data structures - Binary Indexed Trees: Why does i & -i ...

Attention incoming interns! Here's a list of TIPS I WISH I KNEW starting my intern year, some things you can start working on now and some less commonly discussed but very important parts of your job

It’s that time of year and yet again I’ve seen plenty of incoming interns asking what they can do to prepare. I wrote this post to share some tips for all of the not-exactly-medical stuff I wish I knew before I started intern year and to share a few things that interns can do before they start to feel like they’re well prepared for the long white coat.
As a quick background, I was a surgery intern in the first half of the 2010s and much of this is informed by my notes and memories from that time in addition to everything I’ve learned since, particularly about professionalism both in medicine and in the business world with work I’ve done in the healthcare startup arena. I’m also not perfect and very much a work in progress myself and, outside the intern-specific items here, I try to do most of these things myself—sometimes more successfully than others.
So take what you think are good ideas here, leave what you don’t think would be useful, and if anyone else has anything to add, please feel free to chime in.
TL;DR: Intern year is hard. Here are some not-so-commonly-disucussed tips that may help.

Mindset

1. Being an effective intern is, at its core, about being responsible, effective and reliable.

Your day to day responsibilities are nearly always dominated by the need to get things done and to do so in a manner that lets your other team members focus on their own roles and responsibilities. What about learning clinical medicine? You'll learn plenty and fast. Don't worry.
When reading through these tips below, view them from an angle of “would this help me develop an effective system for making sure everything gets done and nothing falls through the cracks?”

2. For your in-the-hospital life as well as your outside-the-hospital life, remember this one thing: you will forget.

You will be busy and have responsibilities in a way you likely have never experienced before. This will naturally make the day-to-day things in life more difficult than you’re used to so developing ways to outsmart your forgetful brain will pay off.

3. You are a professional now. This is your career. You’re in it.

It’s easy to view your life as a trainee as a sort of advanced student or something in between a student and a “real doctor”. But that’s not true. View yourself as a professional building your career. Your intern year is just the first step of that career. You’re a real doctor as much as any other now.

4. One of the hardest things about being an intern or resident is dealing with feelings of isolation. It will take work to actively manage and overcome those feelings.

Imposter syndrome, feeling like you don’t know what you’re doing or that you don’t belong, feeling like you’re not the person you used to be, that you don’t have time to do all the “normal” things that other people do, thinking your co-residents or attendings think you’re dumb, feeling that you don’t have time for friends/family/hobbies, ruminating on “what if I screw this up and hurt a patient?”, or “this doesn’t matter -- the patient is going to XX or YY anyway” etc are all common feelings and they all share the same undercurrent of feeling isolated in one way or another. You need to actively work to find ways to confront and overcome these feelings or else they will control you. When they control you, you’re burned out.
It may not seem like it at first, but nearly every single tip below is geared towards avoiding feelings of isolation. Feeling like you’re not in control of your finances will make you feel isolated. Feeling like you’re losing a handle on your relationships will make you feel isolated. Feeling like you’re behind on your email and haven’t done all the little things in life you need to do will make you feel isolated. Read these tips through that lens.

What you can do before you start

1. Organize and update your contacts. Seriously.

Here are some ways it can help you maintain and grow your relationships.
  • Use the ‘Notes’ feature in your contacts for everyone important in your life and all the new people meet.
    • You will forget your friends’ kids names and ages. Every time you get a birth announcement or see a post on social media, go to your friend’s contact, edit the notes and put in the info. Then, when you reach out to your friends, ask about their kids...by name.
    • You will forget your friends’ boyfriend/girlfriend/wife/husband/partner’s name, especially if you’ve never met them or haven’t seen them for a long time. Put their name in your friends’ card with a note like “Started seeing Sam in June 2020, he/she’s a software engineer”. Someone you know gets married? Add their wedding date to their card.
    • You will forget how you knew people in your contacts. Met at a conference? Was a medical student on your heme onc service? Friend-of-a-friend you met at a wedding? Someone shares an interest you have? Make a note in their contact card. Tip: these notes are for you, not them. So if someone reminds you of an actor, or didn’t stop talking about bitcoin, make a note. It will help because you will forget.
  • Tag your contacts or add them to lists and use those tags/lists to your advantage.
    • Make lists or tags for your family, your medical school friends, your undergrad friends, your coresidents, your attendings, your medical students, the hospitals you’ll be working at, etc. Put those lists or tags to use like this:
      • You will forget to stay in touch with people important to you. Set reminders in your phone for every week / two weeks / month, etc to pull up a list (family, medical school friends, etc), pick someone on that list you haven’t chatted with in a while and text them and ask them how they’re doing. Aim to start a conversation, ask about what’s happening in their life. Texts are more personal and meaningful than liking a post on social media or sharing a meme. Initiating conversations with your friends and family will help you feel connected and will increase the likelihood they reach out to you.
      • Don’t label your medical students like “MS3 Laura” or “Sub-I Juan”, etc. Label them with their full name and treat them like the colleagues they are. Put them on a list, clear it out next year if you want, but don’t treat them as “MS3 XXX“ or “MS4 YYY”. I’m sure you remember feeling like a nameless/faceless medical student at times in school and I’m sure you didn’t love it. So don’t repeat that behavior. Add a note or two about them while you’re at it. Take enough interest in your medical students to treat them well. You never know when or how you’ll cross paths with them again.
      • If you rotate through different hospitals, you will forget which “ED” or “PACU” or “nursing station 3rd floor” numbers are which. Tag them or put them on a list. It’ll make finding them when you need them much easier.

2. Use a good note taking app and a good task manager app to help with both your in-hospital life and your outside-of-the-hospital life.

Here are some ways to use a notes app.
  • Make a note for each rotation you’re on. Add in any unstructured tips as they come up, like “Send all of Dr. X’s patients home with Y”, “Use the call room in the basement outside of the locker room, passcode 1234”, “Park in the X lot on the weekends”, “Dr. A likes to manage Z with Y”, “The case manager, NAME, usually sits at the computer behind the 2nd floor nurses station”, etc. Don't overthink them, just write them down when they come up. Review those notes the next time you rotate through because you will forget all those little things and they will help you in the future.
  • Create a master grocery list of all things you typically get at the grocery store. Share it with a roommate/partner so they can keep it updated too. That way if you ever stop to pick something up, you can review the list to make sure there’s nothing you’ll forget.
    • Make master lists for other things in your life too like “packing for a conference”, “packing for a family trip”, “Target/Wal-Mart household master list” so you can quickly review anytime something comes up so you minimize the chance of forgetting something
  • Make notes for all of the other stuff you have to manage in your life like your car, your apartment/house, your loans, etc and update them every time you work on that thing. Change your loan repayment? Add it to the note. Have to get your brakes fixed? Add to the note where you got it done, how much it cost, etc. Talk to your landlord about fixing the shower? Add it to the note. Have to call the medical board to sort something out with a license? Add it to the note.
  • I like two note apps on iOS: Bear for personal notes since it’s fast and has great tagging and Apple’s Notes app for shared notes
Pick a good task manager app and use it for all the things in your life that aren’t your day-to-day work
  • Cousin getting married and you can go to the wedding? Make tasks to ensure your time off, book your travel, buy a gift, rent a hotel room, etc. Then put all the relevant info into your note because...you will forget.
  • Pandemic is over and you get to present a poster at a conference? Make tasks to review your draft with your coauthors, print your poster, book your travel, submit your reimbursement, etc. Then put all the relevant info into a note. Otherwise, you’ll forget.
  • I like Things and have also liked OmniFocus. There is a ton of content on how to set one of these things up for productivity so review it and use it YouTube search

3. Take charge of your finances

When I was an intern, I figured all I had to do was pay my loans and not go into more debt. I wish I had done the following instead:
  1. Read these two books: The White Coat Investor and I Will Teach You To Be Rich. Both are very good and have different strengths. The WCI is directly applicable to you and will help educate you in ways medical school didn’t about your financial future. IWTYTBR is much more of a “millennial” book but it’s very good for explaining big concepts and for providing a system to set yourself up for success. They’re both easy and relatively quick reads and don’t require any financial background. WCI is fine as an e-book but IWTY has a bunch of dialog boxes that make the e-book a poor experience, get a physical new or used copy.
  2. Set up a budget. I use and swear by You Need A Budget. It’s the best money I spend every year. Their system is easy and straightforward and it doesn’t take long to get the hang of it. I can’t recommend it highly enough.

4. Update your CV now and keep it updated regularly

You will no doubt have to share your CV with someone at some point whether it’s for fellowship or a research project or any number of things. The time to work on it is not when someone says “can you share your CV?” -- that’s a recipe for omissions, typos and mistakes. The only thing you should be doing every time you share your CV is giving it a quick once-over to make sure you don’t spot any mistakes and to make sure it’s up to date
There are plenty of templates online and your training institution may even have a preferred format somewhere on their website. Your ERAS application will give you a good head start but most of your medical school CV lines will either be condensed or removed all together unless something was particularly notable. You can almost always find example CVs online from senior people in your department or institution with a quick web search -- use a few as a guide
Set a reminder / task to update your CV at regular intervals. Quarterly is good, yearly at least. Save new versions of it each time so you can refer to the old ones if you need to and name them in a way to let you know you’re always sharing the most recent version, e.g., LASTNAME_FIRST NAME_CV_2020-06. You will forget if the one marked “CV” only is the right one you want to share.

5. Subscribe to a couple of newsletters to stay up to date with the world outside of your hospital

  • For general news, your preferred newspaper probably has a daily email briefing. Otherwise, Axios AM/PM and Politico’s Playbook are both very good quick reads to stay up to date with current events.
    • Keep up with healthcare news so you know what’s going on in the healthcare system broadly
      • Axios Vitals is a great, quick daily healthcare news update
      • Politico’s Pulse and Morning eHealth are both very good and have quick facts at the beginning if you just want to skim
      • Rock Health’s Rock Weekly is a decent summary of each week in the healthcare startup and technology world
Pick a few of these and aim to get through them each day. If you can’t get through them, unsubscribe to the ones you think are least relevant to you so you never feel “behind” in staying up with the news. You can breeze through the few you pick in a few minutes here and there throughout the day -- don’t make it any harder than that to feel like you’re “up to date” on the news.

General tips for maintaining relationships

  • For any romantic relationship, do these things if you don’t already:
 1. Make a rule: no phones at the table. * Don’t put your phone on the table face-up. Don’t put your phone on the table face-down. Keep your phone off the table and set to silent. * Focus on the person in front of you and show them you care about them by paying attention to them. We all know what it feels like to be with someone more interested in their screen than in interacting with you. If you’re on call, say “sorry, I’m on call, I may have to check something here and there”, apologize if you do check it and then put your phone away. 2. Make another rule: no phones in bed * Same principle as at the table. Want to feel like two strangers just passing through life who just so happen to share the same bed? Wake up, reach for your phone and scroll through your feeds like a zombie before getting out of bed. Same idea before bed. Your phone can wait. 3. If you’re at the point where you share finances, set a regular meeting to review how you’re doing. * Ideally, this is a “red, yellow or green” meeting and should only take a few minutes. Money can be a big conflict issue for relationships and avoiding talking about money is a surefire way to eventually turn to conflict. If you have a budget and shared goals, this should be quick. * A monthly check-in is good. Create a recurring calendar event, attach the shared notes or spreadsheet document you use, add your goals for the meeting and honor the meeting when it comes around. 
  • Eat with people who are important to you, if you can.
    • There’s something about sharing a meal that’s special in human nature. Friends who are important to you? Partners? Mentors you’re looking to get to know better after you’ve had a few chats? Try to eat with them when you can. And keep your phone off the table.
    • The same idea works with your coresidents and teams in the hospital. Eat with them if you can. Eating with others builds, strengthens and maintains relationships. Keep your phone off the table if you can.
Think about it this way: who would you consider a better mentor, the person you’ve met with a few times in their office where they sit behind their desk and you in front of them while they glance at their computer screen every time it pings or the person who’s invited you to get coffee or food and they kept their phone away the whole time? Now turn that around and realize the power of the message you can send to people you care about by trying to eat with them and show them they have your full attention.

Hospital tips

1. Learn to think about tasks as a continuum from start to finish instead of as a binary 'done/not done'.

Let’s say you have to order a CT for a patient of yours.
  • Instead of marking the task as complete the second you place the order for the CT, recognize that the whole task is not just placing the order, but also knowing when your patient is going down to the scanner, when they’re back, when the CT is up in the system, when the report is up and also that you’ve looked at the CT yourself and have read the report.
  • When your senior or attending asks you, “Did patient X get their CT?”, a not-so-great answer is “Yes” or “No”. A better answer is “they’re down at the scanner now” or “the scan’s done but it hasn’t been read yet. Want to look at it?” or “Yes, it’s negative for XXX but did show YYY”.
Whatever system you eventually adopt for your day-to-day task management in the hospital, whether it’s a list or index cards or a printed signout sheet, make sure you’re tracking both when orders go in, when they’re complete, when they’re cancelled, etc. Just marking things as complete once you place the order isn’t enough.

2. Signout is taken, not given.

What I mean by this is that when you take signout, that means you’re accepting responsibility for those patients. They might be your patients, you might be cross-covering, it doesn’t matter. What matters is that when those patients are your responsibility, it’s your responsibility to get what you need to know to take care of them.
Is someone signing out to you in a hurry and not giving you what you need? Ask them for that relevant past medical history, those exam findings, and so on. It’s not enough for the person handing off to say “we’re worried about x or y”, you’ve got to follow that up with “in case of x or y, is there a plan for what the team wants me to do?”. Get the answers you need.
A lot of covering patients on call is playing defense whereas the primary team generally plays offense. But that doesn’t mean you can play defense in isolation. The last thing you want is for the primary team to feel surprised by your choices.
 * Here’s two ways for the above example to go when turning the patients you were covering back over the next day or whatever: 1. You: “For patient so-and-so, you said you were worried about x or y. Y happened.” Them: “What did you do?”. You: “Z”. Them: “Shit, my attending’s not gonna like that”. 2. You “Y happened so I did A like you said, it went fine and here’s the current status”. Them: “Great, thanks” * See the difference? 
  • Along the lines of taking responsibility for those patients, that means that if you couldn’t get the information you needed at signout then you have to go and see those patients and get the information you need yourself.
    • You’ll hear this idea said a bunch of different ways like “trust but verify”, “trust no one” and your comfort level will change over the year as you become more confident and comfortable. But always error on the side of going to see the patient and getting your own information at the start.

3. If you will be miserable without something when you’re in the hospital, bring it with you. You won’t reliably be able to find it at the hospital every time you need it.

  • Need coffee otherwise you turn into a demon? Bring it with you. You never know when you’ll get caught doing something and won’t be able to run to the cafeteria for your fix.
  • On call overnight and know you need food so you don’t go insane? Bring it with you. Here’s a hospital food rule: never rely on the hospital's ability to feed you. The hospital will let you down sooner or later, I guarantee it.
  • Know you always get cold on call? The day you forget your jacket/sweatshirt is the day you won’t be able to find a spare blanket in the hospital to save your life. Put a backup in your locker (if your hospital respects you enough to give you one).

