# Topics

### Cryptography & Wallet
1. Private-Public Keypair | Their relationship + Address derivation
2. Mnemonic + BIP39
3. ECDSA Curve
4. Usage of ethers library to generate a new wallet


### Transactions
1. Structure - different fields
2. Serialisation - RLP
3. Signing mechanism


### Blockchain Nodes
1. Role + structure
2. Geth client
3. Consensus + staking

### Defi

# Cryptography

## Reference: Mastering Ethereum: Chapter 4

1. Two different accounts - EoA + Contracts
2. Public key cryptography - private key kept secure, public key derived from it, private key signs, public key verifies
3. Generating private key - Creating an Ethereum private key essentially involves picking a number between 1 and 2^256 | a private key can be any nonzero number up to a very large number slightly less than 2256—a huge 78-digit number, roughly 1.158 * 1077. The exact number shares the first 38 digits with 2256 and is defined as the order of the elliptic curve used in Ethereum.
4. Process of generating private key - a large random string > 256-bit hashing algorithm (keccak256 (original algorithm used in Ethereum) or SHA256 (NIST)) > if within valid range = accepted
5. Private Key into Generator Point > Public Key (another point on ECDSA curve) > Last 20 bytes of the Keccak-256 hash of Public Key = Ethereum Address

In [1]:
  import {ethers} from "ethers";

In [2]:
// Generate a random wallet
const wallet = ethers.Wallet.createRandom();
// console.log(`Wallet: ${wallet}`);

// Access the private key
const privateKey = wallet.privateKey;

// Access the public key
const publicKey = wallet.publicKey;

// Access the address
const address = wallet.address;

undefined

In [3]:
wallet

HDNodeWallet {
  provider: null,
  address: '0x84B086afA5C8ba800b86b838762259BA581C4CC8',
  publicKey: '0x0324ca72cdd24071a9565879cc1b3f92489738dc9d7578ba8097714a56edde29db',
  fingerprint: '0xad877a93',
  parentFingerprint: '0x988d967e',
  mnemonic: Mnemonic {
    phrase: 'discover excuse auction broom receive student reduce chest pudding correct enroll sun',
    password: '',
    wordlist: LangEn { locale: 'en' },
    entropy: '0x3ee9e03b8e6b39aeed013cad26112cec'
  },
  chainCode: '0xb2e063d4b049a48ad5af17bfcc0fcae3f40c472cd7c331c747b67db03d1ae4be',
  path: "m/44'/60'/0'/0/0",
  index: 0,
  depth: 5
}

In [11]:
privateKey

'0x1084b601947bf3f08e006b24cb3ba56f0e3239216b4483ae6a05e71ba9649f8e'

In [10]:
publicKey

'0x0324ca72cdd24071a9565879cc1b3f92489738dc9d7578ba8097714a56edde29db'

In [9]:
address

'0x84B086afA5C8ba800b86b838762259BA581C4CC8'

## Further Reading
1. EIP 55 

# Transaction

## Reference: Mastering Ethereum Chapter 6

1. Singed message originating from an EoA
2. Triggers change of state
3. Transaction message's structure is serialized using Recursive Length Prefix (RLP) encoding scheme - created specifically for simple, byte-perfect data serialization in Ethereum
4. In the below given interface, field labels such as to, gasLimit etc are shown for clarity but are NOT part of transaction serialized data which containes field values RLP-encoded. RLP's length prefix is used to identify length of each field. ('0------01------12------2')
5. EoA's public key is derived from v,r,s components of ECDSA signature.
6. Transactions are the starting point of every activity in the Ethereum system.
7. Transactions are the “inputs” that cause the Ethereum Virtual Machine to evaluate contracts, update balances, and more generally modify the state of the Ethereum blockchain.

