mobileRumblefishLogo
Menu
desktopRumblefishLogo
Services
Products
Case studies
Careers
Resources
About us
  1. Software
  2. Blockchain
  3. Web3 product
  4. Smart Contracts
  5. Mobile app
  6. Web platform
  7. AWS Cloud
  8. NFT marketplace
  9. DeFi
  10. Fintech
  11. AI product
  12. dApp
  13. Crypto wallet
development tailored to your needs!

Rumble Fish helps entrepreneurs build and launch bespoke digital products.
We take care of the technology, so you can focus on your business

Join the ecosystem
of our satisfied customers:
companiesCarouselLogo0
companiesCarouselLogo1
companiesCarouselLogo2
companiesCarouselLogo3
companiesCarouselLogo4
companiesCarouselLogo0
companiesCarouselLogo1
companiesCarouselLogo2
companiesCarouselLogo3
companiesCarouselLogo4
Who we are?

Hi there! We're Rumble Fish - a team of world-class experts in bespoke software development. Our engineers are highly skilled in blockchain, cloud solutions, and defi/fintech development. Our strength and pride is the ability to take ownership of the entire development process and be a true partner and advisor for our customers. Our mission is to craft state-of-the-art digital products using battle-tested technologies. Try us!

0Employees
0Projects
0Years in business
0Lovely dogs
0Cozy office
What do we do?
Software Development Services and Skills for your needs To deliver the highest quality of services, our experts are always gaining new skills and knowledge. That’s how we make sure our solutions follow the latest industry standards and take advantage of the most innovative technologies.
Our experienced team will take your AWS cloud solutions to the next level. AWS provides purpose-built tools to support your needs, and it is the preferred choice for any blockchain project. From the plethora of cloud tools and solutions offered by Amazon Web Services, we’ll help you choose and implement the ones that serve your business the best way possible.
If you’re in need of professional web development services, look no further! Rumble Fish's talented team has extensive experience in delivering top-tier web apps and websites with the use of battle-tested tools and technologies like React or Nest. We know just the right solutions to exceed your business requirements.
Whether you need an Android, an IOS app, or both, the Rumble Fish team is here to help you deliver the beautiful and efficient mobile product that your customers will simply love to use! We craft fast and secure mobile apps with a wow factor to help our customers grow their businesses and reach their goals quicker.
AI chatbots can bring value to a wide range of industries by enhancing customer interactions, streamlining processes, and improving overall efficiency. We'll craft a perfect AI assistant for your product.
Decentralized Finance (DeFi) development requires an extensive amount of blockchain knowledge, as well as a great understanding of financial mechanisms. We’ve got both that bases covered! Our team has successfully built an impressive number of DeFi products like cryptocurrency exchanges, dApps, lending protocols, or staking platforms. Try us!
Rumble Fish engineers are experts in Non-Fungible Tokens (NFT) platform development. With our deep understanding of crypto, blockchain technology, and smart contracts protocols, we are able to take your NFT marketplace idea and craft it into a beautiful, state-of-the-art product.
Looking for a skilled team to help you build an advanced fintech platform able to compete with the biggest in the game? At Rumble Fish, we’ve got what it takes to engineer innovative financial technology systems. We offer end-to-end fintech software development, consulting, and expertise.
Our team is well-versed and experienced in various blockchain development tools and technologies. Our unique skillset allows us to be at the forefront of Web3 development services so if you’re looking for a trusted IT partner to boost your decentralized product - look no further!
Our experts provide you with knowledge, skills, and experience that elevates every project to another level. We’ll gladly take ownership of the entire process and guide you and your team through the intricacies of cutting-edge technology development.
We design sleek, intuitive, and highly effective interfaces to help you overcome your business challenges. After carefully evaluating and understanding your requirements we switch to the designing mode - the end goal is the beautiful digital solution that people love to use!
If you're looking for a team capable of turning your product concept into a beautiful and technologically intricate digital solution - look no further! Rumble Fish is your trusted software development partner ready to take you through the entire process of custom digital product creation - from the early stages of ideation to the post-launch support. Whether you're on a mission to build a mobile app, a Web3 product, or an advanced platform - we are here for you!
Testimonials
See what our customers say about working with us
Latest case studyCustom AI assistant development
Custom AI assistant development
The main objective was to create an AI chat assistant to engage in intelligent conversations with legal documents stored in our customer’s internal databases. The goal was to streamline document analysis and enhance legal discourse efficiency.