Miscellaneous productivity, professionalism and lifestyle tips

1. Aim to “touch” everything only once

  • Example: your physical mail. You know, the stuff made of dead trees that accumulates in that box you check every once in a while. For every piece of mail you get, you should either trash it, file it, or act on it. Don’t touch it until you’re ready to do one of those things.
  • Example: your email. Either delete it, archive it, reply to it or do the thing it’s telling you to do right away. Don’t fall into the trap of using your inbox as a to-do list -- that’s a recipe to get burned. Use a task manager for your to-do list and aim to keep your inbox at zero. Realize that email’s true power is communication and use it as a communication tool and nothing else.
  • I’ll use the example of going to a wedding again as something to “touch once”. Aim to accomplish all the tasks at once or at least create tasks and reminders to complete those tasks all in one go. Respond to the RSVP, create the calendar invite with all the information from the invitation, share the calendar event with your date, book your travel, book your hotel, book your rental car, buy your gift from the registry and set a reminder to get your suit/dress cleaned a few weeks ahead, etc.

2. Lean to use your calendar as a tool

Professionals in the “real world” tend to live and die by their calendars. Some people, especially many senior people in medicine, don’t manage their own calendars. But you manage yours. With it you can:
  • Make sure all events—even small ones like dates or errands you want to run—have locations so all you have to do is click the location for directions
  • Send invites to friends / family / coworkers for anything you talk about doing that has the relevant info
  • Make reminders for yourself to prepare for upcoming events, i.e.., don’t count on seeing your parents’/spouses’/whomever’s birthday “coming up” to remind you to get a gift or send a card. Create an event two weeks before their birthday that says “Buy Mom a birthday card”, set it to repeat yearly and buy a card when it comes up, send it a few days later and don’t worry that it won’t get there in time.

3. Learn to use email well

Ever get an email from someone and feel their tone was terse, condescending or rude? Don’t be that person. Error on the side being polite and professional and writing in complete sentences without textspeak. It’s not hard — you type fast, even with your thumbs, I’m sure of it.
  • Learn to communicate effectively. Keep it short but not terse. State why you’re writing to someone, be clear if you’re asking a question, and think about it this way: “How am I making it as easy as possible for this person to understand why I’m emailing them and do what I’m asking them to do?
  • Don’t use a canned salutation like “Best, NAME” or even worse: “Best, INITIALS”. Use your salutation to continue to communicate your message and remember that politeness and professionalism extend through your signature.
    • I don’t know why “Best,” is so common in medicine but it’s meaningless, unthoughtful, inherently passive aggressive and I seriously read it as if the person writing it were signing off by saying “Go f*ck yourself,”. Same thing for “Regards,” and its ilk, any abbreviation like “vr,” or any form of cutesy quote.
    • Write your salutation fresh each time. Did you ask someone for something? Say “Thank you for your help”. Are you writing someone senior to you and want to sound somewhat formal? “Sincerely,” never goes out of style. Are you sharing information and essentially writing a memo? Use “Please let me know if you have any questions”. Your salutation is communication, treat it that way.
    • Sign with your name, not your initials. Signing with initials is a common way senior people will try to remind you they’re senior to you. If you do it, it’s like you’re trying to prove you’re a Cool Guy Big Shot too. It never comes across well -- even for those senior people. Initials are terse. Lowercase initials are even terser. Although they may look different at first glance, all initial signatures functionally come across as ‘FU’. Write your name.
      • If it’s a few rounds back and forth of email, it’s normal drop salutations and signatures and treat email more like texting. Keep using complete sentences without textspeak, though. I promise you’ll come across better that way.
    • Use the ‘signature’ feature of your email client to share your professional details and contact information
      • Your institution (not department) will hopefully have a format for this that’s standardized and includes minimal or no graphics. If it doesn't, then I feel sorry for all the inevitable IT headaches you will eventually endure at your institution since they clearly underfund and undervalue contemporary IT and professional services. It’s the wild west out there so find some good examples of clean, professional signature formats and make one for yourself.
      • Note: this signature lives below your salutation and sign off. It’s essentially the letterhead for your email that lets your recipient fill in the details you may not otherwise provide like your department, mailing address or fax number. It’s not a replacement for signing off of your communication professionally.
    • Never use bold, italics, underlines or different font sizes in your emails. They only make emails harder to read and jumble your message.
  • If you want to highlight something, put it in a numbered or bulleted list.
    • If you can’t communicate what you want with 2-3 bulleted points, then email is not the right medium to use. Do you like reading long emails? Of course you don’t. Write a memo, attach it as a PDF or shared doc and use the email to tell your recipients to review the attachment.
  • You will eventually, in some way or another, ask someone to introduce you to one of their contacts and or refer you for something. Learn how to write a good forwardable email that utilizes the double opt-in concept and how to make it easy on the person doing you the favor. Read more here, here and here.
    • While you’re at it, understand the power of using CC and BCC to communicate effectively.
  • Aim to answer all emails written directly to you within 24 hours.
    • If you can’t respond fully right away, respond briefly saying you got the note and that you’ll work on it and get back to them. Set a reminder or create a task to do or review the thing and get back to them once you’ve done it.
    • Do you hate being left on read in text? You do it in email every time you don’t respond to someone in a timely fashion. It’s better to share a quick, “I got it and I’m working on it message” then not replying until days or weeks later.

4. Don’t let someone else’s negative energy and/or anxiety transfer to you

You will frequently experience things like this in the hospital:
  • A co-resident disagrees with a management decision made at rounds and mentions that so-and-so is an idiot. So-and-so probably isn’t an idiot. Your co-resident probably isn’t an idiot either. Form your own opinions from your own experiences.
  • A nurse pages you with a tone that says “THIS IS REALLY BAD”. It might be, go and see. And on your way, stay calm and go over the steps in your head of what you’d do if it is, in fact, REALLY BAD. But don’t freak yourself out before you even get to the room. You won’t be able to make decisions with a clear head if you’re already worked up.
  • You’re a surgery intern and all your patients are normally on the med-surg floor. Every once in a while, one goes somewhere like heme-onc if the med-surg floor is full. Someone on your team says something like “great, now they’re going to screw up our patient”. Recognize that that floor isn’t full of terrible nurses and may just have less experiences with lines and drains and that the best thing you can do is go down there, talk to the nurse and say “here’s what we want to be called about” and “this thing may look bad but it usually isn’t and we don’t need to be called, here’s why”, and so on. Doing things like this will mean you get fewer calls. Fewer calls are good.
  • Your attending is having a bad day and you’re not enjoying your interactions with them. Don’t let that make you have a bad day too. Medicine is hard enough as it is, stick to your own bad days instead adopting other people’s. Then pull up your friend list, text a buddy and feel better.

5. Don’t neglect your physical health. Trying to eat well and stay active are even more important when you’re insanely busy.

The #1 thing you can do to help your waistline is cook your own food and pack your own meals. It doesn’t matter what you cook or how good of a cook you are, as long as you’re aiming to pack meals that an adult would eat, it will be healthier than takeout and cafeteria food. It’s better for portion control, you control all the ingredients and you get a sense of satisfaction for being on the ball. It’s better in every way.
I know it’s not realistic to always prep and pack your own food on the busiest of services but you should try to hit at least a percentage like 25% or 50% of your meals. There are no lost causes in your own health.
It will be hard to exercise and work out. You should still try to do it anyway. You will go long stretches without exercising at times. Don’t beat yourself up about it. Every day is a chance to do the thing you want to do so get back out there.

6. If your social profiles are private, consider doing some housekeeping and making them public.

Instead of thinking about them as a liability to be that needs to be hidden, think about them as a narrative you can control.
Nothing is private on the internet. Even your private profile. You never know who knows someone you know or what may get screenshotted and shared down the line.
It’s natural to run a web search on anyone you’re meeting for a date, interviewing with for a job, or researching in general. When you search your own name, what comes up? What do you think when you’re searching for someone and they have a private page? Do you ever click on a few links to see professional stuff from LinkedIn, and then some social pages to see what else you learn? So does everyone else.
Use your social pages to put forward a version of you that shows who you are, shows some interests true to yourself, makes you seem like a totally normal and reliable person (which is exactly what any potential date, partner, fellowship director or hiring manager is asking themselves about you) and doesn’t share enough information to let a patient show up at your door.
Medicine lags behind other industries with people still commonly hiding behind private pages. In the tech world, it’s more strange to not have a public page. A private page says more about you that you might want to hide red flags whereas a public page says “go ahead and look, you won’t find any red flags”. One is much more powerful than the other.

Closing and something to read

When you view your professional life, it’s natural to view your professional relationships as being a binary one between patient and physician. That’s certainly essential and certainly important, but as a professional you now have relationships to consider with so many more types of people: co-residents, faculty in your department, faculty in other departments, administrators, support staff, medical students, and so on.
Just as you had to learn how to work with patients, you will have to learn to work with all of the other people in your professional life. Truly effective professionals will treat all interactions importantly and give thought and consideration to each one. All these interactions and relationships will all affect your day-to-day experience, your well-being and, ultimately, your professional experience.
You will find yourself being not just responsible for your patients, but also for yourself, your career and your relationships. It takes effort to succeed in all of those areas. And even with effort, sometimes you’ll be winning in an area and losing in others. And in a few months it will be different -- that’s just life.
I want you to consider looking outside of books and resources written specifically for physicians when you’re trying to tackle these issues inside the hospital and out.
Medicine is a much-smaller-than-you-realize bubble with a long history of personality-driven examples of “that’s just the way we do it” or “that’s how we’ve always done it”. There are good books about medicine out there, to be sure, but you’ll benefit more professionally by learning from the wide world outside of hospitals since there are quite simply many more successful and accomplished people who’ve written great resources for all aspects of professional life that medicine tends to ignore.
I’d recommend you start with this book: Andy Grove’s High Output Management (a review by another Valley titan here). Andy escaped communist Hungary, taught himself English and rose to be CEO of Intel and went on to be a sage of Silicon Valley before he passed. This book is a how-to guide for how to be an effective professional in an organization (hint: you're now a professional in an organization) and if you’ve enjoyed this post at all, you’ll love this book. You may think that this book applies to ‘managers’ and ‘business’ and not medicine but you couldn’t be more wrong. Although it was probably written around the time you were born, nearly everything in this book is a lesson that directly applies to your professional life in medicine and when you start seeing it, you’ll feel like you’re in The Matrix.
Congratulations! You've worked hard to get here. Be proud of yourself, your degree, your long white coat and be the best doctor you can be.
submitted by kiteandkey to Residency [link] [comments]