In [13]:
interface TransactionInterface {
    nonce: number;    // Sequence number to prevent message replay
    gasPrice: number;    // Price of gas in wei originator is willing to pay
    gasLimit: number;    // Maximum amount of gas originator is willing to buy for this transaction
    recipient: string;   // Destination Ethereum Address
    value: number;    // Amount of ether to send to the destination
    data: string;    // Variable length binary data payload
    v_r_s: string;    // Three components of ECDSA digital signature of originating EoA
}

undefined

# Transaction Propogation

1. Flood routing protocol
2. Ethereum client = Node in P2P network - mesh network - all nodes equal
3. Each node maintains connection to 13 neightbours on average

# Smart Contracts and Solidity

1. Solidity - syntactically similar to Javascript - BUT - statically typed curly braces
2. Data Types similar to other languages
3. Boolean - bool - tru | false | ! (not) | && (and) | || (or) | == (equal) | != (not equal)
4. Integer - uint (unsigned) | int (signed) | declared in increments of 8 bits from int8 to uint256
5. Fixed point - fixed | ufixed
6. Address - 20 byte ethereum adress | has member functions around balance & transfer
7. Byte array (fixed) - bytes1 to bytes32
8. Byte array (dynamic) - variable sized bytes array | bytes | string
9. Enum - User-defined typefor enumerating discrete values | enum NAME {LABEL1, LABEL2}
10. Arrays - fixed | dynamic
11. Struct - User-defined data containers for grouping variables | {type1 var1; type2 var2}
12. Mapping: Hash lookup table for key: value pair | Similar to Pyton dictionary | mapping(key => val)

### Value literals used to calculate different units
13. Time units - seconds (base unit) | minutes | hours | days - used as suffixes
14. Ether units - wei (base unit) | finney | szabo | ether | 1 ether = 10^18 wei

### Predefined Global Variables and Functions
1. When contract is executed, it has access to a set of global objects - block | msg | tx objects.
2. **Transaction/Message call context**: msg object is transaction call (EoA originated) or message call (contract originated)
3. Whenever a contract calls another contract, the values of all the attributes of msg change to reflect the new caller’s information. The only exception to this is the delegatecall function, which runs the code of another contract/library within the original msg context.
4. msg.sender: Address that initiated the contract call | Not necessarily the originating EoA that sent the transaction
5. msg.value: ether sent in the call
6. msg.gas: gas left in gas supply of this execution environment | replaced with gasLeft
7. msg.data: data payload of the call into the contract
8. msg.sig: first 4 bytes of data payload - function selector
9. **Transaction Context**: tx object - transaction related information
10. tx.gasprice: gas price in calling transaction originator is willing to pay for
11. tx.origin: Address of originating EoA for this transaction - 'Unsafe'
12. **Block Context**: Information about the current block
13. block.blockhash (blockNumber): blockHash of speicified blockNumber upto 256 blocks in the past | replaced with blockhash function
14. block.coinbase: Address of recipient of current block's fees and block rewards
15. block.difficulty: Proof of Work difficulty (has moved to Proof of Stake) since then
16. block.gasLimit: Maximum amount fo gas that can be spent across all transactions included in current block
17. block.number: Current block number (blockchain height)
18. block.timestamp: number of seconds since Unix eposh - placed by miner in current block
19. **Address Object**: Any address passed as input or cast from contract object
20. address.balance: balance of given address in wei | current contract balance = address(this).balance
21. address.transfer(amount): transfer amount in wei to this address | exception on error
22. address.send(amount): similar to transfer | returns false on error - always check this value
23. address.call(payload): low-level CALL function - arbitray message call with data payload | returns false on error (Unsafe) | recipient can use up all your gas and cause OutOfGas exception
24. address.callcode(payload): low-level CALLCODE function | replaces this contract's code with that of address | returns false on error | Advanced usage
25. address.delegatecall: low-level DELEGATECALL function like callcode() | full message context seen by current contract | returns false on error
26. **Built-in Functions**: addmod | mulmod - modulo addition and multiplication - addmod(x,y,k) = (x+y) % k
27. keccak256, sha256, sha3, ripemd160: calculate hashes with standard hashing algorithms
28. ecrecover: recover address used to sign a message from a signature
29. selfdestruct(recipient_address): deletes current contract sending any remaining ether in account to recipient address
30. this: address of currently executing contract account


# Contract Definition

1. Contract: principal data type
2. Two other similar object types: Interface | Library
3. Interface: Structured like contract | functions only declared 'stub' | functions arguments and return types | when inherited, each of functions declared by interface must be defined by the child
4. Library: meant to be deployed only once and used by other contracts using delegatecall method
5. Inheritance: contract <_Child_> is <_Parent1_>, <_Parent2_> {}
6. 

