DEV Community: Jepsen

Object-Oriented vs Functional: Why Your Ego Needs Refactoring

Jepsen — Sun, 29 Jun 2025 23:10:14 +0000

Originally published at Network Spirits

Think about the difference between object-oriented and functional programming. One bundles data with behavior, the other treats everything as transformations. One maintains state, the other stays stateless.

Your ego is object-oriented. And that's the problem.

The Object-Oriented Ego

In OOP, you create objects that bundle data with methods:

class Car {
  constructor() {
    this.color = 'red';
    this.speed = 0;
    this.fuel = 100;
  }

  accelerate() {
    if (this.fuel > 0) {
      this.speed += 10;
      this.fuel -= 5;
    }
  }

  // Protects internal state
  validateSpeed(newSpeed) {
    return newSpeed >= 0 && newSpeed <= 200;
  }
}

Your ego works exactly the same way:

class Ego {
  constructor() {
    this.beliefs = new Map([
      ['smart', true],
      ['programmer', true],
      ['good_at_math', false]
    ]);
    this.defenses = ['deflect', 'rationalize', 'blame_others'];
  }

  handleCriticism(feedback) {
    // Protects existing beliefs
    if (this.threatensBeliefs(feedback)) {
      return this.activateDefense();
    }
    return this.minimizeResponse(feedback);
  }

  // Resists change to maintain consistency
  updateBelief(key, value) {
    if (this.beliefs.has(key)) {
      // Only accept changes that don't threaten core identity
      return this.beliefs.get(key);
    }
  }
}

Just like rigid OOP code, your ego:

Bundles data (beliefs) with behavior (reactions)
Maintains state across interactions
Resists refactoring to protect its properties
Creates defensive methods to handle threats

The Functional Alternative

Functional programming uses pure functions instead:

// Pure function - same input always produces same output
const processInput = (situation, context) => {
  // No stored state, no side effects
  const analysis = analyzeSituation(situation);
  const response = generateResponse(analysis, context);
  return response;
};

// No defensive mechanisms needed
const handleFeedback = (feedback, currentSkills) => {
  const relevantPoints = extractValue(feedback);
  const learningOpportunities = identifyGaps(relevantPoints, currentSkills);
  return createActionPlan(learningOpportunities);
};

// Adaptable - can handle any input
const processChallenge = (challenge) => {
  return pipe(
    analyzeContext,
    generateOptions,
    evaluateOutcomes,
    selectBestResponse
  )(challenge);
};

Refactoring Your Mental Architecture

Here's what changes when you think functionally about yourself:

Instead of:

// OOP Ego approach
const handleMathProblem = (problem) => {
  if (this.beliefs.get('good_at_math') === false) {
    return this.avoidProblem(problem);
  }
}

Try:

// Functional approach
const handleMathProblem = (problem, currentKnowledge) => {
  const requiredConcepts = analyzeProblem(problem);
  const gaps = findKnowledgeGaps(requiredConcepts, currentKnowledge);
  return gaps.length > 0 ? 
    createLearningPlan(gaps) : 
    solveProblem(problem);
};

The Curry-Howard Connection

This connects to the Curry-Howard correspondence - the idea that logical propositions map directly to types in programming languages. Proving a theorem is equivalent to writing a correct program.

Your ego wants to maintain consistent beliefs about yourself, even when they're wrong. But functional thinking lets you treat each moment as a fresh computation:

// Ego approach: cached beliefs
const egoResponse = (situation) => {
  return this.cachedBeliefs.get(situation.type) || this.defaultDefense;
};

// Functional approach: fresh computation
const functionalResponse = (situation) => {
  return compose(
    generateResponse,
    analyzeContext,
    extractRelevantData
  )(situation);
};

Practical Benefits

Reduced Cognitive Overhead:

// OOP Ego carries baggage
class EgoState {
  constructor() {
    this.pastFailures = [...];
    this.socialExpectations = [...];
    this.imageToProtect = {...};
    this.defenseMechanisms = [...];
  }
}

// Functional approach is stateless
const processCurrentSituation = (situation) => {
  // No baggage, just current inputs
  return handleSituation(situation);
};

Better Adaptability:

// Fixed property
this.identity.mathAbility = false;

// Computed property
const currentMathAbility = (topic, effort, resources) => {
  return calculateLearningPotential(topic, effort, resources);
};

The Fallback Function Pattern

Your sense of self is essentially a fallback function:

const handleExistentialComplexity = (overwhelmingInput) => {
  try {
    return processDirectly(overwhelmingInput);
  } catch (TooComplexError) {
    // Fallback: create simplified self-model
    return createEgoResponse(overwhelmingInput);
  }
};

The ego isn't bad - it's a necessary fallback for handling complexity. But recognizing it as just a fallback function lets you choose when to use it versus when to compute fresh responses.

Refactoring Exercise

Am I responding from cached beliefs or fresh analysis?
What would a pure function do with this input?
How can I process this situation without dragging in irrelevant state?

The goal isn't to eliminate the ego entirely - even functional programs need some state management. It's to recognize when you're running on defaults versus when you're computing fresh responses to the actual situation in front of you.