FlowCards: A Declarative Framework for Development of Ergo dApps

FlowCards: A Declarative Framework for Development of Ergo dApps
Introduction
ErgoScript is the smart contract language used by the Ergo blockchain. While it has concise syntax adopted from Scala/Kotlin, it still may seem confusing at first because conceptually ErgoScript is quite different compared to conventional languages which we all know and love. This is because Ergo is a UTXO based blockchain, whereas smart contracts are traditionally associated with account based systems like Ethereum. However, Ergo's transaction model has many advantages over the account based model and with the right approach it can even be significantly easier to develop Ergo contracts than to write and debug Solidity code.
Below we will cover the key aspects of the Ergo contract model which makes it different:
Paradigm
The account model of Ethereum is imperative. This means that the typical task of sending coins from Alice to Bob requires changing the balances in storage as a series of operations. Ergo's UTXO based programming model on the other hand is declarative. ErgoScript contracts specify conditions for a transaction to be accepted by the blockchain (not changes to be made in the storage state as result of the contract execution).
Scalability
In the account model of Ethereum both storage changes and validity checks are performed on-chain during code execution. In contrast, Ergo transactions are created off-chain and only validation checks are performed on-chain thus reducing the amount of operations performed by every node on the network. In addition, due to immutability of the transaction graph, various optimization strategies are possible to improve throughput of transactions per second in the network. Light verifying nodes are also possible thus further facilitating scalability and accessibility of the network.
Shared state
The account-based model is reliant on shared mutable state which is known to lead to complex semantics (and subtle million dollar bugs) in the context of concurrent/ distributed computation. Ergo's model is based on an immutable graph of transactions. This approach, inherited from Bitcoin, plays well with the concurrent and distributed nature of blockchains and facilitates light trustless clients.
Expressive Power
Ethereum advocated execution of a turing-complete language on the blockchain. It theoretically promised unlimited potential, however in practice severe limitations came to light from excessive blockchain bloat, subtle multi-million dollar bugs, gas costs which limit contract complexity, and other such problems. Ergo on the flip side extends UTXO to enable turing-completeness while limiting the complexity of the ErgoScript language itself. The same expressive power is achieved in a different and more semantically sound way.
With the all of the above points, it should be clear that there are a lot of benefits to the model Ergo is using. In the rest of this article I will introduce you to the concept of FlowCards - a dApp developer component which allows for designing complex Ergo contracts in a declarative and visual way.
From Imperative to Declarative
In the imperative programming model of Ethereum a transaction is a sequence of operations executed by the Ethereum VM. The following Solidity function implements a transfer of tokens from sender to receiver . The transaction starts when sender calls this function on an instance of a contract and ends when the function returns.
// Sends an amount of existing coins from any caller to an address function send(address receiver, uint amount) public { require(amount <= balances[msg.sender], "Insufficient balance."); balances[msg.sender] -= amount; balances[receiver] += amount; emit Sent(msg.sender, receiver, amount); } 
The function first checks the pre-conditions, then updates the storage (i.e. balances) and finally publishes the post-condition as the Sent event. The gas which is consumed by the transaction is sent to the miner as a reward for executing this transaction.
Unlike Ethereum, a transaction in Ergo is a data structure holding a list of input coins which it spends and a list of output coins which it creates preserving the total balances of ERGs and tokens (in which Ergo is similar to Bitcoin).
Turning back to the example above, since Ergo natively supports tokens, therefore for this specific example of sending tokens we don't need to write any code in ErgoScript. Instead we need to create the ‘send’ transaction shown in the following figure, which describes the same token transfer but declaratively.
https://preview.redd.it/id5kjdgn9tv41.png?width=1348&format=png&auto=webp&s=31b937d7ad0af4afe94f4d023e8c90c97c8aed2e
The picture visually describes the following steps, which the network user needs to perform:
  1. Select unspent sender's boxes, containing in total tB >= amount of tokens and B >= txFee + minErg ERGs.
  2. Create an output target box which is protected by the receiver public key with minErg ERGs and amount of T tokens.
  3. Create one fee output protected by the minerFee contract with txFee ERGs.
  4. Create one change output protected by the sender public key, containing B - minErg - txFee ERGs and tB - amount of T tokens.
  5. Create a new transaction, sign it using the sender's secret key and send to the Ergo network.
What is important to understand here is that all of these steps are preformed off-chain (for example using Appkit Transaction API) by the user's application. Ergo network nodes don't need to repeat this transaction creation process, they only need to validate the already formed transaction. ErgoScript contracts are stored in the inputs of the transaction and check spending conditions. The node executes the contracts on-chain when the transaction is validated. The transaction is valid if all of the conditions are satisfied.
Thus, in Ethereum when we “send amount from sender to recipient” we are literally editing balances and updating the storage with a concrete set of commands. This happens on-chain and thus a new transaction is also created on-chain as the result of this process.
In Ergo (as in Bitcoin) transactions are created off-chain and the network nodes only verify them. The effects of the transaction on the blockchain state is that input coins (or Boxes in Ergo's parlance) are removed and output boxes are added to the UTXO set.
In the example above we don't use an ErgoScript contract but instead assume a signature check is used as the spending pre-condition. However in more complex application scenarios we of course need to use ErgoScript which is what we are going to discuss next.
From Changing State to Checking Context
In the send function example we first checked the pre-condition (require(amount <= balances[msg.sender],...) ) and then changed the state (i.e. update balances balances[msg.sender] -= amount ). This is typical in Ethereum transactions. Before we change anything we need to check if it is valid to do so.
In Ergo, as we discussed previously, the state (i.e. UTXO set of boxes) is changed implicitly when a valid transaction is included in a block. Thus we only need to check the pre-conditions before the transaction can be added to the block. This is what ErgoScript contracts do.
It is not possible to “change the state” in ErgoScript because it is a language to check pre-conditions for spending coins. ErgoScript is a purely functional language without side effects that operates on immutable data values. This means all the inputs, outputs and other transaction parameters available in a script are immutable. This, among other things, makes ErgoScript a very simple language that is easy to learn and safe to use. Similar to Bitcoin, each input box contains a script, which should return the true value in order to 1) allow spending of the box (i.e. removing from the UTXO set) and 2) adding the transaction to the block.
If we are being pedantic, it is therefore incorrect (strictly speaking) to think of ErgoScript as the language of Ergo contracts, because it is the language of propositions (logical predicates, formulas, etc.) which protect boxes from “illegal” spending. Unlike Bitcoin, in Ergo the whole transaction and a part of the current blockchain context is available to every script. Therefore each script may check which outputs are created by the transaction, their ERG and token amounts (we will use this capability in our example DEX contracts), current block number etc.
In ErgoScript you define the conditions of whether changes (i.e. coin spending) are allowed to happen in a given context. This is in contrast to programming the changes imperatively in the code of a contract.
While Ergo's transaction model unlocks a whole range of applications like (DEX, DeFi Apps, LETS, etc), designing contracts as pre-conditions for coin spending (or guarding scripts) directly is not intuitive. In the next sections we will consider a useful graphical notation to design contracts declaratively using FlowCard Diagrams, which is a visual representation of executable components (FlowCards).
FlowCards aim to radically simplify dApp development on the Ergo platform by providing a high-level declarative language, execution runtime, storage format and a graphical notation.
We will start with a high level of diagrams and go down to FlowCard specification.
FlowCard Diagrams
The idea behind FlowCard diagrams is based on the following observations: 1) An Ergo box is immutable and can only be spent in the transaction which uses it as an input. 2) We therefore can draw a flow of boxes through transactions, so that boxes flowing in to the transaction are spent and those flowing out are created and added to the UTXO. 3) A transaction from this perspective is simply a transformer of old boxes to the new ones preserving the balances of ERGs and tokens involved.
The following figure shows the main elements of the Ergo transaction we've already seen previously (now under the name of FlowCard Diagram).
https://preview.redd.it/9kcxl11o9tv41.png?width=1304&format=png&auto=webp&s=378a7f50769292ca94de35ff597dc1a44af56d14
There is a strictly defined meaning (semantics) behind every element of the diagram, so that the diagram is a visual representation (or a view) of the underlying executable component (called FlowCard).
The FlowCard can be used as a reusable component of an Ergo dApp to create and initiate the transaction on the Ergo blockchain. We will discuss this in the coming sections.
Now let's look at the individual pieces of the FlowCard diagram one by one.
  1. Name and Parameters
Each flow card is given a name and a list of typed parameters. This is similar to a template with parameters. In the above figure we can see the Send flow card which has five parameters. The parameters are used in the specification.
  1. Contract Wallet
This is a key element of the flow card. Every box has a guarding script. Often it is the script that checks a signature against a public key. This script is trivial in ErgoScript and is defined like the def pk(pubkey: Address) = { pubkey } template where pubkey is a parameter of the type Address . In the figure, the script template is applied to the parameter pk(sender) and thus a concrete wallet contract is obtained. Therefore pk(sender) and pk(receiver) yield different scripts and represent different wallets on the diagram, even though they use the same template.
Contract Wallet contains a set of all UTXO boxes which have a given script derived from the given script template using flow card parameters. For example, in the figure, the template is pk and parameter pubkey is substituted with the `sender’ flow card parameter.
  1. Contract
Even though a contract is a property of a box, on the diagram we group the boxes by their contracts, therefore it looks like the boxes belong to the contracts, rather than the contracts belong to the boxes. In the example, we have three instantiated contracts pk(sender) , pk(receiver) and minerFee . Note, that pk(sender) is the instantiation of the pk template with the concrete parameter sender and minerFee is the instantiation of the pre-defined contract which protects the miner reward boxes.
  1. Box name
In the diagram we can give each box a name. Besides readability of the diagram, we also use the name as a synonym of a more complex indexed access to the box in the contract. For example, change is the name of the box, which can also be used in the ErgoScript conditions instead of OUTPUTS(2) . We also use box names to associate spending conditions with the boxes.
  1. Boxes in the wallet
In the diagram, we show boxes (darker rectangles) as belonging to the contract wallets (lighter rectangles). Each such box rectangle is connected with a grey transaction rectangle by either orange or green arrows or both. An output box (with an incoming green arrow) may include many lines of text where each line specifies a condition which should be checked as part of the transaction. The first line specifies the condition on the amount of ERG which should be placed in the box. Other lines may take one of the following forms:
  1. amount: TOKEN - the box should contain the given amount of the given TOKEN
  2. R == value - the box should contain the given value of the given register R
  3. boxName ? condition - the box named boxName should check condition in its script.
We discuss these conditions in the sections below.
  1. Amount of ERGs in the box
Each box should store a minimum amount of ERGs. This is checked when the creating transaction is validated. In the diagram the amount of ERGs is always shown as the first line (e.g. B: ERG or B - minErg - txFee ). The value type ascription B: ERG is optional and may be used for readability. When the value is given as a formula, then this formula should be respected by the transaction which creates the box.
It is important to understand that variables like amount and txFee are not named properties of the boxes. They are parameters of the whole diagram and representing some amounts. Or put it another way, they are shared parameters between transactions (e.g. Sell Order and Swap transactions from DEX example below share the tAmt parameter). So the same name is tied to the same value throughout the diagram (this is where the tooling would help a lot). However, when it comes to on-chain validation of those values, only explicit conditions which are marked with ? are transformed to ErgoScript. At the same time, all other conditions are ensured off-chain during transaction building (for example in an application using Appkit API) and transaction validation when it is added to the blockchain.
  1. Amount of T token
A box can store values of many tokens. The tokens on the diagram are named and a value variable may be associated with the token T using value: T expression. The value may be given by formula. If the formula is prefixed with a box name like boxName ? formula , then it is should also be checked in the guarding script of the boxName box. This additional specification is very convenient because 1) it allows to validate the visual design automatically, and 2) the conditions specified in the boxes of a diagram are enough to synthesize the necessary guarding scripts. (more about this below at “From Diagrams To ErgoScript Contracts”)
  1. Tx Inputs
Inputs are connected to the corresponding transaction by orange arrows. An input arrow may have a label of the following forms:
  1. [email protected] - optional name with an index i.e. [email protected] or u/2 . This is a property of the target endpoint of the arrow. The name is used in conditions of related boxes and the index is the position of the corresponding box in the INPUTS collection of the transaction.
  2. !action - is a property of the source of the arrow and gives a name for an alternative spending path of the box (we will see this in DEX example)
Because of alternative spending paths, a box may have many outgoing orange arrows, in which case they should be labeled with different actions.
  1. Transaction
A transaction spends input boxes and creates output boxes. The input boxes are given by the orange arrows and the labels are expected to put inputs at the right indexes in INPUTS collection. The output boxes are given by the green arrows. Each transaction should preserve a strict balance of ERG values (sum of inputs == sum of outputs) and for each token the sum of inputs >= the sum of outputs. The design diagram requires an explicit specification of the ERG and token values for all of the output boxes to avoid implicit errors and ensure better readability.
  1. Tx Outputs
Outputs are connected to the corresponding transaction by green arrows. An output arrow may have a label of the following [email protected] , where an optional name is accompanied with an index i.e. [email protected] or u/2 . This is a property of the source endpoint of the arrow. The name is used in conditions of the related boxes and the index is the position of the corresponding box in the OUTPUTS collection of the transaction.
Example: Decentralized Exchange (DEX)
Now let's use the above described notation to design a FlowCard for a DEX dApp. It is simple enough yet also illustrates all of the key features of FlowCard diagrams which we've introduced in the previous section.
The dApp scenario is shown in the figure below: There are three participants (buyer, seller and DEX) of the DEX dApp and five different transaction types, which are created by participants. The buyer wants to swap ergAmt of ERGs for tAmt of TID tokens (or vice versa, the seller wants to sell TID tokens for ERGs, who sends the order first doesn't matter). Both the buyer and the seller can cancel their orders any time. The DEX off-chain matching service can find matching orders and create the Swap transaction to complete the exchange.
The following diagram fully (and formally) specifies all of the five transactions that must be created off-chain by the DEX dApp. It also specifies all of the spending conditions that should be verified on-chain.

https://preview.redd.it/fnt5f4qp9tv41.png?width=1614&format=png&auto=webp&s=34f145f9a6d622454906857e645def2faba057bd
Let's discuss the FlowCard diagram and the logic of each transaction in details:
Buy Order Transaction
A buyer creates a Buy Order transaction. The transaction spends E amount of ERGs (which we will write E: ERG ) from one or more boxes in the pk(buyer) wallet. The transaction creates a bid box with ergAmt: ERG protected by the buyOrder script. The buyOrder script is synthesized from the specification (see below at “From Diagrams To ErgoScript Contracts”) either manually or automatically by a tool. Even though we don't need to define the buyOrder script explicitly during designing, at run time the bid box should contain the buyOrder script as the guarding proposition (which checks the box spending conditions), otherwise the conditions specified in the diagram will not be checked.
The change box is created to make the input and output sums of the transaction balanced. The transaction fee box is omitted because it can be added automatically by the tools. In practice, however, the designer can add the fee box explicitly to the a diagram. It covers the cases of more complex transactions (like Swap) where there are many ways to pay the transaction fee.
Cancel Buy, Cancel Sell Transactions
At any time, the buyer can cancel the order by sending CancelBuy transaction. The transaction should satisfy the guarding buyOrder contract which protects the bid box. As you can see on the diagram, both the Cancel and the Swap transactions can spend the bid box. When a box has spending alternatives (or spending paths) then each alternative is identified by a unique name prefixed with ! (!cancel and !swap for the bid box). Each alternative path has specific spending conditions. In our example, when the Cancel Buy transaction spends the bid box the ?buyer condition should be satisfied, which we read as “the signature for the buyer address should be presented in the transaction”. Therefore, only buyer can cancel the buy order. This “signature” condition is only required for the !cancel alternative spending path and not required for !swap .
Sell Order Transaction
The Sell Order transaction is similar to the BuyOrder in that it deals with tokens in addition to ERGs. The transaction spends E: ERG and T: TID tokens from seller's wallet (specified as pk(seller) contract). The two outputs are ask and change . The change is a standard box to balance transaction. The ask box keeps tAmt: TID tokens for the exchange and minErg: ERG - the minimum amount of ERGs required in every box.
Swap Transaction
This is a key transaction in the DEX dApp scenario. The transaction has several spending conditions on the input boxes and those conditions are included in the buyOrder and sellOrder scripts (which are verified when the transaction is added to the blockchain). However, on the diagram those conditions are not specified in the bid and ask boxes, they are instead defined in the output boxes of the transaction.
This is a convention for improved usability because most of the conditions relate to the properties of the output boxes. We could specify those properties in the bid box, but then we would have to use more complex expressions.
Let's consider the output created by the arrow labeled with [email protected] . This label tells us that the output is at the index 0 in the OUTPUTS collection of the transaction and that in the diagram we can refer to this box by the buyerOut name. Thus we can label both the box itself and the arrow to give the box a name.
The conditions shown in the buyerOut box have the form bid ? condition , which means they should be verified on-chain in order to spend the bid box. The conditions have the following meaning:
  • tAmt: TID requires the box to have tAmt amount of TID token
  • R4 == bid.id requires R4 register in the box to be equal to id of the bid box.
  • script == buyer requires the buyerOut box to have the script of the wallet where it is located on the diagram, i.e. pk(buyer)
Similar properties are added to the sellerOut box, which is specified to be at index 1 and the name is given to it using the label on the box itself, rather than on the arrow.
The Swap transaction spends two boxes bid and ask using the !swap spending path on both, however unlike !cancel the conditions on the path are not specified. This is where the bid ? and ask ? prefixes come into play. They are used so that the conditions listed in the buyerOut and sellerOut boxes are moved to the !swap spending path of the bid and ask boxes correspondingly.
If you look at the conditions of the output boxes, you will see that they exactly specify the swap of values between seller's and buyer's wallets. The buyer gets the necessary amount of TID token and seller gets the corresponding amount of ERGs. The Swap transaction is created when there are two matching boxes with buyOrder and sellOrder contracts.
From Diagrams To ErgoScript Contracts
What is interesting about FlowCard specifications is that we can use them to automatically generate the necessary ErgoTree scripts. With the appropriate tooling support this can be done automatically, but with the lack of thereof, it can be done manually. Thus, the FlowCard allows us to capture and visually represent all of the design choices and semantic details of an Ergo dApp.
What we are going to do next is to mechanically create the buyOrder contract from the information given in the DEX flow card.
Recall that each script is a proposition (boolean valued expression) which should evaluate to true to allow spending of the box. When we have many conditions to be met at the same time we can combine them in a logical formula using the AND binary operation, and if we have alternatives (not necessarily exclusive) we can put them into the OR operation.
The buyOrder box has the alternative spending paths !cancel and !swap . Thus the ErgoScript code should have OR operation with two arguments - one for each spending path.
/** buyOrder contract */ { val cancelCondition = {} val swapCondition = {} cancelCondition || swapCondition } 
The formula for the cancelCondition expression is given in the !cancel spending path of the buyOrder box. We can directly include it in the script.
/** buyOrder contract */ { val cancelCondition = { buyer } val swapCondition = {} cancelCondition || swapCondition } 
For the !swap spending path of the buyOrder box the conditions are specified in the buyerOut output box of the Swap transaction. If we simply include them in the swapCondition then we get a syntactically incorrect script.
/** buyOrder contract */ { val cancelCondition = { buyer } val swapCondition = { tAmt: TID && R4 == bid.id && @contract } cancelCondition || swapCondition } 
We can however translate the conditions from the diagram syntax to ErgoScript expressions using the following simple rules
  1. [email protected] ==> val buyerOut = OUTPUTS(0)
  2. tAmt: TID ==> tid._2 == tAmt where tid = buyerOut.tokens(TID)
  3. R4 == bid.id ==> R4 == SELF.id where R4 = buyerOut.R4[Coll[Byte]].get
  4. script == buyer ==> buyerOut.propositionBytes == buyer.propBytes
Note, in the diagram TID represents a token id, but ErgoScript doesn't have access to the tokens by the ids so we cannot write tokens.getByKey(TID) . For this reason, when the diagram is translated into ErgoScript, TID becomes a named constant of the index in tokens collection of the box. The concrete value of the constant is assigned when the BuyOrder transaction with the buyOrder box is created. The correspondence and consistency between the actual tokenId, the TID constant and the actual tokens of the buyerOut box is ensured by the off-chain application code, which is completely possible since all of the transactions are created by the application using FlowCard as a guiding specification. This may sound too complicated, but this is part of the translation from diagram specification to actual executable application code, most of which can be automated.
After the transformation we can obtain a correct script which checks all the required preconditions for spending the buyOrder box.
/** buyOrder contract */ def DEX(buyer: Addrss, seller: Address, TID: Int, ergAmt: Long, tAmt: Long) { val cancelCondition: SigmaProp = { buyer } // verify buyer's sig (ProveDlog) val swapCondition = OUTPUTS.size > 0 && { // securing OUTPUTS access val buyerOut = OUTPUTS(0) // from [email protected] buyerOut.tokens.size > TID && { // securing tokens access val tid = buyerOut.tokens(TID) val regR4 = buyerOut.R4[Coll[Byte]] regR4.isDefined && { // securing R4 access val R4 = regR4.get tid._2 == tAmt && // from tAmt: TID R4 == SELF.id && // from R4 == bid.id buyerOut.propositionBytes == buyer.propBytes // from script == buyer } } } cancelCondition || swapCondition } 
A similar script for the sellOrder box can be obtained using the same translation rules. With the help of the tooling the code of contracts can be mechanically generated from the diagram specification.
Conclusions
Declarative programming models have already won the battle against imperative programming in many application domains like Big Data, Stream Processing, Deep Learning, Databases, etc. Ergo is pioneering the declarative model of dApp development as a better and safer alternative to the now popular imperative model of smart contracts.
The concept of FlowCard shifts the focus from writing ErgoScript contracts to the overall flow of values (hence the name), in such a way, that ErgoScript can always be generated from them. You will never need to look at the ErgoScript code once the tooling is in place.
Here are the possible next steps for future work:
  1. Storage format for FlowCard Spec and the corresponding EIP standardized file format (Json/XML/Protobuf). This will allow various tools (Diagram Editor, Runtime, dApps etc) to create and use *.flowcard files.
  2. FlowCard Viewer, which can generate the diagrams from *.flowcard files.
  3. FlowCard Runtime, which can run *.flowcard files, create and send transactions to Ergo network.
  4. FlowCard Designer Tool, which can simplify development of complex diagrams . This will make designing and validation of Ergo contracts a pleasant experience, more like drawing rather than coding. In addition, the correctness of the whole dApp scenario can be verified and controlled by the tooling.
submitted by Guilty_Pea to CryptoCurrencies [link] [comments]