Collaboration timeframe:2 months
Services:AI chatbot development
We're trusted by global innovators and leaders.Join them!
TURNTABLE
A hybrid of a social network and a music app
TURNTABLE
MAKERDAO
The first truly decentralized stablecoin crypto on Ethereum
MAKERDAO
ZBAY
A private inbox, wallet, and marketplace all in one
ZBAY
VERIFYID
An identity verification MVP
VERIFYID
Rumblefish Blog
Check a piece of expert knowledge
Smart contracts development in Rust - benefits, risks, use cases_BlogPostImageSmart contracts development in Rust - benefits, risks, use cases
1560169564058__2_.jpg_BlogPostAuthorAvatarBy Agnieszka Dobosz
Rust is a fast, memory-efficient, and statically typed programming language. Its many benefits are why it has been voted the most admired programming language of 2023 and 2024, according to annual Stack Overflow surveys of over 90,000 developers. Rust is also a great language for smart contract writing and many software engineers opt for using that language in their Web3 projects. While Solidity has long been the go-to language for developing contracts on Ethereum, Rust is rapidly gaining traction as a powerful alternative. Today, we’ll dive into its benefits and risks, and explore use cases of Rust in smart contract development.The Birth and Evolution of RustIt all started in 2006 when Graydon Hoare, an Australian programmer, at the time working at the Mozilla Research, started conceptualizing his personal project. His goal was to develop a language that would answer the memory management and allocation problems of C and C++. According to Wikipedia, Rust was “named after the group of fungi that are over-engineered for survival”. In 2009 Mozilla decided to back the project and sponsor it financially. 12 engineers were employed to continue the work with Hoare. The first stable release of version 1.0 happened six years later, on May 15, 2015. On February 8, 2021, the Rust Foundation was officially established by its five founding companies: AWS, Huawei, Google, Microsoft, and Mozilla. Later, on April 6, 2021, Google revealed in a blog post that Rust would be supported within the Android Open Source Project as an alternative to C/C++.What is Rust used for today?Beyond writing smart contracts, building dApps, and minting tokens, Rust is primarily used for enhancing performance, strengthening security, and managing memory effectively. Developers favor Rust for its ability to ensure memory and thread safety, reducing the number of bugs caught during compilation. Rust's comprehensive type system plays a significant role in this. It features an advanced and versatile type system that lets developers define types flexibly and control how related objects interact.The benefits of using Rust in blockchain development projects1. User-friendly and easy to codeRust stands out for its simplicity and ease of coding, unlike some popular languages used in blockchain development. For instance, handling threads in C++ can be quite challenging, and dealing with dependencies can be a nightmare. Rust tackles these issues within the language itself.With extensive libraries, versatile frameworks, and highly useful tools, Rust offers a cohesive ecosystem where all necessary information is readily available. This is largely thanks to Rust's thorough and meticulous documentation. Consequently, coding in Rust is incredibly straightforward, contributing to its status as a highly admired language.2. Performance and efficiencyRust is a systems programming language designed for speed and efficiency. It compiles directly to machine code, offering high performance comparable to C and C++. This efficiency is particularly beneficial for blockchain environments, where resources are often limited, and performance overhead can be costly. Rust's compilation to WebAssembly (Wasm) further enhances its suitability for smart contracts, providing fast execution and interoperability across different platforms. Also, in the space-limited world of blockchain, size matters. The Rust compiler plays a crucial role by reordering struct fields to minimize the size of each type. As a result, Rust data structures are often very compact, sometimes even more so than those in C.3. Memory safetyRust is known for its strong emphasis on memory safety without requiring a garbage collector. The language's ownership model ensures that memory leaks and other unsafe behaviors are caught at compile time, reducing the risk of runtime errors. This feature is crucial in smart contracts, where security vulnerabilities can lead to significant financial losses.4. Concurrency and parallelismRust's modern concurrency model prevents data races, a common problem in concurrent programming. This model is essential for smart contracts that may need to handle multiple transactions simultaneously without compromising the system's integrity. Rust's thread safety guarantees help maintain the consistency and reliability of smart contract operations.5. Growing ecosystem and toolingThe Rust ecosystem is robust and rapidly expanding. Tools like cargo (Rust's package manager) and rustup (the Rust toolchain installer) streamline the development process. Frameworks like Substrate provide a comprehensive environment for developing blockchain applications and smart contracts. The `ink!