-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
18 changed files
with
502 additions
and
329 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
--- | ||
description: Build DApps on Sapphire | ||
--- | ||
|
||
# Build | ||
|
||
As Sapphire is EVM-compatible, you can use the same dev tooling as you would | ||
when building on Ethereum. Additionally, we build tools to support you in | ||
creating secure and confidential DApps. | ||
|
||
Feel free to check out the [concept] page to get a better understanding of the | ||
transaction flow and the contract state. | ||
|
||
[concept]: ./concept.mdx | ||
|
||
## Contract Development | ||
|
||
Sapphire is programmable using any language that targets the EVM, such as Solidity, | ||
Fe or Vyper. If you prefer to use an Ethereum framework like Hardhat or Foundry, | ||
you can also use those with Sapphire; all you need to do is set your Web3 gateway URL. | ||
You can find the details of the Oasis Sapphire Web3 endpoints | ||
[here](../network.mdx#rpc-endpoints). | ||
|
||
### Features | ||
|
||
- [Deployment and Proxies][deployment] | ||
- [Gasless and Onchain Signing][gasless] | ||
- [Security considerations][security] | ||
- [View-call authentication][view-call] | ||
- [Randomness, Subcalls and More Precompiles][sapphire-contracts] | ||
|
||
[deployment]: ./deployment.md | ||
[gasless]: ./gasless.md | ||
[security]: ./security.md | ||
[view-call]: ./authentication.md | ||
[sapphire-contracts]: https://api.docs.oasis.io/sol/sapphire-contracts | ||
|
||
## Frontend Development | ||
|
||
To connect your frontend to your smart contracts, see the [browser] chapter. | ||
|
||
[browser]: ./browser.md | ||
|
||
:::info More Frontend Framworks | ||
|
||
We support the common frontend libraries with the v2 client: | ||
|
||
- [Ethers v6][ethers] | ||
- [Viem][viem] | ||
- [Wagmi][wagmi] | ||
|
||
::: | ||
|
||
[ethers]: https://github.com/oasisprotocol/sapphire-paratime/tree/main/integrations/ethers-v6 | ||
[viem]: https://github.com/oasisprotocol/sapphire-paratime/tree/main/integrations/viem-v2 | ||
[wagmi]:https://github.com/oasisprotocol/sapphire-paratime/tree/main/integrations/wagmi-2 | ||
|
||
## Backend Development | ||
|
||
If you want to connect and execute transactions from your backend. | ||
Sapphire has three clients in different programming languages: | ||
|
||
- Sapphire [JS] | ||
- Sapphire [Go] | ||
- Sapphire [Py] | ||
|
||
[JS]: https://github.com/oasisprotocol/sapphire-paratime/tree/main/clients/js/README.md | ||
[Go]: https://github.com/oasisprotocol/sapphire-paratime/tree/main/clients/go/README.md | ||
[Py]: https://github.com/oasisprotocol/sapphire-paratime/tree/main/clients/py/README.md | ||
|
||
## Examples | ||
|
||
See our [examples] page for demo DApps that bring all the above together. | ||
|
||
[examples]: ../examples.mdx | ||
|
||
Should you have any questions or ideas to share, feel free to reach out to us | ||
on [discord and other social media channels][social-media]. | ||
|
||
[social-media]: https://github.com/oasisprotocol/docs/blob/main/docs/get-involved/README.md#social-media-channels | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
--- | ||
description: Sapphire concepts | ||
--- | ||
|
||
import DocCard from '@theme/DocCard'; | ||
import {findSidebarItem} from '@site/src/sidebarUtils'; | ||
|
||
# Concept | ||
|
||
### Transactions & Calls | ||
|
||
{/*-- https://github.com/oasisprotocol/docs/blob/455980674563cad92ff1e1b62a7a5f2d4d6809f0/docs/general/images/architecture/client-km-compute.svg -->*/} | ||
![Client, Key Manager, Compute Node diagram](../../../general/images/architecture/client-km-compute.svg) | ||
|
||
The figure above illustrates the flow of a **confidential smart contract | ||
transaction** on Sapphire. | ||
|
||
Transactions and calls must be encrypted and signed for maximum security. | ||
The [@oasisprotocol/sapphire-paratime] npm package will make your life | ||