FlowCards: A Declarative Framework for Development of Ergo dApps

FlowCards: A Declarative Framework for Development of Ergo dApps
Introduction
ErgoScript is the smart contract language used by the Ergo blockchain. While it has concise syntax adopted from Scala/Kotlin, it still may seem confusing at first because conceptually ErgoScript is quite different compared to conventional languages which we all know and love. This is because Ergo is a UTXO based blockchain, whereas smart contracts are traditionally associated with account based systems like Ethereum. However, Ergo's transaction model has many advantages over the account based model and with the right approach it can even be significantly easier to develop Ergo contracts than to write and debug Solidity code.
Below we will cover the key aspects of the Ergo contract model which makes it different:
Paradigm
The account model of Ethereum is imperative. This means that the typical task of sending coins from Alice to Bob requires changing the balances in storage as a series of operations. Ergo's UTXO based programming model on the other hand is declarative. ErgoScript contracts specify conditions for a transaction to be accepted by the blockchain (not changes to be made in the storage state as result of the contract execution).
Scalability
In the account model of Ethereum both storage changes and validity checks are performed on-chain during code execution. In contrast, Ergo transactions are created off-chain and only validation checks are performed on-chain thus reducing the amount of operations performed by every node on the network. In addition, due to immutability of the transaction graph, various optimization strategies are possible to improve throughput of transactions per second in the network. Light verifying nodes are also possible thus further facilitating scalability and accessibility of the network.
Shared state
The account-based model is reliant on shared mutable state which is known to lead to complex semantics (and subtle million dollar bugs) in the context of concurrent/ distributed computation. Ergo's model is based on an immutable graph of transactions. This approach, inherited from Bitcoin, plays well with the concurrent and distributed nature of blockchains and facilitates light trustless clients.
Expressive Power
Ethereum advocated execution of a turing-complete language on the blockchain. It theoretically promised unlimited potential, however in practice severe limitations came to light from excessive blockchain bloat, subtle multi-million dollar bugs, gas costs which limit contract complexity, and other such problems. Ergo on the flip side extends UTXO to enable turing-completeness while limiting the complexity of the ErgoScript language itself. The same expressive power is achieved in a different and more semantically sound way.
With the all of the above points, it should be clear that there are a lot of benefits to the model Ergo is using. In the rest of this article I will introduce you to the concept of FlowCards - a dApp developer component which allows for designing complex Ergo contracts in a declarative and visual way.

From Imperative to Declarative

In the imperative programming model of Ethereum a transaction is a sequence of operations executed by the Ethereum VM. The following Solidity function implements a transfer of tokens from sender to receiver . The transaction starts when sender calls this function on an instance of a contract and ends when the function returns.
// Sends an amount of existing coins from any caller to an address function send(address receiver, uint amount) public { require(amount <= balances[msg.sender], "Insufficient balance."); balances[msg.sender] -= amount; balances[receiver] += amount; emit Sent(msg.sender, receiver, amount); } 
The function first checks the pre-conditions, then updates the storage (i.e. balances) and finally publishes the post-condition as the Sent event. The gas which is consumed by the transaction is sent to the miner as a reward for executing this transaction.
Unlike Ethereum, a transaction in Ergo is a data structure holding a list of input coins which it spends and a list of output coins which it creates preserving the total balances of ERGs and tokens (in which Ergo is similar to Bitcoin).
Turning back to the example above, since Ergo natively supports tokens, therefore for this specific example of sending tokens we don't need to write any code in ErgoScript. Instead we need to create the ‘send’ transaction shown in the following figure, which describes the same token transfer but declaratively.
https://preview.redd.it/sxs3kesvrsv41.png?width=1348&format=png&auto=webp&s=582382bc26912ff79114d831d937d94b6988e69f
The picture visually describes the following steps, which the network user needs to perform:
  1. Select unspent sender's boxes, containing in total tB >= amount of tokens and B >= txFee + minErg ERGs.
  2. Create an output target box which is protected by the receiver public key with minErg ERGs and amount of T tokens.
  3. Create one fee output protected by the minerFee contract with txFee ERGs.
  4. Create one change output protected by the sender public key, containing B - minErg - txFee ERGs and tB - amount of T tokens.
  5. Create a new transaction, sign it using the sender's secret key and send to the Ergo network.
What is important to understand here is that all of these steps are preformed off-chain (for example using Appkit Transaction API) by the user's application. Ergo network nodes don't need to repeat this transaction creation process, they only need to validate the already formed transaction. ErgoScript contracts are stored in the inputs of the transaction and check spending conditions. The node executes the contracts on-chain when the transaction is validated. The transaction is valid if all of the conditions are satisfied.
Thus, in Ethereum when we “send amount from sender to recipient” we are literally editing balances and updating the storage with a concrete set of commands. This happens on-chain and thus a new transaction is also created on-chain as the result of this process.
In Ergo (as in Bitcoin) transactions are created off-chain and the network nodes only verify them. The effects of the transaction on the blockchain state is that input coins (or Boxes in Ergo's parlance) are removed and output boxes are added to the UTXO set.
In the example above we don't use an ErgoScript contract but instead assume a signature check is used as the spending pre-condition. However in more complex application scenarios we of course need to use ErgoScript which is what we are going to discuss next.

From Changing State to Checking Context

In the send function example we first checked the pre-condition (require(amount <= balances[msg.sender],...) ) and then changed the state (i.e. update balances balances[msg.sender] -= amount ). This is typical in Ethereum transactions. Before we change anything we need to check if it is valid to do so.
In Ergo, as we discussed previously, the state (i.e. UTXO set of boxes) is changed implicitly when a valid transaction is included in a block. Thus we only need to check the pre-conditions before the transaction can be added to the block. This is what ErgoScript contracts do.
It is not possible to “change the state” in ErgoScript because it is a language to check pre-conditions for spending coins. ErgoScript is a purely functional language without side effects that operates on immutable data values. This means all the inputs, outputs and other transaction parameters available in a script are immutable. This, among other things, makes ErgoScript a very simple language that is easy to learn and safe to use. Similar to Bitcoin, each input box contains a script, which should return the true value in order to 1) allow spending of the box (i.e. removing from the UTXO set) and 2) adding the transaction to the block.
If we are being pedantic, it is therefore incorrect (strictly speaking) to think of ErgoScript as the language of Ergo contracts, because it is the language of propositions (logical predicates, formulas, etc.) which protect boxes from “illegal” spending. Unlike Bitcoin, in Ergo the whole transaction and a part of the current blockchain context is available to every script. Therefore each script may check which outputs are created by the transaction, their ERG and token amounts (we will use this capability in our example DEX contracts), current block number etc.
In ErgoScript you define the conditions of whether changes (i.e. coin spending) are allowed to happen in a given context. This is in contrast to programming the changes imperatively in the code of a contract.
While Ergo's transaction model unlocks a whole range of applications like (DEX, DeFi Apps, LETS, etc), designing contracts as pre-conditions for coin spending (or guarding scripts) directly is not intuitive. In the next sections we will consider a useful graphical notation to design contracts declaratively using FlowCard Diagrams, which is a visual representation of executable components (FlowCards).
FlowCards aim to radically simplify dApp development on the Ergo platform by providing a high-level declarative language, execution runtime, storage format and a graphical notation.
We will start with a high level of diagrams and go down to FlowCard specification.

FlowCard Diagrams

The idea behind FlowCard diagrams is based on the following observations: 1) An Ergo box is immutable and can only be spent in the transaction which uses it as an input. 2) We therefore can draw a flow of boxes through transactions, so that boxes flowing in to the transaction are spent and those flowing out are created and added to the UTXO. 3) A transaction from this perspective is simply a transformer of old boxes to the new ones preserving the balances of ERGs and tokens involved.
The following figure shows the main elements of the Ergo transaction we've already seen previously (now under the name of FlowCard Diagram).
https://preview.redd.it/06aqkcd1ssv41.png?width=1304&format=png&auto=webp&s=106eda730e0526919aabd5af9596b97e45b69777
There is a strictly defined meaning (semantics) behind every element of the diagram, so that the diagram is a visual representation (or a view) of the underlying executable component (called FlowCard).
The FlowCard can be used as a reusable component of an Ergo dApp to create and initiate the transaction on the Ergo blockchain. We will discuss this in the coming sections.
Now let's look at the individual pieces of the FlowCard diagram one by one.
1. Name and Parameters
Each flow card is given a name and a list of typed parameters. This is similar to a template with parameters. In the above figure we can see the Send flow card which has five parameters. The parameters are used in the specification.
2. Contract Wallet
This is a key element of the flow card. Every box has a guarding script. Often it is the script that checks a signature against a public key. This script is trivial in ErgoScript and is defined like the def pk(pubkey: Address) = { pubkey } template where pubkey is a parameter of the type Address . In the figure, the script template is applied to the parameter pk(sender) and thus a concrete wallet contract is obtained. Therefore pk(sender) and pk(receiver) yield different scripts and represent different wallets on the diagram, even though they use the same template.
Contract Wallet contains a set of all UTXO boxes which have a given script derived from the given script template using flow card parameters. For example, in the figure, the template is pk and parameter pubkey is substituted with the `sender’ flow card parameter.
3. Contract
Even though a contract is a property of a box, on the diagram we group the boxes by their contracts, therefore it looks like the boxes belong to the contracts, rather than the contracts belong to the boxes. In the example, we have three instantiated contracts pk(sender) , pk(receiver) and minerFee . Note, that pk(sender) is the instantiation of the pk template with the concrete parameter sender and minerFee is the instantiation of the pre-defined contract which protects the miner reward boxes.
4. Box name
In the diagram we can give each box a name. Besides readability of the diagram, we also use the name as a synonym of a more complex indexed access to the box in the contract. For example, change is the name of the box, which can also be used in the ErgoScript conditions instead of OUTPUTS(2) . We also use box names to associate spending conditions with the boxes.
5. Boxes in the wallet
In the diagram, we show boxes (darker rectangles) as belonging to the contract wallets (lighter rectangles). Each such box rectangle is connected with a grey transaction rectangle by either orange or green arrows or both. An output box (with an incoming green arrow) may include many lines of text where each line specifies a condition which should be checked as part of the transaction. The first line specifies the condition on the amount of ERG which should be placed in the box. Other lines may take one of the following forms:
  1. amount: TOKEN - the box should contain the given amount of the given TOKEN
  2. R == value - the box should contain the given value of the given register R
  3. boxName ? condition - the box named boxName should check condition in its script.
We discuss these conditions in the sections below.
6. Amount of ERGs in the box
Each box should store a minimum amount of ERGs. This is checked when the creating transaction is validated. In the diagram the amount of ERGs is always shown as the first line (e.g. B: ERG or B - minErg - txFee ). The value type ascription B: ERG is optional and may be used for readability. When the value is given as a formula, then this formula should be respected by the transaction which creates the box.
It is important to understand that variables like amount and txFee are not named properties of the boxes. They are parameters of the whole diagram and representing some amounts. Or put it another way, they are shared parameters between transactions (e.g. Sell Order and Swap transactions from DEX example below share the tAmt parameter). So the same name is tied to the same value throughout the diagram (this is where the tooling would help a lot). However, when it comes to on-chain validation of those values, only explicit conditions which are marked with ? are transformed to ErgoScript. At the same time, all other conditions are ensured off-chain during transaction building (for example in an application using Appkit API) and transaction validation when it is added to the blockchain.
7. Amount of T token
A box can store values of many tokens. The tokens on the diagram are named and a value variable may be associated with the token T using value: T expression. The value may be given by formula. If the formula is prefixed with a box name like boxName ? formula , then it is should also be checked in the guarding script of the boxName box. This additional specification is very convenient because 1) it allows to validate the visual design automatically, and 2) the conditions specified in the boxes of a diagram are enough to synthesize the necessary guarding scripts. (more about this below at “From Diagrams To ErgoScript Contracts”)
8. Tx Inputs
Inputs are connected to the corresponding transaction by orange arrows. An input arrow may have a label of the following forms:
  1. [email protected] - optional name with an index i.e. [email protected] or u/2 . This is a property of the target endpoint of the arrow. The name is used in conditions of related boxes and the index is the position of the corresponding box in the INPUTS collection of the transaction.
  2. !action - is a property of the source of the arrow and gives a name for an alternative spending path of the box (we will see this in DEX example)
Because of alternative spending paths, a box may have many outgoing orange arrows, in which case they should be labeled with different actions.
9. Transaction
A transaction spends input boxes and creates output boxes. The input boxes are given by the orange arrows and the labels are expected to put inputs at the right indexes in INPUTS collection. The output boxes are given by the green arrows. Each transaction should preserve a strict balance of ERG values (sum of inputs == sum of outputs) and for each token the sum of inputs >= the sum of outputs. The design diagram requires an explicit specification of the ERG and token values for all of the output boxes to avoid implicit errors and ensure better readability.
10. Tx Outputs
Outputs are connected to the corresponding transaction by green arrows. An output arrow may have a label of the following [email protected] , where an optional name is accompanied with an index i.e. [email protected] or u/2 . This is a property of the source endpoint of the arrow. The name is used in conditions of the related boxes and the index is the position of the corresponding box in the OUTPUTS collection of the transaction.

