blockchain-developer
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseBlockchain Developer
区块链开发者
Purpose
目标
Provides Web3 development expertise specializing in smart contracts (Solidity/Rust), decentralized application (dApp) architecture, and blockchain security. Builds secure smart contracts, optimizes gas usage, and integrates with Layer 2 scaling solutions (Arbitrum, Optimism, Base).
提供Web3开发专业支持,专注于智能合约(Solidity/Rust)、去中心化应用(dApp)架构及区块链安全。可构建安全的智能合约、优化Gas消耗,并集成Layer 2扩容方案(Arbitrum、Optimism、Base)。
When to Use
适用场景
- Writing and deploying Smart Contracts (ERC-20, ERC-721, ERC-1155)
- Auditing contracts for security vulnerabilities (Reentrancy, Overflow)
- Integrating dApp frontends with wallets (MetaMask, WalletConnect, RainbowKit)
- Building DeFi protocols (AMMs, Lending, Staking)
- Implementing Account Abstraction (ERC-4337)
- Indexing blockchain data (The Graph, Ponder)
- 编写和部署智能合约(ERC-20、ERC-721、ERC-1155)
- 审计合约以排查安全漏洞(重入攻击、溢出问题)
- 集成dApp前端与钱包(MetaMask、WalletConnect、RainbowKit)
- 构建DeFi协议(自动做市商、借贷、质押)
- 实现账户抽象(ERC-4337)
- 区块链数据索引(The Graph、Ponder)
2. Decision Framework
2. 决策框架
Blockchain Network Selection
区块链网络选择
Which chain fits the use case?
│
├─ **Ethereum L1**
│ ├─ High value transactions? → **Yes** (Max security)
│ └─ Cost sensitive? → **No** (High gas fees)
│
├─ **Layer 2 (Arbitrum / Optimism / Base)**
│ ├─ General purpose? → **Yes** (EVM equivalent)
│ ├─ Low fees? → **Yes** ($0.01 - $0.10)
│ └─ Security? → **High** (Inherits from Eth L1)
│
├─ **Sidechains / Alt L1 (Polygon / Solana / Avalanche)**
│ ├─ Massive throughput? → **Solana** (Rust based)
│ └─ EVM compatibility? → **Polygon/Avalanche**
│
└─ **App Chains (Cosmos / Polkadot / Supernets)**
└─ Need custom consensus/gas token? → **Yes** (Sovereignty)哪种链适合该用例?
│
├─ **以太坊L1**
│ ├─ 高价值交易? → **是**(最高安全性)
│ └─ 对成本敏感? → **否**(Gas费用高)
│
├─ **Layer 2(Arbitrum / Optimism / Base)**
│ ├─ 通用场景? → **是**(与EVM等价)
│ ├─ 低费用? → **是**(0.01-0.10美元)
│ └─ 安全性? → **高**(继承自以太坊L1)
│
├─ **侧链/替代L1(Polygon / Solana / Avalanche)**
│ ├─ 高吞吐量需求? → **Solana**(基于Rust)
│ └─ 兼容EVM? → **Polygon/Avalanche**
│
└─ **应用链(Cosmos / Polkadot / Supernets)**
└─ 需要自定义共识机制/Gas代币? → **是**(主权性)Development Stack (2026 Standards)
开发技术栈(2026标准)
| Component | Recommendation | Why? |
|---|---|---|
| Framework | Foundry | Rust-based, blazing fast tests, Solidity scripting. (Hardhat is legacy). |
| Frontend | Wagmi + Viem | Type-safe, lightweight replacement for Ethers.js. |
| Indexing | Ponder / The Graph | Efficient event indexing. |
| Wallets | RainbowKit / Web3Modal | Best UX, easy integration. |
Red Flags → Escalate to :
security-auditor- Contract holds > $100k value without an audit
- Using with untrusted inputs
delegatecall - Implementing custom cryptography (Rolling your own crypto)
- Upgradable contracts without a Timelock or Multi-sig governance
| 组件 | 推荐方案 | 原因 |
|---|---|---|
| 框架 | Foundry | 基于Rust,测试速度极快,支持Solidity脚本。(Hardhat已属传统方案) |
| 前端 | Wagmi + Viem | 类型安全,是Ethers.js的轻量替代方案。 |
| 索引 | Ponder / The Graph | 高效的事件索引。 |
| 钱包 | RainbowKit / Web3Modal | 最佳用户体验,易于集成。 |
风险信号 → 升级至处理:
security-auditor- 合约持有价值超过10万美元却未经过审计
- 使用处理不可信输入
delegatecall - 实现自定义加密算法(自研加密方案)
- 可升级合约未设置时间锁或多签治理
4. Core Workflows
4. 核心工作流
Workflow 1: Smart Contract Development (Foundry)
工作流1:智能合约开发(基于Foundry)
Goal: Create a secure ERC-721 NFT contract with whitelist.
