Most Common Issues With Ethereum-Based Smart Contracts
As the crypto revolution continues to gain steam and garner international attention, more focus is being cast on the actual use cases and applications of distributed ledger technology. One of the most useful applications is perhaps one of the least understood: smart contracts. Smart contracts are essentially a means of executing code stored on a given blockchain’s network, where the underlying code is the governing source of truth.
Since blockchains require universal consensus, smart contracts are only as good as their code, particularly in their limitations of what is possible, and perhaps more importantly, their security. That being said, there seems to be some confusion among the general public about the pragmatic application of smart contracts in their current form.
Ethereum is perhaps the best-known platform for the development and execution of smart contracts and decentralized applications. However, businesses and individuals wishing to begin transacting via trustless smart contracts are apprehensive about doing so following the DAO exploit and other public (and not so public) hacks of Ethereum-based smart contracts. And for the novice user, rightfully so.
Though the Ethereum-based platform (Ethereum, Ethereum Classic, Ubiq, Callisto, etc.) is innately flexible and offers a means of cutting out the middleman with trustless transactions, unresolved issues remain which prevent the wider adoption of these smart contracts in general. Some of the most glaring issues surrounding Ethereum-based smart contracts are security, flexibility, and maintaining confidential transactions on public blockchains.
The good news is that these and other issues are currently being addressed by the development community and will be incorporated into the protocol of the Ethereum Virtual Machine, with active development and beta testing currently underway for deployment in 2018.
Security is at the forefront of anyone’s mind when transacting in any amount with a new technology that is not well understood. Let’s suppose you manage a business and that you have a fiduciary responsibility to your client. You are considering using an Ethereum escrow service for routine payments to automate recurring activity over a given period, reduce your opex expense and remain competitive in a saturated industry, such as financial services or management consulting.
If you elect to escrow client funds, you MUST be certain those funds are safe and will be paid out according to the terms of the escrow agreement. In a traditional escrow, an escrow agent can typically sort out most issues for the escrowing parties, based on the conditions of the escrow agreement and a reasonable interpretation of the terms within.
If not, they can refer the case to an arbitrator who can review the facts and issue a binding judgment. In a smart escrow, these functions are automated, and the contract is invoked according to the code, which cannot be altered in the event of any extenuating circumstances. The execution of that smart contract requires consensus from the network. If it does not achieve consensus, it will not be able to enforce on chain payments, and thus reduce the escrow agreement to futility.
For most, the opportunity cost of a secure, reliable, automated and easily understood escrow arrangement is simply too high. This is to say nothing of any vulnerabilities that may exist in the code, rendering the funds permanently irrecoverable.
A lot of the attention that Ethereum-based smart contracts has received as of late has been tremendously negative, in part due to the infamous DAO hacks and resultant losses in the millions of dollars. The specific vulnerabilities of the publicly known attacks have been covered at length but suffice it to say that they could have been avoided had the code received a proper security audit and/or had the contracts not been executed in haste.
One of the most promising protocols currently under development to remediate these types of exploitations is a free smart contracts auditing service being deployed by the Callisto Network for contracts written in either Callisto or Ethereum Classic. Contracts executed on either of these blockchains will receive a professional code audit, flagging vulnerable contracts for revision prior to their execution.
The files will be uploaded to a directory for the auditors to review using a secure decentralized file storage system and submit their audit reports using the same file storage system. The audit service will eventually be available for other blockchains for a fee, and based on Callisto’s investment into blockchain interoperability, may lead the way for secure, interoperable smart contracts.
Another common issue with Ethereum-based smart contracts is flexibility. Circling back to the consensus requirement, incorporating external parameters into smart contracts whose code resides on the blockchain has proven to be redundant, and in some cases impossible. For the code to fetch data from external sources and bring it back to the network, every node on that network would need to reach a consensus about the integrity of the data, if not, the contract wouldn’t execute.
The examples for such a scenario are endless, but suppose you make a wager on a deterministic event, such as a sports game. The contract stipulates that if Team A wins, Counterparty 1 will receive $100. For Team A to win, Team B must lose, and Counterparty 2 must pay $100, right? What about sports such as soccer (football) or ice hockey where tying is possible? Neither team wins per se, but the conditions of a tie weren’t written into the contract and thus cannot be validated by the network because no consensus was reached about who won the game. Even if there is a clear winner, individual nodes could easily reach different conclusions from conflicting external sources about the result of the game and not reach consensus, effectively rendering the execution of the contract implausible.
Other limitations in flexibility of Ethereum-based smart contracts relate to the inability to effectively change them. In most cases, it is either impossible or exorbitantly expensive to make even the slightest change to a smart contract after it has been broadcast to the network. If a mandatory legal clause, incorrect recipient data, or serious security vulnerability is discovered after the contract has gone live, it’s typically a mistake that cannot be corrected at any cost, short of a 51% attack. Depending on the amount of resources in question, this may not be acceptable to the participants and recurring instances of having to forfeit funds due to the inability to change a smart contract will deter most non-technical users from actively engaging with smart contracts. Fortunately, modular smart contract protocols are being tested to update existing contracts by replacing data in the files without losing the data contained in them. Over time, smart contracts will become more flexible, which will presumably induce further enterprise application as the risk of failure to uphold fiduciary responsibilities and maintain legal compliance can be appropriately managed and placated.
In an era where privacy has become a thing of the past, smart contracts have attracted a lot of scrutiny for their inability to offer consistent confidentiality for the participants. By virtue of the blockchain, all data is permanent, transparent, and immutable. In many ways this is a good thing, as the blockchain can be pointed to as the single source of truth. But many contracts contain sensitive data and not all transactions should be made public in permanent form.
Some privacy-oriented blockchains have succeeded in shielding simple transactional data from public view using proprietary cryptography such as zk-SNARKS (Zcash and Zcash derivatives, for example). But smart contracts are governed by code and even though in theory they can be written to control read and write privileges, bugs will inevitably be discovered and exploited to alter those privileges, reducing the concept of confidentiality to a pipe dream for a smart contract that is permanently stored on the nodes of any given blockchain.
To address privacy concerns of file storage on blockchains and facilitate secure smart contract auditing, Callisto Network is implementing a decentralized file storage system. Although the motive of this protocol is to facilitate the secure uploading, storage, and viewing of smart contracts audit reports, it can be used for general purpose file storage as well. This file storage system operates specially-elected IPFS (interplanetary file system) nodes, incentivizing these host nodes with Callisto payments, and the general use of the storage system with cutting-edge cryptographic proofs deployed across a distributed network, with regular security audits of the storage providers. It also eliminates the need for a centralized third-party storage provider such as Dropbox or Amazon.
Though the Callisto file system cannot resolve all privacy concerns related to smart contracts, it is certainly a step in the right direction and a sophisticated technical solution that integrates seamlessly with their smart contracts auditing service, further reducing choke points and vulnerabilities in smart contracts that run on the Callisto and Ethereum Classic networks.
With smart contracts, people tend to favor peace of mind over automation and lower cost. The security of a contract, whether perceived or real, is only as tangible as one’s understanding of it. A lack of comprehension of the vulnerabilities and limitations of smart contracts has created a stigma for their use in things like escrow services, asset transfers and simple trustless transactions.
However, once the protocols are implemented to address security vulnerabilities via auditing, decentralized file storage for smart contracts, increased flexibility and general ease of use, then we can reasonably expect a wider adoption and the further application of Ethereum-based smart contracts.