABI describes the function calls available on a contract, so that clients can call into it.
Byzantium introduced some precompiled functions to verify: Ring signatures, ZK-SNARKS, RSA
Also added new functions like assert(), revert(), require()

Future directions for core Ethreum: Casper, Sharding, EVM & protocol upgrades.
Are still other things in broader ecosystem like Plasma, state channels.

Methods for deterministic parallelizing message processing – Martin Becze
started in ewasm. Plan was to build off web assembly instruction set, to add in metering.
Issue was that you had to run transactions sequentially, not concurrently.
Is a layer that sits between VM instruction set and consensus mechanisms.
For scalability, need to apply locality.
Right now all contracts exist in the same namespace. One way to impose locality could be that each contract has subcontracts that only it can access. Means the subcontracts could all be executed in parallel as they can’t effect others directly. Problems with nested contracts. Inflexible, inefficient.
Next approach Try to build up a graph of how contracts interact, then use that to define shard boundaries. Can create a bigraph from this.
Got very very technical from here on, about different messaging strategies to try and break tings up and be more async.

Practical applications of off-chain computation in the light Client ecosystem – Zsolt Felfoldi
Do computation, do a validation process to verify it.
One application is for event filtering for history searching. If we shard or do state channels, there is going to be a hierarchy of data that needs to be searched.
Currently uses bloom filters. But in a bloom filter you’d need to filter through 4million+ blocks reading all headers (currently 2.2GB). Light servers can search and present it to light clients, but clients need a way to validate it. Bloom trie root hashes can be interactively validated on chain.
Users want to observe multiple subchains (when sharding) and get notified by new events using a complex filtering criteria. Light clients can hire a full node (light server) to validate and certify a subchain. Client specific event filtering can be done server side.
Chain filters. Deterministic operations on an input chain.
Observer chain: belongs to a single node, processes multiple observed chains. Checks the current best heads of observed chains.
Building a filter hierarchy. Observers can build on top of other observed chains. Can have base ones filtering out bulk of stuff, and then further layers refine it further.
Build up a market of services for light clients.


Parity: A Light client for heavy chains – Robert Habermeier

Ethereum clients currently can be defined broadly as:
Full nodes – they check and verify everything. But storage and computation requirements are heavy.
Light client – verify block headers, but not checking transactions. So checking that mining consensus is working.
Thin client – isn’t checking consensus, relies on others to do it for them.

Light clients check validity of headers. Does not check validity of state transitions. Might lead to some targeted attacks, attacks wouldn’t work on full network which is validated, but targeted to a single client.
Protocol goals: minimize roundtrips and bandwidth required. Full nodes are serving data to light clients, need to think how to present denial of service
Put multiple requests into the same request package (I need block X and account Y).
Can use state proofs to get a subset of a state tree.
Metering system, using request credits. Each node can come up with their own pricing. Different requests have different costs.
The average person won’t run a full node, but we need them to support the network of light clients. Needs an incentive system.
Pub/Sub for events. Reduces polling and excess work.
Warp sync: Users usually don’t care about really ancient data. Can just jump to more recent blocks. Ancient block download can happen later (e.g. when on wifi).
RPC pitfalls: on light clients some RPC calls don’t work.
Eth_getLogs can be very expensive if you are checking all history of everything. If just watching the head for events, is much cheaper.
Eth_get*ByHash the hash of the block has no info about the actual block number. So will need to search through the history and maybe forks or uncles. Lots of work to search
Eth_estimateGas need to check state proofs of multiple executions. Lots of computation to guess.
Lightclient+whisper+ecosystem. Light clients are viable for mobile devices (on wifi) whisper makes a powerful tool for messaging and medium latency state channels. Projects like status are already using this and showing how this can be done.
Looking at compiling light client into Web Assembly. Could embed into a web page.


Verifying Casper – Yoichi Hirai
Casper is the planned Ethereum Proof of Stake protocol.
There will be a capser contract on each (divergent) fork. Validators deposit ETH, when they do the right thing they get rewards, bad they lose ETH. Validators can vote for a block. Can’t double vote or they lose.
To avoid losing deposits, just need to be careful about what you sign. Will only really lose if you are doing bad things.
When a block has 2/3 votes from validators, then they are justified and later finalised.
Next 10 minutes is lots of mathematics diagrams. Track the ancestor blocks and votes and punish bad people who vote for divergent forks.