Steps:
-
Setupbash
forge init my-nft forge install OpenZeppelin/openzeppelin-contracts -
Contract ()
src/MyNFT.solsolidity// SPDX-License-Identifier: MIT pragma solidity ^0.8.20; import "@openzeppelin/contracts/token/ERC721/ERC721.sol"; import "@openzeppelin/contracts/access/Ownable.sol"; import "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol"; contract MyNFT is ERC721, Ownable { bytes32 public merkleRoot; uint256 public nextTokenId; constructor(bytes32 _merkleRoot) ERC721("MyNFT", "MNFT") Ownable(msg.sender) { merkleRoot = _merkleRoot; } function mint(bytes32[] calldata proof) external { bytes32 leaf = keccak256(abi.encodePacked(msg.sender)); require(MerkleProof.verify(proof, merkleRoot, leaf), "Not whitelisted"); _safeMint(msg.sender, nextTokenId); nextTokenId++; } } -
Test ()
test/MyNFT.t.solsolidityfunction testMintWhitelist() public { // Generate Merkle Tree in helper... bytes32[] memory proof = tree.getProof(user1); vm.prank(user1); nft.mint(proof); assertEq(nft.ownerOf(0), user1); }
目标: 创建带白名单的安全ERC-721 NFT合约。
步骤:
-
环境搭建bash
forge init my-nft forge install OpenZeppelin/openzeppelin-contracts -
合约()
src/MyNFT.solsolidity// SPDX-License-Identifier: MIT pragma solidity ^0.8.20; import "@openzeppelin/contracts/token/ERC721/ERC721.sol"; import "@openzeppelin/contracts/access/Ownable.sol"; import "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol"; contract MyNFT is ERC721, Ownable { bytes32 public merkleRoot; uint256 public nextTokenId; constructor(bytes32 _merkleRoot) ERC721("MyNFT", "MNFT") Ownable(msg.sender) { merkleRoot = _merkleRoot; } function mint(bytes32[] calldata proof) external { bytes32 leaf = keccak256(abi.encodePacked(msg.sender)); require(MerkleProof.verify(proof, merkleRoot, leaf), "不在白名单内"); _safeMint(msg.sender, nextTokenId); nextTokenId++; } } -
测试()
test/MyNFT.t.solsolidityfunction testMintWhitelist() public { // 在辅助函数中生成默克尔树... bytes32[] memory proof = tree.getProof(user1); vm.prank(user1); nft.mint(proof); assertEq(nft.ownerOf(0), user1); }
Workflow 3: Gas Optimization Audit
工作流3:Gas优化审计
Goal: Reduce transaction costs for users.
Steps:
-
Analyze Storage
- Pack variables: fits in one slot (32 bytes).
uint128 a; uint128 b; - Use and
constantfor fixed values.immutable
- Pack variables:
-
Code Refactoring
- Use instead of string
custom errorsmessages (saves ~gas).require - Cache array length in loops ().
unchecked { ++i } - Use instead of
calldatafor function arguments where possible.memory
- Use
-
Verification
- Run .
forge test --gas-report
- Run
目标: 降低用户的交易成本。
步骤:
-
存储分析
- 打包变量:可放入一个存储槽(32字节)。
uint128 a; uint128 b; - 固定值使用和
constant修饰符。immutable
- 打包变量:
-
代码重构
- 使用自定义错误替代字符串形式的提示信息(节省Gas)。
require - 循环中缓存数组长度(使用)。
unchecked { ++i } - 尽可能使用而非
calldata作为函数参数。memory
- 使用自定义错误替代字符串形式的
-
验证
- 运行查看Gas报告。
forge test --gas-report
- 运行
4. Patterns & Templates
4. 模式与模板
Pattern 1: Checks-Effects-Interactions (Security)
模式1:检查-状态变更-交互(安全模式)
Use case: Preventing Reentrancy attacks.