How To Deploy Cost Effective Smart Contracts

Jepsen — Thu, 04 Nov 2021 20:41:20 +0000

When people think about smart contracts, they tend to think about Ehereum. However, many ecosystems are building or have built support for the distributed computing that smart contracts allow for. Hedera recently announced their support for Smart Contracts 2.0 that will allow the contracts to run with all the native costs, security, and speeds of the Hedera network, which are pretty impressive.

This post will show you how to deploy a smart contract to the Hedera network with the JavaScrip SDK. We will first compile our smart contract into byte code. Then we will store the byte-code to the Hedera File Service, deploy our contact, and modify the state variable of our contract.

Compiling Your Smart Contract

You will first need to compile your smart contract into byte-code. There are a few different ways you can do this, recommend using remix. Remix will output a file usually called simple_storage.json. If you copy this file into your IDE, you will be able to initialize it in JavaScript like this: let json = require('./compiledSmartContract.json').

Storing the byte-code on the Hedera File Service

We need the fileID of its byte code stored on the Hedera file service to deploy our contract. We can get this by using the FileCreateTransaction API from the hedera JS SDK and passing it the byte-code.

    const compiled = json['data']['bytecode']['object'];
    // Store Contact in file service. Different from eth. Transaction size is smaller on hedera for security 
    const mycontract = await new FileCreateTransaction()
        .setContents(compiled)
        .setKeys([PrivateKey.fromString(myPrivateKey)])
        // The default max fee of 1 HBAR is not enough to make a file ( starts around 1.1 HBAR )
        .setMaxTransactionFee(new Hbar(2)) // 2 HBAR
        .execute(client);

    const TransactionReceipt  = await mycontract.getReceipt(client);
    const fileid =  new FileId(TransactionReceipt.fileId);
    console.log("file ID: " + fileid);

Afterward, we can get the FileID from the FileCreateTransaction receipt, as shown in the example above.

Deploying

Once you have a fileId of the byte-code from your contract, you can pass the fileId from the previous step to the ContractCreateTransaction() API call.

    // Deploy Contract
    const deploy = await new ContractCreateTransaction()
        .setGas(300)
        .setBytecodeFileId(fileid)
        .execute(client);

    const receipt = await deploy.getReceipt(client); //Get the new contract 
    const newContractId = receipt.contractId;        
    console.log("The contract ID is " + newContractId);

After deploying the contract you can await the receipt to get the contract ID.

Calling the Smart Contract Functions

When calling the smart contract functions, you have to know whether or not the function you want to call is modifying the state variables of the contract. If you are changing state variables, you will use the ContractExecuteTransaction() endpoint. Otherwise, you will use the ContractCallQuery() endpoint. You can think of this a doing reads vs doing writes.

Modifying State (writes)

For example, I am calling the set function in the contract outlined in the solidity documentation, I am modifying the storedData state variable.

Using the Hedera API to call this function would look something like this.

    const setter = await new ContractExecuteTransaction()
        .setContractId(newContractId)
        .setGas(400000)
        .setFunction("set", new ContractFunctionParameters().addUint256(7))
        .setMaxTransactionFee(new Hbar(3))


    const contractCallResult = await setter.execute(client);
    const testing = await contractCallResult.getRecord(client);
    console.log("Status Code:", testing.status)

Not Modifying State (reads)

The call to the corresponding getter would look something like this

    const getter = await new ContractCallQuery() // 
        .setContractId(newContractId)
        .setFunction("get")
        .setGas(300000)
        .setMaxQueryPayment(new Hbar(1)) // defaults to 1, if requires more than one need change
    // set should be around at least 3-5k gas
    const contractGetter = await getter.execute(client);
    const message = await contractGetter.getUint256(0);
    console.log("contract message: " + message);

Layer 1 vs. Layer 2

Jepsen — Tue, 02 Nov 2021 23:01:25 +0000

If you are learning about web3, the chances are that you have heard different projects referred to as being a layer-one project or a layer-two project. Hearing these terms without any prior knowledge or context can be confusing. In this post, I'll explain the differences between layer one and layer two networks and provide examples of both.

Disclaimer: This is just a brief overview of the mentioned topics and is in no way a complete piece of work on the topic.

Layer 1

A layer one network is a network that acts as infrastructure for other projects to build on top of. A public decentralized layer one network's primary characteristic is its consensus mechanism. Different consensus mechanisms provide different levels of speed, security, and throughput. Some examples of layer one networks and their consensus mechanisms are given below. Two common categories of consensus mechanisms are proof of work (PoW) and proof of stake (PoS). Note that these are just two categories and that there are many unique PoS consensus mechanisms.

Bitcoin - Consensus: Proof of work, Native Token: BTC
Ethereum - Consensus: Proof of work (moving to proof of stake in Eth2), Native Token: Eth
Algorand - Consensus: Proof of Stake, Native Token: Alg
Hedera - Consensus: Proof of Stake, Native Token: hbar
Cardano - Consensus: Proof of Stake, Native Token: Ada

Qualities of Layer one networks

All layer one networks have a native token that serves as network fuel within the network. You use a network's native token to pay for network services like transactions, file services, and smart contract services. Note that not all layer one networks support the same array of services, although all support transactions. When comparing layer one networks, it is essential to learn about its consensus mechanism and the pros and or con's that it provides the network.

