
Stellar Smart Contracts - tosh
https://www.stellar.org/developers/guides/walkthroughs/stellar-smart-contracts.html
======
danielvf
If I'm reading the docs right, the Stellar smart contracts are extremely
different from Ethereum smart contracts - in fact, it almost feels like a
stretch to call them the same name. Like "animals" vs "plants".

Ethereum smart contract are actual virtual machines. They are tiny computers
that run whatever bytecode you want. You could calculate pi to a million
decimal places in a smart contract, if you had the money for gas.

Stellar smart contracts, on the other hand, are simpler. A transaction can
only choose from 13 operations (Buy, make offer, change trust, etc). On top of
the operations, you can add some restrictions to the transaction - Stellar has
support for built-in multi-sig, built-in start and end time limits, and built
in transaction grouping. By combining these restrictions, grouping
transactions, presigning this, and handing out that, you can make something
that's smarter than a single person doing a single transaction.

As an Ethereum blockchain developer, using Stellar smart contract feels very
limiting, and outside the simple cases, very convoluted.

~~~
michaelscott
The Stellar smart contracts seem to function like versions of Bitcoin Script
transaction types with more features. For me this seems like a more
appropriate direction for transaction abilities in comparison to Ethereum's
approach, which has more capability but also massive room for implementation
error.

~~~
blotter_paper
I see room for both, at least until Ethereum is more mature (and maybe
longer).

------
koalala
Stellar isn't decentralized. Just like Ripple, it uses Federated Byzantine
Agreement, which means that nodes use a list of other nodes they trust. The
fact that this scheme has nothing to do with the concept of a decentralized
cryptocurrency, aside from the hype train, doesn't appear to have percolated
into the collective mainstream or even geek consciousness yet.

~~~
Suncho
This is why Stellar probably doesn't count as a real "blockchain." It's also
why Stellar is potentially a lot more useful than blockchain. You don't have
to do proof of work, which is wasteful of resources by design.

Note that the cryptocurrency people use the word "decentralized" differently
from the rest of the world. They use it specifically to mean that the
mechanism for determining consensus is perfectly distributed among an unknown
number of arbitrary nodes.

Stellar consensus _is_ decentralized in the conventional sense. Federation is
a form of decentralization.

~~~
decentralised
There are plenty of consensus protocols that don't waste energy but I think
it's important to understand why PoW relies on an unproductive algorithm.

Mining fulfils two roles:

\- identity management: To identify who is a trustworthy block producer in an
anonymous and trustless network, mining introduces a cost to the block
generation process and we use a game theory assumption that it serves as a
barrier for attackers. This doesn't mean there aren't validation checks
performed by other nodes in the network and the consensus forming rules
themselves of course.

\- consensus formation: In a distributed network, nodes are bound to disagree
on which is the canonical chain out of two or more competing forks. The most
common algorithm calculates the accumulated computational effort of each chain
of blocks and picks the "heaviest" one, ie the one with the most work done on
it. This has the nice side effect of ensuring economic finality for the
transactions in those blocks.

Now, regarding decentralisation you state that "the cryptocurrency people" use
it wrong, but the definition you gave is incorrect. As a cryptocurrency
person, Vitalik Buterin described decentralisation here:
[https://medium.com/@VitalikButerin/the-meaning-of-
decentrali...](https://medium.com/@VitalikButerin/the-meaning-of-
decentralization-a0c92b76a274)

~~~
j0hnM1st
> There are plenty of consensus protocols that don't waste energy but I think
> it's important to understand why PoW relies on an unproductive algorithm.

DPoS consensus used by Bitshares/STEEM & EOS seems to the most advanced among
the models and they also have the highest TPS

~~~
decentralised
All consensus protocols make tradeoffs between three properties:

\- Finality Latency: how fast is a block finalised after it’s been proposed

\- Decentralisation: how many consensus-forming nodes can exist in the network

\- Resource Overhead: how many blocks per second do consensus-forming nodes
need to verify

dPoS protocols sacrifice decentralisation and compromise in resource overhead
for apparent performance, ie many transactions processed by a few very
powerful servers.

The game-theory and security aspects of a blockchain like its censorship
resistance, immutability or who can produce the next block are also relaxed to
a level that many blockchain professionals consider unacceptable. Case in
point the formation of cartels is incentivised by the dPoS delegation of vote
mechanism. Corruption is baked in.

I wrote a short intro to consensus protocols a while back if you're interested
in knowing a bit more: [https://medium.com/@jpa_of_snc/consensus-casper-and-
cryptoec...](https://medium.com/@jpa_of_snc/consensus-casper-and-
cryptoeconomics-in-15-minutes-or-less-c7ca2427bf88)

------
leifg
> As a reminder, smart contracts are created using code. Code can contain bugs
> or may not perform as intended. Be sure to analyze and agree upon all
> possible edge cases when coming up with the conditions and outcomes of the
> smart contract.