` language, specifically designed for writing smart contracts in Rust, further simplifies the development process by offering high-level abstractions.Risks of using Rust in smart contracts development1. Learning curveRust has a steep learning curve, especially for developers coming from dynamically typed languages like JavaScript or Python. Concepts like ownership, lifetimes, and borrowing can be challenging to master. This learning curve can slow down the development process, especially for teams new to Rust. Luckily, the ease of coding one gets once the language is mastered, is a great reward for efforts.2. Complexity in smart contract developmentWhile Rust provides powerful features, it can also introduce complexity. Writing smart contracts in Rust requires a deep understanding of both the language and the specific requirements of blockchain systems. The need for meticulous management of resources and strict type-checking can make development more complex compared to languages like Solidity. 3. Limited resources and community supportAlthough growing, Rust's community and resources are still smaller compared to more established languages in the smart contract space. This can make finding solutions to specific problems or bugs more challenging. On the bright side, the Rust and blockchain communities are active and supportive, and resources are continually expanding.Use cases of Rust in blockchain development1. SolanaSolana, a proof-of-stake (PoS) blockchain, utilizes Rust for writing smart contracts. It competes strongly with Ethereum and hosts a wide array of blockchain-based web3 applications. Rust is effectively used to develop Solana dApps, smart contracts, and NFTs, showcasing its versatility and efficiency on the Solana blockchain.2. PolkadotPolkadot is built using the Substrate framework, which is written in Rust. This implies that Polkadot likely wouldn't exist in its current form without Rust. Rust also plays a crucial role in implementing Polkadot's core runtime, which executes smart contracts. Polkadot's vision of interoperability features parachains that run parallel to its main blockchain, and Rust is extensively used in developing these parachains.3. Near ProtocolRust is instrumental in building various tools for developing and interacting with Near Protocol, including wallets, compilers, and explorers. It is also used to create and write dApps and smart contracts on the platform.4. ComitComit is a cross-blockchain network enabling trustless applications across blockchains like Bitcoin and Solana. Although cross-blockchain communication isn't new, Comit utilizes Rust to achieve this. Their GitHub repository features numerous projects, all developed using Rust.ConclusionRust offers a compelling alternative for smart contract development, combining performance, safety, and a growing ecosystem. While there are challenges, such as a steep learning curve and complex development processes, the benefits often outweigh these drawbacks, particularly for applications requiring high performance and security.As the blockchain industry continues to evolve, Rust's role in smart contract development is likely to grow, driven by its technical advantages and the increasing adoption of frameworks like Substrate. For developers looking to build robust and efficient smart contracts, exploring Rust can open up new possibilities and set the foundation for future innovations.
Code StoriesBlockchain
Understanding Account Abstraction Schnorr Multi-Signatures_BlogPostImageUnderstanding Account Abstraction Schnorr Multi-Signatures
Oskar.jpg_BlogPostAuthorAvatarBy Oskar Karcz
In today’s article, we continue the journey through public and private keys, blockchain algorithms, and Account Abstraction. Let’s focus on the complicated matter of ECDSA signatures and how to enable multisig transactions on Ethereum, shall we?Have you ever seen Vitalik sad?Or have you ever seen Vitalik angry?It looks like Ethereum’s signature algorithm is quite exciting and not that straightforward even for its co-founder. In this blog post, we’re going to discuss why ECDSA is (in some ways) not that efficient, why Bitcoin already adopted another algorithm called Schnorr, and last but not least, I’ll show you what solutions are already available and developed by amazing Rumble Fish devs!Let me do sign it for you!For those of you who are not familiar with blockchain’s private-public key pair concept, don’t worry! Relax, grab a big cup of coffee, and let me guide you through this! Ready? Let’s go!Every blockchain’s security, including Bitcoin and Ethereum, relies on cryptography and some brilliant underlying concepts. One of them is private-public key pairs which are used mainly for:authentication - to prove that the user knows the private key, which confirms their identity,encryption - to decrypt and read the message previously encoded, in other words - to read a secret message that only a private key owner can see. Private-public key pairs are asymmetric which means that with a given private key (think about it as simply as a number) it’s possible to derive the public key (the other number). However, it’s not feasible to reverse the process and get a private key from the public key. If you wonder why, take a look at our previous blog post, where I explained the magic behind elliptic