Example: Decentralized Exchange (DEX)

Now let's use the above described notation to design a FlowCard for a DEX dApp. It is simple enough yet also illustrates all of the key features of FlowCard diagrams which we've introduced in the previous section.
The dApp scenario is shown in the figure below: There are three participants (buyer, seller and DEX) of the DEX dApp and five different transaction types, which are created by participants. The buyer wants to swap ergAmt of ERGs for tAmt of TID tokens (or vice versa, the seller wants to sell TID tokens for ERGs, who sends the order first doesn't matter). Both the buyer and the seller can cancel their orders any time. The DEX off-chain matching service can find matching orders and create the Swap transaction to complete the exchange.
The following diagram fully (and formally) specifies all of the five transactions that must be created off-chain by the DEX dApp. It also specifies all of the spending conditions that should be verified on-chain.

https://preview.redd.it/piogz0v9ssv41.png?width=1614&format=png&auto=webp&s=e1b503a635ad3d138ef91e2f0c3b726e78958646
Let's discuss the FlowCard diagram and the logic of each transaction in details:
Buy Order Transaction
A buyer creates a Buy Order transaction. The transaction spends E amount of ERGs (which we will write E: ERG ) from one or more boxes in the pk(buyer) wallet. The transaction creates a bid box with ergAmt: ERG protected by the buyOrder script. The buyOrder script is synthesized from the specification (see below at “From Diagrams To ErgoScript Contracts”) either manually or automatically by a tool. Even though we don't need to define the buyOrder script explicitly during designing, at run time the bid box should contain the buyOrder script as the guarding proposition (which checks the box spending conditions), otherwise the conditions specified in the diagram will not be checked.
The change box is created to make the input and output sums of the transaction balanced. The transaction fee box is omitted because it can be added automatically by the tools. In practice, however, the designer can add the fee box explicitly to the a diagram. It covers the cases of more complex transactions (like Swap) where there are many ways to pay the transaction fee.
Cancel Buy, Cancel Sell Transactions
At any time, the buyer can cancel the order by sending CancelBuy transaction. The transaction should satisfy the guarding buyOrder contract which protects the bid box. As you can see on the diagram, both the Cancel and the Swap transactions can spend the bid box. When a box has spending alternatives (or spending paths) then each alternative is identified by a unique name prefixed with ! (!cancel and !swap for the bid box). Each alternative path has specific spending conditions. In our example, when the Cancel Buy transaction spends the bid box the ?buyer condition should be satisfied, which we read as “the signature for the buyer address should be presented in the transaction”. Therefore, only buyer can cancel the buy order. This “signature” condition is only required for the !cancel alternative spending path and not required for !swap .
Sell Order Transaction
The Sell Order transaction is similar to the BuyOrder in that it deals with tokens in addition to ERGs. The transaction spends E: ERG and T: TID tokens from seller's wallet (specified as pk(seller) contract). The two outputs are ask and change . The change is a standard box to balance transaction. The ask box keeps tAmt: TID tokens for the exchange and minErg: ERG - the minimum amount of ERGs required in every box.
Swap Transaction
This is a key transaction in the DEX dApp scenario. The transaction has several spending conditions on the input boxes and those conditions are included in the buyOrder and sellOrder scripts (which are verified when the transaction is added to the blockchain). However, on the diagram those conditions are not specified in the bid and ask boxes, they are instead defined in the output boxes of the transaction.
This is a convention for improved usability because most of the conditions relate to the properties of the output boxes. We could specify those properties in the bid box, but then we would have to use more complex expressions.
Let's consider the output created by the arrow labeled with [email protected] . This label tells us that the output is at the index 0 in the OUTPUTS collection of the transaction and that in the diagram we can refer to this box by the buyerOut name. Thus we can label both the box itself and the arrow to give the box a name.
The conditions shown in the buyerOut box have the form bid ? condition , which means they should be verified on-chain in order to spend the bid box. The conditions have the following meaning:
  • tAmt: TID requires the box to have tAmt amount of TID token
  • R4 == bid.id requires R4 register in the box to be equal to id of the bid box.
  • script == buyer requires the buyerOut box to have the script of the wallet where it is located on the diagram, i.e. pk(buyer)
Similar properties are added to the sellerOut box, which is specified to be at index 1 and the name is given to it using the label on the box itself, rather than on the arrow.
The Swap transaction spends two boxes bid and ask using the !swap spending path on both, however unlike !cancel the conditions on the path are not specified. This is where the bid ? and ask ? prefixes come into play. They are used so that the conditions listed in the buyerOut and sellerOut boxes are moved to the !swap spending path of the bid and ask boxes correspondingly.
If you look at the conditions of the output boxes, you will see that they exactly specify the swap of values between seller's and buyer's wallets. The buyer gets the necessary amount of TID token and seller gets the corresponding amount of ERGs. The Swap transaction is created when there are two matching boxes with buyOrder and sellOrder contracts.

From Diagrams To ErgoScript Contracts

What is interesting about FlowCard specifications is that we can use them to automatically generate the necessary ErgoTree scripts. With the appropriate tooling support this can be done automatically, but with the lack of thereof, it can be done manually. Thus, the FlowCard allows us to capture and visually represent all of the design choices and semantic details of an Ergo dApp.
What we are going to do next is to mechanically create the buyOrder contract from the information given in the DEX flow card.
Recall that each script is a proposition (boolean valued expression) which should evaluate to true to allow spending of the box. When we have many conditions to be met at the same time we can combine them in a logical formula using the AND binary operation, and if we have alternatives (not necessarily exclusive) we can put them into the OR operation.
The buyOrder box has the alternative spending paths !cancel and !swap . Thus the ErgoScript code should have OR operation with two arguments - one for each spending path.
/** buyOrder contract */ { val cancelCondition = {} val swapCondition = {} cancelCondition || swapCondition } 
The formula for the cancelCondition expression is given in the !cancel spending path of the buyOrder box. We can directly include it in the script.
/** buyOrder contract */ { val cancelCondition = { buyer } val swapCondition = {} cancelCondition || swapCondition } 
For the !swap spending path of the buyOrder box the conditions are specified in the buyerOut output box of the Swap transaction. If we simply include them in the swapCondition then we get a syntactically incorrect script.
/** buyOrder contract */ { val cancelCondition = { buyer } val swapCondition = { tAmt: TID && R4 == bid.id && @contract } cancelCondition || swapCondition } 
We can however translate the conditions from the diagram syntax to ErgoScript expressions using the following simple rules
  1. [email protected] ==> val buyerOut = OUTPUTS(0)
  2. tAmt: TID ==> tid._2 == tAmt where tid = buyerOut.tokens(TID)
  3. R4 == bid.id ==> R4 == SELF.id where R4 = buyerOut.R4[Coll[Byte]].get
  4. script == buyer ==> buyerOut.propositionBytes == buyer.propBytes
Note, in the diagram TID represents a token id, but ErgoScript doesn't have access to the tokens by the ids so we cannot write tokens.getByKey(TID) . For this reason, when the diagram is translated into ErgoScript, TID becomes a named constant of the index in tokens collection of the box. The concrete value of the constant is assigned when the BuyOrder transaction with the buyOrder box is created. The correspondence and consistency between the actual tokenId, the TID constant and the actual tokens of the buyerOut box is ensured by the off-chain application code, which is completely possible since all of the transactions are created by the application using FlowCard as a guiding specification. This may sound too complicated, but this is part of the translation from diagram specification to actual executable application code, most of which can be automated.
After the transformation we can obtain a correct script which checks all the required preconditions for spending the buyOrder box.
/** buyOrder contract */ def DEX(buyer: Addrss, seller: Address, TID: Int, ergAmt: Long, tAmt: Long) { val cancelCondition: SigmaProp = { buyer } // verify buyer's sig (ProveDlog) val swapCondition = OUTPUTS.size > 0 && { // securing OUTPUTS access val buyerOut = OUTPUTS(0) // from [email protected] buyerOut.tokens.size > TID && { // securing tokens access val tid = buyerOut.tokens(TID) val regR4 = buyerOut.R4[Coll[Byte]] regR4.isDefined && { // securing R4 access val R4 = regR4.get tid._2 == tAmt && // from tAmt: TID R4 == SELF.id && // from R4 == bid.id buyerOut.propositionBytes == buyer.propBytes // from script == buyer } } } cancelCondition || swapCondition } 
A similar script for the sellOrder box can be obtained using the same translation rules. With the help of the tooling the code of contracts can be mechanically generated from the diagram specification.

Conclusions

Declarative programming models have already won the battle against imperative programming in many application domains like Big Data, Stream Processing, Deep Learning, Databases, etc. Ergo is pioneering the declarative model of dApp development as a better and safer alternative to the now popular imperative model of smart contracts.
The concept of FlowCard shifts the focus from writing ErgoScript contracts to the overall flow of values (hence the name), in such a way, that ErgoScript can always be generated from them. You will never need to look at the ErgoScript code once the tooling is in place.
Here are the possible next steps for future work:
  1. Storage format for FlowCard Spec and the corresponding EIP standardized file format (Json/XML/Protobuf). This will allow various tools (Diagram Editor, Runtime, dApps etc) to create and use *.flowcard files.
  2. FlowCard Viewer, which can generate the diagrams from *.flowcard files.
  3. FlowCard Runtime, which can run *.flowcard files, create and send transactions to Ergo network.
  4. FlowCard Designer Tool, which can simplify development of complex diagrams . This will make designing and validation of Ergo contracts a pleasant experience, more like drawing rather than coding. In addition, the correctness of the whole dApp scenario can be verified and controlled by the tooling.
submitted by eleanorcwhite to btc [link] [comments]

TokenClub Bi-Weekly Report — Issue 114(5.4–5.17)

TokenClub Bi-Weekly Report — Issue 114(5.4–5.17)

https://preview.redd.it/kkhj7agzz5251.png?width=875&format=png&auto=webp&s=f47007e7923d8f40d98e3ba7d08a31c3729a0bd3
Hello everyone, thank you for your continued interest and support. In the past two weeks, various tasks of TokenClub have been progressing steadily. The product development and community operation progress this week are as follows:
1. TokenClub Events
1)TokenClub & 499Block reached strategic cooperation in live broadcasting
On May 28th, TokenClub and 499Block reached a strategic cooperation to jointly build a live broadcast ecosystem in the vertical field of blockchain.
2)520e events
When 520 comes, TokenClub launches live interactive interaction. During the event, participate in interactive questions in the live broadcast room or forward the live poster to Twitter and the telegram group, and upload a screenshot to have the opportunity to extract 520, 1314 red envelope rewards

https://preview.redd.it/apyee28406251.png?width=1080&format=png&auto=webp&s=9c9798db931ad6611d6c258907120610ae11ff11

3)Text version of live content is abailable on Medium
In order to better understand the live broadcast of TokenClub by overseas communities, we translated the live broadcast content into English and uploaded it to TokenClub’s Medium official account, so that the community’s small partners can view it.


https://preview.redd.it/hhmu3pl506251.png?width=1080&format=png&auto=webp&s=fae9d42dcdee9d079219d1ffe612fc573bad01e8
4)Preview: TokenClub’s self-media grandma is invited to participate in the golden financial theme live event
From May 29th to June 4th, Golden Finance will hold a five-day live broadcast of the theme of “Finding Double Coins”. Grandpa Coin will express his views on June 3, welcome to pay attention.

2.TokenClub Live
1) Summary
Recently, Binance Co-founder He Yi, TRON founder Sun Yuchen, Hobbit HBTC founder Ju Jianhua, OSL chairman Dave, BlockVC founding partner Xu Yingkai, Outlier Ventures founder amie Burke, Bitribe founder SKY, CryptoBriefing CEO Han Kao , Huarai Group / Vice President, Global Market and Business Leader Ciara, Guosheng Securities Blockchain Research Institute Sun Shuang, Tongtongtong Research Institute CEO Song Shuangjie, Jin Tiancheng Law Firm Senior Partner Yu Bingguang, Binance China Jiang Jinze, principal researcher of Blockchain Research Institute, Meng Yan, vice president of Digital Asset Research Institute, co-founder of Primitive Ventures & director of Coindesk advisory board-Dovey Wan, founding partner of Genesis Capital & co-founder of Kushen Wallet Ocean Liao Yangyang, Binance C2C-Kathy, Binance OTC-Coco, Binance Contract & Options-Justin, Binance VIP-Jennifer, Binance Broker-Jess, Binance Mining Pool-Denny, Harbin Institute of Technology Blockchain Research Executive Deputy Director Xu Zhifeng, dForce founder Yang Mindao, Mars Finance co-founder Shang Silin, Cobo & Yuchi co-founder Shenyu, well-known investor Xu Zhe, CasperLabs CEO Mrinal Manohar, CasperLabs co-founder Scott Walker, Chairman of Rock Tree Omer Ozden, Nova Club incubation team leader & Waterdrop Capital partner Zheng Yushan, Rolling Stone miner founder Alex Lam, BitUniverse coin founder Chen Yong, Odaily Planet Daily founder and CEO Mandy Wang Mengdie, Binance stablecoin BUSD project responsible Helen Tu and senior expert of TokenClub blockchain and cryptocurrency investment strategy-Zao Shen talks with you about blockchain things ~
On May 18, Block 101 Binance Key Account Manager Luna talked to Primitive Ventures co-founder, non-profit bitcoin development fund Hardcore Fund executive director, and Coindesk advisory board director-Dovey Wan, to understand “C and C How is the Goddess of Crypto Assets made? “Dovey Wan shared with us on asset allocation, investment judgment, entrepreneurship, DCEP, etc.


https://preview.redd.it/0dsry36906251.png?width=1080&format=png&auto=webp&s=a7f6f4b852547d2e43114f81a981f7aa6ea10f61
On May 19, Block 101 Yingge talked with Sun Zeyu, the founding partner of Genesis Capital and co-founder of Kushen Wallet, to share the theme of “Blockchain Investment Experience”. This investor, who is rated as “reliable” by insiders, recommends that novices try not to touch contracts, do not stay overnight even when making contracts, be alert to risks, refuse gambling, and rationally analyze investments.

On May 20th, 499Block ’s two-year birthday carnival “Global Hot Chain, Keeping Together for Every Year” celebration was held in the TokenClub Live Room. The cross-border AMA Solitaire + popular day group anchor live video sharing, including Binance Co-founder He Yi, TRON founder Sun Yuchen, Hobbit HBTC founder Ju Jianhua, OSL chairman Dave, BlockVC founding partner Xu Yingkai, Outlier Ventures founder amie Burke, Bitribe founder SKY, CryptoBriefing CEO Han Kao, Huobi Group / Vice President Global Markets and Dozens of blockchain leaders from home and abroad, such as Ciara, the business leader, all appeared on the scene, and 499Block became a popular beauty angel group to help the interactive host.


https://preview.redd.it/ga6ey51b06251.png?width=1280&format=png&auto=webp&s=d94cc1a03640538ec1e99443c8cbb7a5e77596de
On May 20, Sun Shuang, senior researcher of Guosheng Securities Blockchain Research Institute, Song Shuangjie, Jin Tong, CEO of Tongzhengtong Research Institute were jointly invited by Lingang Xinyefang, Lingang Innovation Management School, and Binance China Blockchain Research Institute. Tian Bingguang Senior Partner Yu Bingguang, Binance China Blockchain Research Institute Chief Researcher Jiang Jinze, Vice President of Digital Assets Research Institute Meng Yan, and many experts talked about the “Critical Digital RMB DCEP” in the live broadcast, one A feast of intertwined thoughts is worth watching again!

