Patrick Collins Profile picture
Dec 23, 2022 β€’ 37 tweets β€’ 11 min read β€’ Read on X
🐸 I created the world's most unstoppable website using Decentralized Storage.

After T-Cash got banned, I wanted to answer the following:

"How can I make a website as resilient as a smart contract?"

Here is how we did it πŸ‘‡
And if you'd like, we go over how to do this on the ChainDev YouTube channel!

My editing is getting too clean.

Anyways...

πŸ€” We took the following approach:
- Step 1: Create a simple static website
- Step 2: Host the data using multiple different dStorage (decentralized storage) solutions
- Step 3: Create a single canonical location that shows where each website is on each dStorage platform
πŸ–ΌοΈ Step 1

We could have used a static site generator or raw HTML/JS/CSS, but we decided to use @nextjs to show that it works with more complicated frameworks.

And we created a minimal site that points to @LilyPad_Web3.

Feast your eyes on its unstoppableness. Image
πŸ¦‡ Step 2: Host it; Attempt ETH

And we created a minimal site that points to @LilyPad_Web3, a discord for helping people join web3.

Feast your eyes on its unstoppableness.
- Do we dump the files and folders into string variables in a smart contract?
- Do we do something with NFTs?
- Is there a better way?
πŸ‘©πŸ»β€πŸ’» And the best way we found was to base64 encoded the entire site into a single data URI.

A data URL is where all the data for your site is encoded in the URL, and your browser decodes it. Here is an example, stick this into your address bar!
data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB3aWR0aD0iNTAwIiBoZWlnaHQ9IjUwMCI+Cjx0ZXh0IHg9IjAiIHk9IjE1IiBmaWxsPSJibGFjayI+SGkhIFlvdXIgYnJvd3NlciBkZWNvZGVkIHRoaXM8L3RleHQ+Cjwvc3ZnPg==
You'll see this, and it doesn't need to read from any centralized server! How perfect!

πŸš› We can do this with HTML as well, however, if your site is large enough, your data URL will also get quite large...
Our site's data URI is so big, it won't even register as a link on a markdown file in GitHub.

πŸ’Έ So saving this on-chain was going to get... expensive. Even after switching to @arbitrum as an L2 solution, that massive hunk of data would have cost around $200 to store on-chain.
So, we decided not to do that, but to just store SOMETHING on-chain, as a crude workaround, we NFT'd a crappy SVG of the site and stored it on-chain.

Hooray?

arbiscan.io/address/0xD8E1…
🧱 Step 2: Host it; Attempt dStorage

Then we moved on to the dStorage players.

- @ArweaveTeam
- @Sia__Foundation & @SkynetLabs
- @Filecoin & @IPFS
πŸ…°οΈ Arweave

Storing data on Arweave might be the easiest for EVM devs to understand. You deploy data in a transaction, which is saved to the blockchain forever.

This explains why the blockchain is 113 TBs and counting.
I ended up having to do some website flattening (I should have tried the data URI method), but I was able to use Arkb (a sort of @AlchemyPlatform for Arweave node-as-a-service) to push a transaction (after buying some Arweave token to pay the node ops) with my site.
viewblock.io/arweave/tx/0M0…

If you hit the link at the "Data" section, it'll bring you to a gateway to help view the data stored on-chain, and it's indeed our site!

🧱 A note on scaling
My first thought when I saw the architecture of Arweave was "holy shit, there is no way that will scale. It's over 100TB in less than 4ish years?"
Going through the Arweave docs and speaking with @samecwilliams I calmed down a little, as they have some clever mechanics so you don't need the whole chain to run a node, and the group has done a lot of research into Moore's Law (data gets cheaper over time).
@Sia__Foundation and @Filecoin groups, however, don't share this sentiment. In comparison, Arweave ensures data persistence by adding to their chain (Blockchain-based data persistence) these two turn storing data into a marketplace (contract-based data persistence).
🟒 Sia (And Skynet)

Sia doesn't store all the data on-chain, instead, the blockchain facilitates agreements between "hosts" and "renters", and the blockchain stores the agreement's details.
- Sia Node: Hosts contracts
- Sia Renter: Asks nodes to store their data
- Sia Hosts: Store data

So, we looked to ask some renters to host our website!
After buying some Siacoin (to pay the hosts and node ops), I went to spin up a Sia node myself, and WOW was it one of the easiest blockchains I've ever synced.

