paint-brush
What Is Asset-Oriented Programming, and Why Will It Radically Improve DeFi by@victorfabusola
862 reads
862 reads

What Is Asset-Oriented Programming, and Why Will It Radically Improve DeFi

by Victor FabusolaApril 26th, 2023
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The problem with virtual machines as they exist now is that most of them aren't built with asset-oriented programming. This means that users can be sent tokens without their permission. This can be exploited by mischievous hackers who can disrupt the balance sheet of a protocol and then use that to drain its assets.
featured image - What Is Asset-Oriented Programming, and Why Will It Radically Improve DeFi
Victor Fabusola HackerNoon profile picture


Asset-oriented programming is when a virtual machine understands what an asset — or a token, is. Virtual machines that understand assets means they can define the security and accounting behind how tokens can be created, held, or moved between accounts.


Asset-oriented programming means that developers can easily create decentralized applications (dApps) that are intuitive and safe because the programming language itself handles assets for the developer. It’s like being given a box of standard parts to build with, instead of building every part yourself from scratch.


As a result, asset-oriented programming, just like object-oriented programming before it, lowers the learning curve, makes it easier and more intuitive to build Web3 and DeFi dApps, and massively improves security and safety.

The Problem with Virtual Machines Today

The problem with virtual machines as they exist now is that most of them aren't built with asset-oriented programming. Instead, they are built with message-oriented programming. In layman's language, this means that tokens on most virtual machines today don't move. There isn't any logic that allows the asset to go from one place to another. What moves, instead, are messages to different smart contracts that update a balance on a ledger.


In essence, if someone sends one asset to another account, there isn't any asset moving. Instead, the smart contract on the receiver's address will simply update and add "one", and the account on the receiver will update to whatever figure "minus one" is.


The problem with this "message only" programming language is that it leaves too many gaps that can be exploited by hacks. The message-oriented nature of the Ethereum Virtual Machine (which is the environment most blockchains are built on)  means that users can be sent tokens without their permission. This can be exploited by mischievous hackers who can disrupt the balance sheet of a protocol and then use that to drain its assets.


This isn't just theory. In fact, it's a phenomenon that happens quite regularly. In 2021, the Spartan protocol hack was perpetrated in this manner precisely. The hackers sent tokens to the pool outside of the regular deposit protocol, withdrew liquidity, and then took advantage of the way the token's smart contract updated its records.


This meant that the current balance could be manipulated to not match the actual number of the tokens held by the pool. In essence, the hacker could drain all the tokens that were in the pool before the hack.


Hacks like this couldn't possibly happen on asset-oriented blockchains. The first reason is that asset-oriented chains have logic built into the protocol itself that recognizes assets as distinct objects. This means that these objects can only move in a manner and function specified by the protocol. Hence hackers will be unable to send unsolicited tokens to a pool without the pool approving it.


Secondly, if the Spartan network were built on an asset-oriented chain it wouldn't have to keep updating contracts with a "current balance" as the assets themselves would

live inside the protocol. Therefore the smart contract that would calculate the exchange rate before a transaction can simply count the assets in the pool. There would be no current balance to manipulate by a hacker.


The main problem of asset-oriented chains — and perhaps their only problem — is that they are yet to gain critical adoption. Most chains in the crypto network are currently message-oriented chains. Because message-oriented chains don't have an internal logic recognizing assets, hackers have a lot of loopholes they can exploit.


Last year alone over four billion dollars was stolen from DeFi protocols. A huge percentage of these thefts leveraged the buggy nature of message-oriented chains to manipulate current balances and drain protocols of their assets. The simple fact is this; if DeFi doesn't accept asset-oriented programming, these hacks will continue. And if these hacks continue, the future of DeFi is in jeopardy. If people cannot trust protocols to keep their assets safe, why would they adopt DeFi? At least traditional finance (for all its ills) doesn't have the same sort of problem.

Asset-Oriented Programming Today

Thankfully, asset-oriented programming isn't just a theoretical idea of how virtual machine logic should work. The Radix network has fully built on the idea to create a network that puts this principle to work. Not only was the Radix network built on the idea of asset-oriented programming, but the Scrypto programming language used by the network was also built around that idea as well.


What this means in practice is that developers won't have to build "safety logic" that dictates how balances should be reflected after "message-oriented" transactions. They can simply build functions and allow the platform's logic to dictate how the assets will be counted after each transaction.


Developers don't even have to build asset logic during any phase of development since the logic is standardized. This saves a lot of time and allows developers to scale the complexities of their functionality higher than ever before. It also means that there will be less to go wrong for hackers to exploit.

What Do Asset-Oriented Virtual Machines Mean For Developers?

There are four major ways that asset-oriented virtual machines can change the ways both users and developers interact with virtual machines.


The first dynamic is safety. Safety is a huge issue in DeFi, and in the current message-oriented network milieu safety is hardly guaranteed. Asset-oriented networks will guarantee a higher level of safety for users and developers, which in practice means that more people will have the confidence to use DeFi, and developers won't have to spend all their time building safe logic into contracts.


Right now, DeFi developers spend about 80% of their time on making protocols safe for deployment. This means they have to test for every transaction use case and theoretically make sure there's logic built into it to stop hacks. Asset-oriented programming solves that problem.


The second dynamic is ease. Message-oriented chains are needlessly complex. This affects developers in two ways. The first is that it increases the technical barrier of entry for developers.


Secondly, message-oriented chains are difficult to build safe dApps on, even for the most experienced developer. The needless complexities and the fact that developers have to develop logic for every transaction use-case means that they spend a lot of their time on frivolities.


Asset-oriented chains are the exact opposite of this. Developers don't have to overcome a steep learning curve to use them. Some developers start using the program and building in it with the Scrypto language the very first day they hear about Radix! That's precisely how easy it is to learn and use.


Because Scrypto and the Radix Engine Virtual Machine are so easy to use, developers can dramatically shorten the time from the conception of a dApp to deploying it. They no longer have to spend months testing deployments and making them secure.


Message-oriented machines simply don't have standardization of asset logic. In practice, this means that message-oriented chains end up having a lot of redundant code, and there are no standards that other developers can leverage. This also means that innovation is slow to happen, and there are hard limitations to just how complex functionalities can get.


The last dynamic is composability and it's closely related to reusability. Composability describes the ability for multiple dApps to connect freely and instantly. Of course, message-oriented chains put a hard limit on this because of non-standard asset logic.


The reason for this hard limit is that functionalities on these platforms are held in standalone smart contracts with their bespoke logic. There's very little standardization across chains. Asset-oriented chains like Radix solve this problem by providing a standardized asset logic that all dApps can follow.


All the benefits of asset-oriented chains that accrue to the developer on the backend also translate into benefits for the users. More secure dApps mean that user funds are safer. Easier to build dApps means more products and better support for end users. And better reusability and composability mean that there will be fewer limits on what can be built for the end user.


Asset-oriented chains will also radically improve capital efficiency. Better security means almost no capital will be getting lost in transit. It also means that the ecosystem will be more structurally stable since there won't be capital crunches caused by hacks.


All in all, asset-oriented programming is on course to change DeFi. The question now is when this change will come, not if it will come.


Watch the RadFi keynote to learn more about how asset-oriented programming on Radix is the future of Web3.