On May 21st, Ocean Liao Yangyang, the founder of Block 101 Seven Seven Dialogue Force Field, focused on the “big enlightenment era of digital assets”, Ocean shared with us his entrepreneurial experience, the first pot of gold, public chain, currency circle and Analysis of the current market. Regarding the future of Bitcoin, Ocean feels that he can work hard towards the direction of digital gold and become a substitute or supplement for gold. He is determined to see more, because the ceiling of the entire industry is very high, and he still cannot see its end point. The index level is rising, far from being over.

On May 22, “In the name of the Pizza Festival, we came to a different live broadcast” Bringing Goods “”, which was organized by the girls in the 101-day group of the block: June 6, July 7, Sisi, Yingge, Qianjiangyue , Dialogue: Binance First Sister, Binance C2C-Kathy, Binance OTC-Coco, Binance Contract & Options-Justin, Binance VIP-Jennifer, Binance Broker-Jess, Binance Mining Pool-Denny. We have explained to us one by one about C2C, OTC, contract options, etc. If you are interested, please move to the live room.


https://preview.redd.it/a9am0j5e06251.png?width=1080&format=png&auto=webp&s=7f8d0e80492027a000d4e719ec727b56cc27d94f
On May 22, Block 101 Sisi Dialogue Xu Zhifeng, executive deputy director of the Blockchain Research Center of Harbin Institute of Technology, shared the theme: “Strategy of Great Powers: Seizing New Highlands of Blockchain Technology”. He expressed his views on his own currency circle experience, entrepreneurship, blockchain technology, DECP, etc. Xu Zhifeng is very optimistic about the future development of blockchain. He said: “Ten years later, blockchain will become a very common industry. We are the Internet industry and have never changed.”

On May 23, the old Chinese doctor Zao Shen from the coin circle went online ~ The theme of this issue: If you want to be short, you must be able to sing first, and if you want to be long, you must be patient. If the meal is not fragrant, the game is not good, and the happiness of the past has drifted into the distance, just because the daily reading is still a loss, and the head is hurt. Don’t panic, the old Chinese doctor Zao Shen of the currency circle will adopt the Trinity Interventional Therapy and precise care to regenerate life. Don’t move quickly to the live room to see what “therapy” is.

On May 25, Block 101, July 7th conversation with dForce founder Yang Mindao, talked about “DeFi opportunities and challenges.” Yang Mindao believes that the four biggest benefits of DeFi are: programmability; non-custodial nature; non-licensing; composability. He believes that the current public chain market is seriously homogenized, and the most promising public chain is Ethereum. Ethereum is the best and largest in terms of developer group, ecology, and technological evolution, and can absorb the advantages of each public chain. At the same time, he is also extremely optimistic about DeFi, “DeFi application value is gradually verified, and the value of this type of token will gradually become more prominent.”

On May 26th, Mars Finance co-founder Shang Silin Hardcore Dialogue Cobo & Yuchi co-founder Shenyu and well-known investor Xu Zhe. The trend of “financialization” in the digital asset industry is becoming more and more obvious, and the friends of miners need to master more and more skills. Unveiling the mystery of hedging for everyone.

On May 26th, Nova Superstar Dialogue Phase 13 focused on the Silicon Valley star project CasperLabs, specially invited CasperLabs CEO Mrinal Manohar, CasperLabs co-founder Scott Walker, Rock Tree chairman Omer Ozden, and Nova Club incubation team leader Water Capital Partners Zheng Yushan, discuss CasperLbs together.
On May 26, Block 101 Sisi talked with the founder of the Rolling Stone Miner, Alex Lam, and took us into the “post-worker life” of a PhD in finance. Alex shared the reasons for entering the coin circle, the first pot of gold, mining, pitted pits, investment experience and opportunities in the digital currency industry. Alex said: Bitcoin exceeds US $ 100,000, and it will be in the second half of next year or the year after.
On May 27th, Block 101 Yingge talked with BitUniverse founder Chen Yong and shared the theme: “Who” needs grid trading. Chen Yong mainly introduced the currency trading tool of Bitcoin. In his view, grid trading has changed an investor’s concept-from stud into a batch of positions and positions. Regarding the price of Bitcoin, Chen Yong believes that the price of Bitcoin may reach one hundred thousand dollars around 2030.

On May 28, Block 101 Binance Mining Pool Wu Di talked to Mandai Wang Mengdie, founder of Planet Daily Odaily, to learn more about the process of “media entrepreneurs marching into the blockchain from venture capital circles”. Mandy believes that the core competence in the media industry is high-quality original content, which is the most basic but difficult to stick to. The initial focus of entering the mixed media industry of the dragon and dragon is to focus and amplify value.

On May 29th, Block 101 Qianjiangyue Dialogue Hellen Tu, the project leader of Binance Stablecoin BUSD project, talked with everyone about the stablecoin “Life and Death”, Hellen shared the stablecoin in detail, and published his own the opinion of. For details, please move to the live room.

On May 30th, Zaoshen came to share the theme: Dongfeng blowing, bullets flying, unlimited chase? In this issue, Zao Shen shared with you the recent international financial situation and various major events in the United States in the past week, which extended to the impact on the currency circle and answered various questions about investment strategies. Friends who want to know more details can move to the live room of Zao Shen.
3.TokenClub operation data
-Live data: 13 live broadcasts in the past two weeks, with over 800,000 views. TokenClub hosted a total of 870 live broadcasts with a total of 45.06 million views.
-Binary trade data: In the past two weeks, guess the rise and fall to participate in a total of 1268 times, the amount of participation exceeded 2 million TCT. At present, it is guessed that the rise and fall function has participated in a total of 1.11 million times, with a cumulative participation amount of 498 million TCT.
-Chat data: In the past two weeks, a total of 19271 messages have been generated. A total of 4.85 milliom messages have been launched since the function was launched.
-Mini-game data: The mini-game has participated in a total of 4212 times in the past two weeks. A total of 1,66 million self-functions have been online.
-Cut leeks game data together: Since the game was launched, the total number of user participation in the game was 962612 TCT total consumption was 6,27 million gift certificate total consumption was 15,95million and TCT mining output was 161496.
-TokenClub KOL data: Over the past two weeks, the total reading volume of the BTCGrandpa article has been viewed by more than 300,000 people.
-Social media data: At present, the number of Weibo official accounts is 18033 and the number of Twitter followers is 1332 and we have opened the official Medium account this week, welcome to follow.
-Telegram official group data: In the past 2 weeks, there were 238 chats in the group, and the total number of Telegram official groups is currently 2906.
-Medium data: Medium official account u/TokenClub has published 5 excellent articles, official announcements and updates are published in English, welcome to follow.
4.Communities
1)Overseas Community
TokenClub held an event for forwarding Twitter and telegram group chats for overseas users. Bitcoin halved in less than two weeks, overseas users are more active in the telegram group, and some friends are more concerned about Binance Block 101 live broadcast, aggregation exchange, TCT usage and other issues, the administrator responded in time.On May 12th, when Bitcoin was halved, TokenClub organized a forwarding Twitter, telegram group chat prize event and participating in a live question asking interactive prize event for overseas users. There are many live broadcast events in the near future. The live broadcast poster information will be released to overseas users as soon as possible. The follow-up TokenClub will translate and broadcast high-quality live broadcast content to Twitter and Medium. Bitcoin halved, overseas users are more active in the telegram group, and some partners are more concerned about block 101 live broadcast, bitcoin future price trend, TCT usage and other issues, the administrator responded in time in the group.


https://preview.redd.it/2nrknnyo06251.png?width=1080&format=png&auto=webp&s=fb98b385c0caf7e65c7b3b2bb1edd782ec126905
2)Domestic community
Sweet Orange Club Weekly News
Last Friday, a holiday, the community opened the red envelope rain event, and brought a sincere gift to everyone while relaxing in the holiday. At the same time, it also sent the most sincere blessings to all mothers in the community on Mother’s Day. Thank you for your long-term support and help to the Orange Club community.

Hundred-day scheduled investment event (Phase II)
The fourth week of the second 100-day fixed investment plan held this week has been awarded, and everyone is still very active in this event. This week, the Bitcoin halving market was also opened in advance. The small partners participating in the fixed investment should now have a certain floating win, so we adopt the correct cycle investment strategy to believe that it can bring unexpected benefits to everyone.
Sign in the lottery.
On the evening of May 3rd and May 10th, TCT Fortune Free Academy carried out the 51st and 52nd week sign-in sweepstakes, and rewarded the small TCT partners who had always insisted on signing in. In these two sign-in sweepstakes, the lucky friends received 20–180TCT as a reward. In addition, during the lucky draw, the college friends also actively expressed their opinions on the topic of this year’s bull market.

The Leek Paradise Community Conference will continue as usual every Sunday at 20:00. During the conference, members will discuss recent hot topics, including gifts and blessings for Mother ’s Day, and the halving of Bitcoin everyone is paying attention to. At the end, the friends in the group also showed a rare enthusiasm at the first sight. It seems that the market still affects the mood. The members routinely started a red envelope rain to cheer for the participating partners and encourage everyone to maintain patience and confidence. Of course, at the same time, we are encouraging ourselves to see the community meeting next week. Come on!

TokenClub volunteer community, sign in red envelopes every day, as long as you sign in every day, you can get good benefits, friends join us quickly! In the past two weeks, the community has conducted active partners.
Volunteer community: Change to the currency circle consultation and pass the analysis of Grandma Coin and Panda analysts, support TokenClub in action, and continue to vote for TCT. In the last month, we have worked hard to learn the rain god’s strategy. We have doubled the coins in our hands. The community WeChat group has recently injected fresh students. We look forward to more people joining! Volunteer community, will continue to work hard for TokenClub
TCT has been listed on Binance、Okex、Gate.io、ZB-M、MXC、Biki、Coinex、BigOne、Coinbene、Cybex、SWFT、Loopring、Rootrex etc.
TokenClub website: www.tokenclub.com
Telegram:https://t.me/token\_club
submitted by tokenclubtct to u/tokenclubtct [link] [comments]

Merkle Trees and Mountain Ranges - Making UTXO Set Growth Irrelevant With Low-Latency Delayed TXO Commitments

Original link: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-May/012715.html
Unedited text and originally written by:

Peter Todd pete at petertodd.org
Tue May 17 13:23:11 UTC 2016
Previous message: [bitcoin-dev] Bip44 extension for P2SH/P2WSH/...
Next message: [bitcoin-dev] Making UTXO Set Growth Irrelevant With Low-Latency Delayed TXO Commitments
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
# Motivation

UTXO growth is a serious concern for Bitcoin's long-term decentralization. To
run a competitive mining operation potentially the entire UTXO set must be in
RAM to achieve competitive latency; your larger, more centralized, competitors
will have the UTXO set in RAM. Mining is a zero-sum game, so the extra latency
of not doing so if they do directly impacts your profit margin. Secondly,
having possession of the UTXO set is one of the minimum requirements to run a
full node; the larger the set the harder it is to run a full node.

Currently the maximum size of the UTXO set is unbounded as there is no
consensus rule that limits growth, other than the block-size limit itself; as
of writing the UTXO set is 1.3GB in the on-disk, compressed serialization,
which expands to significantly more in memory. UTXO growth is driven by a
number of factors, including the fact that there is little incentive to merge
inputs, lost coins, dust outputs that can't be economically spent, and
non-btc-value-transfer "blockchain" use-cases such as anti-replay oracles and
timestamping.

We don't have good tools to combat UTXO growth. Segregated Witness proposes to
give witness space a 75% discount, in part of make reducing the UTXO set size
by spending txouts cheaper. While this may change wallets to more often spend
dust, it's hard to imagine an incentive sufficiently strong to discourage most,
let alone all, UTXO growing behavior.

For example, timestamping applications often create unspendable outputs due to
ease of implementation, and because doing so is an easy way to make sure that
the data required to reconstruct the timestamp proof won't get lost - all
Bitcoin full nodes are forced to keep a copy of it. Similarly anti-replay
use-cases like using the UTXO set for key rotation piggyback on the uniquely
strong security and decentralization guarantee that Bitcoin provides; it's very
difficult - perhaps impossible - to provide these applications with
alternatives that are equally secure. These non-btc-value-transfer use-cases
can often afford to pay far higher fees per UTXO created than competing
btc-value-transfer use-cases; many users could afford to spend $50 to register
a new PGP key, yet would rather not spend $50 in fees to create a standard two
output transaction. Effective techniques to resist miner censorship exist, so
without resorting to whitelists blocking non-btc-value-transfer use-cases as
"spam" is not a long-term, incentive compatible, solution.

A hard upper limit on UTXO set size could create a more level playing field in
the form of fixed minimum requirements to run a performant Bitcoin node, and
make the issue of UTXO "spam" less important. However, making any coins
unspendable, regardless of age or value, is a politically untenable economic
change.


# TXO Commitments

A merkle tree committing to the state of all transaction outputs, both spent
and unspent, we can provide a method of compactly proving the current state of
an output. This lets us "archive" less frequently accessed parts of the UTXO
set, allowing full nodes to discard the associated data, still providing a
mechanism to spend those archived outputs by proving to those nodes that the
outputs are in fact unspent.

Specifically TXO commitments proposes a Merkle Mountain Range¹ (MMR), a
type of deterministic, indexable, insertion ordered merkle tree, which allows
new items to be cheaply appended to the tree with minimal storage requirements,
just log2(n) "mountain tips". Once an output is added to the TXO MMR it is
never removed; if an output is spent its status is updated in place. Both the
state of a specific item in the MMR, as well the validity of changes to items
in the MMR, can be proven with log2(n) sized proofs consisting of a merkle path
to the tip of the tree.

At an extreme, with TXO commitments we could even have no UTXO set at all,
entirely eliminating the UTXO growth problem. Transactions would simply be
accompanied by TXO commitment proofs showing that the outputs they wanted to
spend were still unspent; nodes could update the state of the TXO MMR purely
from TXO commitment proofs. However, the log2(n) bandwidth overhead per txin is
substantial, so a more realistic implementation is be to have a UTXO cache for
recent transactions, with TXO commitments acting as a alternate for the (rare)
event that an old txout needs to be spent.

Proofs can be generated and added to transactions without the involvement of
the signers, even after the fact; there's no need for the proof itself to
signed and the proof is not part of the transaction hash. Anyone with access to
TXO MMR data can (re)generate missing proofs, so minimal, if any, changes are
required to wallet software to make use of TXO commitments.


## Delayed Commitments

TXO commitments aren't a new idea - the author proposed them years ago in
response to UTXO commitments. However it's critical for small miners' orphan
rates that block validation be fast, and so far it has proven difficult to
create (U)TXO implementations with acceptable performance; updating and
recalculating cryptographicly hashed merkelized datasets is inherently more
work than not doing so. Fortunately if we maintain a UTXO set for recent
outputs, TXO commitments are only needed when spending old, archived, outputs.
We can take advantage of this by delaying the commitment, allowing it to be
calculated well in advance of it actually being used, thus changing a
latency-critical task into a much easier average throughput problem.

Concretely each block B_i commits to the TXO set state as of block B_{i-n}, in
other words what the TXO commitment would have been n blocks ago, if not for
the n block delay. Since that commitment only depends on the contents of the
blockchain up until block B_{i-n}, the contents of any block after are
irrelevant to the calculation.


## Implementation

Our proposed high-performance/low-latency delayed commitment full-node
implementation needs to store the following data:

1) UTXO set

Low-latency K:V map of txouts definitely known to be unspent. Similar to
existing UTXO implementation, but with the key difference that old,
unspent, outputs may be pruned from the UTXO set.


