When I started studying and writing smart-contracts, the goal was to write code which had to be quite solid, coherent, even simple because it was writing immutable values and functions in the blockchain.
Today, we must realize that much has changed. Smart-contracts are becoming more and more sophisticated. They can be modified, easily interact with each other, evolve… Despite all this, I think it’ s necessary to keep to the basics of simplicity and readability.
That’s the first principle I’ve adopted (simple contracts grouped by features). Nothing new for people who are familiar with object-oriented language and classes. There is however a significant difference here. The deployment and the use of smart-contracts can be expensive, especially in the actual state of the fees within Ethereum.
So when you build your project, you have to think architecture very soon. Which features in which contract? What should be easily upgradeable. And finally, how to reduce deployment and usage costs.
Basically, if you don’t have a team of developers, and I don’t, you have to make choices very quickly.
After having experimented, tested, studied the various possibilities, here are the choices I have made for our team’s projects.
Let’s be clear, for Solidity, there are two major trends: Truffle & OpenZeppelin. We can even bring them together into one…
Personally, I chose to focus mainly on OpenZeppelin (= OZ), from the project initialization to the deployment, through the tests.
OpenZeppelin is well known for its (upgradeable) smart-contracts library. Thanks to these templates you can save a lot of time and also gain in security. That being said, it’s always better to understand the third-party functions you’re going to call than to jump in with closed eyes.
Within OpenZeppelin environment, you’ll also find some very useful libraries:
- A client to deploy and pass some instructions to your smart-contracts
- A contract loader to deploy your contracts with specific instructions attached to the operation
- A ganache library to deploy a local blockchain for testing
- Tools for the deployment of upgradeable contracts
There’s still something very important to consider, testing.
Testing your smart-contracts is something you always have to do even if it costs time. The job becomes easier for developers with more and more advanced tools.
Again, I chose to rely on OpenZeppelin…
Here’s the combination I have chosen for the testing of my contracts:
- OZ test-environment
- Mocha – Chai test runners
- OZ test-helpers for complex assertions
The next step will be to better implement MythX. What’s that?
“MythX is the premier security analysis service for Ethereum smart contracts with the mission to ensure development teams avoid costly errors and make Ethereum a more secure and trustworthy platform”
Truffle environment is integrated, but this is not as obvious with OpenZeppelin at this moment. So there’s still things to improve.
That being said, always keep in mind that if you deploy a smart-contract that handles values, an external audit is recommended. The better you’ll prepare the work upstream, the more it could be completed in good time and cost conditions.