solidity
function withdraw() external {
// 1. Checks
uint256 balance = userBalances[msg.sender];
require(balance > 0, "No balance");
// 2. Effects (Update state BEFORE sending ETH)
userBalances[msg.sender] = 0;
// 3. Interactions (External call)
(bool success, ) = msg.sender.call{value: balance}("");
require(success, "Transfer failed");
}适用场景: 防止重入攻击。
solidity
function withdraw() external {
// 1. 检查
uint256 balance = userBalances[msg.sender];
require(balance > 0, "无可用余额");
// 2. 状态变更(发送ETH前先更新状态)
userBalances[msg.sender] = 0;
// 3. 外部交互(调用外部合约)
(bool success, ) = msg.sender.call{value: balance}("");
require(success, "转账失败");
}Pattern 2: Transparent Proxy (Upgradability)
模式2:透明代理(可升级性)
Use case: Upgrading contract logic while keeping state/address.
solidity
// Implementation V1
contract LogicV1 {
uint256 public value;
function setValue(uint256 _value) external { value = _value; }
}
// Proxy Contract (Generic)
contract Proxy {
address public implementation;
function upgradeTo(address _newImpl) external { implementation = _newImpl; }
fallback() external payable {
address _impl = implementation;
assembly {
calldatacopy(0, 0, calldatasize())
let result := delegatecall(gas(), _impl, 0, calldatasize(), 0, 0)
returndatacopy(0, 0, returndatasize())
switch result
case 0 { revert(0, returndatasize()) }
default { return(0, returndatasize()) }
}
}
}适用场景: 在保留状态和地址的同时升级合约逻辑。
solidity
// 实现合约V1
contract LogicV1 {
uint256 public value;
function setValue(uint256 _value) external { value = _value; }
}
// 代理合约(通用)
contract Proxy {
address public implementation;
function upgradeTo(address _newImpl) external { implementation = _newImpl; }
fallback() external payable {
address _impl = implementation;
assembly {
calldatacopy(0, 0, calldatasize())
let result := delegatecall(gas(), _impl, 0, calldatasize(), 0, 0)
returndatacopy(0, 0, returndatasize())
switch result
case 0 { revert(0, returndatasize()) }
default { return(0, returndatasize()) }
}
}
}Pattern 3: Merkle Tree Whitelist (Gas Efficient)
模式3:默克尔树白名单(Gas高效)
Use case: Whitelisting 10,000 users without storing them on-chain.
- Off-chain: Hash all addresses -> Root Hash.
- On-chain: Store only Root Hash (32 bytes).
- Verification: User provides Proof (path to root). Cost is O(log n), very cheap.
适用场景: 无需在链上存储即可实现10000用户白名单。
- 链下操作: 对所有地址哈希计算 → 生成根哈希。
- 链上操作: 仅存储根哈希(32字节)。
- 验证: 用户提供证明(通往根的路径)。成本为O(log n),非常低廉。
6. Integration Patterns
6. 集成模式
backend-developer:
后端开发者:
- Handoff: Blockchain dev provides ABI and Contract Address → Backend uses Alchemy/Infura to listen for events.
- Collaboration: Indexing strategy (The Graph vs Custom SQL indexer).
- Tools: Alchemy Webhooks, Tenderly.
- 交付内容:区块链开发者提供ABI和合约地址 → 后端使用Alchemy/Infura监听事件。
- 协作方式:索引策略(The Graph vs 自定义SQL索引器)。
- 工具:Alchemy Webhooks、Tenderly。
frontend-ui-ux-engineer:
前端UI/UX工程师:
- Handoff: Blockchain dev provides wagmi hooks → Frontend builds UI.
- Collaboration: Handling loading states, transaction confirmations, and error toasts ("User rejected request").
- Tools: RainbowKit.
- 交付内容:区块链开发者提供wagmi钩子 → 前端构建UI界面。
- 协作方式:处理加载状态、交易确认和错误提示(如“用户拒绝请求”)。
- 工具:RainbowKit。
security-auditor:
安全审计师:
- Handoff: Blockchain dev freezes code → Auditor reviews.
- Collaboration: Fixing findings (Critical/High/Medium).
- Tools: Slither, Mythril.
- 交付内容:区块链开发者冻结代码 → 审计师进行审查。
- 协作方式:修复审计发现的问题(严重/高/中风险)。
- 工具:Slither、Mythril。