2) STXO set

Low-latency set of transaction outputs known to have been spent by
transactions after the most recent TXO commitment, but created prior to the
TXO commitment.


3) TXO journal

FIFO of outputs that need to be marked as spent in the TXO MMR. Appends
must be low-latency; removals can be high-latency.


4) TXO MMR list

Prunable, ordered list of TXO MMR's, mainly the highest pending commitment,
backed by a reference counted, cryptographically hashed object store
indexed by digest (similar to how git repos work). High-latency ok. We'll
cover this in more in detail later.


### Fast-Path: Verifying a Txout Spend In a Block

When a transaction output is spent by a transaction in a block we have two
cases:

1) Recently created output

Output created after the most recent TXO commitment, so it should be in the
UTXO set; the transaction spending it does not need a TXO commitment proof.
Remove the output from the UTXO set and append it to the TXO journal.

2) Archived output

Output created prior to the most recent TXO commitment, so there's no
guarantee it's in the UTXO set; transaction will have a TXO commitment
proof for the most recent TXO commitment showing that it was unspent.
Check that the output isn't already in the STXO set (double-spent), and if
not add it. Append the output and TXO commitment proof to the TXO journal.

In both cases recording an output as spent requires no more than two key:value
updates, and one journal append. The existing UTXO set requires one key:value
update per spend, so we can expect new block validation latency to be within 2x
of the status quo even in the worst case of 100% archived output spends.


### Slow-Path: Calculating Pending TXO Commitments

In a low-priority background task we flush the TXO journal, recording the
outputs spent by each block in the TXO MMR, and hashing MMR data to obtain the
TXO commitment digest. Additionally this background task removes STXO's that
have been recorded in TXO commitments, and prunes TXO commitment data no longer
needed.

Throughput for the TXO commitment calculation will be worse than the existing
UTXO only scheme. This impacts bulk verification, e.g. initial block download.
That said, TXO commitments provides other possible tradeoffs that can mitigate
impact of slower validation throughput, such as skipping validation of old
history, as well as fraud proof approaches.


### TXO MMR Implementation Details

Each TXO MMR state is a modification of the previous one with most information
shared, so we an space-efficiently store a large number of TXO commitments
states, where each state is a small delta of the previous state, by sharing
unchanged data between each state; cycles are impossible in merkelized data
structures, so simple reference counting is sufficient for garbage collection.
Data no longer needed can be pruned by dropping it from the database, and
unpruned by adding it again. Since everything is committed to via cryptographic
hash, we're guaranteed that regardless of where we get the data, after
unpruning we'll have the right data.

Let's look at how the TXO MMR works in detail. Consider the following TXO MMR
with two txouts, which we'll call state #0:

0
/ \
a b

If we add another entry we get state #1:

1
/ \
0 \
/ \ \
a b c

Note how it 100% of the state #0 data was reused in commitment #1. Let's
add two more entries to get state #2:

2
/ \
2 \
/ \ \
/ \ \
/ \ \
0 2 \
/ \ / \ \
a b c d e

This time part of state #1 wasn't reused - it's wasn't a perfect binary
tree - but we've still got a lot of re-use.

Now suppose state #2 is committed into the blockchain by the most recent block.
Future transactions attempting to spend outputs created as of state #2 are
obliged to prove that they are unspent; essentially they're forced to provide
part of the state #2 MMR data. This lets us prune that data, discarding it,
leaving us with only the bare minimum data we need to append new txouts to the
TXO MMR, the tips of the perfect binary trees ("mountains") within the MMR:

2
/ \
2 \
\
\
\
\
\
e

Note that we're glossing over some nuance here about exactly what data needs to
be kept; depending on the details of the implementation the only data we need
for nodes "2" and "e" may be their hash digest.

Adding another three more txouts results in state #3:

3
/ \
/ \
/ \
/ \
/ \
/ \
/ \
2 3
/ \
/ \
/ \
3 3
/ \ / \
e f g h

Suppose recently created txout f is spent. We have all the data required to
update the MMR, giving us state #4. It modifies two inner nodes and one leaf
node:

4
/ \
/ \
/ \
/ \
/ \
/ \
/ \
2 4
/ \
/ \
/ \
4 3
/ \ / \
e (f) g h

If an archived txout is spent requires the transaction to provide the merkle
path to the most recently committed TXO, in our case state #2. If txout b is
spent that means the transaction must provide the following data from state #2:

2
/
2
/
/
/
0
\
b

We can add that data to our local knowledge of the TXO MMR, unpruning part of
it:

4
/ \
/ \
/ \
/ \
/ \
/ \
/ \
2 4
/ / \
/ / \
/ / \
0 4 3
\ / \ / \
b e (f) g h

Remember, we haven't _modified_ state #4 yet; we just have more data about it.
When we mark txout b as spent we get state #5:

5
/ \
/ \
/ \
/ \
/ \
/ \
/ \
5 4
/ / \
/ / \
/ / \
5 4 3
\ / \ / \
(b) e (f) g h

Secondly by now state #3 has been committed into the chain, and transactions
that want to spend txouts created as of state #3 must provide a TXO proof
consisting of state #3 data. The leaf nodes for outputs g and h, and the inner
node above them, are part of state #3, so we prune them:

5
/ \
/ \
/ \
/ \
/ \
/ \
/ \
5 4
/ /
/ /
/ /
5 4
\ / \
(b) e (f)

Finally, lets put this all together, by spending txouts a, c, and g, and
creating three new txouts i, j, and k. State #3 was the most recently committed
state, so the transactions spending a and g are providing merkle paths up to
it. This includes part of the state #2 data:

3
/ \
/ \
/ \
/ \
/ \
/ \
/ \
2 3
/ \ \
/ \ \
/ \ \
0 2 3
/ / /
a c g

After unpruning we have the following data for state #5:

5
/ \
/ \
/ \
/ \
/ \
/ \
/ \
5 4
/ \ / \
/ \ / \
/ \ / \
5 2 4 3
/ \ / / \ /
a (b) c e (f) g

That's sufficient to mark the three outputs as spent and add the three new
txouts, resulting in state #6:

6
/ \
/ \
/ \
/ \
/ \
6 \
/ \ \
/ \ \
/ \ \
/ \ \
/ \ \
/ \ \
/ \ \
6 6 \
/ \ / \ \
/ \ / \ 6
/ \ / \ / \
6 6 4 6 6 \
/ \ / / \ / / \ \
(a) (b) (c) e (f) (g) i j k

Again, state #4 related data can be pruned. In addition, depending on how the
STXO set is implemented may also be able to prune data related to spent txouts
after that state, including inner nodes where all txouts under them have been
spent (more on pruning spent inner nodes later).


### Consensus and Pruning

It's important to note that pruning behavior is consensus critical: a full node
that is missing data due to pruning it too soon will fall out of consensus, and
a miner that fails to include a merkle proof that is required by the consensus
is creating an invalid block. At the same time many full nodes will have
significantly more data on hand than the bare minimum so they can help wallets
make transactions spending old coins; implementations should strongly consider
separating the data that is, and isn't, strictly required for consensus.

A reasonable approach for the low-level cryptography may be to actually treat
the two cases differently, with the TXO commitments committing too what data
does and does not need to be kept on hand by the UTXO expiration rules. On the
other hand, leaving that uncommitted allows for certain types of soft-forks
where the protocol is changed to require more data than it previously did.


### Consensus Critical Storage Overheads

Only the UTXO and STXO sets need to be kept on fast random access storage.
Since STXO set entries can only be created by spending a UTXO - and are smaller
than a UTXO entry - we can guarantee that the peak size of the UTXO and STXO
sets combined will always be less than the peak size of the UTXO set alone in
the existing UTXO-only scheme (though the combined size can be temporarily
higher than what the UTXO set size alone would be when large numbers of
archived txouts are spent).

TXO journal entries and unpruned entries in the TXO MMR have log2(n) maximum
overhead per entry: a unique merkle path to a TXO commitment (by "unique" we
mean that no other entry shares data with it). On a reasonably fast system the
TXO journal will be flushed quickly, converting it into TXO MMR data; the TXO
journal will never be more than a few blocks in size.

Transactions spending non-archived txouts are not required to provide any TXO
commitment data; we must have that data on hand in the form of one TXO MMR
entry per UTXO. Once spent however the TXO MMR leaf node associated with that
non-archived txout can be immediately pruned - it's no longer in the UTXO set
so any attempt to spend it will fail; the data is now immutable and we'll never
need it again. Inner nodes in the TXO MMR can also be pruned if all leafs under
them are fully spent; detecting this is easy the TXO MMR is a merkle-sum tree,
with each inner node committing to the sum of the unspent txouts under it.

When a archived txout is spent the transaction is required to provide a merkle
path to the most recent TXO commitment. As shown above that path is sufficient
information to unprune the necessary nodes in the TXO MMR and apply the spend
immediately, reducing this case to the TXO journal size question (non-consensus
critical overhead is a different question, which we'll address in the next
section).

Taking all this into account the only significant storage overhead of our TXO
commitments scheme when compared to the status quo is the log2(n) merkle path
overhead; as long as less than 1/log2(n) of the UTXO set is active,
non-archived, UTXO's we've come out ahead, even in the unrealistic case where
all storage available is equally fast. In the real world that isn't yet the
case - even SSD's significantly slower than RAM.


### Non-Consensus Critical Storage Overheads

Transactions spending archived txouts pose two challenges:

1) Obtaining up-to-date TXO commitment proofs

2) Updating those proofs as blocks are mined

The first challenge can be handled by specialized archival nodes, not unlike
how some nodes make transaction data available to wallets via bloom filters or
the Electrum protocol. There's a whole variety of options available, and the
the data can be easily sharded to scale horizontally; the data is
self-validating allowing horizontal scaling without trust.

While miners and relay nodes don't need to be concerned about the initial
commitment proof, updating that proof is another matter. If a node aggressively
prunes old versions of the TXO MMR as it calculates pending TXO commitments, it
won't have the data available to update the TXO commitment proof to be against
the next block, when that block is found; the child nodes of the TXO MMR tip
are guaranteed to have changed, yet aggressive pruning would have discarded that
data.

Relay nodes could ignore this problem if they simply accept the fact that
they'll only be able to fully relay the transaction once, when it is initially
broadcast, and won't be able to provide mempool functionality after the initial
relay. Modulo high-latency mixnets, this is probably acceptable; the author has
previously argued that relay nodes don't need a mempool² at all.

For a miner though not having the data necessary to update the proofs as blocks
are found means potentially losing out on transactions fees. So how much extra
data is necessary to make this a non-issue?

Since the TXO MMR is insertion ordered, spending a non-archived txout can only
invalidate the upper nodes in of the archived txout's TXO MMR proof (if this
isn't clear, imagine a two-level scheme, with a per-block TXO MMRs, committed
by a master MMR for all blocks). The maximum number of relevant inner nodes
changed is log2(n) per block, so if there are n non-archival blocks between the
most recent TXO commitment and the pending TXO MMR tip, we have to store
log2(n)*n inner nodes - on the order of a few dozen MB even when n is a
(seemingly ridiculously high) year worth of blocks.

Archived txout spends on the other hand can invalidate TXO MMR proofs at any
level - consider the case of two adjacent txouts being spent. To guarantee
success requires storing full proofs. However, they're limited by the blocksize
limit, and additionally are expected to be relatively uncommon. For example, if
1% of 1MB blocks was archival spends, our hypothetical year long TXO commitment
delay is only a few hundred MB of data with low-IO-performance requirements.


## Security Model

Of course, a TXO commitment delay of a year sounds ridiculous. Even the slowest
imaginable computer isn't going to need more than a few blocks of TXO
commitment delay to keep up ~100% of the time, and there's no reason why we
can't have the UTXO archive delay be significantly longer than the TXO
commitment delay.

However, as with UTXO commitments, TXO commitments raise issues with Bitcoin's
security model by allowing relatively miners to profitably mine transactions
without bothering to validate prior history. At the extreme, if there was no
commitment delay at all at the cost of a bit of some extra network bandwidth
"full" nodes could operate and even mine blocks completely statelessly by
expecting all transactions to include "proof" that their inputs are unspent; a
TXO commitment proof for a commitment you haven't verified isn't a proof that a
transaction output is unspent, it's a proof that some miners claimed the txout
was unspent.

At one extreme, we could simply implement TXO commitments in a "virtual"
fashion, without miners actually including the TXO commitment digest in their
blocks at all. Full nodes would be forced to compute the commitment from
scratch, in the same way they are forced to compute the UTXO state, or total
work. Of course a full node operator who doesn't want to verify old history can
get a copy of the TXO state from a trusted source - no different from how you
could get a copy of the UTXO set from a trusted source.

A more pragmatic approach is to accept that people will do that anyway, and
instead assume that sufficiently old blocks are valid. But how old is
"sufficiently old"? First of all, if your full node implementation comes "from
the factory" with a reasonably up-to-date minimum accepted total-work
thresholdⁱ - in other words it won't accept a chain with less than that amount
of total work - it may be reasonable to assume any Sybil attacker with
sufficient hashing power to make a forked chain meeting that threshold with,
say, six months worth of blocks has enough hashing power to threaten the main
chain as well.

That leaves public attempts to falsify TXO commitments, done out in the open by
the majority of hashing power. In this circumstance the "assumed valid"
threshold determines how long the attack would have to go on before full nodes
start accepting the invalid chain, or at least, newly installed/recently reset
full nodes. The minimum age that we can "assume valid" is tradeoff between
political/social/technical concerns; we probably want at least a few weeks to
guarantee the defenders a chance to organise themselves.

With this in mind, a longer-than-technically-necessary TXO commitment delayʲ
may help ensure that full node software actually validates some minimum number
of blocks out-of-the-box, without taking shortcuts. However this can be
achieved in a wide variety of ways, such as the author's prev-block-proof
proposal³, fraud proofs, or even a PoW with an inner loop dependent on
blockchain data. Like UTXO commitments, TXO commitments are also potentially
very useful in reducing the need for SPV wallet software to trust third parties
providing them with transaction data.

i) Checkpoints that reject any chain without a specific block are a more
common, if uglier, way of achieving this protection.

j) A good homework problem is to figure out how the TXO commitment could be
designed such that the delay could be reduced in a soft-fork.


## Further Work

While we've shown that TXO commitments certainly could be implemented without
increasing peak IO bandwidth/block validation latency significantly with the
delayed commitment approach, we're far from being certain that they should be
implemented this way (or at all).

1) Can a TXO commitment scheme be optimized sufficiently to be used directly
without a commitment delay? Obviously it'd be preferable to avoid all the above
complexity entirely.

2) Is it possible to use a metric other than age, e.g. priority? While this
complicates the pruning logic, it could use the UTXO set space more
efficiently, especially if your goal is to prioritise bitcoin value-transfer
over other uses (though if "normal" wallets nearly never need to use TXO
commitments proofs to spend outputs, the infrastructure to actually do this may
rot).

3) Should UTXO archiving be based on a fixed size UTXO set, rather than an
age/priority/etc. threshold?

4) By fixing the problem (or possibly just "fixing" the problem) are we
encouraging/legitimising blockchain use-cases other than BTC value transfer?
Should we?