Layer Two

Layer 2 networks extend the functionality of their layer 1 counterpart. This can be to increase the layer 1 network’s performance, reduce transaction fees, or increase programmability. For example, on Ethereum, where gas fees can be highly variable and transaction times slow, it is increasingly common for application developers to provide its user the ability to interact with a layer 2 network, like Polygon, to decrease their user’s fees and transaction latency.

Qualities of Layer Two Networks

Similar to how Layer 1 networks have different approaches to consensus, each layer 2 network will implement a scaling solution, or means to map transactions back to its layer 1. For instance, a commonly discussed layer 2 scaling solution is the implementation of zero-knowledge rollups. The idea is that a side-chain performs transaction ordering and processing and submits mathematical proof that they have processed the transactions fairly. Some examples of layer two scaling solutions are the Lightning Network, Polygon, and Starknet. The majority of scaling layer two solutions depend on cryptographic systems. For resources on the cryptography behind zero knowledge proofs I recommend this resource. The watered down version of what is happening, is that a mathematical proof is created by a verifier that some knowledge is correct.

Lightning Network - 2-party multi-signature channels
Starknet - Zero Knowledge Rollups
Polygon - Side Chains and Optimistic Rollups (coming soon)

Note that only layer one 1 with scaling limitations needs scaling solutions. Networks like Algorand and Hedera with high native speeds for scale don't need to scale with layer-2s because they scale at the network layer.

What are Smart Contracts?

Jepsen — Thu, 30 Sep 2021 00:04:55 +0000

Smart contracts are part of web3 and are small programs that run autonomously when predetermined conditions are met. If you are new to web3, I would suggest checking out this blogpost highlighting some of the common terms. These programs are generally short (less than 500 lines of code) and are stored entirely on a public distributed ledger like a blockchain. Anyone can view the source code of the contract and verify it does what it's supposed to do. Smart contracts, once deployed are immutable and unable to be changed.

Smart Contracts primarily written in a typed programing language called Solidity. Solidity files have the .sol extension. An example can be viewed here. Solidity developers are in very high demand and I recommend learning about the limitless opportunities that smart contracts allow.

Smart contracts are an important piece of decentralized applications which we will talk a little more about in the next section.

Decentralized Applications

The autonomous nature of smart contracts has allowed innovators to build entirely self sufficient applications on distributed ledgers. Some of the most notable applications that have helped define decentralized finance have been built using smart contracts. Notable Example are decentralized exchanges (like uniswap, dy/dx, and sushiswap), and marketplaces like opensea.

Trust

An advantage of these programs, is that you can verify they are what they are and do what they claim they are doing. This allows for a permission-less autonomous ecosystem between untrusted and anonymous stakeholders.

Scope

When writing smart contracts, functions can be defined as public or private. Public functions can be called by any permission-less party, while private functions can only be called by the smart contract itself. This specifies who can call these functions. It is also possible to set conditional criteria on these permissions. For example, some NFT projects will allow their users access to an exclusive airdrop if the users' wallet has one of the existing NFTs. There are many opportunities to customize the scope logic.

Composability

Composability is the ability to integrate and work with other systems. Since smart contracts deployed on a public ledger are public, they can be accessed and interacted with by other smart contracts. This gives fruit to an ecosystem of contracts that can interact with each other.

Cost and frugal programing

Using a decentralized public ledger requires transaction fees to pay for the network operation. This is also true regarding smart contracts. When you deploy a smart contract to a network you have to pay a one time fee to the network to compensate the allocation of the program on the ledger. This is the primary reason why these contracts are generally short, the larger your program the more expensive it is to deploy.

The other cost is to the users who interact or run the contract. These are similar to traditional network fees, and they reward the node validators for running the programs in the Ethereum Virtual Machine. There is currently criticism around the large transaction fees on the Ethereum network.

What will that look like tomorrow?

The rate of innovation in this space is lightning fast. While smart contracts were originally only supported on the Ethereum network, now there are many networks taking things further. One of these networks is Hedera Hashgraph who publicly announced their Smart Contracts 2.0 Service which will allow their native network advantages to be utilized with smart contracts. This means that they will be able to support significantly more transactions per second than smart contracts on other networks for a fraction of the cost. The supported scalability of these services is very exciting. More information on the new smart contracts can be found here.

What is a Merkle Tree?

Jepsen — Thu, 16 Sep 2021 21:32:30 +0000

Merkle trees, sometimes referred to as hash trees, were invented in 1979 by Ralph Merkle. Merkle Trees are a data structure that expands upon the topics of binary trees and cryptographic hashes. Merkle trees have unique applications in distributed systems like Interplanetary File Storage Service(IPFS), Bitcoin, and Ethereum.

The Binary Tree

A key distinction of a binary tree is that it can only have two children per node, whereas a regular tree can have many children for each node. A child node with no children is called a leaf node. Here is a simple diagram of a tree of depth = 2. The depth is the amount of levels of parent nodes. The binary tree can only have two children per node.

