A financial institution is developing a smart contract to issue bonds on Ethereum. A key requirement is that the total supply of bonds must be strictly capped and can never be changed after deployment. Which of the following Solidity code patterns most effectively and securely enforces this immutable cap?
A developer is building a decentralized autonomous organization (DAO) where voting power is determined by the amount of a specific ERC20 token a user held at the time a proposal was created. To prevent users from buying tokens after a proposal is made to influence the vote, which technique should be implemented?
A developer is writing a smart contract that interacts with multiple other contracts. One of the external contracts is untrusted and known to be potentially malicious. To prevent reentrancy attacks, which of the following design patterns and security measures are most critical to implement? (Select TWO)
True or False: Using `msg.sender` within a function called via `delegatecall` will refer to the address of the contract that initiated the `delegatecall`, not the original transaction signer.
A development team is deploying a complex smart contract system using Hardhat. They need to deploy several contracts, link libraries, and initialize state in a specific, repeatable sequence on both the local testnet and the Sepolia testnet. What is the most appropriate Hardhat feature to automate this process?
A developer needs to create a function that accepts an arbitrary amount of Ether and logs the sender and the amount. The function should not perform any other state changes. Which function declaration is the most appropriate and gas-efficient for this purpose?
A decentralized application (dApp) needs to display a user's token balance and the total supply of an ERC20 token without requiring the user to send a transaction and pay gas. How does a dApp's frontend, using a library like Ethers.js, accomplish this?
A developer observes that a transaction to a smart contract is consistently failing with an 'out of gas' error, even after significantly increasing the gas limit. The function being called performs a loop that iterates over an array of addresses stored in contract storage. What is the most likely cause of this issue?
A team is building a system that requires a source of on-chain randomness to determine winners in a lottery. Which of the following approaches provides the most secure and manipulation-resistant source of randomness for a smart contract on Ethereum?
**Case Study:** A decentralized finance (DeFi) startup, 'YieldFarmz', is launching a new staking protocol. Users will deposit an ERC20 token (`YFZ`) into a staking contract and earn rewards in the same token over time. The protocol needs to be secure, gas-efficient, and fair to all participants, regardless of when they stake or unstake their tokens. The lead architect has proposed an architecture where the contract maintains a list of all stakers and their deposit amounts. When rewards are to be distributed, a function will loop through this entire list, calculating and transferring rewards to each staker individually. This distribution will be triggered by an admin on a weekly basis. A junior developer on the team raises concerns about this design, particularly regarding its scalability and potential for denial-of-service as the number of stakers grows. They also worry about the fairness of reward distribution if a user unstakes right before the weekly distribution event. Given the requirements and the concerns raised, which of the following alternative designs provides the most robust and scalable solution for calculating and distributing staking rewards?