5) Instead of TXO commitment proofs counting towards the blocksize limit, can
we use a different miner fairness/decentralization metric/incentive? For
instance it might be reasonable for the TXO commitment proof size to be
discounted, or ignored entirely, if a proof-of-propagation scheme (e.g.
thinblocks) is used to ensure all miners have received the proof in advance.

6) How does this interact with fraud proofs? Obviously furthering dependency on
non-cryptographically-committed STXO/UTXO databases is incompatible with the
modularized validation approach to implementing fraud proofs.


# References

1) "Merkle Mountain Ranges",
Peter Todd, OpenTimestamps, Mar 18 2013,
https://github.com/opentimestamps/opentimestamps-serveblob/mastedoc/merkle-mountain-range.md

2) "Do we really need a mempool? (for relay nodes)",
Peter Todd, bitcoin-dev mailing list, Jul 18th 2015,
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-July/009479.html

3) "Segregated witnesses and validationless mining",
Peter Todd, bitcoin-dev mailing list, Dec 23rd 2015,
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-Decembe012103.html

--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160517/33f69665/attachment-0001.sig>
submitted by Godballz to CryptoTechnology [link] [comments]

Decred Journal – August 2018

Note: you can read this on GitHub (link), Medium (link) or old Reddit (link) to see all the links.

Development

dcrd: Version 1.3.0 RC1 (Release Candidate 1) is out! The main features of this release are significant performance improvements, including some that benefit SPV clients. Full release notes and downloads are on GitHub.
The default minimum transaction fee rate was reduced from 0.001 to 0.0001 DCkB. Do not try to send such small fee transactions just yet, until the majority of the network upgrades.
Release process was changed to use release branches and bump version on the master branch at the beginning of a release cycle. Discussed in this chat.
The codebase is ready for the new Go 1.11 version. Migration to vgo module system is complete and the 1.4.0 release will be built using modules. The list of versioned modules and a hierarchy diagram are available here.
The testnet was reset and bumped to version 3.
Comments are welcome for the proposal to implement smart fee estimation, which is important for Lightning Network.
@matheusd recorded a code review video for new Decred developers that explains how tickets are selected for voting.
dcrwallet: Version 1.3.0 RC1 features new SPV sync mode, new ticket buyer, new APIs for Decrediton and a host of bug fixes. On the dev side, dcrwallet also migrated to the new module system.
Decrediton: Version 1.3.0 RC1 adds the new SPV sync mode that syncs roughly 5x faster. The feature is off by default while it receives more testing from experienced users. Other notable changes include a design polish and experimental Politeia integration.
Politeia: Proposal editing is being developed and has a short demo. This will allow proposal owners to edit their proposal in response to community feedback before voting begins. The challenges associated with this feature relate to updating censorship tokens and maintaining a clear history of which version comments were made on. @fernandoabolafio produced this architecture diagram which may be of interest to developers.
@degeri joined to perform security testing of Politeia and found several issues.
dcrdata: mainnet explorer upgraded to v2.1 with several new features. For users: credit/debit tx filter on address page, showing miner fees on coinbase transaction page, estimate yearly ticket rewards on main page, cool new hamburger menu and keyboard navigation. For developers: new chain parameters page, experimental Insight API support, endpoints for coin supply and block rewards, testnet3 support. Lots of minor API changes and frontend tweaks, many bug fixes and robustness improvements.
The upcoming v3.0 entered beta and is deployed on beta.dcrdata.org. Check out the new charts page. Feedback and bug reports are appreciated. Finally, the development version v3.1.0-pre is on alpha.dcrdata.org.
Android: updated to be compatible with the latest SPV code and is syncing, several performance issues are worked on. Details were posted in chat. Alpha testing has started, to participate please join #dev and ask for the APK.
iOS: backend is mostly complete, as well as the front end. Support for devices with smaller screens was improved. What works now: creating and recovering wallets, listing of transactions, receiving DCR, displaying and scanning QR codes, browsing account information, SPV connection to peers, downloading headers. Some bugs need fixing before making testable builds.
Ticket splitting: v0.6.0 beta released with improved fee calculation and multiple bug fixes.
docs: introduced new Governance section that grouped some old articles as well as the new Politeia page.
@Richard-Red created a concept repository sandbox with policy documents, to illustrate the kind of policies that could be approved and amended by Politeia proposals.
decred.org: 8 contributors added and 4 removed, including 2 advisors (discussion here).
decredmarketcap.com is a brand new website that shows the most accurate DCR market data. Clean design, mobile friendly, no javascript required.
Dev activity stats for August: 239 active PRs, 219 commits, 25k added and 11k deleted lines spread across 8 repositories. Contributions came from 2-10 developers per repository. (chart)

Network

Hashrate: went from 54 to 76 PH/s, the low was 50 and the new all-time high is 100 PH/s. BeePool share rose to ~50% while F2Pool shrank to 30%, followed by coinmine.pl at 5% and Luxor at 3%.
Staking: 30-day average ticket price is 95.6 DCR (+3.0) as of Sep 3. During the month, ticket price fluctuated between a low of 92.2 and high of 100.5 DCR. Locked DCR represented between 3.8 and 3.9 million or 46.3-46.9% of the supply.
Nodes: there are 217 public listening and 281 normal nodes per dcred.eu. Version distribution: 2% at v1.4.0(pre) (dev builds), 5% on v1.3.0 (RC1), 62% on v1.2.0 (-5%), 22% on v1.1.2 (-2%), 6% on v1.1.0 (-1%). Almost 69% of nodes are v.1.2.0 and higher and support client filters. Data snapshot of Aug 31.

ASICs

Obelisk posted 3 email updates in August. DCR1 units are reportedly shipping with 1 TH/s hashrate and will be upgraded with firmware to 1.5 TH/s. Batch 1 customers will receive compensation for missed shipment dates, but only after Batch 5 ships. Batch 2-5 customers will be receiving the updated slim design.
Innosilicon announced the new D9+ DecredMaster: 2.8 TH/s at 1,230 W priced $1,499. Specified shipping date was Aug 10-15.
FFMiner DS19 claims 3.1 TH/s for Blake256R14 at 680 W and simultaneously 1.55 TH/s for Blake2B at 410 W, the price is $1,299. Shipping Aug 20-25.
Another newly noticed miner offer is this unit that does 46 TH/s at 2,150 W at the price of $4,720. It is shipping Nov 2018 and the stats look very close to Pangolin Whatsminer DCR (which has now a page on asicminervalue).

Integrations

www.d1pool.com joined the list of stakepools for a total of 16.
Australian CoinTree added DCR trading. The platform supports fiat, there are some limitations during the upgrade to a new system but also no fees in the "Early access mode". On a related note, CoinTree is working on a feature to pay household bills with cryptocurrencies it supports.
Three new OTC desks were added to exchanges page at decred.org.
Two mobile wallets integrated Decred:
Reminder: do your best to understand the security and privacy model before using any wallet software. Points to consider: who controls the seed, does the wallet talk to the nodes directly or via middlemen, is it open source or not?

Adoption

Merchants:

Marketing

Targeted advertising report for August was posted by @timhebel. Facebook appeal is pending, some Google and Twitter campaigns were paused and some updated. Read more here.
Contribution to the @decredproject Twitter account has evolved over the past few months. A #twitter_ops channel is being used on Matrix to collaboratively draft and execute project account tweets (including retweets). Anyone with an interest in contributing to the Twitter account can ask for an invitation to the channel and can start contributing content and ideas there for evaluation by the Twitter group. As a result, no minority or unilateral veto over tweets is possible. (from GitHub)

Events

Attended:
For those willing to help with the events:
BAB: Hey all, we are gearing up for conference season. I have a list of places we hope to attend but need to know who besides @joshuam and @Haon are willing to do public speaking, willing to work booths, or help out at them? You will need to be well versed on not just what is Decred, but the history of Decred etc... DM me if you are interested. (#event_planning)
The Decred project is looking for ambassadors. If you are looking for a fun cryptocurrency to get involved in send me a DM or come talk to me on Decred slack. (@marco_peereboom, longer version here)

Media

Decred Assembly episode 21 is available. @jy-p and lead dcrwallet developer @jrick discussed SPV from Satoshi's whitepaper, how it can be improved upon and what's coming in Decred.
Decred Assembly episodes 1-21 are available in audio only format here.
New instructional articles on stakey.club: Decrediton setup, Deleting the wallet, Installing Go, Installing dcrd, dcrd as a Linux service. Available in both English and Portuguese.
Decred scored #32 in the August issue of Chinese CCID ratings. The evaluation model was explained in this interview.
Satis Group rated Decred highly in their cryptoasset valuation research report (PDF). This was featured by several large media outlets, but some did not link to or omitted Decred entirely, citing low market cap.
Featured articles:
Articles:
Videos:

Community Discussions

Community stats:
Comm systems news:
After another debate about chat systems more people began testing and using Matrix, leading to some gardening on that platform:
Highlights:
Reddit: substantive discussion about Decred cons; ecosystem fund; a thread about voter engagement, Politeia UX and trolling; idea of a social media system for Decred by @michae2xl; how profitable is the Obelisk DCR1.
Chats: cross-chain trading via LN; plans for contractor management system, lower-level decision making and contractor privacy vs transparency for stakeholders; measuring dev activity; what if the network stalls, multiple implementations of Decred for more resilience, long term vision behind those extensive tests and accurate comments in the codebase; ideas for process for policy documents, hosting them in Pi and approving with ticket voting; about SPV wallet disk size, how compact filters work; odds of a wallet fetching a wrong block in SPV; new module system in Go; security of allowing Android app backups; why PoW algo change proposal must be specified in great detail; thoughts about NIPoPoWs and SPV; prerequisites for shipping SPV by default (continued); Decred vs Dash treasury and marketing expenses, spending other people's money; why Decred should not invade a country, DAO and nation states, entangling with nation state is poor resource allocation; how winning tickets are determined and attack vectors; Politeia proposal moderation, contractor clearance, the scale of proposals and decision delegation, initial Politeia vote to approve Politeia itself; chat systems, Matrix/Slack/Discord/RocketChat/Keybase (continued); overview of Korean exchanges; no breaking changes in vgo; why project fund burn rate must keep low; asymptotic behavior of Decred and other ccs, tail emission; count of full nodes and incentives to run them; Politeia proposal translations and multilingual environment.
An unusual event was the chat about double negatives and other oddities in languages in #trading.

Markets

DCR started the month at USD 56 / BTC 0.0073 and had a two week decline. On Aug 14 the whole market took a huge drop and briefly went below USD 200 billion. Bitcoin went below USD 6,000 and top 100 cryptos lost 5-30%. The lowest point coincided with Bitcoin dominance peak at 54.5%. On that day Decred dived -17% and reached the bottom of USD 32 / BTC 0.00537. Since then it went sideways in the USD 35-45 / BTC 0.0054-0.0064 range. Around Aug 24, Huobi showed DCR trading volume above USD 5M and this coincided with a minor recovery.
@ImacallyouJawdy posted some creative analysis based on ticket data.

Relevant External

StopAndDecrypt published an extensive article "ASIC Resistance is Nothing but a Blockchain Buzzword" that is much in line with Decred's stance on ASICs.
The ongoing debates about the possible Sia fork yet again demonstrate the importance of a robust dispute resolution mechanism. Also, we are lucky to have the treasury.
Mark B Lundeberg, who found a vulnerability in atomicswap earlier, published a concept of more private peer-to-peer atomic swaps. (missed in July issue)
Medium took a cautious stance on cryptocurrencies and triggered at least one project to migrate to Ghost (that same project previously migrated away from Slack).
Regulation: Vietnam bans mining equipment imports, China halts crypto events and tightens control of crypto chat groups.
Reddit was hacked by intercepting 2FA codes sent via SMS. The announcement explains the impact. Yet another data breach suggests to think twice before sharing any data with any company and shift to more secure authentication systems.
Intel and x86 dumpsterfire keeps burning brighter. Seek more secure hardware and operating systems for your coins.
Finally, unrelated to Decred but good for a laugh: yetanotherico.com.

About This Issue

This is the 5th issue of Decred Journal. It is mirrored on GitHub, Medium and Reddit. Past issues are available here.
Most information from third parties is relayed directly from source after a minimal sanity check. The authors of Decred Journal have no ability to verify all claims. Please beware of scams and do your own research.
Feedback is appreciated: please comment on Reddit, GitHub or #writers_room on Matrix or Slack.
Contributions are welcome too. Some areas are collecting content, pre-release review or translations to other languages. Check out @Richard-Red's guide how to contribute to Decred using GitHub without writing code.
Credits (Slack names, alphabetical order): bee, Haon, jazzah, Richard-Red and thedecreddigest.
submitted by jet_user to decred [link] [comments]

Binary Indexed Tree or Fenwick Tree  Construction and ... Fenwick Tree/Binary Indexed Tree Implementation with Practice Problem Tutorial: Binary Indexed Tree (Fenwick Tree) - YouTube Fenwick tree/Binary Indexed tree - YouTube Fenwick Tree/Binary indexed tree playlist - YouTube

P2P Network¶. This section describes the Bitcoin P2P network protocol (but it is not a specification).It does not describe the discontinued direct IP-to-IP payment protocol, the deprecated BIP70 payment protocol, the GetBlockTemplate mining protocol, or any network protocol never implemented in an official version of Bitcoin Core.. All peer-to-peer communication occurs entirely over TCP. The first block is indexed ‘0’, the next ‘1’, and so on. Hash – Hash is the function which facilitates the rapid classification of data in the dataset; Previous hash – Each and every block in blockchain data structure, is associated with its ancestors. This characteristic adds to its immutability as a variety in the order of blocks. numTx – This wares a tally of the number of ... Because of the way the tree is built, you basically need to visit one node for each 1 bit in the binary representation of your index. So the algorithm to compute the cumulative sum is to start at the given index, in this case 5. Note that 5 is 101 in binary. Add its sum to the total. Then, to get to the next node needed, we want to remove the ... AA tree set; Binary indexed tree; Optimal text segmentation for QR Codes; Creating a QR Code step by step; Don’t share commented-out code; Self-encrypted cache structure; Summary of C/C++ integer rules; BitTorrent bencode format tools; My code style; Time-based One-Time Password tools; Ending my support for Python 2; Skill levels in Scalable ... Each block in the bitcoin blockchain contains a summary of all the transactions in the block, using a merkle tree. A merkle tree, also known as a binary hash tree, is a data structure used for efficiently summarizing and verifying the integrity of large sets of data. Merkle trees are binary trees containing cryptographic hashes. The term ...

[index] [2874] [50592] [812] [14800] [26092] [51267] [13570] [33446] [43349] [26342]

Binary Indexed Tree or Fenwick Tree Construction and ...

Code : https://github.com/ahsankamal/Algorithms-And-DataStructures/tree/master/AdvanceDataStructures https://bestprogrammingcourses.weebly.com/ Tip: Watch this video in Fullscreen Mode Find Complete Code at GeeksforGeeks Article: http://www.geeksforgeeks.org/binary-indexed-tree-or-fenwick-tree-2/ Sou... In this video, I have discussed about fenwick tree, which is also known as binary index tree. This data structure was published by fenwick in 1994 which is u... Fenwick Tree or Binary Indexed Tree - Duration: 22:43. Tushar Roy - Coding Made Simple 139,256 views. 22:43. How to Start Competitive Programming For Beginners Steps to Follow - Duration: 13:03 Implementations: C++ https://goo.gl/wEfhnT Python https://goo.gl/p14GxX I didn't liked any of the other tutorials. So I decided to make my own. Hope you like...

#