Sikorka: Proof of presence for Blockchain applications – Lefteris Karapetsas

Network of detectors that provide proof of presence. Different types of detecots exist. Contracts choose detectors depending on security requirements.
Users interact via a phone app.
Proving presence for bureaucratic reasons. AR games. Objects directly interacting with smart contracts (smart locks?)
Different detector types that the system can use, contracts select types based on security requirements.
One detector is the “Revealo temporal BLE tracker”. Provides accurate location, uses temporal keys to preserve privacy.
A super cheap detector could be a screen somewhere that generates a new QR code every 10 seconds that you can scan to show you were there.
There is a central Sikorka smart contract controller that indexes all the contracts. And a contract interface you can use to hook into the system.
Basic usage could just use your phones GPS (but can be spoofed).
More secure uses a detector. You interact with the contract to show you are near the detector.

Julia: IR (Intermediate Representation) for Ethereum Contracts – Alex Beregszasci
Why do we need an IR?
Complexity of auditing solidity contracts. Helpers & optimisations of Solidity. Porting Solidity to other VMs.
Auditing that the compiler did convert solidity into the correct bytecode is difficult. EVM bytecode is very cryptic to read.
Compiler pipelines usually go in 3 stages: parse/analyse, optimise, create bytecode.
But the solidity compiler only really does the 1st and 3rd. Smooshes it all together. Julia will sit in the middle to help support other functions.
Benefits are that more of the compiler can be moved out of C++ and written in Julia, for simpler reading.
Also means it is simpler to optimise code before generating bytecode.
Julia currently supports: typed variables, functions, switch statements, if, loops.
Will support output to EVM, EVM 1.5, ewasm, others (like outputting into JS or C for integrating into UI side)
Could get your own DSL to compile into Julia, which could then output into EVM bytecode.

Package management for smart contracts – piper merriam

Last year they got togther and proposed ERC190 smart contracg package spec
ERC190 deterministically create a package that is immutable.
Packages can include: sull source code, compiled assets, compiler info, ABI, address of deployed contracts, link reference info
Useful for public chains, but also for private chains.
Example of the simple inheritable contract.
The .json file of the package defines metadata, and a location of the .sol source on IPFS.
Your contract can have its own package definition, that has a dependency on another pacakge.
Package could not just store the .sol, could embedd the compiled bytecode, or just the deployed address so you can link to it.
Could use it in a wallet, import the package and it will give you the ABI that you can interact with.
Could combine it with ENS and have package indexes that list source of truth for contracts.

Programable incentives: An intro to cryptoeconomics – Karl Floersch
Blockchains have open access. Anyone can deploy a contract or send a transaction.
Trusted execution. All smart contracts and transactions will execute as defined.
Now we have programmable money.
Designing incentives. You can’t talk about blockchain consensus security without reasoning about economics.
So you can combine cryptography (hashing, signatures, etc) + economics (tokens, voting rights).
Want to use cryptoeconomics to enable good outcomes like trusted execution, and protect against censorship.


Example project: Market maker. A simple automated market maker contract.

  1. Design a mechanism
  2. Analyze incentives
  3. Make a website
  4. Observe behaviour
  5. iterate

Deploy a market maker contract with an initial deposit of ETH and tokens. Is an automated exchange to trade ETH for tokens. It will dynamically calculate token prices based on what is left in the contract. The contract owner will get some fees back.
Owner gets a passive fee income. But they have their capital locked up.
Token buyers are happy because they get small transaction fees, it is a trustless exchange.
Can come up with ideas, just deploy it out into production and see how it goes. Make sure you verify your source on Etherscan.
Allows anyone to just come up with ideas and get it out there.
Make sure you share your findings, so the ecosystem learns.

Casper the Friendly GHOST: A correct-by-construction blockchain – Vlad Zamfir

All the Ethereum proof of stake research projects are with the goal around finality safety.
Traditional consensus protocols decide on one block of transactions at a time.
Point of PoS is to incentive nodes to do the right thing. Need to prove that it is fault tolerant, and when there are faults, that it can recover (and penalise the bad actors).
Vlad just talks too fast and clicks back and forth through slides too fast to keep track of notes sorry.


Introducing the TrueBit Virtual Machine – Jason Teutsch

Is now deployed to testnet
Smart contracts can only handle limited computation execution time.
Truebit is a scaling solution for computation. Do the heavy work off chain. Uses interactive verification for large transactions. Help to bypass the gas limit.
Is an ethereum smart contract + a new off chain architecture.
Solver proposes the solution, submits it. Anyone can challenge it and put up a deposit. They play the verification game to see who was correct, loser loses deposit.
Computation runs in a TrueBit Virtual machine. Tasks must compile and run across all machines. The TVM breaks it down so that the smallest piece of execution can run on chain. For when there is a disagreement, the one step where people got a different result can be run on chain to determine the correct result.


