Now that summer is over, in addition to making personal plans for the fourth quarter, it’s also a good time to reflect on some of the year’s biggest events, such as the ERC-777 token standard developed by Jordi Baylina, Jacques Dafflon, and Thomas Shababi, This standard is intended to replace the current most popular token standard, ERC-20[1]. The erC-777 standard is almost complete and will be fully released in August, Jordi said at the DappCon forum in Germany on July 20.
Now that August is over, however, the team behind the ERC-777 standard seems to be holding their tongue about releasing this new standard on the Ethereum blockchain — or is it ready to surprise the public? Although there have been no erC-777 updates on GitHub[2] since July.
A tweet from Baylina last week may give us a clue. Team member Jacques Dafflon’s reply reassured many, though we still don’t know when the new standard will be released.
Jacques tweeted that the team had not anticipated the volume of work and feedback, and that he had been focused on writing a paper [3] on the new ERC-777 standard. This led to delays in work on the new standard and the hope that the ERC-777 standard could be completed and released as soon as possible. The tweet read:
For the moment, we might as well understand the background of this new standard.
Why change erC-20, the world’s most popular token standard? There are more than 60,000 projects based on this standard — including EOS, which has a total capitalization of more than $4.5 billion, and Binance, which claims to be the world’s largest cryptocurrency exchange. To answer this question, it is necessary to compare the existing standard ERC-20 with the new standard ERC-777, and then assess the application risks of both standards.
Ethereum’s success
While Bitcoin is considered the most popular cryptocurrency in the world, Ethereum is not only the second most popular cryptocurrency, but also the one responsible for the cryptocurrency market boom in 2016-17. Without ethereum, there would have been no phrase “to the moon” and no way to draw traditional investors and millions of ordinary people into cryptocurrencies in a matter of months, making cryptocurrencies more than just entertainment for computer geeks.
The main advantages of the Ethereum blockchain include the simplicity of developing applications and the effortless process of issuing tokens using smart contracts. Creating a token (that is, issuing a new cryptocurrency) can now be done in a minute. This has also led to an explosion in ICOs (initial coin offerings). Meanwhile, another important factor in the development of the ICO market is the use of the unified token standard ERC-20.
ERC – 20 standard
Before tokens can be standardized, Ethereum developers will have to create separate smart contracts for each token based on the Solidity language. In fact, a new and unique smart contract must be created each time. Each time a new token needs to be supported, the exchange or wallet founder needs to write a unique new code. The more tokens on the market, the more cumbersome the process becomes. In addition, these tokens, issued on unique smart contracts, are not compatible with each other.
As a result, Ethereum developers created a unified standard ERC-20 for all tokens, where ERC stands for “Ethereum Request for Comment”, which can be understood as a protocol proposal for Ethereum developers to solicit comments. And 20 is the number assigned to this proposal, which is chosen arbitrarily.
The ERC-20 standard, introduced in 2015, revolutionized the cryptocurrency industry and became the core guide for specifying which functions and events must be performed in smart contracts. Issuing, trading and cashing in new currency has never been easier.
The standard specifies six mandatory parameters that must be included in a smart contract to achieve three main functions:
1. Function for setting initial allocation of tokens:
- TotalSupply — Limits the maximum supply of a token at which the smart contract stops issuing that token.
- Balance0f – The function used to get the balance of the specified account (Address).
2. Token transfer functions:
- Transfer – A function used to transfer a certain number of tokens from the original account to the new account
- TransferFrom – A function used to implement token transfer between users
3, execute management function:
- Approve – A function that checks the availability of tokens for smart contracts
- Allowance – A function used to determine whether an account has sufficient tokens to complete the transfer
Once the standard is in place, major exchanges and wallets will be able to unify their codes to accommodate any tokens based on the ERC-20 standard. It is no surprise that applications using Ethereum (ETH) are springing up.
Challenges facing the ERC-20 standard
Developers of decentralized networks are programmers first and businessmen second. As a result, they almost always follow formal logic when making decisions. For example, some developers may dismiss a “51% attack” because they think the token itself will be devalued, or that the cost of hacking is far greater than the profit from it. But it seems that the perpetrators of the hacks have a completely different logic, and there have been many attacks this year alone.
What’s more, the developers previously thought that token functionality was limited to the ICO phase and was useless beyond that. But that’s not the case — some teams, even those that can’t program, are already exploring blockchain’s more possibilities. For example, there are already some recreational tokens known as Useless tokens.
Other customizations supported by the ERC-20 standard may even compromise the security of users’ funds. For example, some developers can recharge their transaction accounts by executing both the “approve” function and the “transferFrom” function.
The withheld funds are transferred from the sender’s account but not credited to its Exchange balance, as the recipient’s smart contract deposit function has not been determined. The problem was that ethereum developers did not provide this option to transfer funds, nor did they prohibit such transfers, and the blockchain initially did not support automatic transaction recognition of contracts. As a result, cryptocurrency holders lose millions of dollars, which disappear forever into the blockchain network — if an outstanding transaction is not immediately canceled by the sender.