curves and generating Ethereum addresses from private keys. To move forward I assume that ECC (elliptic curve cryptography) and ECDSA (Elliptic Curve Digital Signature Algorithm) acronyms already sound familiar to you. pov: ECDSA is a bad signature algorithmAs we’ve shown above, Vitalik himself believes that ECDSA is a bad algorithm. Let’s take a look at the reasoning behind this statement.In Ethereum, ECDSA is used as the algorithm for creating and verifying digital signatures. This is to ensure transaction authentication, so we know the transaction was approved by the sender. ECDSA uses the SHA-256 hash function and the secp256k1 elliptic curve and does it for good reasons. Firstly, it is constructed in a special non-random way, which results in efficient and fast computations. It provides strong security while requiring relatively little computational power. Secondly, the secp256k1 curve reduces the possibility of potential backdoor weakness and is also used by Bitcoin, so was already adopted at the moment of Ethereum creation. Now, let’s see what the basic process of signing and verifying a message looks like:Signing the message:Generate a private-public key pair. Keep the private key hidden and share only the public key.Calculate the message hash with a cryptographic hash function, e.g. SHA-256.Sign the message with the private key. By signing I mean performing a series of mathematical operations on the message hash value and the private key, which results in a unique signature.Transmit the message and its signature.Verifying the signature:Calculate the message hash the same way it was hashed within the signing process.Recover the signer address from the signature and public key (for the sake of simplicity I’m not gonna explain all the math behind it - I encourage you to do your own research).Compare the recovered address with the provided one - if they match, the signature is valid!So far it’s all looking good, right? So what’s the problem with ECDSA? The chaos appears as soon as someone wants to create a multi-signature. Ekhm, excuse me, multi-what…? - you ask? Let me explain.Multi-signatures - single problemThe Multi-signature Scheme is a concept that avoids a single point of failure and requires multiple signers to approve a transaction. This is great for splitting the responsibility of ownership of an address (and its funds) and can be shared between multiple people with different private keys. What's more, it’s possible to implement a k-of-n policy, so e.g. 2-of-3 means that only 2 signers (out of 3) need to approve the transaction for it to be valid (as shown below). This is commonly known as the threshold scheme.There are already plenty of multi-signature wallets, like The Consensys multisig wallet, Safe, or Argent. Most often that kind of wallets use a smart contract that stores multiple signers' addresses and verifies the signatures one by one (naive multi-signatures). And that’s the core of the problem. Why? First of all, storing multiple signers’ addresses costs money (welcome to the blockchain!), and the same goes for sending and verifying multiple signatures. Every signature needs to be verified with a specified signer separately and computational power is the crucial aspect of the transaction cost. What’s more (and in some cases the worst) signers’ public addresses are exposed and can be easily used to check who (out of the signers group) approved the transaction and who didn’t. OK, so what about aggregating multiple signatures into a single one? Well, this might be a better approach, but aggregated signatures are currently slower than e.g. ECDSA, so there must be a tradeoff between speed and size (which on the blockchain means cost).Bitcoin’s Taproot and Schnorr’s SignaturesLet’s jump out for a second to the Bitcoin Blockchain and look closer at one of the rare protocol updates, called Taproot. This BIP (Bitcoin Improvement Proposal) introduced several enhancements, including the Schnorr Signatures. Why do I mention this? We must realize that Bitcoin’s upgrades are extremely limited to keep the protocol stable and secure, so enhancements are deeply discussed, battle-tested, and significantly improve the network’s efficiency. So what is that Schnorr Signature?It is a type of digital signature scheme that allows for signing transactions in a very efficient way without compromising on security even for multi-signatures. The algorithm itself isn’t new though, because originally it was described by Claus Schnorr in 1991. It wasn’t widely used before because it was protected by patent till 2008 (the same year Bitcoin was launched).The primary advantage of Schnorr signatures lies in key aggregation. In a typical digital signature scenario, a single public key, message, and signature are involved, confirming that the owner of the public key signed the provided message. However, when multiple parties aim to sign the same message, like when spending from a multisig address, each must include their public key and signature. Consequently, if three parties wish to sign a message, the verification process entails three public keys and three signatures, leading to inefficiencies in computation and storage. Each node must conduct signature verification, a resource-intensive task, three times, and store three sets of