Scaling Ethereum Smart Contracts – Joseph Poon

Many blockchains on a blockchain. Can bond your private chain to the public network.
Deploy a plasma smart contract to the main blockchain. Can now run your own child plasma chain. Periodically commit block hashes to the main chain contract.
Big changes can happen on the plasma chain, but just a tiny block hash is submitted onto main chain.
People can submit a merkalised proof if someone tries to commit an incorrect hash to the main chain.
If someone is withholding block data and isn’t letting it continue, then you can exit the child chain, have eth roll back up to the main chain, and then create a new child plasma chain
Could credibly securely spin out these plasma chains to scale computation for specific use cases. Like a Reddit comment chain, ebay chain.
The point is to encompass all worldside computation. Computation can be done on child chains, with final state committed to the main root chain.

ZoKrates: A Toolbox for zkSNARKs on Ethereum – Jacob Eberhardt
On chain processing is submitted as a transaction. Is executed + validated on chain.
Off chain processing, the transaction is executed off chain. Just the validation happens on chain.
Means that private information can be used without revealing it.
Truebit is one way of doing this. Another is using zkSNARKS
zkSNARKS, verification cost is independent of computational complexity. Short & non-interactive proofs.
Define computation as mathematical circuits. But is very complex to create these yourself.
I like thinking of this as: Hashes lets you verify large pieces of data as a small hash value. zkSNARKS allows you to represent a large complex execution as a tiny proof.

ZoKrates wants to provide tooling to make it easy to support zkSNARKS from end to end. And to integrate easily into Ethereum. It has a DSL to specify your computation, has a compiler into provable constraint systems, support for the phases (setup, witness, etc), and a contract to verify the computation on chain.
On chain verification currently costs about 1.6m gas.


Designing Maximally Verifying Light Clients and Sharding- Vitalik Buterin


Watch this session.

Subtitled as “a modest proposal for Ethereum 2.0 over the next 4 years”
Ethereum works. Many applications. High adoption >460k tx/day. Which is about 7tx/sec
Ethereum nodes worldwide. US has 30%, Canada 5%, Australia 2.8%
The Byzantium fork added in privacy preserving features, that will enable zkSNARKS, ring signatures.
Scalability is still a current challenge. Right now every node runs every transaction. And transactions are not parallelisable.
Sharding is a way to split up the blockchain state. Only allow async calls between shards. Each node only processes transactions for a shard, so a small portion of all network transactions.
Governance & protocol evolution has been a challenge. Hard forks making deep changes are hard. Long time to code, test, and a high risk of consensus bugs.
But we want to make some big changes to enable Ethereum 2.0 (EVM upgrades, more precompiles, etc.). How do we handle the trade off.

1 blockchain 2 systems:


Have a Validator Manager Contract. Runs a PoS system. Would keep track of validators, to join and leave as a validator. Each validator can gets assigned to shards randomly, can make blocks. Block making protected by rewards and slashing.
Connecting the shards go through the contract via messages.
Gives a way to experiment with this as a contract, with less risk on the main chain, and doesn’t require a hard fork.
Can evolve shards quickly, will letting main chain be more conservative.

Sharding roadmap


Having shards will allow experimentation with backwards incompatible upgrades:
EVM upgrades like EVM1.5 & ewasm.
Stateless clients

For stateless clients, consensus nodes would not need to hold state, only state root.
Would only need to submit merkle branches to submit state changes.
Means you don’t need to store and read state from disk any more. Makes it easy to shuffle validators around as they don’t need to sync down entire state, just accept merkle branches for changes.

Report: Microsoft Australia DX hackfest (July)

An important part of being a Technical Evangelist at Microsoft is continuously upskilling and playing with different technologies. Taking 2 days out a month to sit down together and hack, gives us a chance to learn from each other. For example Simon briefly mentioned that he was playing with Xamarin Forms & Android development, but was having issues with the Intel Android emulators, so I was able to quickly show him the new Visual Studio ones that run on Hyper-V. Conversely I was having issues with NodeJS that Simon & Elaine were able to help me out with.

And of course, we took the time out for our usual #TacoTuesday DE--sUTUAAAmwLR.jpg

Like our previous hacks, the Melbourne team were hosted by Frank Arrigo out at the Telstra Innovation Labs While we also had Azadeh joining in remotely from Sydney, and Hannes remotely from New Zealand. 20170718_152147(0)

David (Me) – Meme classifier

I decided to make a system that could automatically classify Internet Memes. There are whole subcultures on Reddit dedicated to them, one of my favourites being I wanted to use the new Custom Vision service to train it on the different meme types, and be able to upload a meme and be told which category it is.

