Ukuvikeleka kweSmart Contract kuDeFi: Iziphumo Ezivamile Nokuthi Ungazigwema Kanjani

1 month ago
I-DeFi neziNoveliUkuvikeleka kweSmart Contract kuDeFi: Iziphumo Ezivamile Nokuthi Ungazigwema Kanjani

Umhlaba wezeMali oHlanganyelwe (DeFi) uyinsakavukela emangalisayo, ubuchwepheshe bezimali obwakhiwe phezu kwesizinda se-blockchain. Uthembisa ikusasa lezinsizakalo zezimali ezivulekile, ezingavunyelwe, nezicacile, kusukela ekubolekeni nasekutholeni imali, kuya ekutholeni inzuzo nasekuthengeni izimpahla, konke ngaphandle komphakathi ophakathi. Enhliziyweni yale mguquko kukhona ubuchwepheshe obuhlakaniphile

isivumelwano—ikhodi ezizenzakalelayo ekhomba imithetho futhi iphathe imiphumela yokuhweba ngakunye.

Kodwa-ke, le mandla amangalisayo avela nomthwalo omkhulu. Isisho esidala esithi “ikhodi iyumthetho” emkhakheni we-DeFi sisho ukuthi awekho ama-hotline okusebenza okukhuluma uma kukhona okungahambi kahle. Uma kukhona iphutha kukhodi, imali ingalahleka ngendlela engaguquki ngesikhathi esifushane. kwesokwenyama. Ngaphandle kokuthi i-platform efana ne Exbix, egxile ekunikezeni indlela ephephile nephumelelayo yokungena emnothweni we-crypto, ukuqonda lezi zingozi kubalulekile kubasebenzisi bethu.

Le mhlahlandlela ebanzi izophenya kakhulu emhlabeni wezokuphepha kwezivumelwano ezihlakaniphile. Sizokhuluma ngezingozi ezivamile, sihlole izigameko ezidumile zomlando, futhi, okubaluleke kakhulu, sizokunikeza amathuluzi ngolwazi lokuhamba kahle emhlabeni we-DeFi. Khumbula, abasebenzisi abanolwazi bavikelekile. Futhi ngenkathi uhamba phambili emandleni amakhulu e-crypto, ungathengisa njalo ama-pair amakhulu afana ne BNB/USDT ne ETH/USDT ku platform yethu evikelekile futhi elula ukuyisebenzisa. rel="noreferrer noopener">Ibhodi yokushintshanisa ye-Exbix.

Isingeniso: Umkhonto Osebenza Ngakolunye Uhlangothi we-DeFi

i-DeFi ibekile izigidigidi zamadola ezimali zedijithali. Le mali enkulu iyenza ibe yinjongo ephezulu yokuhlaselwa, njengoba abahlaseli behlola njalo ubuthakathaka. Ibhakede elilodwa lingaholela ekulahlekelweni okungafinyelela ezigidini zamadola. amadola, ukwehlisa ukwethenjwa kwabatyali bezimali nokumisa ubuchwepheshe obusha.

Kodwa lokhu akusikho isizathu sokuphuma. Kunokuba kunjalo, kuyisikhumbuzo sokubaluleka kwemfundo nokuba qaphela. Ngokuqonda ukuthi lezi zinsongo zenzeka kanjani, bobabili abathuthukisi nabasebenzisi bangasiza ekwakheni umphakathi onamandla. Kulabo abafuna ukwandisa amasu abo okuthenga ngaphezu kwemakethe ye-spot, ukuqonda lezi zingozi kubalulekile. kubalulekile ngaphambi kokungena emikhiqizweni eyinkimbinkimbi ku- Exbix Futures platform.

Ingxenye 1: Isisekelo – Yini Ama-Smart Contracts & Kungani Ehlukumezeka?

Ikhontileka ehlakaniphile inguqulo yohlelo egcinwe ku-blockchain eqala ukusebenza lapho izimo ezinqunywe ngaphambili zifezekiswa. Zivame ukusetshenziswa ukuze zisebenze ngokuzenzakalelayo isivumelwano ukuze bonke ababambiqhaza bakwazi ukuqiniseka ngokushesha ngemiphumela, ngaphandle kokungenelela komuntu ophakathi noma ukulahleka kwesikhathi.