Cryptographic Hashes

A cryptographic Hash is a mathematical function that is "one way" meaning once you have a hash of a value, you can't use the hash function to obtain the original input value. A unique hash value is produced by first breaking all data into a numerical representation that is then fed to a hash function. Good hash functions also have the following properties:

It is extremely unlikely that two values would produce the same hash (called a hash collision)
It is computationally difficult for an individual to obtain the data from a hash
The hash is fast to Compute
They are deterministic, meaning the same value will always produce the same hash
A small change in the input should produce a drastically different change in the output

Merkle Trees

Now that we have an overview of the foundational concepts that make up a merkle tree we are ready to dive in. To introduce a Merkle tree, first imagine a distributed system that needs to distribute data across a network. The data would first be broken down into files or chunks and then sent out to corresponding network nodes. But how would you know that an untrusted entity didn't tamper with any of the data? This is where the Merkle Trees come in. The Merkle Tree is a binary tree where the nodes are hashed. For example say you have four files noted 1-4 that contain pertinent information. Each file would be hashed and the hash values would make up the leaves of our tree, where node D = H(1), E = H(2), F = H(3), G = H(4). Then the parents of the nodes are hashes of the concatenation of their child nodes. For example node B = H(H(1), H(2)) and node C = H(H(3),H(4)). The root node is computed in the same way as a hash of the hash values of node B and C.

With this data structure, as long as the root node is from a trusted source, one can verify the integrity of any of the other files with information from an untrusted source.

How to Mint an NFT with JavaScript

Jepsen — Wed, 15 Sep 2021 14:01:55 +0000

This article will teach you how to create and mint NFTs and query their data using JavaScript on the hashgraph network.

What the heck is an NFT?

Before we get into it, let's go over what an NFT is. NFT stands for Non-Fungible Token. The word fungible means "able to be replaced" or "replace an identical item". In short, a Non-Fungible token is irreplaceable. For a digital asset to be irreplaceable, it needs to be unique. So the tokens we will be creating are unique and irreplaceable! Some use cases for these unique tokens ensure the authenticity of information. As of right now, the main usages of NFTs have been for digital art and collectibles but they can be used for so much more. For example, one could use NFTs to protect information like a deed to a house, certificates of authenticity, educational degrees, identity cards, or other crucial unique details.

How do you make one?

For developers getting into web3 and blockchain technologies, it can be challenging to learn all the caveats of the new technologies such as learning a new programming language like Solidity. Minting an NFT on Hedera is simple and can be done with programming languages you are already familiar with like JavaScript. Making an NFT on the Hedera Network uses one of the network's core services, the Hedera Token Service(HTS). There are three officially supported SDKs for this service: Golang, Java, and JavaScript, as well as a variety of community-developed SDKs.

Environment Set up

You are free to use any of your preferred environment tools. I recommend following this short (3min) guide to set up with node.

Code Check

After configuring your account Id, private keys, and the client. your code should look something like this

Creating the NFT

To create the NFT, you will need to import TokenCreateTransaction, PrivateKey, TokenType, and TokenSupplyType from the Hedera SDK, so include these in the require statement at the top of your file. Then you can use the TokenCreateTransaction passing in the appropriate configuration for your token. For reference, take a look at the example below.

Here we create a token with a supply of 10. The initial collection must be zero so that you can set unique metadata for each NFT. It is also crucial that the decimals are zero so that your NFTs wont be fractional. The supply key is the key of the account permitted to mint the corresponding NFTs. We will go over minting in the next section.

Minting

Minting an NFT is straightforward. We use the TokenMintTransaction from the Hedera SDK, so be sure to include it in your imports at the top of your file. The syntax is provided below.

There are multiple options for metadata storage solutions. I wrote more in-depth about the possibilities and use cases here. However, it is very straightforward and typical for developers to use the InterPlanetary File System (IPFS).

Querying NFT Information

Now that your NFT has been minted, you might want to be able to access its metadata from the network. To do this, you can use the TokenNftInfoQuery, and NftId from the Hedera SDK.

This query returns the metadata of the minted NFT.

If you liked this guide or have questions I will be going through some of these examples live on twitch so be sure to follow HederaTV on twitch.

Common Terms in Web3

Jepsen — Fri, 20 Aug 2021 13:53:25 +0000

If you are breaking into web3 software development, all the new vocabulary can be a little intimidating, just like it can be when getting into web2 software development. In this post, we will go over some common terminology used in the web3 community.

DLT: Distributed Ledger Technology

Distributed Ledger Technology(DLT) is the overarching category of web3. DLTs encompass any distributed network that works to achieve consensus on the information. Blockchains are distributed ledgers, but notably not the only kind. Other distributed ledgers don't use a chain-coded architecture. For example, some DLTs utilize Directed Acyclic Graph(DAG) architectures for their consensus mechanisms. Examples of distributed ledgers that utilize DAG architectures are Hedera Hashgraph and Filecoin. If you want a more in depth explanation take a look at this resource.

Custodial and non Custodial Wallets

At the core of every crypto wallet is a public and private key pair. Asymmetric cryptography is at the backbone of all distributed ledgers and web3 technologies; without it, no distributed ledgers would exist. If you want to learn more about it, I wrote about it here. Your private key is used to authorize your transactions and receive information. Whoever has the private key of a wallet can access funds and authorize transactions. The private key is critical. The public key is hashed and then used as your wallet address.

The distinction between a custodial and non-custodial wallet is who manages your private keys. If you manage your private keys, the wallet is referred to as a non-custodial wallet because no one has custody of your wallet except you. If a third party controls your private keys, then the wallet is a custodial wallet. If you are looking for some good Wallets, you can check some supported wallets Here and some great Ethereum wallets Here.