Training the custom AI was easy, I uploaded samples that I got off Reddit and clicked train. Testing it with other images correctly identifies them. Creating and training only took 10 minutes, I spent way longer browsing Reddit looking at memes ^_^;;

custom vision trainingcustom vision test

Next I wanted to build a chat bot and allow people to upload an image, and have the AI return back the category, and send a link to the correct page on Know Your Meme e.g. Success Kid. I decided it would be a great time to try out the Microsoft Bot Framework for NodeJS. I have used NodeJS & npm to download and use Blockchain toolchains, but never developed directly on it.
I have enough time to fully build out the chat bot, but I learned HEAPS about using VS Code and debugging NodeJS apps using VS Code. Lots of little gotchas when developing with NodeJS for the first time.


Azadeh (remote from Sydney)

I wanted to solve the first world problem that most of us have! have I turned off my hair iron strengthener?
It turned out there are lots of people have the same problem, please read and
to solve the problem I used wemo switch. I created two recipes/applets in ifttt for turning on and turning off the wemo switch. Basically, I got two endpoints for turning on and off the switch.
To make it more user-friendly and accessible, I used azure bot service and created a chat bot that can get commands to turn on and off the switch.
I used LUIS to understand intents and call the proper endpoint based on the command.
I hosted the source code on github and set continues integration to make sure after every push to master, the new code got deployed to azure bot service and updates the bot.
source code:



I used Azure Cognitive Services Text Analytics to analyse Star Wars subtitles tracks. Topic Detection and Sentiment Analysis both seemed like good candidates.
Key Learnings:
1) Topic Detection doesn’t work well with many ‘documents’ of very small size (e.g. lines of subtitles), of as little as one word. A better approach was to approximate scenes and aggregate lines into larger documents.
2) Sentiment data is very noisy. A naive prediction is that such a sentiment analysis would track the cadence of the film. This is not at all the case, as you can see in the graph of the sentiment of the Phantom Menace.
3) Slang/ colloquialisms break topic detection, e.g. Jar Jar Binks’ lines like ‘mesa in trouble’. These should be excluded from the Topic Detection algorithm using Stop Words or Stop Phrases field in the request.

The plot below tracks sentiment across all pseudo-scenes throughout the film. You can see the data is highly variable and does not seem to follow the cadence of the film. A further research question might be to vary the size of pseudo-scenes (i.e. to aggregate lines into variable sized batches), and run sentiment analysis on all these pseudo-scenes. The result may better approximate the cadence of the film.

MicrosoftTeams-image (2).png


Hannes (remote from NZ)

hannes hololens.png

The app is made using Unity, and the HoloToolkit.
You can see how far along progress currently is in this video.
The idea is to bounce a table tennis ball on a paddle that you drag around with your hand. It has a scoreboard that tracks your high score for the session.
When you open the game, you are presented with a paddle and a ball hanging in the air above it. To start the game, you simply tap and hold on the paddle, which starts the ball falling. Keep the paddle under the ball to make it bounce. You get a point for every time the ball bounces on the paddle. Releasing the paddle resets the position of the ball.




Report: Microsoft Australia DX hackfest

An important part of being a Technical Evangelist at Microsoft is continuously upskilling and playing with different technologies. Each of us are usually off speaking to different customers or attending developer events, so to give us a chance to work together as a team and learn from each other we decided to set up a regular internal hackfest.

Last month we had our first, and the Melbourne team were hosted by Frank Arrigo at the Tesltra Innovation Labs. It is an awesome space, and we plan on hosting a LOT of future hackfests there. We also had our remote team mates working away and keeping in touch during the event.

20170419_115014 (2)

Each of us hacked away on our own experiments, which gave us a chance to check out the latest toolchains and APIs. But it was great being able to just ask each other for advice.
At the end of the 2 days we all jumped onto a conference call and showed off what we were able to throw together. The valuable thing was just hearing the learnings from each person on the “gotchas” they discovered when working with the tools/tech.