signatures and public keys.Key aggregation resolves this inefficiency by obviating the necessity for multiple public keys and signatures. Schnorr public keys and signatures can be aggregated so that, if three parties intend to sign a transaction, they can combine their public keys into a single one, using their respective private keys to sign the same message. Subsequently, they can combine their signatures into a single signature valid for the aggregate public key. A verifier needs only to authenticate a single signature and public key to ascertain that all three parties signed the message.Signatures with benefits Key aggregation presents an opportunity to decrease transaction costs and enhance the scalability of the base layer, as signatures from multi-signature configurations occupy the same space in a block as those from single-party transactions. This aspect of Schnorr can be leveraged to decrease the size of multisig payments and related transactions (e.g. those within the Lightning Network channels).Moreover, Schnorr signatures possess a crucial attribute of non-malleability. In the realm of digital signatures, malleability refers to the capacity of an attacker to alter a confirmed signature in a manner that retains its validity while authenticating a distinct message from the original signature. Such manipulation could lead to significant issues in cryptocurrency applications, potentially allowing a malicious actor to increase the transferred funds' amount or change the recipient.Last but not least, Schnorr offers substantial privacy advantages. By enabling the obfuscation of a multi-signature scheme, rendering it virtually indistinguishable from a traditional single public key, Schnorr significantly complicates the task of differentiating between multisig and single-signature transactions through on-chain observation. Additionally, in setups involving n-of-m multisig, Schnorr makes it more challenging for observers to ascertain which participants did or did not sign a transaction.Just do it!Okay, that’s enough of the theory, let’s see what the practice looks like! As was written, the Bitcoin protocol already supports Schnorr Signatures and can be used alongside ECDSA. Unfortunately, the Ethereum blockchain does not yet, so this looks like a perfect opportunity for Rumble Fish developers to do, once again, some innovative stuff!No, wait a sec. Let’s complicate things a bit so that it’s not too easy. Where would be the perfect place to use multi-signatures? Where can we find the need for a multi-owner wallet? Any ideas? Exactly, Account Abstraction! Take a look at our previous blog post about ERC-4337 to see what it is and let’s move to the coding part!Let’s see what has to be done to achieve Multi-Schnorr-Signatures. Deploy MultiSigSmartAccountFactory and create Account AbstractionThis is needed to interact with the blockchain and use the Account Abstraction concept. In our case though instead of a single Account Owner, there are multiple Schnorr-Signers Owners. Create Schnorr Signers and MultiSig Account SignerTo utilize multi-signature features and be ERC-4337-compliant, the Schnorr Signer needs to be created out of an individual's private key.Construct User Operation CallData and build User OperationAs ERC-4337 specified, instead of standard transaction the User Operation needs to be created.Initialize Multi-Sig Schnorr User OperationCrucial element of multi-signature mechanism. To be sure that the same transaction is approved by every needed signer, the desired Multi-Sig Schnorr User Operation is created. It contains such information as transaction data and each signer’s public addresses, one-time nonces, and signatures.Sign the transaction by each defined signerTransactions can be signed by each signer in any order. There’s also no time limit or need for all of the signers to be online at once. Send the User OperationIf a transaction is signed by each needed signer, it can be sent through the MultiSigSmartAccount contract. As needed it can be paid by ERC-4337 Paymaster. User Operation data can be signed and used only once by design!Appreciate the beauty and simplicity of the Account Abstraction Schnorr Signatures solution. As simple as that!But if you are curious about how it works under the hood or want to utilize this in your project, feel free to jump into Rumble Fish repositories:aa-schnorr-multisigaa-schnorr-multisig-sdkThat’s it! Today I’ve showcased the pain points and vulnerabilities of the ECDSA signature algorithm when it comes to creating multi-signature transactions. I’ve also taken you on a journey through Schnorr’s Signatures and how to tie them into Account Abstraction to create an effective multisig transaction on Ethereum. Stay tuned for future updates and feel free to reach out to our team if you have any blockchain-related questions!
Code stories
We are a proud member of:swissPolishBlockchainIconpolishBlockchainIcon
Have an idea?
Let’s work
together!
We will answer any questions you may have related to your startup journey!Do you prefer e-mail?
hello@rumblefish.pl
AnimatedLogoTextImageAnimatedLogoFishesImage
RUMBLEFISH POLAND SP Z O.O.Filipa Eisenberga 11/3 31-523 Kraków, Polska
NIP: 6772425725REGON: 368368380KRS: 0000696628
P: +48 601 265 364E: hello@rumblefish.dev
Copyright © 2024 Rumblefish