The Ethereum community is in a paradoxical relationship with software security. On the one hand, as a replicated datastore it offers out-of-the-box, cryptographically guaranteed data integrity. On the other, we continue to witness security flaws in application code that are cumulatively approaching a billion dollars in affected value [1]. There is starting to be some serious work done to address these problems at a core level, the recent work on capturing EVM semantics in k-framework [2] being one of the most interesting. But there is also some room for improvement on the client side, and this is where we believe strongly typed functional programming has a lot to offer.

Why Purescript?

Every developer is aware of the pitfalls and oddities of the Javascript language, even if they are not bothered by them personally or have learned to master them. This is evidenced by the sheer number of dialects of the language (Typescript, CoffeeScript, JSX, Elm, etc) and their promises to alleviate you from some problem or another, not to mention the number of hours which have gone into developing cross compilers from existing battle-tested languages (GHCJS being perhaps the most spectacular of which). To us, purescript shows some of the most promise as it approaches its 1.0 release. It has a familiar feel if you’ve done much Haskell or Elm development, but with a few bonuses:

It has row types, which allows for a much richer type system and reduction in boilerplate one may encounter in other ML languages like Haskell.

It has excellent, easy to use FFI for existing JS code, and many of the popular frameworks such as React already have faithful bindings.

It has a similar type class interface and constraint solver as Haskell, offering higher levels of abstraction and code reuse.

What is purescript-web3 offering?

The purescript-web3 stack currently supports all of the eth endpoints of the web3 api that one would need in order to deploy or interact with smart contracts or blockchain metadata, with full web3 coverage coming soon. It also supports out of the box integration with metamask, meaning that it’s fully capable of supporting your frontend web3 application in the browser. The dependency on web3-js is only to make use of their Provider class as a transport for rpc calls, meaning that we aren’t worried about any upstream changes in that library (and there are many planned for their 1.0 release).

Beyond that, we are offering you many static guarantees that are simply impossible with vanilla web3-js app. For example, the client libraries that we automatically generate from your contract abis are guaranteed by the type system (i.e. math) to never improperly template a transaction. This means that for example:

If you have a solidity function accepting a bytes[2][4] type, and your code is trying to give it a bytes[2][], you will receive a compile time error, meaning less chance for a run time exception, a failed transaction, or worse, an unintentional loss of ether.

Our units of ether are typed, meaning that if you are trying to submit a transaction with a value of 7 Babbage or whatever the case, there is no need to risk manually converting it to the appropriate value in wei.

There is a compile time guarantee that you cannot send any value for a non-payable function.

How do you get started?

At this point we consider purescript-web3 as production ready, and at FOAM we are already using it to develop the frontend component of the Spatial Index. While the source code of the Spatial Index is closed until the first release, suffice it to say that it is a large project whose contracts are deployed on rinkeby, with no observable bugs in the purescript component of the app.

If you are looking for examples of how to use the library, you can view any of the following repositories:

purescript-web3 — the core library implementation purescript-web3-generator — the component which generates purescript modules from your contract abis purescript-web3-tests — An example of how to incorporate the truffle migration tool while using `purescript-web3` for testing. purescript-web3-example — A simple purescript-web3 app template that you can clone and run as is, or modify for your own Dapp.

If you have any questions or issues, please contact us on the purescript-web3 github issues page, or find us on the purescript_web3 channel on the FOAM slack.

[1] — The sum of affected value of the most recent two parity wallet exploits is already 500 million USD.

[2] — https://www.ideals.illinois.edu/bitstream/handle/2142/97207/hildenbrandt-saxena-zhu-rodrigues-guth-daian-rosu-2017-tr_0818.pdf?sequence=3&isAllowed=y