Smart contracts promise businesses exciting new ways to computerize agreements and automate payments. but this summer, they suffered a serious security setback. Now, Microsoft Corp. and others are exploring ways to shore up the security of these contracts by applying rigorous new tests to them. Microsoft has also reportedly organized a working group designed to improve the security of this blockchain-based software.
Smart contracts are computer programs designed to run autonomously on decentralized blockchains. The advantage to running them in a distributed way is that they can be used to verify each other’s results, making it more difficult for a central party to control their operation. It also eliminates a single point of failure.
Smart contracts have been posited as a way to self-executing legal agreements that can be monitored by all parties, and which can take action according to preset conditions.
For example, a company might want to manage the shipment of its products along a supply chain. Different logistics firms in that chain could use smart contracts to register when they received its products and handed them off to the next company in the chain.
Participating companies could be paid via a smart contract based on their adherence to the schedule. Because all companies in the supply chain would register their own logistics data, any fraudulent data would quickly surface.
The problem with smart contracts is that they are susceptible to coding errors. In June, just such an error led to the loss of millions of dollars by the decentralized autonomous organization (DAO). This was a decentralized ‘company’ governed entirely by smart contracts.
Created by Slock.it, a startup that wanted to create distributed computers to operate smart contracts, the DAO was created by selling digital ‘tokens’ that would enable purchasers to become stakeholders in the company. They would buy the tokens using Ether, the cryptocurrency that powers the Ethereum blockchain. They would then use the tokens to interact with Ethereum-based smart contracts, voting on decisions such as how to use the DAO’s money. Slock.it hoped that the DAO would vote to take it on as a contractor, funding its startup project.
Instead, an anonymous stakeholder figured out a coding flaw in the smart contract governing the doubt, that enabled them to withdraw around US$50-60m of Ether into their own child DAO (estimates of the dollar value vary because the Ether price was so volatile against the dollar).
The hack left the DAO community scrambling to recover the funds, which it eventually had to do by working with Ethereum to create a ‘hard fork’. This effectively rewrote history by creating an alternative version of the Ethereum blockchain, allowing the community to reassign Ether that had already been spent.
The incident showed that many people simply aren’t ready to write these contracts, according to Vinay Gupta, a developer who was closely involved with the Ethereum project in its formative phase and who now runs a venture capital fund devoted to decentralized projects.
“I don’t think that we were taking this stuff nearly as seriously as required,” Gupta said. “A Javascript-like language for this is a mistake,” he added, referring to Solidity, the programming language used to create Etherum smart contracts. “We need functional programming.”
Functional programming languages use mathematical functions to describe computing processes, and have a degree of rigour not necessarily found in web scripting languages.
“It is not surprising that a flexible language like Solidity allowed the creation of smart contracts with bugs/errors/attacks,” agreed Sergey Nazarov, founder of SmartContract.com. His service allows programmers to create connections between smart contracts and other systems such as enterprise applications, financial systems or other blockchains.
“It was an expected outcome that happened far sooner than most people thought because the numbers that made it worthwhile became so large so quickly,” Nazarov continued.
Microsoft has now created a working group called ‘Kinakuta’, which it hopes will share information about best practices in smart contract design. It has invited other organizations including the Ethereum Foundation and financial distribute ledger firm R3CEV into the group, has already been exploring ways to verify the security of smart contracts. Last month, it published a white paper with researchers at Harvard University suggesting ways to prove the security of a smart contract.
Microsoft’s isn’t the only group working on this issue. Other researchers at the National University of Singapore have been researching the problem, along with others in the Ethereum community.
Vitalik Buterin, co-founder of the Ethereum project, believes that Ethereum programmers can learn some lessons from the hack. However, he hopes that the community will pick itself up and dust itself off again.
“The issues around the DAO hack, including ETC, appear to be receding, and the community seems like it is right back to focusing on applications and tech development,” he said.