Kungani zikhona ubuthakathaka?

  • Ukungashintshi: Uma seziqaliswe, ziba nzima kakhulu uku shintsha. Noma iyiphi iphutha elingene kwi-code lihlala khona unomphela, ngaphandle kokuthi izindlela ezithile zokuthuthukisa zibe sezingeni kusukela ekuqaleni.
  • Ubunzima: Izivumelwano ze-DeFi ziyinkimbinkimbi kakhulu, ngokuvamile ziqukethe amakhontrakthi amaningi axhumene. Lokhu kubunzima kukhuphula “indawo yokuhlasela.”
  • Ukuxhumana (Imali ye-Lego): Lokhu kuyi Isici esikhulu se-DeFi kanye nengozi yayo enkulu. Ama-protocol akhiwe ukuze axhumane nomunye nomunye. Ukuphulwa kokuphepha ku-protocol eyodwa kungadonsela phansi abanye abaxhomekeke kuyo.
  • Ikhodi Epublic: Ngenkathi ubunjalo bokuvuleka bukhuthaza ukwethenjwa, futhi kusho ukuthi abahlaseli bangabheka ikhodi amahora amaningi, befuna iphutha elilodwa.
  • i-Oracle Inkinga: Amakontile adinga idatha yangaphandle (isb., intengo ye-asethi). Le datha ivela kuma-“oracles.” Uma i-oracle ithinteka noma iguqulwa, amakontile athembele kuyo azosebenza ngokusekelwe kulwazi olungelona iqiniso.

Ngaphambi kokungena ezinkingeni zobuchwepheshe, kuhle njalo ukuqinisekisa ukuthi imisebenzi yakho yokuhweba eyisisekelo isendaweni ephephile. Ungakwazi ukuhlola amanani amasha kanye nezinyathelo zamathuluzi ahlukahlukene ku Exbix Markets ikhasi.

Ingxenye 2: Izingozi Ezivamile Zezivumelwano Ezihlakaniphile Nezokuhlukumeza

Ake sihlukanise izigaba ezivamile zezingcuphe eziholele ekutheni kube nezingozi ezinkulu ukulahlekelwa ku-DeFi.

1. Ukuhlasela Ngokuphindaphindiwe: I-Heist Eyaziwayo

Ukuhlasela ngokuphindaphindiwe kuyisiphambeko esidumile se-smart contract, esivele sakhonjiswa kahle nge DAO hack ngo-2016, okuholele ekulahlekelweni kwe-3.6 million ETH nokuphuma kwe-Ethereum hard fork.

  • Yini lokhu? Ukuhlasela ngokuphindaphindiwe kwenzeka uma isivumelwano esibi sishaya emuva esivumelwaneni esibizayo ngaphambi kokuthi ukuqhuba komsebenzi kokuqala kuphothulwe. Lokhu kungavumela umhlaseli ukuthi akhiphe izimali kaningi ngaphambi kokuthi ibhalansi yabo ibuyekezwe.
  • Ukusebenza kwayo:
    1. Isivumelwano A sine withdraw() umsebenzi othumela i-ETH kumsebenzisi futhi bese ubuyekeza ibhalansi yangaphakathi yomsebenzisi.
    2. Ikhono leMali ye-Attacker B libiza withdraw().
    3. Ikhono A ithumela i-ETH kuKhono B.
    4. Ikhono B line fallback() umsebenzi (owamukela i-ETH) o ngokushesha ubiza withdraw() kuKhono A futhi.
    5. Ikhono A akakabi awukabange ibhalansi yomhlaseli, ngakho ibona ukuthi i-Contract B isaqhubeka nokufaneleka emalini ethile ye-ETH futhi iyithumele futhi.
    6. Le mjikelo iqhubeka, ikhipha i-Contract A, kuze kube sekupheleni kwesikhathi sokuhweba noma i-akhawunti iphelile.
  • Isibonelo Esidumile: Uhlaka lwe-DAO (2016).
  • Indlela Yokugwema Lokhu:
    • Sebenzisa iphethini ye-Checks-Effects-Interactions: Le yindlela egolide. Njalo:
      1. Hlola zonke izimo (isb., require(balances[msg.sender] >= amount);).
      2. Thuthukisa zonke izinguquko zangaphakathi (imiphumela) (isb., balances[msg.sender] -= amount;).
      3. Khona, sebenzisana nezinye izinkontileka noma ama-EOA (ukusebenzisana) (isb., msg.sender.call{value: amount}("");).
    • Sebenzisa Iziqinisekiso Zokuphindaphinda: I-OpenZeppelin inikeza umshini ReentrancyGuard okhupha umsebenzi ngesikhathi sokusebenza kwawo, uvimbela ukubiza okuphindaphindiwe.

