Published 16 Dec by InCodeWeTrust
Ferrum Source Code Review
Ferrum Network is an interconnectivity network designed for decentralized cross-chain financial applications. Ferrum aims to enable the management, transaction and exchange of any digital asset, without taking custody of users’ assets. Built on a directed-acyclic graph (DAG) network, which is faster, less costly and more scalable than building on traditional blockchains. Ferrum is blockchain agnostic, meaning it will support assets from any network, and is not limited to ERC-20 tokens.
Users can deposit their digital assets into the network, generating a proxy token of identical value that can be transacted peer-to-peer using the Ferrum Wallet, or exchanged over Ferrum’s decentralized exchange with low latency. The Ferrum DEX will also support advanced features including high frequency trading, short selling and AI driven trading assistance. Furthermore, Ferrum is developing fiat gateways for the fast and inexpensive exchange of fiat currencies and cryptocurrencies
Ferrum Network intends to release their code as open source, i.e. anyone will be able to build on top of Ferrum Network after main net launch.Meanwhile InCodeWeTrust has received permission to access Ferrum Network’s private repositories to review the source code and build the contained products on our test server.
Source code repositories, were provided by the Ferrum Network project and downloaded/ installed on an InCodeWeTrust server.
An Ubuntu 17.04 Virtual Machine (Virtual Box) i7 4 CPU core, 12GB RAM, 40 GB SSD was used as target platform running on top of a Windows Server with a typical development environment including Docker, Yaml, npm, Python and other programming language library support.
Source code assessment summary
Prior to this assessment the Ferrum Network team has informed us that the development is in an early stage, which has been taken into consideration in this code review.
The assessment of the code repositories content can be summarized according to the following:
The source code reflects a highly competent developer level.
The development has clearly focused on providing a functional working system.
The code is at a basic stage overall and is currently lacking a number of functions to increase user experience and usability. However, that is expected at this early stage and reflects the ambition to put functionality before usability at this point.
The source is in need of additional code comments and notes to create a smooth workflow for a team of developers.
The source code lacks copyright comments. We would suggest adding this in order to credit developers when code from other projects is being used.
Source code assessment by repository
- Branch Ferrum
Source code is early alpha stage (as expected)
src/main: Ferrum related functions on top of original IOTA code base
Branch Master (empty)
IOTA consensus with ETH compatible signing, hash and addresses. Addresses can be re-used without compromising keys (as opposed to IOTA)
The code is based on Maven, Java 8 and IOTA Ledger. The IOTA Ledger offers IRI repository to implement and embodies the IOTA network specification via JSON-REST HTTP.
This branch is supported by the docker installation.
(only master branch available)
Technology based on React. Missing error handling on login was found Installation with yarn/npm failed (due to missing files)
(only master branch available for build)
The wallet was installed and invoked according to the documentation (checkout ferrum-wallet and checkout ferrum-js-api in the src folder of ferrum-wallet). The installation runs smoothly.
Some of the dependencies are depreciated, such as big-integer. However this is not a major issue at this early stage.
Subsequent to installation the development server was started:
Which leads to the following missing reference error:
Ripple API (we expect more APIs to be coming). This is built to connect ferrum node with the external world via the API Gateway. The API uses JSON schemas and needs Node.js (Node.js is available on all major platforms).
This is main functionality and is used in many other branches. For a later version we would recommend to integrate the latest version in the related repositories in order to avoid version conflicts.
- Master branch
- Addresses hardcoded
- No-ternary branch
- Similar to master
The master branch is checked out and deployed during the ferrum-wallet test.
Installation works smoothly (as seen in screen captures below).
The running application (Node) is stable (which is very good for a product this early stage).
Recommendations on improvements
The following recommendations are given in order to bring the current state of the source code to a release level as the project progresses:
It is recommended that all folders should contain readme.md files and the root folder this file should cover a walk-through for the project.
Including some information about the logical dependencies between different repositories will help to round up the product.
Hardcoded addresses/ and links to testnet should be removed.
Overall missing copyright information. We would recommend adding this, especially when using source code form other projects.
Apart from an agile development setup, the development milestones need to align with the whitepaper and include a proper 3rd party test.
We have assessed the Ferrum Network project based on its source code, installation packages and whitepaper, which have been made available to us.
Based on review of source code text files and installation/runtime test of the executable code our conclusion is that the project is in an early working alpha stage. The code reflects a high development skill level.
We have not encountered any issues in executing the Ferrum node, and the run-time behavior is stable (exceeding expectations at this point in development) and according to expectations from a functional point of view (see test section). The installation package available has provided a smooth experience.
We believe that the project is on the right path and truly excited to see the finished working product, as this will fill a large existing gap in the crypto currency landscape.