Sia comes with a UI for its blockchain and get this... The whole chain is only 40 GBs big. 🀯
This makes sense, as the chain itself only holds the contracts.

So, we uploaded our website to sia (via our own node!) and boom! But... wait why can't others see it?
πŸ” The Sia blockchain is built with data privacy in mind and encrypts and splits your data before siding it out to hosts, so they can't see what they are hosting. This means the hosts can't cherry-pick what kinds of data they are hosting, since they have no idea!
But, this means, only the one with the private key can see this data, so how can others see our site? Well... They can't read it off Sia.

This is where @SkynetLabs would have come in, but they shut down recently.
πŸ€– Skynet (not the killer robots) was aimed to be a decentralized node-as-a-service for Sia. You can still run a portal that helps people via Sia data, but the data has to be stored with whoever runs the Skynet portal, and is centralized.
To test it, I uploaded my site to a Skynet portal (@lumeweb3), which was easy... but yes, centralized.

If we wanted an internal website like an intranet, Sia would be a great option.
πŸ”΅ Filecoin (& IPFS)

Filecoin is similar in theory to Sia:

- Contract-based data persistence
- Encrypted Data
- Challenges hosts (Storage Providers on Filecoin) to make sure they have the data
The Filecoin chain is much bigger than the Sia chain, as it's focused more on being an "arctic storage" for data, like a "cold-wallet" but for data.
I did run a Filecoin node myself, but found it much easier to use a centralized 3rd party to help me store the data (thanks @Web3Storage).
Filecoin has the same issue Sia has with all the data being encrypted (which is normally a good thing, just not if you want to host a public site). So I figured there would be an IPFS integration.
IPFS is a peer-to-peer network that is LOVELY for sharing files in a distributed way. You upload a piece of data and get a hash that anyone else with an IPFS node can get the data for. Except, data only stays as long as people optionally keep (pin) the data.
There is no incentive like Sia, Arweave, or Filecoin for them to keep the data.

I was thinking Filecoin was the solution, but Filecoin doesn't have a mechanism to incentivize people to KEEP pinning stuff to IPFS.
πŸ’Œ Dear Filecoin product managers/devs,

Please add an option to have the Filecoin nodes incentivized to pin their data to IPFS.

Thank You

I still uploaded my site to my own IPFS node as well, you can see that here.

ipfs://QmPL3uV44A8Njzcoezd3q7Kj5r2pGckY53fABLNyLvKqqg
πŸ“ Step 3: ENS

And the last step, was to use @ensdomains to record all the different dStorage platforms and hashes my site was on, so anyone can reference the contract to see the redundant locations.
@ensdomains I registered unstoppablefrog.eth, so if you have an IPFS-compatible browser, you can go there to see the data.

(Or unstoppablefrog.eth.limo)

πŸ§… Step 4ish: Tor

We could also have setup a Tor address to make our site more readily available, but that's another story.
@ensdomains πŸ™ Step 5: Check out my GitHub

All the code for this is on my GitHub, check it out!

github.com/PatrickAlphaC/…

Please like, retweet, and comment if you learned something, I got something wrong, or if you have questions. Thanks for reading!
@ensdomains Also, sorry, Twitter kept blocking my links so the thread got bunked up a little.

β€’ β€’ β€’

Missing some Tweet in this thread? You can try to force a refresh
γ€€

Keep Current with Patrick Collins

Patrick Collins Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @PatrickAlphaC

Aug 16
I'm 31.

Here are 10 tips I wish I told me at 21.

1. You have zero talent. You will think you are "good at things," but you are not. Anyone can GET good at anything, but you have to work hard to get there. Others will be better than you at the start. That's ok.
2. Consistency is a hell of a drug.