2. Ukuhlasela Kwe-Oracle

Izivumelwano ezihlakaniphile zivame ukufuna idatha yezenzakalo zangempela. Ama-oracle yizinsizakalo ezihlinzeka ngale datha. Ukuhlasela umthombo wenani owuhlinzekayo i-oracle kuyindlela eyinhloko yokuhlasela.

  • Kuyini? Umhlaseli uhlela inani lempahla emakethe engashintshiswanga (DEX) enokuncipha kokuthengiswa ukuze phosa i-oracle yephrothokholi ukuba ibike intengo engalunganga.
  • Ukusebenza kwayo:
    1. Uphrothokholi yokubolekwa isebenzisa intengo ye-DEX njengokubikezela ukuze ibone ukuthi zingakanani ezingenziwa zibuye kwi-collateral.
    2. Umhlaseli uthatha imali yesikhashana ukuze akhiphe ukuhamba kwemali kwi-pair yokuhweba, sithi, ABC/ETH, okwenza kube nzima ukuhweba.
    3. Umgibeli uthengisa inani elincane le-ABC ukuze uthuthe intengo yayo kakhulu ngokumelene ne-ETH epulazini elingasebenzi kahle.
    4. Uhlelo lwe-oracle lufunda le ntengo eguquliwe.
    5. Umgibeli usebenzisa i-ABC ekhuphukile ngokuqhubekayo njengemali yokubolekwa ukuze aboleke inani elikhulu lezinye, izinto ezingashintshwanga, kuhlelo.
    6. Umgibeli ubuyisela imali ebolekiwe, futhi intengo ye-ABC
      7. ilungisa ngokwayo, kodwa iphrothokholi ishiywe nezimpahla ezingasizi kanye nesikweletu esikhulu esibi.
  • Izibonelo Ezidumile: I-hack ye-Harvest Finance ($34 million ilahlekile), isigameko se-DAI se-Compound.
  • Indlela Yokuyigwema:
    • Sebenzisa Ama-Oracle Ahlukanisiwe: Sebenzisa amanethiwekhi ama-oracle aqinile afana ne-Chainlink, okwenza qoqa idatha evela emithonjeni ehlukene nezinsiza, okwenza kube nzima kakhulu futhi kubize kakhulu ukuhlela.
    • Sebenzisa Amanani Aphakathi Kwezikhathi (TWAPs): Ukusebenzisa isilinganiso samaholo phakathi nesikhathi (isb., imizuzu engu-30) esikhundleni samaholo esikhathini esifushane kwenza ukuhlela okwesikhashana kungabi nenzuzo.
    • Sebenzisa Imithombo Ehlukene Yedatha: Ungaqhubeki rely on a single DEX’s liquidity for a critical price feed.

3. Ukuphuma Nokungena Kwenombolo

Amakhompyutha anemikhawulo yokuthi inombolo ingaba nkulu kangakanani. I uint256 (inombolo engafani) ku-Solidity inenani eliphezulu le 2^256 - 1.