### Functions
5. Syntax: function FunctionName([parameters]) {public|private|internal|external} [pure|constant|view|payable] [modifiers] [returns (return types)]
6. FunctionName: name of the function | called in transaction from EoA | another contract | within same contract
7. parameters: arguments with names and types | uint arg_1
8. visibility: who can call the function
9. public - called by EoA transactions or other contracts  or within contract
10. external - cannot be called from within contract except if explicitly prefixed with keyword this
11. internal - only accessible from within contract & inherited/derived contract & cannot be called by another contract or EoA transaction
12. private - internal but cannot be called by inherited/derived contracts
13. pure: neither reads nor writes to any variable in the storage | only operate on arguments and return data without reference to stored data | declarative programming without side effects or state change
14. constant/view: no modification of state
15. payable: can accept incoming payments | Exceptions: coinbase payments & SELFDESTRUCT inheritance will be paid even if fallback function is not declared as payable - this makes sense because code execution is not part of those payments anyway
16. modifiers: used to create conditions that apply to many functions within a contract | access control | onlyOwner - require(msg.sender == owner)
17. fallback function: One function in each contract may be defined without a name | called when no other function is named | cannot have any arguments or return anything
18. constructor function: if one exists - to initialize the state of the contract | constructor is run in the same transaction as the contract creation
19. selfdestruct(address recipient): address to receive any ether balance remaining in the contract account

### Error Handling
20. When a contract terminates with an error, all the state changes (changes to variables, balances, etc.) are reverted, all the way up the chain of contract calls if more than one contract was called. This ensures that transactions are atomic, meaning they either complete successfully or have no effect on state and are reverted entirely.
21. assert: Evaluating a condition and stopping execution with an error if the condition is false. By convention, assert is used when the outcome is expected to be true, meaning that we use assert to test internal conditions
22. require: require is used when testing inputs (such as function arguments or transaction fields), setting our expectations for those conditions | acts as a gate condition | require(msg.sender == owner, "Only the contract owner can call this function")
23. revert: halt execution and revert state changes
24. throw: obsolete

### Events
25. Transaction Receipt: Produced on completion of transaction | Contains log entries providing information about actions during execution of transaction
26. Events: solidity high level objects used to construct these logs | USed by Dapps and light clients - listen to specific events and report to UI | change state in app to reflect change in contract state
27. event Deposit(address indexed from, uint amount);
28. indexed: keyword added before argument to make value part of indexed table - search and filter enabled | Event objects take arguments serialised and recorded in transaction logs in blockchain
29. emit Deposit(msg.sender, msg.value)
30. 

### Security Basics
1. Principles: Minimalism/Simplicity | Code reuse | Code quality | Readability/Auditability | Test coverage
2. Reentrancy - DAO Hack
3. DELEGATECALL
4. Entropy Illusion
5. External Contract Referencing
6. Short Address/Parameter Attack
7. Unchecked CALL Return Values
8. Race Conditions/Front Running
9. Denial of Service (DoS)
10. Block Timestamp Manipulation
11. Constructors with Care
12. Unitialised Storage Pointers
13. Floating Point & Precision
14. Tx.origin Authentication: traverses entire call stack and contains address of account that originally sent the call (or transaction)
15. Contract Libraries
16. 

### Tokens
1. Will do this in the next part.

### Let us do a mini-project on depositing ERC20 token from a users wallet into our smart contract


# Doubts:
1. Difference between storage and state | can it happen that storage is updated but state is not? - difference between view and pure in this context
2. 