Erc-20 Smart contract token transfer vulnerability
Security auditor Dexaran noticed this flaw in the ERC-20 standard and subsequently developed the ERC-223 standard with the addition of the “tokenFallback” function, which the contract initiates if the “transferFrom” function is not executed.
In addition, another vulnerability in the ERC-20 standard was detected in June this year by Lucas Cremer, German Solidity language developer, after the Solidity language update [4].
His results show that a large proportion of ERC-20 tokens — which the authors call “bad Taokens” — behave differently in terms of the return values of the transfer function: the contract transfer function of these tokens does not return anything. This affects many tokens traded on platforms such as Binance and OmiseGo. Corner believes that what people need to be concerned about is that these affected token assets may start to operate in an unpredictable way, while warning that the vulnerability needs to be fixed “as soon as possible.”
Erc-777: A major blow to erC-20 defects
Because tens of thousands of tokens, exchanges, and wallets are tied to the ERC-20 standard, its flaws are deeply ingrained. As a result, Ethereum developers have long decided to release a new token standard, ERC-777.
The Ethereum Improvement Proposals (EIP) for ERC-777 were published on 20 November 2017 and have been generally accepted by the Ethereum community. But for the new standard to play its full role, a supplementary ERC-820 protocol is needed to establish rules for creating a unified record list of smart contracts. With this centralized record sheet, the main problem of ERC-20, namely the inability to judge the functions performed by the smart contract, will be solved.
So how does the ERC-820 work? Any smart contract that describes its function can be registered once, and when a transaction is executed, the blockchain can apply the record sheet to verify that the operation is feasible. If the user tries to perform an invalid operation on the token, the token will remain in the account and will not disappear.
At DappCon in Berlin, Jodi Baylina and Jacques Dafflon outlined the details of the ERC-777 standard, which calls “hook” functions to inform and allow smart contract accounts to control token lending. Specifically, ERC-777 defines two hook functions: “tokensToSend” (to inform that a token is sent) and “tokensReceived” (to inform that a token is received). These functions work in conjunction with the ERC-820 to provide automatic identification capabilities that the ERC-20 does not have. Therefore, it is possible to detect whether a token has specific characteristics to perform or reject operations. This makes smart contracts even smarter.
The ERC-777 standard will address the problem of lost recipient tokens, which will not be lost when contemporary coins are sent to a smart contract that does not support receiving or managing assets. The issue has already caused the Ethereum community to lose millions of dollars worth of tokens, much of which seems to be stuck forever in some of the top ICO contracts. The figure below shows the value of tokens trapped in contracts for some projects:
Preventing the loss of tokens due to incorrect transaction operations is not the only innovation of this new standard, as it aims to further the development of blockchain.
For example, the creators of erC-777 first created a “trusted operator” function that could transfer or destroy tokens on behalf of the owner. This is done by executing the “authorizeOperator” function and can be used to make fast, automatic Ethereum (ETH) payments.
In addition, the new standard allows users to check the availability of recipient accounts/addresses in the “whitelist” and “blacklist” functions through the “ITokenRecipient” function. At the same time, the “hook” function mentioned above can monitor token dynamics on a situational basis, which allows users to mask certain account addresses and perform much more — including the intervention of token senders and receivers in the transaction process.
If you want to know more details about ERC – 777, can be conducted on the making of the etheric fang refer to: https://eips.ethereum.org/EIPS/eip-777.
ERC – 20 curtain call
The ERC-777 standard is compatible with ERC-20, and any project previously based on the ERC-20 standard can be moved to the new standard without difficulty. It is conceivable that current exchanges and wallets that use tokens based on the old standard will also embrace the ERC-777 standard. In practice, the simplified process of issuing tokens on the new standard is likely to lead to another surge of activity in the cryptocurrency industry, similar to the one sparked by the old standard in 2016-17.
In addition, the new standard will also significantly enhance the capabilities of the Ethereum blockchain system, making it popular with more developers. The intense discussion among developers about this new standard is a good example of this.
The ERC-777 standard also includes completely redesigned functions and logic, which will avoid cross-cutting or confusion with other token standards when executing smart contracts.
The erC-777 standard has one drawback: it relies on a centralized smart contract record sheet — something that doesn’t quite fit with the decentralized concept of blockchain. To secure this log sheet, ethereum developers need to take additional steps.
Perhaps a new and promising token standard will give the ethereum network new momentum, especially as the price of Ether (ETH) has been falling since July. Until the new standard is officially released, perhaps the only thing we can do is to wait and hear from the Ethereum team, who are sure to deliver.
By Julia Magas
Compiler: Hulin
The original link: cointelegraph.com/news/summer…
Reference links:
[1] cointelegraph.com/explained/e…
[2] github.com/jacquesd/ER…
[3] github.com/jacquesd/ma…
[4] medium.com/coinmonks/m…
This article is reprinted from Unitimes, a public platform on wechat