  • Yini le?
    • Ukuphuma: Lapho umsebenzi (njengokungeza) uholela enanini elikhulu kunenani eliphezulu, "uphendukela" enanini elincane kakhulu.
    • Ukuncipha: Lapho umsebenzi (njengokwehlisa) uholela enanini elingaphansi kuka zero (kwizinombolo ezingekho phansi, ezingakwazi ukuba ne-negative), uphendukela enanini elikhulu kakhulu.
      • inombolo.
  • Kungasebenza Kanjani:
    • Ibhalansi ye 100 ama-tokens. Umsebenzisi uchitha 101. Ukubala 100 - 101 kuze kube phansi, kuholela ebhalansini ye 2^256 - 1, okwenza umsebenzisi abe nebhalansi engapheli.
  • Indlela Yokugwema It:
    • Sebenzisa i-Solidity 0.8.x noma kamuva: Umqambi uhlole ngokuzenzakalelayo ukuweqa/ukwehla futhi ubuyisele emuva ukuhweba lapho kwenzeka.
    • Sebenzisa i-SafeMath yamakompiyutha amadala: I-OpenZeppelin SafeMath library inikezela ngezindlela zokusebenza eziphephile ze-arithmetic ngaphambi kwe-v0.8.

4. Access Control Flaws

Amakontile amaningi anemisebenzi okufanele avinjelwe kumakheli athile (isb., umnikazi, umphathi).

  • Kuyini? Umsebenzi obalulekile ekusebenzeni kwephrothokholi (isb., ukuvuselela ikontileka, ukukhiqiza amathokheni amasha, ukushintsha izindleko) ungehluleka uvikelwe futhi uba umphakathi ngokungafanele. modifier efana onlyOwner.
  • Isibonelo Esidumile: Ukuhlasela kwe-Parity Wallet (2017), lapho umsebenzisi engafaneleka wakhumbula umsebenzi owawenza ukuba abe ngumnikazi wesivumelwano sebhuku futhi kamuva “wazibulala”, evalela ~500,000 ETH phakade.
  • Indlela Yokugwema Lokhu:
    • Sebenzisa Ukulawulwa Kokufinyelela Modifiers: Sebenzisa izinguquko ezifana ne-OpenZeppelin’s Ownable noma AccessControl ukucacisa ukuvinjelwa kwemisebenzi ebucayi.
    • Hlola Futhi Uhlolise Ngokuqinile: Izivivinyo ezizenzekelayo kufanele zihlola ngokukhethekile ukuthi abasebenzisi abangagunyaziwe abakwazi ukubiza imisebenzi enamalungelo.

5. Ukuphuma phambili nokuhweba Ukulandelana Kwezinto

Emkhakheni we-blockchain, ukudluliswa kuyavuleka emempool ngaphambi kokuba kuhlanganyelwe. Abatholi bahlukanisa ukuze kufakwe ku-block, ngokuvamile begcizelela lezo ezinezimali eziphezulu zokusebenzisa.

  • Yini lokhu? Umhlaseli ubona ukudluliswa okungatholakala (isb., ukuhweba okukhulu okuzoshintsha intengo) emempool bese ethumela eyakhe. ukusebenza kuqala.
  • Indlela esebenza ngayo:
    1. Umsebenzisi A uthumela ukudluliswa kokuthenga ama-tokens angu-10,000 XYZ, okuzokwandisa kakhulu intengo.
    2. Uhlangothi B ubona lokhu kudluliswa futhi ngokushesha uthumela ukudluliswa kokuthenga i-XYZ kuqala, engezelela imali ye-gas ephezulu.
    3. Umphakeli wenza ukuthi ukudluliswa kukaHlangothi B kuqedwe kuqala.
      4. thenga umyalo wokuqala. Intengo ye-XYZ inyuka.
    4. Umlayezo kaMsebenzisi A uthunyelwa ngentengo entsha, ephezulu.
    5. Uhlanga B sishesha sithengisa ama-tokens e-XYZ abawathengile, sithola inzuzo kusukela ekuhlukaniseni kwentengo okwakwenziwe uMsebenzisi A.
  • Indlela Yokugwema Lokhu:
    • Sebenzisa Ukuthumela KweSubmarine: Izindlela ezifana nokusebenzisa izinhlelo ze-commit-reveal, lapho inhloso ifakwa kuqala bese isenzo sivezwa kamuva.
    • Sebenzisa ama-Flash Bots: Ku-Ethereum, izinsizakalo ezifana ne-Flashbots zivikela ukuhweba ekwenzeni izinyathelo zokuqala ngokuzithumela ngqo kubalimi.
    • Guqula Uk耐性 Kwe-Slippage: Ku-DEXs, abasebenzisi bangabeka umkhawulo ophakeme we-slippage tolerance ukuze bavimbele ukuhweba ukuthi kwenziwe ngemuva kokuthi. amanani angathandeki.