Predicting all possible edge cases of a piece of software has been proven to
be very hard in the past (there have been software bugs that literally killed
people).

Why would I ever agree to let software ALONE enforce a contract? And if there
is a human process to override the outcome of the contract, what advantage
does it have over a "dumb contract".

I just find the whole idea of computers enforcing law very unsettling.

~~~
vntok
Smart contracts allow you to completely shortcut intermediaries and their fees
in the case where everything goes right or can be checked objectively by an
algorithm (ex price of a commodity on a particular platform at a particular
time).

With a multisig escrow account, if you and your counterpart both agree to
transfer the funds, or both agree to unlock the funds, there is essentially no
fee to give away to anyone else. If something goes wrong and you don't agree
anymore, well then you can involve authorities from the real world.

~~~
beaconstudios
but the issue at hand is the case where the multisig contract has a bug and
one party (or even a third party) can trigger a transfer of funds or render
the funds inaccessible.

~~~
mbrock
Just do a symbolic execution of the code and prove that your intended behavior
holds.

A multisig contract is an utterly trivial program. It is easy to prove
correct.

~~~
beaconstudios
> Just do a symbolic execution of the code and prove that your intended
> behavior holds.

So... Introduce a human to the process? This is the exact issue we're talking
about.

> A multisig contract is an utterly trivial program. It is easy to prove
> correct.

Even if it is, we're not just talking about multisigs. This process should
scale up to more advanced smart contracts or this whole "innovation" is just
replacing escrows, which is a greatly diminished innovation from the actual
claim of smart contracts.

~~~
mbrock
How complex smart contracts are needed? I think we should keep them simple.

------
apo
Both of the examples (2-Party Multisignature Escrow Account with Time Lock &
Recovery, and Joint-Entity Crowdfunding) have been possible with Bitcoin for
some time.

~~~
a13n
But aren't Bitcoin transactions slow and expensive?

------
jillesvangurp
I recently started moving our token from Ethereum to stellar for the simple
reason that I came to the conclusion that Ethereum is too far from being
production ready to be of use in an application that has actual users that
generate any kind of sizable amount of transactions. Ethereum is cute until
you have use cases and uses that require it to actually process transactions.
The Ethereum ecosystem is a big mess right now.

All the proper solutions for this are years out from being production ready
and widely used. I'm talking about sharding, proof of stake, etc. It's going
to take several hard ethereum forks to get there. I think Vitalik is thinking
2020/2021 type time frames currently for this. I would not be surprised if
that shifts some more. This stuff is hard. Until then, smart contracts on
ethereum are only useful for very limited volumes of transaction that, so far,
have been mostly about ICOs for shit coins. Essentially all of the transaction
volume on Ethereum is trading in these coins. So, unless you are doing an ICO
to raise funding, Ethereum has no practical value whatsoever. And given the
scams happening there, it is not a great place for that either.

Some people use side chains to work around this, i.e. a centrally run private
blockchain. There are several proof of stake based platforms with smart
contracts in the works (e.g. hashgraph, IOTA). Mostly that stuff is really
immature (or not ready at all) and lacking the broad user base that bitcoin
and ethereum have. Bitcoin is nice but useless for custom tokens. There are
not a lot of options here that are usable now, scalable, and reasonably widely
used (critical if you are going to lock up millions $ in value in it).

Stellar may not be perfect but it works right now and it scales and it is
reasonably widely used. They have built a few things into stellar that largely
remove the need for centralized things like exchanges or convoluted smart
contracts that need auditing. This is why it is gaining a lot of traction
lately.

Specifically: \- any stellar account can issue tokens \- any stellar account
that trusts (this is stored in stellar) those tokens can receive those tokens
\- any account can create offers to buy/sell any tokens (that they trust) on
stellar \- when offers are matched by a counter offers, the trade happens.

There are no websites where you need to go to get your token listed, no
middlemen to bribe/deal with, no transaction fees (beyond the 1/10^5th of an
XLM), no smart contracts to write. This stuff works out of the box. You can be
up and running in minutes if you know what you need to do.

If you want to issue a token on stellar the process is as follows: \- create
an issuing account with a minimal XLM balance \- create distribution account
\- make your distribution account trust your FOO coin issued by the issuing
account \- pay some FOO from the issuing account to the distribution account.
This creates the token. Paying it back to the issuing account destroys it. \-
write a stellar.toml file with some meta data and put it on your domain
foo.com in the .well-known directory. This tells your users and exchanges what
your coin is, who issued it, etc. \- set foo.com as the home domain on the
issuing account \- fiddle with the issuing account options to further control
things (multi sig, preventing more tokens from being issued, etc.)

