Smart Contracts Security, Pt. 1
This series of texts is dedicated to analysing smart contract security. In the following sections, we explain what smart contracts are and why they will be in demand. We talk about bitcoin and blockchain, without which decentralised smart contracts would not exist. We also look at code security analysis and why it is particularly important in the case of smart contracts. And in conclusion, we introduce you to our team.
History
Every day, people conclude contracts with varying degrees of complexity (from making simple purchases to working with sophisticated financial instruments), of scale (from SMEs to international corporations) and in different forms (oral, written). By and large, the concept of the contract in one form or another underlies the economy and human interaction in general.
In a digital age, people want to be able to conclude a fully-fledged contract in digital form. A contract is a logical construction that describes voluntary obligations agreed upon by two or more parties (to transfer value, carry out work, etc.). And because it is a logical construction, it is much more convenient to describe a contract in the formal language of computer code than in the natural human language that until very recently has always been used.
The concept, along with the name “smart contracts”, was the brainchild of computer scientist, legal expert, and cryptologist Nick Szabo in 1994. Szabo’s idea assumed that such contracts, once reordered and signed by the parties, would be executed automatically, thus excluding human error or fraud.
What is this?
A smart contract is an independently executed computer program that functions as a contract between parties, and ensures fulfilment of the contract without the need for human intervention.
Until recently, the implementation of smart contracts has faced two significant challenges:
- To be executed without human intervention, a smart contract must have direct control over the subject of the contract — for example, over the right to own something of value. Until the appearance of bitcoin in 2008, this was impossible.
- To ensure that a smart contract is executed correctly, it must be executed either on a trusted third-party computer, or in a decentralized way. The third-party option has a number of significant drawbacks (not least, the need for the signatories to trust the third party). The Ethereum project uses the decentralised alternative (more about Ethereum smart contracts later).
As already mentioned, with the arrival of blockchain technology in 2008, smart contracts became a viable proposition. They were implemented in the Ethereum project network when it launched in 2015.
The general meaning of smart contracts is well described by the slogan “Code is law”. Once a smart contract has been drawn up and signed, it will inevitably be executed because its items are unambiguously described in the program code, and the program has direct access to the subject of the contract.
What are the benefits of smart contracts?
- Avoiding ambiguous interpretation of contract terms: the program is always treated (and executed) unambiguously.
- Lowering the costs associated with concluding contracts: a smart contract is concluded via the Internet (or, in the case of in-company contracts, via the intranet).
- Reducing the risks associated with breach of contract. If the subject of the contract is completely within the smart contract environment, risk is eliminated completely.
- Reducing potential legal costs: smart contracts are self-executing — if a conflict does arise, the unambiguous nature of the terms helps to avoid unjust court decisions.
Mistrust
Banks began offering online money transfer services in 1994. At the time, the project was considered a fiasco due to customers’ lack of trust.
Today, life without internet banking is hard to imagine. Yes, customer fears about security are justified — cybercriminals do steal money through the Internet. But the benefits to companies and individuals dramatically outweigh the losses associated with cybercrime — if they didn’t, Internet banking would be out of business.
The same is happening with smart contracts. There are a number of difficult questions: how to write and conclude smart contracts; what tasks they can and cannot perform; how to challenge a smart contract in court; how to protect them against cyber-attacks. The blockchain community already knows the answers to many of these questions, they only need to be conveyed to the users. Answers to the rest will be found.
Whatever the answers, it looks like smart contracts are here to stay, because those who use them will have a huge competitive advantage over those who don’t — and in this day and age, no one can afford to be a loser.