Smart Contracts

Smart contracts are programs deployed to distributed ledgers. They are viewable by anyone and commonly written in a language called solidity with file extension .sol. One advantage that smart contracts have is that they are composable. This means that they can interact with other smart contracts and create an ecosystem of decentralized protocols that make up a big part of web3. There are alternative decentralized services that can be utilized that have some advantages over smart contracts like the Hedera Consensus Service and the Hedera Token Services. Both of which have advantages in speed, finality, and security. An in depth article on smart contracts and there history can be found here.

Dapp: Decentralized Application

A decentralized application is a non-custodial application that allows a user to authorize preprogrammed functionality. Decentralized applications run on a distributed ledger with varying degrees of programmability. Decentralized applications are built with distributed protocols and a user interface, a combination of web2 and web3. These are the applications that support many of the use cases of distributed ledger technologies. Some examples are Decentralized Identity, Supply chain integrity, and Decentralized Finance (DeFi). If you want to understand more use cases, check out this resource.

CEX: Centralized Exchange

A centralized exchange is a centralized entity that allows users to buy, sell, and trade various crypto assets. Users assume some risk when using a centralized exchange because the exchange manages the private keys of its user's crypto wallets. While there may be a good reason to trust an insured exchange, no exchange is immune to a cyber attack that could compromise the user's private keys. Some examples of centralized exchanges are Coinbase, Binnance, and Bittrex.

DEX: Decentralized Exchange

A decentralized exchange is a Dapp that allows users to trade different crypto assets with each other. Trades on decentralized exchanges are peer-to-peer, so you interact with a network directly rather than through a middle man like a centralized exchange. Some examples of notable decentralized exchanges are Uniswap, sushiswap, and Pancakeswap.

DAO: Decentralized Autonomous Organization

A DAO is a governance structure for web3 projects. DAOs usually have a governance token that allows holders to anonymously vote on which direction a project should go and what developments will be made. Since decentralization is the name of the game in web3, some projects have forgone the traditional business models for DAOs. DAOs allow projects to pay their developers, give community incentives, and make critical decisions in a decentralized and democratic process.

NFT: Non Fungible Token

NFT stands for Non-Fungible token. The word fungible essentially means replaceable or interchangeable. So NFT’s are not interchangeable, nor are they replaceable. An NFT has a unique cryptographic signature as proof of its authenticity. Additional information is retained in the NFT, like the account ID of its creator and metadata associated with it. This is so people can store all sorts of digital information in the metadata, and you would be able to verify that the account ID matched that of the creator of the work.

As you can imagine, this creates a monumental amount of utility in the world of intellectual property. Artists have taken to this technology like a storm, leveraging it to produce irreplaceable unique digital artwork. Additionally, the digital aspect of the token’s metadata allows individuals to build a digital experience instead of a traditional static piece of art. Audio data with mp4 data will enable people to create multimedia artwork with a wide array of functionality.

Fungible tokens

Contrasting NFTs are Fungible tokens, which are not unique. Tokens like Bitcoin, ETH, and Hbar are all fungible tokens. These tokens often serve as network fuel to pay for network services like transaction fees. In some cases, Fungible tokens also serve as governance tokens for DAOs.

PoW: Proof of Work

Proof of work was the first consensus mechanism utilized in Distributed Ledgers. Proof of work is the consensus mechanism behind Bitcoin and Ethereum (although there is a discussion of Ethereum moving to Proof of Stake). The Mechanism requires validators referred to as miners, to expend computational effort to validate the network. This deters malicious actors from attacking the network in a game-theoretic model by requiring them to have enormous resources to attack the network.

Miners are entities who participate in the PoW consensus algorithm. Miners are rewarded network fees in exchange for validating and securing the network. Miners are often anonymous. Miners manage PoW mines which are special computers with many powerful Graphics Processing Units(GPUs). Because PoW mining is a computationally-intensive process, mining requires large amounts of electricity and raises discourse on its environmental impact.

PoS: Proof of stake

Proof of Stake is a category of consensus that requires validators on the network to hold an amount of cryptocurrency corresponding to the network they are validating. The more you hold, the more weight your validation has on the consensus of the network. There are varying PoS consensus mechanisms, but they all ensure a base level of network security by requiring validators to be invested in the network. This way, if a bad actor were to try and create a bad state of the network, they would have to be heavily invested in the network's native token and thus in the network's success. Some example of proof of stake networks are Hedera Hashgraph Algorand and Cardano.

Validators contrast PoW miners by participating in the validation of a PoS network through the network mechanisms. Since in PoS, you do not need to expend large amounts of computational resources, Validators don't need a lot of electricity.

I hope this brief overview of common terms makes navigating web3 technologies easier. If you have any questions feel free to leave them in the comments or @ me on twitter.

HTTPS

Jepsen — Thu, 12 Aug 2021 16:19:18 +0000

What is HTTPS?

HyperText Transfer Protocol Secure, the extension of HyperText Transfer Protocol, is used for secure network communication. The implemented communication protocol encrypts web communication using Transport Layer Security (TLS) formerly known as Secure Socket Layer (SSL). The protocol is often referred to HTTP over TLS or SSL.

Why is HTTPS important?

The protocol is used to protect web page authenticity regarding secure accounts, user communication, identity, and private web browsing.

