Learning Smart Contracts, or What the Developers Are Hiding

With the expansion of the blockchain technology into the everyday life of the Russian-speaking business environment, the concept of a “smart contract” has ceased to be an obscure term. We also have written about smart contracts not so long ago, analyzing the main terms and options for applying smart contracts in practice. And yet, despite the development of the topic, in a number of cases, the knowledge of the principles of the operation and application of smart contracts is superficial and theoretical.

It is enough, though, for the majority of entrepreneurs who are implementing the blockchain technology in their business. There is an understanding that a smart contract is some arrangement fixed in the form of a code, and the transaction will take place only if the terms are executed. Having determined the subject and terms of the transaction, the implementation of the mechanism of the smart contract is given to specially trained specialists, or developers.

Their ensuing actions are perceived by an uninitiated person as a macabre “dance with a tambourine.” The developers are happy with such a situation as the fewer people understand the mechanics of their work, the higher their fees as professionals on the labor market. Clients who are accustomed to contracts written in the human language are not keen on delving into the structure of the programming code. This kind of blind delegation puts the businessman in dependence on the technical team and, in case “something goes wrong,” can lead to problems, the very possibility of occurrence of which the developers prefer to mute out.

The high risks and gaps in understanding the principle of the operation of smart contracts increase the already serious level of mistrust towards this tool. Let us try to solve the problem and understand the key aspects of the technology, which in the foreseeable future has every chance of transforming conventional business processes.

A Smart Contract Requires Conditions

The idea of ​​the logic of the contract implying that event B is deemed incomplete until event A has taken place is not innovative and has been perpetuated by classics of literature in the formula of “Money in the morning, chairs in the evening.” A smart contract ensures the categorical implementation of the agreements, which is stipulated mathematically, excludes the dependence of the transaction participants from any kind of centralized system or the influence of the human factor, and, at the same time, guarantees the automation, transparency, and safety of the entire process. But it all holds true only if the implementation environment of the smart contract assumes the possibility of fulfilling the programmed conditions and provides direct access to the objects of the contract. 14 years after the theoretical description of the idea of ​​a smart contract, this environment morphed into the blockchain.

To date, the market offers the development of smart contracts for Ethereum, Hyperledger Fabric, Cardano, NEO, and other blockchain platforms. But not all of them are well adapted for the execution of smart contracts. For instance, Bitcoin does not contain state markers and does not give programmers freedom of action, and NXT contains a limited number of templates of smart contracts and does not imply the possibility of creating a custom version. Ethereum, devoid of these shortcomings, has become the basic platform for the implementation of smart contracts.

Proceeding from this, no matter how aggressively blockchain enthusiasts promote the idea of ​​the universality of smart contracts, their implementation is possible only if your business and your partner’s business have evolved to the level of integrating blockchain technologies.

Understanding the Code

No matter how persuasive the prospects for using smart contracts are, conservative skeptics will have arguments against it. Even considering the full range of possibilities for challenging traditional contracts, a piece of paper with a seal and a signature will be more authoritative for them than an intangible computer algorithm. Developers, who manage to find a client with such a principled position, should be patient and get ready for a request to read, smell, taste, twist, and touch “what you’ve written there.”

Let us try to figure out what exactly a smart contract is, what it looks like, and what information it contains.

A smart contract is a computer code—a record of successive functions—that determines the parameters and logic of the performance of contractual obligations of the two parties. Like any code, it is laconic and unambiguous, but it is clear to programmers only.

In 2014, a special programming language Solidity was designed by Ethereum experts to write the code of smart contracts. It has many common features with JavaScript and is characterized by the ability to implement any computational function.

The volume of a smart contract is determined by the number of rows with records. The more complicated the conditions, the more lines in the code. The finished smart contract code is translated into the bytecode of the Ethereum Virtual Machine, which leads the contract into execution. As the terms of the contract are fulfilled, the computers and the nodes of the blockchain update the register.

If everything is clear with the form, let us move on to the content of the most popular sphere of application of smart contracts—the organization of an initial coin offering (ICO).

The structure of the main part of the code is a hierarchy of contracts that prescribe one or another completed functional cycle and consists of five key elements. One of the most important contracts of the structure is called owned; its task is to allocate the contract owner from the total number of users and give them a privileged function (for example, the ability to withdraw money from accounts).

The following contract contains information about the collection of funds and the distribution of tokens. It specifies the total number of tokens issued, information about the balances of the token holders, and the response of the smart contract to the movement of tokens between the holders. All the elements of the crowdsale contract are mandatory; if they are incorrectly filled in this part of the contract, the tokens will not be displayed in the holders’ wallets.

The fallback function is responsible for the order of actions in the event of the arrival of Ether in the account of the smart contract. It checks the availability of tokens available for sale, fixes their price, and calculates how many tokens need to be sent to the buyer.

The subcontract following for crowdsale, or EasyToken, notes the full and abbreviated names of the token, determines their divisibility or indivisibility, and, most importantly, allows users to display tokens on the exchange, remove them from there, and exchange them.

And, finally, the most pleasant feature—the ability to transfer the received Ether—is prescribed in the EasyCrowdsale contract.

It is possible to register other terms of the smart contract (when the ICO should conclude, soft cap and hard cap, and so on) until the developer’s imagination is exhausted. Unnecessarily heavy code construction, however, is still not recommended because the more data included, the higher the probability of making an error.

The Right to Make Mistakes

The main thing that one needs to remember when creating a technical task for the developer to write a smart contract is that they will not have the opportunity to think through the functions and finalize the contract in the process of work. The code already loaded into the blockchain cannot be changed, and any error made while writing it will result in the incorrect execution of the contract or complete loss of control over it. The only possible way to fix the situation is to download a new contract with the corrected code.

Even the big players manage to make mistakes in the preparation of smart contracts, which are, unfortunately, discovered too late. And it is definitely better for the developer to see them before the hackers do. An error in writing a smart contract for The DAO allowed hackers in 2016 to hack the system and transfer tokens into their own wallets, and the incident caused the Ether price to plummet and even influenced the Bitcoin price.

And in the fall of last year, someone under the nickname Devops199 took advantage of the critical vulnerability in the Parity smart contract and launched the process of its self-destruction. As a result, 513,774 ETH was blocked on users’ accounts ($160 million at the time).

Given the shortage and high workload of qualified developers, the logical development of the market for services in the field of the blockchain technology was the emergence of companies that audit smart contracts before their launch. For what can be called a small amount of money (20 to 30 thousand rubles), compared to the given cryptocurrency’s market capitalization, specialists re-read the code and check it for errors and possible vulnerabilities.

The fact that smart contracts operate with money and are not subject to change plays into the hands of hackers. Every day, soldiers of the blockchain shadow frontier are studying new codes and attempting to break them. We will tell about their dubious “achievements” in this field in a separate article.

Source: Read Full Article

Leave a Reply