In order to get good at something, you must fall in love with the process and work at it every day. Something that seems impossible will become possible if you work at it every day.
3. Radical Candor is challenging your peers while being empathetic.

This constructive discourse is how we push each other to be better, and it is the nicest thing you can do for someone. You will always want to complement people, but sometimes, that is harmful if not true.
Read 12 tweets
May 8
Tokenized RWAs / Tokenized Real World Assets

What are they?
How do you make one?
How easy or hard are they?

Let's go πŸ‘‡
If you want to read the article or watch the video, you can see them here:

Before understanding tokenized RWAs, let's understand what a "tokenized" asset is.

A tokenized asset is comprised of 3 characteristics:

1. Asset represented location
2. Collateral location
3. Backing type

Let's look at a common RWA to understand what this means.

Like USDC
Read 13 tweets
Dec 13, 2023
SMART CONTRACT SECURITY AND AUDITING FULL COURSE IS NOW OPEN TO EVERYONE ON CYFRIN UPDRAFT

🎊🎊🎊🎊🎊🎊🎊🎊🎊🎊🎊🎊🎊🎊

In just 22 hours, the top web3 experts walk you through 5 increasingly difficult audits to drill security power into you.

Here's what you need to knowπŸ‘‡ Image
You can find the entire course on @cyfrinupdraft HERE:


Part 1 is broken down into 9 insane sections. I'm finishing part 2, which will focus on assembly, opcodes, huff, and formal verification.

Part 2 will come out within 2 months.updraft.cyfrin.io/courses/securi…
This course is for anyone and everyone who wants to:

- Make web3 safer
- Become a top 1% smart contract dev (avg. salary $150k)
- Become a solo auditor
- Get hired at a security firm (avg. salary $125k)
- Become a bug hunter (up to million-dollar payouts)

Or you love learning
Read 19 tweets
Oct 27, 2023
Imagine being able to send ETH to your friend cross chains without anyone knowing:
- what token
- to whom the tx goes
- from whom

And also encrypt a message telling them β€œI’m old enough to get into the bar”

I just had a crazy interview with Mind Network, highlights here πŸ‘‡
1. Mind Lake

Using Zero Knowledge Proofs and Fully Homomorphic Encryption (will explain soon) you can store data in a zero knowledge fashion into their Mind Lake network.

- medical information
- financial info
- personal info
- if you’re old enough to slam a pint of beer
For those in the back, zero knowledge proofs have the ability to answer the validity of a statement without giving out additional information.

For example, telling a bouncer at a bar you’re old enough to drink without telling them exactly how old you are.
Read 9 tweets
Jul 20, 2023
How to get into competitive audits:

1. Learn basic solidity/vyper
2. Start doing competitive audits

The more audits you do, the better you'll get.

Here is your gameplan going into an audit, and exactly how to get the most out of your first one πŸ‘‡
1. Block off hours of time

Auditing takes hours of deep work. Deep is long uninterrupted periods of time.

If you want to be successful, you need to focus. Some auditors use pomodoro techniques where they:

- push for 55 minutes, take a 10 minute break

And repeat this
How much time do I need?

Well, that depends on how long the audit is and how familiar with the code you are.

Your first couple of audits, you'll do terribly.

Yup.

You'll probably suck.But sucking at something is the first step to being really good at something.
Read 10 tweets
Jul 6, 2023
πŸ₯§ FREI-PI

‼️ Why smart contract devs NEED to know this!

Function:
- Requirements
- Effects
- Interactions

Protocol
- Invariants

This is the pattern you should all be thinking about when building smart contracts.

Here is why πŸ‘‡
Previously, we followed something called CEI, checks, effects, interactions.

The idea was that in our solidity/vyper functions we first:

1. Did require statements
2. Did effects with our contracts
3. Did interactions with external contracts
However, the issue with this is that it's too scoped.

It's like looking at the tree despite the forest.

We need to keep the ENTIRE protocol in context when executing code.

So, we should keep "CEI" for functions, but add a check on the entire protocol's "invariant"
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(