How Does it work?

The protocol authentication requires a trusted certificate authority (CA) to sign a server-side digital certificate. Web browsers play a critical role in this protocol by checking a website's certificate to make sure it belongs to the domain it says it was issued to, and verifying that the certificate was signed by a trusted CA. If these conditions hold, then the web traffic for this site between client and server is encrypted using TLS handshakes. TLS uses symmetric encryption to encrypt web traffic between server and client.

How will we implement HTTPS manually?

Implementing HTTPS is offered as a service by many certificate authorities and web hosting services for a price. As developers we have the skills to implement HTTPS manually at no cost and should take advantage of the open-source intelligence on how to do so. The steps required to implement the HTTPS protocol will vary depending on what your website is running and what type of server it is running on.

Let’s Encrypt is a reasonable way to obtain a certificate, activate, install, and deploy it. Let’s Encrypt is a free, automated Certificate authority (CA) for the public. Let’s Encrypt runs the internet security research group and aims to provide a free, automatic, secure, and transparent CA to the public for the goal of creating a more secure and privacy-respecting web.
CertBot

Let’s Encrypt issues it’s certificate via CertBot which is a free and open-source software tool for automatically using Let’s Encrypt certificates on manually administered websites to enable HTTPS. Use of CertBot requires

some familiarity with the command line
HTTP website already online with port 80 open
deployment to a dedicated server, virtual private server, or a cloud-hosted server accessible by SSH and navigable with root privileges.

Deploying our certificate via CertBot

I am hosting my web application on an Ubunto 18.04 LTS (Bionic) Headless server the steps to implement HTTPS using CertBot are as follows.

SSH into our server running your HTTP website (make sure to have root privileges)
Run the following commands to add the Personal Package Archives (PPA) for CertBot to your repositories.
Install your Certificate in the configuration file for your webserver

Custodial vs Non-custodial wallets in DLT

Jepsen — Wed, 04 Aug 2021 14:06:17 +0000

This post will illustrate the differences between custodial and non-custodial cryptocurrency wallets and why a web3 developer needs one. This concept is vital for users of the decentralized web.

Wallet overview

It is critical to understand the cryptography that defines cryptocurrency wallets. You don't need to understand all the math of the elliptic curve (although I recommend it because it is interesting); you need to understand the function of your private and public keys. I go over this in detail here. To summarize, your private key is used to authorize your transactions and receive information. Whoever has the private key of a wallet can access funds and authorize transactions. The private key is critical. The public key is hashed and then used as your wallet address.

Why do web3 developers need wallets?

To programmatically interact with decentralized networks, you must send and receive information to the network. Crypto wallets are how you do this. While people primarily use them for storing cryptocurrency, as a developer, you need them to deploy any services on a distributed ledger, i.e., smart contracts or Hedera's API. While anyone can read a public distributed ledger, no one can transact on a distributed ledger without a wallet. The wallet serves you an anonymous identifier. Anonymity is taken seriously in some web3 dev communities, and developers are known by their public key. Hence the phrase: "see you on-chain."

Fun Fact: Wallets with leading zeros use less gas when storing information because there is less memory required to keep these values. You can find more information here. As a result, you may see web3 developers online where their handles are the first few digits of their public key. The public key serves as proof of their activity on-chain since anyone can use a network explorer to view the activity associated with a public key. If you are interested in generating your vanity wallet, check out this GitHub repository.

Wallet Providers

It is helpful to think of wallet providers as a window that allows you to easily view and interact with your wallet. Most wallets providers you have probably interacted with have a convenient user interface like Exodus, Atomic, or Metamask, allowing you to sign transactions and send cryptocurrency with a click of a button. However, it is essential to know that your wallet is provider agnostic, meaning that once it is created, you can view and interact with it from any wallet software as long as you have the corresponding private key.

Custodial

A custodial wallet is managed by a third party like a centralized exchange. The third-party handles your private key and authorizes your transactions for you. This is fine as long as you trust them to do so. The benefits lean towards non-technical users who don't want to keep track of private keys. The drawback is that there is an inherent risk in trusting a third party to manage all your crypto assets. Centralized exchanges have been victims of cyberattacks in the past, compromising their user's keys and crypto.

Non-custodial

A non-custodial wallet is a wallet in which the user manages the keys. This is preferred by crypto-punks, security advocates, and the greater decentralized community. Non-custodial wallets put the responsibility on the user. If the user forgets their private key, no one can get it back for them. When you manage your keys, you don't have to put your trust in a third party. It is crucial that you keep your private key safe and that you never share it with anyone.

Conclusion

In retrospect there are pros and cons of both wallet solutions. This is a very important decision for a developer to make. I personally utilize non-custodial wallets, but the decision is yours to make.

Python vs C

Jepsen — Fri, 23 Jul 2021 18:01:35 +0000

I'm writing this post to illustrate my personal learning experience around runtime speed, High and low-level programming languages, and their pros and cons.

I work as a junior system administrator for the university manage around 600 Linux machines, 7000 users, 350 Unix groups, and a handful of net groups. A few months ago, we decided to migrate our directory services from Network Information Services(NIS) to Light Weight Directory Access Protocol(LDAP). I was asked to write a migration script and test it on the database.