Done. They have lots of other stuff built in that is highly useful like
federated accounts, a compliance protocol for people to pre-clear
transactions, etc. If you start reading the documentation, it becomes very
clear that this was developed by people who deeply understand the needs of
those that develop complex financial products.

To trade tokens, you simply create offers and counter offers on stellar. This
works right away. The recently launched Stellarx.com is just a pretty UI
around the built in functionality.

To get listed on stellarx, you need some positive evidence of trading
happening with your token. I think this currently means evidence of a (small)
trading volume and a minimum number of accounts that hold your token. Other
than that there are no bribes, listing fees, etc. I imagine that over time the
requirements for this will change and there will be competing websites getting
involved as well.

People making the point that stellar is a centralized system are of course
somewhat right. However, it is a system that can be used right now and you can
easily scale it to meaningful numbers of transactions. The shared database of
transactions that stellar produces can be validated by anyone and if you run a
full node, that's exactly what it does. So, it's not as black and white as
this being 'controlled' by a single entity. In practice the companies that are
active on stellar end up running their own nodes and validators. Many people
do.

~~~
felipeccastro
That was very informative, thanks! I was having the same impression about
Ethereum, that the ecosystem was becoming wider and ever more complex, but
still not very practical to actually use. How does Stellar compare to EOS?
AFAIK EOS uses the same approach of federation / trusted nodes, and is also a
platform for smart contracts, so it would be interesting to see a comparison.

~~~
jillesvangurp
I haven't got much experience with EOS. My feeling is that they are a bit
newer to the scene than stellar in terms of adoption/traction. They only
launched this summer and stellar has been gaining traction since late last
year so they are a bit ahead on that front. Regardless of what you pick, you
are taking a leap of faith in long term viability/stability of what you pick.

We went for stellar because we saw some traction there, kind of liked the
notion of being in an ecosystem with a bit more serious players, and we liked
what it did functionally.

~~~
carleverett
What do you define as traction? CoinMarketCap shows EOS trading at
significantly higher daily volumes than Stellar.

~~~
jillesvangurp
I tend to look at developer traction: people converting money into code as a
good signal that smart people are deciding to give it a shot. Logically, since
it has been only about 3 months since they launched, there cannot be a lot
happening yet in terms of companies launching products based on EOS, running
EOS related infrastructure, etc. I did not look at Stellar for the first half
of this year for the same reason. That changed when I started hearing about
people using stellar or switching to it from Ethereum around the same time I
started having serious doubts about being able to run our product on top of
Ethereum any time soon. I wanted to understand why stellar was suddenly a
thing and found that there was a pretty mature ecosystem of companies and
developers using it already. I'm not getting that kind of vibe with EOS yet.

In any case, a lot of blockchain related trading is speculative and most of
that is not based on technical merit but the investors irrational perception
on the chance of exchange rates going up or down. Speculators make lousy CTOs,
so I tend to ignore them for technical decision making.

So, EOS doing brisk trading beause ETH holders are panicking and acting like
lemmings, or because Vitalik farted in a particularly interesting way, or
whatever madness of the day drives the market does not constitute meaningful
developer traction in my view. It just means EOS core development is likely
well funded for the next few years. Good for them.

~~~
carleverett
So are you considering developer traction to be platform age and what people
you know are working with?

I'm not trying to be argumentative. I personally like Stellar over EOS as
well, but I haven't seen the same developer traction advantage that you're
seeing. At least on Stack Exchange, EOS is more active despite being half the
age.

------
midhir
One thing I've found impenetrable about Stellar is the use of the XDR data
format. I've never encountered this before and it's been a painful step in
starting to build on their platform.

Are their any simple, introductory texts on it? A lot of stuff is from Stellar
themselves.

I'm sure there are good reasons for using it, the rest of the platform looks
simple to understand and well designed.

~~~
jillesvangurp
It's a simple binary format similar to e.g. protocol buffers. You write an idl
and then generate code for different languages. The reason they went for this
is that is compact. This kind of matters because this stuff is actually stored
in stellar in large quantities.

It's a pretty old ietf standard actually. I recently had a discussion on this
on their slack channel making the point that the choice for this was a bit
unfortunate given that this is a relatively obscure format with not a lot of
developer ecosystem around it.

Because of this, the stellar guys are actually maintaining their own code
generation tool for this because there's nothing else out there apparently.
It's called xdrgen. It generates code for a few languages. If you want to
understand xdr, that's a good place to start. You can find the idl in stellar
core.

I actually have an open bug for the java code generation with them, it
generates broken code currently.

~~~
twic
Any idea why they picked XDR rather than something that is more widely used in
the present day, like Thrift? That is efficient on the wire, and pretty widely
supported:

[https://thrift.apache.org/docs/Languages](https://thrift.apache.org/docs/Languages)

~~~
jillesvangurp
they wanted something standard and I guess did not realize that the IETF
standard for XDR is not that widely used. I agree it would have been nicer if
they went for something like thrift instead. However, it's done and I don't
think they can fix this without breaking compatibility.