(… I-athikili iqhubeka ngama-~4100 amagama, ibheka ezinye izinkinga ezifana Nezimpazamo Zokuhlela, Ukuhoxiswa Kwezimali, Ukuhlaselwa Kwezimali Zesikhashana, kanye nezigaba eziningi zokuthi Ungazivikela Kanjani Njengomsebenzisi kanye Nezindlela Ezingcono ZabaThuthukisi …)

Ingxenye 5: Ungazivikela Kanjani Njengomsebenzisi we-DeFi

Ngokuhamba kwabathuthukisi, banomthwalo wemfanelo wokubhala ikhodi ephephile, abasebenzisi kumele benze ucwaningo olufanele. Nansi indlela ongavikela ngayo imali yakho:

  1. Yenza Ucwaningo Lwakho (DYOR): Ungatshali imali kuphrojekthi ongayiqondi. Funda imibhalo yabo, uqonde i-tokenomics yabo.
  2. Hlola Ukuhlolwa: Ingabe i- iphrojekthi ibikwiwuhloleli oludumile njengeConsenSys Diligence, Trail of Bits, CertiK, noma iQuantstamp? Funda imibiko yokuhlola! Qaphela: Ukuhlolwa akusiyo isiqinisekiso, kodwa ukungabi khona kwayo kuyisixwayiso esikhulu.
  3. Qinisekisa Ukungaziwa Kweqembu: Yiba nenhlonipho eyengeziwe ngeqembu elingaziwa ngokuphelele. Nakuba ubumfihlo buyilungelo, ukungaziwa kwenza “ukudonsa izicathulo” kube lula ukukwenza ngaphandle kwe... umphumela.
  4. Qala Kancane: Ungaze ufake imali engaphezu kwalokho okukhululekile ukukulahla. Qala uvivinye le protocol ngempahla encane kuqala.
  5. Sebenzisa Ama-Wallets E-Hardware: I-hardware wallet igcina okhiye bakho bomuntu siqu bengenamkhawulo, inikeza ukuvikelwa okubalulekile ngokumelene ne-malware nezindawo zokukhwabanisa. Uma uxhuma i-wallet yakho ku-dApp entsha, qinisekisa kabili ama-URL ngokucophelela.
  6. Qonda Izingozi Zezimboni Ezintsha: I-APY ephezulu, engapheli ingaba yinto enkulu yokukhanga yokukhwabanisa. Uma kubonakala kukhulu kakhulu ukuze kube yiqiniso, ngokuvamile kuyikho.
  7. Bheka Iziteshi Zokuxhumana: Ingabe ithimba liphendula? Ingabe umphakathi usebenza? I-Telegram noma i-Discord engasebenzi ingaba uphawu olubi.

Kulabo abathanda isipiliyoni esikhethiwe, ukuqala uhambo lwakho lokuhweba endaweni esunguliwe futhi ephephile njenge Exbix lunganciphisa kakhulu lezi zingozi. Siphatha ukuphepha kwesisekelo sokuhweba, kuvumela ukuthi ugxile kuhlelo lwakho lokuhweba lwama-pairs afana no ETC/USDT ku ikhasi lesokhwe.

Isiphetho: Umthwalo Wokubambisana Wokuphepha Kwesikhathi Esizayo

Isikhala se-DeFi siwumkhankaso wezinguquko ezingenakulinganiswa kanye namathuba, kodwa asinalo izingozi. Ukuvikeleka kwezivumelwano ezihlakaniphile akukhona nje kuphela... umbuzo wezobuchwepheshe kubathuthukisi; kuyisidingo esibalulekile emkhakheni wonke. Abathuthukisi kumele bagxile ekuhloleni okuqinile, ukuqinisekiswa okusemthethweni, kanye nezibuyekezo zobungcweti. Abasebenzisi kumele bamukele imfundo nokuzibandakanya ngokucophelela.

