上海宝山炮台湿地公园的蓝天白云上海宝山炮台湿地公园的蓝天白云

Exploring Sui: The Technology and Contract Security Behind High Performance

By: Johan &Victory! (SlowMist Security Team)

Background:

In our previous article,Getting to Know TON: Accounts, Tokens, Transactions, and Asset Security, we explored the characteristics and user asset security concerns of TON. Today, we delve into another emerginghigh-performance blockchain platform – Sui. Sui boasts innovative technologies and unique features, attracting developers and researchers alike. Sui focuses on delivering fast and secure transaction experiences,making it suitable for various application scenarios. This article will guide readers through Sui’s account model, token management, transaction mechanisms, and asset security, providing a comprehensive understanding of the platform.

Account Model:

Sui adheres to widely acceptedwallet standards in the cryptocurrency industry, including BIP-32 (and its variant SLIP-0010), BIP-44, and BIP-39, ensuring secure key management for users. To derive a 32-byte Suiaddress, Sui utilizes the BLAKE2b (256-bit output) hash function, combining the signature scheme flag (1 byte) with the public key bytes. Sui addresses currently support pure Ed25519, Secp256k1, Secp256r1, and MultiSig,with corresponding flag bytes of 0x00, 0x01, 0x02, and 0x03, respectively.

Balance Management:

On Sui, everything is an object, including user balances. During transfers, if the object’s balance doesn’t match the required amount, the object needs to be split or merged. For instance, if you have an object containing 100 SUI, but you only want to transfer 30 SUI, the system will split the object into two: one with 30 SUI and another with 70 SUI. You can transferthe object containing 30 SUI while retaining the remaining object. Conversely, if you need a larger amount, you can merge multiple balance objects to form a larger one.

Token Management:

Sui officially implements the Coin standard code. Developers can use all the standard library functions by simply calling use sui::coin; in their contracts when issuing Coins. Due to the use of the Move language, which differs from other commonly used blockchain programming languages like Solidity, developers need to understand and be aware of certain unique functionalities or features. Let’s examine a code snippet:

“`
module regulatedcoinexample::regulatedcoin {
use std::option;
use sui::coin;
use sui::coin::{TreasuryCap};
use sui::transfer;
use sui::tx
context::{Self, TxContext};

struct REGULATED_COIN has drop {}

fun init(otw: R

“`

Transaction Mechanism:

Sui employs a novel transaction mechanism called Move that leverages a global state machine for efficient and secure execution. Transactions are processed concurrently, enabling high throughput and minimal latency. Sui’s transaction model prioritizes atomicity and isolation, ensuring that transactions either complete successfully or fail entirely, maintaining data integrity.

Asset Security:

Sui prioritizes asset security through robust mechanisms like:

  • Move Language: The Move language, designed for safe and secure smart contracts, provides features like type safety, resource ownership, and formal verification, minimizing the risk of vulnerabilities.
  • Object-OrientedDesign: Sui’s object-oriented design enforces strict access control, ensuring that only authorized entities can interact with specific objects, safeguarding user assets.
  • Gas Metering: Sui’s gas metering system prevents malicious actors from consuming excessive resources or launching denial-of-service attacks.
  • Formal Verification: Sui’s commitment to formal verification ensures the correctness and security of its core components, enhancing overall system reliability.

Conclusion:

Sui presents a promising platform with innovative technologies and a focus on high performance and security. Its account model, token management, transaction mechanism, and asset security features demonstrate a commitment to providing a secure andefficient environment for developers and users. As Sui continues to evolve, it will be crucial to monitor its ongoing development and assess its potential impact on the broader blockchain ecosystem.

References:


>>> Read more <<<

Views: 0

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注