Dev Tool: a stand-alone executable for making calls to the ICON Blockchain

Contribution Proposals
#1

Do validators see value in a dev tool that makes it easier to make calls and sign transactions to the ICON Blockchain using a stand alone app for Windows, Mac and Linux?

Within the program you’d set:

  • the uri to that node you want to connect with
  • the path to the keystore file you want to use
  • the password to the keystore file
  • the address of the contract you want to call
  • the method you want to call
  • the params you want to use

This tool would make it easy / easier to quickly test stuff while developing SCORES.

Please give feedback on the question if you see value the above mentioned. Especially looking for feedback of people that develop SCORES.

Cheers,

Paul

#2

FYI:

It will be a program that uses a GUI.

You set the params and stuff and click a button, the response will be shown within the gui as well.

#3

Would this be better to integrate into the tracker?

Do you know of a comparable product from another ecosystem?

#4

As I see it now I think it might be faster / easier to have a stand alone program like the image below. It will skip the Hana signing steps, which you would need if this utilty is in the tracker.

It will also be more agile using test keystore files, no need to import them into Hana. No need for 20 wallets loaded with names like test 1 till 20 (I know, you can remove wallets, but I’m sure I’m not the only one with 20 “test wallets” loaded in Hana :smile: ).

And I do not know if anything like this already exists, if any one knows please share! I did not try and search for it, as I first would like to know the sentiment in de dev community for a tool like this. If nobody wants it / sees value in it, I won’t put it high up my priority list.

Screenshot 2022-12-13 at 19.39.33
Screenshot 2022-12-13 at 19.39.331652×862 80.1 KB

#5

Honestly I wouldn’t trust a stand alone app because they definitely can be malicious and send your info to who knows where. Not saying it will be just saying that’s why I wouldn’t trust one.

#6

The code would be open source

#7

I think a browser-based implementation of this feature set would be better. All the features can be done in browser and doing it in the browser also makes it possible for people to sign with Hana in case they want to use the app as a general tx signing app. Espanicon is working on extending Node Butler into a standalone browser-based app that fulfills this purpose.

#8

Than you misunderstood what I’m asking / suggesting.

When writing smart contracts you don’t want to need Hana, you do all of it from the cli. It would supripse me if smart contract devs use a browser extensively in development for testing their code. Just for checking if a tx succeeded or not.

I don’t think Node Butler fulfills the purpose I am suggesting, at all. The utility I am suggesting has nothing to do with node stuff.

I would really like to get feedback of devs that actually work a lot with smart contract development.

I am not interested in the opinion of validators at this point, unless they have extensive expierence with developing smart contract on icon. I want to know if to them, a tool like this has some value.

The rough idea I have now is:

  1. You deploy your contract from the cli,
  2. You paste the contract address in the program, that has the ks-file loaded,
  3. You fill out the method and params you want to test,
  4. Click ‘send’,
  5. you see the result in the program.

Want to try with a different param / method? Change the param / method and hit the button again.

Also, regarding the “trust” remark above. When testing you should probably don’t use a wallet with actual (significant) funds.

#9

I understand what you’re proposing. My only suggestion is it should be a browser-based app instead of a desktop executable. This would give the following advantages:

  1. Specify private key/keystore OR use Hana.
  2. Be able to view network requests transparently in browser’s dev tools.

Notice how I didn’t say Node Butler. I said “extending Node Butler into a standalone browser-based app that fulfills this purpose”. If you’re not interested in the opinion of validators, you shouldn’t have started your original post with “Do validators see value in a dev tool…”. :joy:

#10

I’m working with Espanicon and Rob to implement this feature set in the Tracker, but it probably won’t happen until Q1 2023.

#11

Yeah but only programmers can read code. You cannot make an app for everyone and just say “the code is open source” and think everyone is going to trust it because you say the words open source. Especially after everything that has happened in crypto recently. Everyone is tired of people who say “Trust me bro” and while you are saying “Here’s the code, trust it” the people who don’t know how to code only have your word for it because they cannot verify the code. I was speaking in the more general sense.

#12

I was hoping that I could get feedback from devs that actually have extensive experience with writing and testing smart contracts.

This is not a productive discussion. Also, I find it a bit weird that you are laughing at me with the :joy: smiley, one could call that a bit disrespectful in this context.

I wish you all the best nontheless.

#13

I think that is the strength of “open source”, anyone can check if its save or not. So instead of “trust me bro” you trust that the process of something being open source is securing the code.

Should you trust open source software that is one day old? Probably not. But MetaMask for example is open source, you can be pretty sure that enough people have had a look at that any vulnerabilities are elimated by now.

Also keep in mind that the program I suggested is a tool specifically for developers writing smart contracts.

But my intention of this post was to discuss this with those people and try and see if we can share some viewpoints an ideas. Not here to sell anything at all, at this point.

Ps.

I don’t think Hana is open source atm. Keep in mind that this is a big “trust us bro” on which our Ecosystem is relying on.

#14

Let me summarize a bit. I think we can work towards a productive collaboration, and I think there’s some pretty good feedback here

@bwhli Suggests that the app be made as a web app. I agree that this would be a very extensible solution. He also says that Node Butler, which is currently mostly for Nodes, is planning to include features for general transaction signing. Additionally, the ICON Community Tracker is planning to implement a similar feature set in Q1 2023

@GeoDude Thinks that there are some potential security issues around using a browser-based app, especially because it would be difficult to see where the http requests are being sent

@paulrouge Would like to see an easier way to send transactions to the ICON Network, regardless of whether the keys come from Hana, a keystore on the desktop, or somewhere else

I generally agree that this could be a good utility if kept very simple. I don’t really have an opinion of standalone desktop app or webapp, as long as there is low resource utilization and any requests to a network are using TLS/SSL. I think that the main use case would be for running tests, because I would probably generally recommend using either Hana or Ledger-backed Hana wallet for most use cases outside of testing environments, so the use case could be either using local or publicly accessible remote testnets

My biggest concern here would be ease-of-use. Such a utility should be almost automatic in collaboration with smart contract development using Gradle, and it should be repeatable such that the user does not necessarily have to specify the private key location every time the program is run

@paulrouge I would be happy to discuss more in a private chat if you would like to form a second draft of this idea

1 Like
#15

Thanks! Regarding @GeoDude’s comment, I don’t think he was talking about a browser-based app. He was talking about a standalone app not having transparency regarding network requests. Browser-based apps have full transparency via dev tools.

#16

Yes, of course, I appreciate the clarification. I think one can also use a Packet Sniffer or Proxy or something to do it on a standalone app, but it would require quite a high degree of technical proficiency to set that up on one’s own. I was generally referring to situations where there’s a higher degree of technical proficiency required than a generic user would have.

In short, I generally agree, though. A browser app would have access to the dev tools to look at the network requests in a pretty well-documented and straightforward way.

#17

I may not be understanding but I don’t think this is useful. I would just use the CLI to do this, which is already straightforward. If there’s utility I’m not understanding then I’d rather it just be a plugin to drogon or something else i would typically use in my regular workflow.

1 Like
#18

I think it’s definitely a useful tool. For some people, having a visual representation of the contract through an interactive GUI is preferable. Like this: https://twitter.com/RhizomeLabs/status/1603700137263366147

#19

Thanks for chipping in. I’ve working mostly with Solidity, testing can be a pain and is really time consuming. That’s what sprung the idea.

#20

It’s similar utility to Postman or Swagger/OPEN API generated UI. People like it for API testing.

I think the tool by @bwhli and Rhizome does a great job addressing some of this. I’m going to discuss further with @paulrouge to get some feedback about the tool and the utilities that might still need addressing