Uhambo lokuya emkhakheni we-DeFi ophusile luyaph持续. Ngokwazi izingozi ezivamile, ukufunda ezinsukwini ezedlule, nokwamukela umqondo wokuphepha kuqala, sonke singakwazi ukufaka isandla ekwakheni ikusasa lezezimali eliqinile nelithembekile. Isithembiso se-DeFi sikhulu kakhulu ukuze sishiywe ekubhekeni phansi. Kumele sakhiwe, isinyathelo ngesinyathelo, phezu kwesisekelo sokuphepha nokwethembeka.

Phila kahle, uhlale unolwazi, futhi ujabulele ukuhweba ku Exbix

Okuthunyelwe okuhlobene

I-Cross-Chain DeFi: Ukuxhumanisa Ama-Blockchain ukuze Kuqinisekiswe Ukuxhaswa Kwezezimali

I-Cross-Chain DeFi: Ukuxhumanisa Ama-Blockchain ukuze Kuqinisekiswe Ukuxhaswa Kwezezimali

Umhlaba wezezimali ezizimele (DeFi) udlule ekuguqulweni okukhulu kusukela ekuqaleni kwawo. Lokhu kwaqala njengomsebenzi ophakathi kokuhlola owakhiwe ku-Ethereum manje sekuphumelele kube yisistimu enezixhumanisi eziningi, enezigidigidi zezimali, eguqula indlela esicabanga ngayo ngemali, ezimali, nokuphathwa. Enhliziyweni yale nguquko kukhona umqondo onamandla: Cross-Chain DeFi — ikhono lokuhambisa izimpahla nokuqonda kanye nedatha phakathi kwezinkundla ezahlukene ze-blockchain ngaphandle kokuphazamiseka.

Ikusasa Lokubolekwa KwezeMali ku-DeFi: Ukusuka Ekubolekweni Okuphakeme Kakhulu Kuya EkuBolekweni Okungaphakeme

Ikusasa Lokubolekwa KwezeMali ku-DeFi: Ukusuka Ekubolekweni Okuphakeme Kakhulu Kuya EkuBolekweni Okungaphakeme

I- Decentralized Finance, noma i-DeFi, ibonakale njengomunye wezinto eziguqula kakhulu emhlabeni wezezimali eminyakeni edlule. Ngokuyinhloko, i-DeFi ihlose ukuhlela kabusha izinhlelo zezimali ezijwayelekile—njengokubolekwa, ukubolekwa, ukuhweba, nokuphathwa kwezimpahla—kusebenzisa ubuchwepheshe be-blockchain, ukususa isidingo sama-intermediaries afana namabhange nabathengisi. Phakathi kwezinguquko eziningi i-DeFi enazo ethulwe, ukuncintisana kokubolekisa kuveza njengesisekelo somkhankaso. Kuvumela abasebenzisi ukuba baboleke futhi bathole izimpahla zedijithali ngqo kumakontileka akhanyayo, kudala ingqalasizinda yezezimali engavunyelwe, ecacile, futhi efinyeleleka emhlabeni jikelele.

Indima ye-Oracles ku-DeFi: Kungani Zibalulekile kuma-Smart Contracts

Indima ye-Oracles ku-DeFi: Kungani Zibalulekile kuma-Smart Contracts

Emhlabeni osheshayo wezezimali ezizimele (DeFi), ukuhweba akukhuthazwa kuphela — kubalulekile. Njengoba ubuchwepheshe be-blockchain buqhubeka nokuthuthuka, umphakathi owasendaweni ubaluleke kakhulu, uxhumene, futhi unamandla. Omunye wezinto ezibalulekile ezivumela le nqubekelaphambili ngu- oracle — umgibeli phakathi kwezinhlelo ze-blockchain nomhlaba wangempela. Ngaphandle kwama-oracle, izivumelwano ezihlakaniphile izokhishwa, ingakwazi ukuxhumana nedatha yangaphandle, ngaleyo ndlela ibekwe emkhawulweni omkhulu ekusebenzeni. Kulokhu kuhlola okujulile, sizobheka indima ye-oracles ku-DeFi, kungani zibalulekile kuma-smart contracts, nokuthi amapulatifomu afana ne-Exbix Exchange asebenzisa kanjani le teknoloji ukuze anikeze amandla abasebenzisi emnothweni osebenzayo.