I do wonder why XDR sort of failed to get used and why people went ahead and
created protocol bufs and thrift as alternatives.

------
mrleiter
From a legal perspective, this is very interesting. The concept of escrow has
existed for centuries I suppose. It needs three parties, A (origin), B
(escrow) and C (destination). An escrow is only needed, because A and C don't
trust themselves enough. Trust is a basic necessity in any contract and
providing trust is a extremely valuable service.

In (Austrian) civil law, there is something called "acquisition in good
faith", which allows a third person under certain circumstances to lawfully
acquire full and unrestrained ownership of a good from someone who does not
have the rights to transfer full and unrestrained ownership of said good.

Example: A wants to sell a laptop to C, but doesn't trust him until he has
fully paid the price. They agree to use an escrow agent B. A gives B the
laptop and C gives B the money/price. Now what happens if B doesn't acts in
bad faith and decides to sell the laptop to the third party T? Well, if T
isn't colluding or doesn't have to suspect that B is acting in bad faith, he
(under certain conditions, that are most likely met in this case) can acquire
full and unrestrained lawful ownership of that laptop. A is only left with
claims on account of unjust enrichment against B, but has zero chance of
getting his laptop back if T refuses to give it back. In that case it may not
be problematic, because A only wanted the money, although he now has to take B
to court and B maybe insolvent and so forth. The problem is more poignant if
the laptop wasn't a laptop, but something very unique that has no equivalent
monetary worth.

And here smart contracts help: they make it impossible to transfer certain
goods before certain conditions have been met. The ensure trust. That's why I
believe this technology is very valuable.

tl;dr: smart contracts are very valuable, because the ensure trust.

~~~
buboard
The escrow used to be a trusted third party though. Blockchain moves the
"quantity of trust previously assigned to the escrow agent" to the two
parties. If one party disputes for some reason the algorithm this can't be
settled automatically. With a trusted human escrow agent, an abnormal
situation would probably end with him sharing part of the blame , which help
resolve the conflict in a way that is not fair, but surely blame-able. There
is nobody to blame with a machine though.

------
onion-soup
Great to see smart contract technology unfolding before our eyes.

~~~
Nursie
Is it? Really?

As far as I'm aware the oracle problem still exists, the problems of having to
get data onto the blockchain from external, trusted sources.

In real-world contracts the problems don't arise over the simple execution of
contract, they arise when intent is muddied or missed by words, when terms are
unfair, overly onerous or legally unenforceable. Given this, there are very,
very few situations in which smart contracts appear to be a good idea,
particularly as you talk about anything more than trivial amounts of money.

The world just isn't that black and white.

~~~
vntok
It is, yes.

Most transactions that occur daily across the whole world involve trivial
amounts of money.

If I want to sell you a 300€ dishwasher, for example, I can either require
cash, ask for a check/bank transfer and pray it doesnt bounce, or involve a
3rd party whom i trust in which case I will have to forego a % fee for their
escrow service, maybe 30€. With a smart contract, I can now be sure the
buyer's funds exist and are locked before we meet. Then we shake hands, we
load the dishwasher in their car and we both release the funds before parting
way. I just saved myself a 10% fee and the buyer wasn't forced to get cash
from an atm.

~~~
unmole
> funds exist and are locked before we meet

What does _locking_ funds entail?

~~~
unmole
In the hypothetical dishwasher example, what is the buyer's incentive to lock
up funds before even physically inspecting the item? What is my recourse if a
spiteful seller refuses to agree to releasing my funds if I decide not to go
through with the purchase?

I'm not being facetious. I'm trying to understand why one would need to use an
escrow service for something like this.

~~~
vntok
Buyer and seller enter a smart contract where the buyer's funds are locked for
two days, then freely recoverable by the buyer only after the contract
expires. That proves to the seller that the funds exist at no risk to the
buyer.

A day before the contract expires, buyer and seller meet up to inspect the
goods. Upon inspection, seller hands over the goods and buyer validates the
release order in front of him before departing, thus completing the contract
before its expiration.

Infinitesimal cost, infinitesimal risk.

------
platz
IOHK has Smart Contracts too (Cardano)

[https://iohk.io/blog/cardano-smart-contracts-testnet-iele-
la...](https://iohk.io/blog/cardano-smart-contracts-testnet-iele-launches/)

------
fiatjaf
Stellar is a waste because it's a great idea with a super cool protocol but
with a useless shitcoin (XLM) all mixed up in the system.

I'm waiting for someone to rewrite Stellar to not have to use that shitcoin
(if you need it for antispam, use Bitcoin Lightning donations, whatever), and
also use it for other things, like federated DNS or a federated Wikipedia.