easy. It'll handle cryptography and signing for you. | ||
|
||
You should be aware that taking actions based on the value of private data may | ||
**leak the private data through side channels** like time spent, gas use and | ||
accessed memory locations. If you need to branch on private data, you should in | ||
most cases ensure that both branches exhibit the same time/gas and storage | ||
patterns. | ||
|
||
You can also make **confidential smart contract calls** on Sapphire. If you | ||
use `msg.sender` for access control in your contract, the call **must be | ||
signed**, otherwise `msg.sender` will be zeroed. On the other hand, set the | ||
`from` address to all zeros, if you want to avoid annoying signature popups in | ||
the user's wallet for calls that do not need to be signed. The JS library will | ||
do this for you. | ||
|
||
:::note | ||
|
||
Inside the smart contract code, there is no way of knowing whether the | ||
client's call data were originally encrypted or not. | ||
|
||
::: | ||
|
||
<details> | ||
<summary>Detailed confidential smart contract transaction flow on Sapphire</summary> | ||
|
||
![Diagram of the detailed confidential smart contract transaction flow on Sapphire](../diagrams/c10l-smart-contract-tx.mmd.svg) | ||
|
||
</details> | ||
|
||
<details> | ||
<summary>Detailed confidential smart contract call flow on Sapphire</summary> | ||
|
||
![Diagram of the detailed confidential smart contract call flow on Sapphire](../diagrams/c10l-smart-contract-call.mmd.svg) | ||
|
||
</details> | ||
|
||
### Contract State | ||
|
||
The Sapphire state model is like Ethereum's except for all state being encrypted | ||
and not accessible to anyone except the contract. The contract, executing in an | ||
active (attested) Oasis compute node is the only entity that can request its | ||
state encryption key from the Oasis key manager. Both the keys and values of the | ||
items stored in state are encrypted, but the **size of either is not hidden**. Your | ||
app may need to pad state items to a constant length, or use other obfuscation. | ||
Observers may also be able to infer computation based on storage access patterns, | ||
so you may need to obfuscate that, too. See [Security chapter] for more | ||
recommendations. | ||
|
||
[Security chapter]: ./security.md#storage-access-patterns | ||
|
||
:::danger Contract state leaks a fine-grained access pattern | ||
|
||
Contract state is backed by an encrypted key-value store. However, the trace of | ||
encrypted records is leaked to the compute node. As a concrete example, an ERC-20 | ||
token transfer would leak which encrypted record is for the sender's account | ||
balance and which is for the receiver's account balance. Such a token would be | ||
traceable from sender address to receiver address. Obfuscating the storage access | ||
patterns may be done by using an ORAM implementation. | ||
|
||
::: | ||
|
||
Contract state may be made available to third parties through logs/events, or | ||
explicit getters. | ||
|
||
### Contract Logs | ||
|
||
Contract logs/events (e.g., those emitted by the Solidity `emit` keyword) | ||
are exactly like Ethereum. Data contained in events is *not* encrypted. | ||
Precompiled contracts are available to help you encrypt data that you can | ||
then pack into an event, however. | ||
|
||
:::danger Unmodified contracts may leak state through logs | ||
|
||
Base contracts like those provided by OpenZeppelin often emit logs containing | ||
private information. If you don't know they're doing that, you might undermine | ||
the confidentiality of your state. As a concrete example, the ERC-20 spec | ||
requires implementers to emit an `event Transfer(from, to, amount)`, which is | ||
obviously problematic if you're writing a confidential token. What you can | ||
do instead is fork that contract and remove the offending emissions. | ||
|
||
::: |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
Oops, something went wrong.