Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
You canât have software without bugs. Every major piece of code is subject to extensive debugging, which is an inevitable part of the development process. But when that code controls digital assets worth millions of dollars, ensuring itâs free of critical errors isnât just desirable â itâs imperative. As this weekâs Bancor hack and this yearâs spate of smaller smart contract fails has shown, creating bug-free code is virtually impossible.
Also read:Â Only 12 out of 23 Korean Crypto Exchanges Pass Probe â Inspector Under Fire
Bugs Have Cost a Lot of People a Lot of Crypto
Cryptocurrencies, even those that donât permit smart contracts, are susceptible to bugs. Even bitcoin, the benchmark by which other coins are measured, has had its share, like the overflow bug in 2010 that created 180 billion bitcoins in block 74638. It was quickly fixed though without anyone gaining or losing coins. Ethereum users havenât always been so lucky. Incidents such as the DAO, Parity, and most recently Bancor, whose $12.5 million loss has been attributed to a permissioned backdoor in their smart contract, have pushed the amount of crypto lost to coding errors towards $1 billion.
As a turing complete blockchain, the Ethereum Virtual Machine can be used to enact smart contracts that use extremely sophisticated logic. The trouble is, the more complex that logic, the greater the likelihood of an exploitable bug creeping in. Solidity, the main language used to code Ethereum smart contracts, is notoriously tricky to master. The smart contract-enabled blockchains that have since emerged have been intent on eliminating such mistakes. This entails moving away from Solidity, and often from turing completeness, in favor of a more restrictive system with less margin for error.
How New Blockchains Are Approaching Smart Contracts
At Blockchain Expo in Amsterdam, news.Bitcoin.com spoke with Jordan Andrews, Smart Contracts Lead at Stratis. Their platform uses C#, which has been favored because it provides access to âso many tools like decompilers, great editors, a cohesive testing and debugging deployment suite in Visual Studio. What this means is you can decompile any contract from the bytecode to real C#,â explained Jordan. He contrasts this with Solidity which is in âa delicate developmental stage, where you canât actually decompile many contracts well. The fact that you can audit only around 1% of contracts on Ethereum is a problem, because basically, the decompilers donât work.â
While Stratis is largely focused on enterprise adoption, other blockchains are gunning for Ethereum, but have yet to reach a state of readiness where they can lay a glove on the cryptoverseâs de facto smart contract platform. Tezos will use formal verification for its smart contracts in the form of Michelson, a simplistic programming language that prizes security over multi-functionality. As a result, it should be harder for coders to create arbitrary programs, which in turn means it should be harder for them to introduce fatal flaws.
Stellar provides limited smart contract abilities to cover such matters as multi-sig, batching and time bounds. Cardanoâs smart contracts must be formally verified to ensure theyâre free of bugs and run using a virtual machine called IELE. EOS smart contracts are deployed as pre-compiled Web Assembly using C/C++. Like Cardano and Tezos, EOS is still at an early stage in its development, with just a handful of developers building upon its protocol. Ethereum, in comparison, can count 35,000 Solidity developers, and thus remains the webâs preeminent smart contract blockchain.
Formal Verification Will Reduce Errors
Stratisâ Jordan Andrews is confident that increased adoption of formal verification will make smart contracts less vulnerable: âI think the ecosystem for both [Stratis] and Solidity is going to see so many improvements. One thing that comes up a lot now is formal verification, the idea that you can verify that a contract is going to behave. This is obviously a big thingâŠStratis are gonna have the potential to do that, and I know that theyâre looking into it with Ethereum as well.â
As blockchain technology permeates every industry, the role smart contracts play in executing decisions will increase dramatically. In the process, computer code will go from controlling hundreds of millions to billions of dollars of digital assets. Eliminating bugs is essential if smart contracts are to become a part of everyday business. Before that happens, costly errors caused by further flaws are inevitable. Ethereumâs smart contract bugs are already out there. Itâs just a case of who finds them first: whitehat or black.
Do you think smart contract bugs will ever be completely eradicated? Let us know in the comments section below.
Images courtesy of Shutterstock, and Stratis.
Need to calculate your bitcoin holdings? Check our tools section.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.