I was excited to write such a critical piece of infrastructure and worked hard using the PythonLdap API to get all the correct fields set up in LDAP. After a few weeks, my script was ready for production, migrating all the users and their data fields, the Unix groups, and net groups to the new directory server. The idea was that the script would keep LDAP and our old database in sync. If something changed on LDAP, the changes would be reflected on NIS and vise-versa.

Speed

The script worked great. Except for that, it took about 5min to iterate through both databases. I looked into optimizations, checked my data structures, and reduced runtime by about 1min. Not fast enough. We would call the script to run every time a change is made to the NIS database to update LDAP.

My boss told me he wanted me to try and rewrite the script in C. I was bummed out about this at first because I had spent so much time working on the python script. It felt like all my work debugging and optimizing the script was for nothing. However, after some time, I got excited about the opportunity to dive deeper into a low-level programing language. C is essential and still widely used in industry.

Lessons Learned

Python compiles at runtime. On average C runs about 45 times faster than python because it is a compiled low-level language. Python is an interpreted language, meaning one line at a time is translated into machine code. Python has some advantages in ease of use and syntax, but C allows the developer to become familiar with memory architectures and delicate grained nuances of systems like buffer overflows.

Both languages have their place in the world. If you are building a lightweight automation script, python works just fine. But if you want to write a piece of network infrastructure, you should write in a language with a lot of granularity and speed. If you are pursuing a Career in Networking or cyber Security, I recommend including both a scripting language and a low-level language in your tool kit.

My recommendations for scripting languages

My recommendations for low level languages:

C Note: The official documentation is not very user friendly but there are plenty of open resources available
Rust Note: Rust is a newer precompiled language but it becoming widely adopted very quickly. It has some security advantages over C and is favored highly.
Depending on what you are doing Assembly is also very granular

Demystifying Artificial intelligence

Jepsen — Sun, 11 Jul 2021 16:52:45 +0000

Artificial intelligence is the concept of machines making ‘smart’ decisions. Artificial Intelligence applies what is called machine learning. Machine learning refers to training a program to make accurate predictions when provided with a relevant dataset. The idea is that you supply your program with information about the patterns you would like it to recognize. This can take time, computational energy, and lots of data.

Machine learning is currently one of the most saturated fields of research. Every month there are about 100 new academic publications on the topic. Staying up to date on the latest optimizations for your back-propagation, activation function, and model architecture can be exhausting.

Machine Learning also is a hot topic in the land of science fiction. People like to speculate about an omniscient AI that will either take over the world and destroy humanity or help and perhaps work with us. The reality is far from speculation. AI is good at predicting something when given data about previous things. The entirety of world phenomena presents a plethora of variables that constitute data incomprehensible to current machines. We are barely able to process entire genomes, nonetheless all of them.

CS445

About a year ago, I took Introduction to Machine Learning, a class offered at my university. I was excited about the class. I knew that machine learning relies heavily on linear algebra, and I had taken Linear Algebra 1 and 2 in my undergraduate program. Linear algebra is all about matrices and their properties, from multiplying them to performing calculus with them. Because machine learning deals with so much data, it is often represented in matrices of numbers. The numbers represent the weight of the data. The weight is a measure of how much of an effect the data will have on the variable you are trying to predict.

In the machine learning class, we built the elementary convolutional Neural Network that classifies written numbers. The class demystified the term ‘artificial intelligence. I learned about the network architecture, error rates, and how the program used data to create predictions and classifications. The math of machine learning is not too complicated. With a linear algebra background, it only required multidimensional calculus (Calculus 3).

While there are many different model architectures in machine learning, I believe that the most critical concept to understand is back-propagation. The theory of back-propagation is that as data passes through your model and it makes predictions. The model needs to have some amount of feedback to improve its predictions. Hence ~training~. What happens is your model measures the error of its prediction and sends it back through the architecture so that the corresponding weights of indicators can be adjusted. This happens again and again until your model reaches its desired error rate.

AlphaGo

One of the most pleasant discoveries in my education of machine learning was AlphaGo. Go is one of the oldest strategy games in the world, and while the rules are simple, the game is incredibly complex. For this reason, many people thought there would never be a machine that could beat the grandmaster Go players of the world. AlphaGo is the name of an AI that aimed to do precisely that. There is a beautiful documentary on the story free on youtube that I highly recommend. Maybe I’m a big nerd, but the film brought tears to my eyes.

For comparison, a Chess game has about 35 possible moves each turn (called a branching factor), and each game lasts about 80 moves (depth). Thus, the number of possible moves in a typical chess game is 35^80 or 10^123, which is considerable. In a game of Go, there are about 250 possible moves each turn, and the depth of a game is usually 150. The number of possibilities in a game of go 250^150 or 10^360. Analytically, the complexity of Go is hundreds of magnitudes more significant than that of chess. 1996 was the first time in history that a computer beat a grandmaster chess player Garry Kasparov.

I grew up playing chess with my father early every morning and consequently had built a love of the strategy game. However, after watching the AlphaGo documentary, I got myself a go board and started playing with my roommate every morning. Since then, I have fallen in love with the game Go. It’s a beautiful, ancient game and is often described in proverbs. If any readers care to learn or share a game, I’ll link my OGS (online-go-server) account below. I’m happy to play or teach people of any skill level.

