What could be better than an automated process that eliminates mediation, bureaucracy and saves the whole enterprise budget? Only a well-tuned algorithm that works properly and guarantees execution.
Ethereum Platform has opened up smart contracts to the world and presented the new generation blockchain to humanity.
It should be realized that the smart contracts created on the Ethereum Virtual Machine are far from ideal, so today we will understand the following:
- what are smart contracts;
- what vulnerabilities are known;
- are there any alternatives to the Ethereum Platform.
Common smart contracts understanding
In short, smart contracts are invariable contractual obligations with automated (or automatic) execution, presented in the electronic protocol form, written using computer code.
The smart contract’s purpose is to ensure the deal execution concluded between the parties, with the complete human intervention absence in the process. The basis of each agreement is trust, of course, so the deal cannot be executed if at least one of the parties involved in it isn`t sure that the partner is set to fulfill its obligations. In compiling the standard documents the involvement of lawyers is implied, as they provide secure deals, however, this processes format require additional expenditure of both time and money.
In turn, the smart contracts use completely eliminates the conducting deal process from mediation, providing a trustworthy background and facilitating asset swap procedures.
Since a smart contract exists within decentralized systems, it must function in isolation, deterministic way, and within a specified time frame.
The most famous platforms for creating smart contracts are Ethereum, EOS, Stellar, Cardano, NEO, and Waves.
Deterministic smart contract
An algorithm is called deterministic if it is always executed absolutely identical and produces the same predefined result, subject to the same input data set.
The term of determinism can be explained clearly on the simplest example: 5 + 1 = 6, where 5 + 1 is the input data, and 6 is its result. That is, introducing a 5 + 1 example, the same result will be displayed each time — 6 (it is predefined and always identical).
Thus, an algorithm can be called deterministic if the program produces the same input data set on different devices.
At the same time, there is an inconsistency possibility of the algorithm determinism, if to make a call to a non-deterministic function, use non-deterministic data, or make a dynamic call, for example.
Execution in a clearly specified period
At the 20th century beginning, Alan Turing stated that it is possible to establish in advance the completion of an algorithm execution at a certain time.
The failure to execute smart contracts is the main and only one reason for their entry into an endless cycle.
However, there are several options for how to avoid this vulnerability.
- Turing-incomplete.
In this scenario, limited functionality is used, so that cycles will not be performed.
- Counter
An installed additional function can control the execution of a certain number of commands. When reaching the maximum available steps, the algorithm will have to start again.
- Timer
If the smart contract is not executed in a clearly specified time, stop is forced.
Isolation
It is no secret that everyone has the opportunity to write and deploy their own smart contract in any public blockchain that supports this function. At the same time, not always smart contracts are written perfectly, hundreds or even thousands of digital contracts contain viruses and errors. If the vulnerable contract is not in isolation, not only it, but the whole system may be at risk.
The most common problems in Ethereum smart contracts
Code vulnerability
When using templates and considering the simplicity of creating a smart contract on the Ethereum platform there are cases when the new contract creators take over the mistakes of the previously created one.
The language barrier
Solidity, the language in which EVM-based smart contracts are created, appeared not so long ago. Due to its young age, there are some flaws in it. For example, developers often get bugs in code due to the unreadability of some constructs, as a result, the smart contract security may remain a big question.
Conceptual problem
Unfortunately, the main problem is not even the smart contracts technical implementation. Project creators are not always aware of the purposes for which they need smart contracts, they don`t even know their possibilities and what smart contracts will never be able to do.
Comparative platforms characteristics
Ethereum
The first platform for developing decentralized applications using smart contracts, with the ability to create your own smart contracts, the presence of templates that are subject to change by developers to their goals achievement.
Programming languages: Solidity, Serpent, Mutan, LLL
Disadvantages:
- inability to make amendments after launch. If the smart contract created on Ethereum will not be executed correctly, the developer will not be able to fix it. The only way out is to launch a new digital contract.
- difficulty in determining the specific location where the mistake was made. If the smart contract doesn`t work correctly, the developer will not be able to see where the error was made in the code.
- GAS waste when a smart contract enters an infinite cycle. If a smart contract is not Turing complete, it will be launched an infinite number of times until the GAS amount required for payment on the developer’s account will end.
EOS
A platform competing with Ethereum, the creators of which are the BitShares and Steemit developers. EOS uses Graphene technology with built-in consensus mechanism and delegated trust (DPOS). In EOS, block producers have the privilege of excluding an inconvenient contract from the network or correcting any errors found by themselves.
Programming languages: С++.
Disadvantages:
- insufficient network decentralization, as 21 participants affect the EOS network. The DPoS algorithm limits the other users’ ability to participate in the changes introduction ;
- inability to track the vulnerability moment instantly .
Stellar
The network is the result of a Ripple fork and is intended for currency transactions. In Stellar smart contracts, the possibilities of implementing a multi-signature, transaction atomicity and time constraints are implemented.
Programming languages: PHP, JavaScript, Golang, Python
Disadvantages:
- insufficient of smart contracts flexibility compared to Ethereum
Cardano
Two-level blockchain platform with the ability to create flexible and secure smart contracts.
Programming language: Haskell
Disadvantages:
- the platform is not yet fully operational, as it is at an early development stage.
NEO
It is the first opensource smart assets platform and the blockchain project as a whole.
Programming languages: C #, Java, Go, Python
Disadvantages:
- insufficient applications isolation. The found threat in the asset of one of the NEO tokens standards has endangered the users of all other tokens of this standard.
Waves
Blockchain platform with built-in LPoS (consensus algorithm for leasing your assets). Waves smart contracts are Turing complete.
Programming languages: RIDE, RIDEON
Disadvantages:
- Waves smart contract features are not fully tested due to the recent main net launch.
Conclusion
This article revealed the main functional features and requirements for smart contracts. At the same time, initially acquainted with the problems of introducing smart contracts on the Ethereum Virtual Machine, the developed platform’s evolution can be traced. Key vulnerabilities are eradicated with the new solutions introduction. Native competition and the desire to make a decent and demanded product force developers to work more and more, actively working on their own and others’ mistakes. This is how the evolutionary process moves from individuals to masses, improving technology with each release.