Here is a little summary of what each of us worked on and learned:

David (me)

I wanted to build a little utility that utilised the Microsoft Graph The idea being that you want to compare what distribution lists you and your peers are on, as it may make suggestions on ones that you should join (like Azure insiders). I worked through the graph documentation and used the graph explorer to figure out the set of queries I would need to pull out the data I needed:  – lists distribution lists that I am on – gets my manager<manager email from above>/directReports – returns who my peers are<peer email>/memberOf – loop through the returned list of peers, and get each of their DL subscriptions

I’d then be able to compare the DLs that I’m on, with the ones that my peers are on. And flag which ones we have in common, and which ones we don’t share as suggestions.
The next step was to build a web app to do this. I jumped onto the Microsoft Graph quickstart to generate a skeleton app as my starting point. This required registering my app on which would allow my to request permissions from the user, to access the graph on their behalf.


I was able to get my application to authenticate, and query details about myself and my manager. However to retrieve what DLs other people are on requires the Directory.Read.All delegated permission, and because that can potentially leak sensitive information about your organisation, only Admins can great that permission. This meant I was stuck as I don’t think the Microsoft Admins will grant me permission for my dinky little utility to run on the corporate tenant 😉
But it was still a good exercise as I was able to see each of the pieces working, and got some basic queries working.


Wanted to learn more about how to use Unity (as a lot of our customers are using it now for things like Hololens). She built a 2D Tetris Game, by following the tutorial at



Wanted to play around with Conversations as a Platform and learn more about what is possible with bots.

On day 1 lost a fair bit of time with some visual studio 2017 issues. These seemed to be related to having a pre-release installed side by side with VS 2015 and then installing the full release version.
I intended to test more .Net core items but with the time lost I pivoted on to an area I was comfortable I could rapidly progress.

Further tested this github project which I have contributed to for generating a bot and tab for Microsoft Teams
used this to generate a Tab and Bot and deploy it to one of my development O365 tenancies. 
This included hosting the Bot and Tab an Azure tenancy and deploying via a local Git repository (via this  ). This was a nice simple option that I hadn’t used before as had previously only used VSTS and full GitHub. This was exactly as easy as expected to get running so was a nice option to tick off the list.

As part of the testing of the Tab I confirmed that I could get the Tab Theme switching working (as per ).
This worked quite well although on a slow internet connection the event firing was delayed hence there would sometimes be a several seconds of the tab showing before it changed colours to match the teams client.

Also included Office UI Fabric ( ) to check if that would have any issues working in a tab inside teams. I only had time to test a few elements including the spinner but these all worked well on the Tab. The main consideration is the theming may not  automatically flow through to these elements as the Teams Style sheets have very specific classes that they target hence things need to be wrapped in the elements for them to be able to change colour when needed.  This is especially important if you want your tab to work on the high contrast setting.

Finally I tried to extend the bot via  some deep linking scenarios following this , however was not as successful.   Asking the bot to send the url taken via manually grabbing a deep link for the tab worked well but that had a different format to the article.

default themedark themecustom theme
Screenshots of playing with the themes


Simon being Mr. DevOps, wanted to explore combining VSTS with chat bots. Whenever a build was kicked off in VSTS, he wanted to report back if the build was successful or not, and allow users to instruct the bot to trigger Release Management to push the successful build to different environments.

He was able to get the chatbot reporting new events in a Microsoft Teams channel, and having the bot trigger certain things back on VSTS.

Reghack “Down Under” event roundup

Reghack was a 3 day hackfest that ran in Melbourne, Australia

The problem statement asked:
Do you have an interest in helping solve regulatory issues in the Financial Services and the Energy Sector in Australia?
How do we use RegTech to make regulatory compliance a strategic advantage that’s a win for the regulator, market participants and the consumer?

The focus of the event was to try and invigorate local innovation in the energy & financial services sectors, by allowing people to come together and explore how Blockchain could be utilised in these areas. The event was the brainchild of Chami Akmeemana who is a director of ConsenSys, the largest Blockchain focused consulting company in the world. Chami came to Melbourne and asked for local community support to help him organise and run the event. I was lucky enough to be tapped by Chami and invited to assist. I helped out by providing sponsorship for the meals via Microsoft, and delivered training to help upskill the community beforehand (more about that below).

The event had around 90 participants, with many more volunteers on the day. In the end 14 teams pitched their ideas which ranged from energy trading systems, ways to authenticate documents, to ways to eliminate GST during B2B transactions.
A big thanks to Chami for organising it all, and to all the volunteers that helped make the event a resounding success.


Note: The roundup of the teams pitches are at the bottom of this post.

Continue reading

Build 2017 keynote day 1


My main takeaways:

  • serverless computing and the CosmosDB are going to allow you to quickly create new ultra scalable applications.
  • AI, cognitive services and Cortana skills will allow you to build some real Sci-Fi things.
  • Microsoft graph is improving and adding more features that will allow you to build more personal apps.

Continue reading