-Build a Convolutional Neural Network in Five minutes
-Play Go with me
-The math of Neural Networks
-AlphaGo Documentary
-CS 445 resources (including code).

An introduction to cryptography in distributed ledger technology

Jepsen — Thu, 08 Jul 2021 22:49:55 +0000

Cryptography is the backbone of distributed ledger technologies like blockchain and other consensus-oriented distributed networks. If you are interested in building decentralized applications, it's essential to understand the wallet generation and transaction signing processes. Both of which rely heavily on underlying cryptographic protocols.

In addition to distributed networks, cryptography is a critical component of cybersecurity. With cybercrime on the rise and cyberattacks costing businesses an average of 2.3 Million dollars per malware attack source, it is increasingly important to have your cybersecurity up to par. With the proper use of cryptography, you could save your business big time by ensuring the confidentiality of sensitive information.

Modern cryptography is mathematically robust and plays a critical role in securing sensitive information like your bank account numbers and social security number. While the mathematics may be complex, the concepts are graspable without a complete understanding of the encryption algorithms.

One of the key components of cryptography is ciphers. Ciphers are algorithms used to conceal (encrypt) and decrypt information. The encrypted information is called ciphertext, while decrypted information is called plaintext. There are two types of ciphers, symmetric ciphers, and asymmetric ciphers. We will go into the difference and some examples throughout this article.

The Earliest Known Cipher: Caesar’s Cipher

One of the earliest known ciphers is the Caesar Cipher or shift cipher. Caesar's cipher is a symmetric cipher, meaning the same key used to encrypt information is used to decrypt it. The cipher works by mapping the current character of the plaintext to a character of a predetermined distance (the key) adjacent in the alphabet. For example, if the key is a right rotation by three, then 'A' gets mapped to 'D.' The whole keymap has been constructed below for your convenience. The plain-text, "CIRCERO," would be enciphered as "FLUFHUR."

Plaintext: ABCDEFGHIJKLMNOPQRSTUVWXYZ

Ciphertext: DEFGHIJKLMNOPQRSTUVWXYZABC

Notice the wraparound of the alphabet is modeled by modulus arithmetic. We can mathematically represent an encryption function and a corresponding decryption function En=(x + n) mod 26 and a corresponding decryption function Dn= (x - n)mod 26. Here is an excellent repository of the implementation of this algorithm in several different languages. Below is an example constructed in JavaScript.

For some time, transposition ciphers like the shift cipher provided adequate protection of sensitive information. However, enumerating over 26 possible keys isn't very hard, and the cipher is easily broken.

Ciphers in Blockchain Wallets

The ciphers used today that make Distributed ledgers like blockchain possible are known as asymmetric ciphers. Asymmetric ciphers use a different key to encrypt information than they do to decrypt information. These keys are known as the public and private key pair. They contrast symmetric cryptography, where the same Key used to encrypt information also decrypts information.

If you've poked around the distributed ledger space, chances are you've generated a wallet consisting of a private Key, to keep secret and your Public Key, which acts as your wallet's address. We will go over how crypto wallets use asymmetric cryptography.

Before asymmetric cryptography, it was a big challenge to share keys with people over long distances. To share private information over a secure communication channel, you and the receiving party need to share a key. You can see this chicken or the egg problem forming. How do you securely share the key? Asymmetric ciphers addressed this issue.

Asymmetric cryptography works as follows. Say Alice and Bob want to send a secret message without an eavesdropper, Eve, able to read the message. Alice and Bob each have a public key (viewable by anyone) and a private key (only known by the owner of the corresponding public key). Alice encrypts her message with Bob's Public Key so that the only key that can decrypt the information is Bob's Private Key. Alice sends the message to Bob. Even if Eve can intercept the message, she cannot read its contents without Bob's Private Key. Bob can then decrypt the message with his private key and read the secret message from Alice.

So how do crypto wallets leverage this technology? When you are authorizing transactions, you want to prove that you are the owner of the private key corresponding to funds in the wallet. This is done using a Digital Signature Algorithm.
When a user authorizes a transaction, they prove that the user is the owner of the private key corresponding to the public key’s funds. Because of the mathematical relationship between the public and private keys, users can sign a transaction with their private key, creating a digital signature. A digital signature reveals no information about the private key but can be verified with the corresponding public key. Thus proof can be constructed.

The currently best performing asymmetric encryption algorithm is the Elliptic Curve, providing fast, secure encryption with a smaller key than RSA.

For readers interested in the mathematics of RSA or the Elliptic Curve, the following resources are excellent learning tools.

Elliptic Curve
RSA (Rivest, Shamir, Adleman)
DSA (Digital Signature Algorithm)
ECDSA (Elliptic Curve Digital Signing Algorithm)

Resources on the implementation and available cryptography libraries are presented below. These are all open source and generally respected and implemented for various purposes.

Crypto-js Is a great JavaScript library to explore additional ciphers
elliptic is a JavaScript library for elliptic curve encryption including digital signature algorithms.
Cryptography is an expansive python library with access to digital signature algorithms and the most commonly used ciphers.
OpenSSL is commonly used by system administrators to generate TSL certificates and perform a variety of cryptographic functions.
Botan is a crypto library for C++.
Bouncy Castle has a Java and C# library and is a provider for the Java Cryptography Extension (JCE).