Richard Ma - Fundamentals of Smart Contract Security

The world is built on trust. From the chips in your phone to the bills and cards in your wallet, everything came together as a result of people and organizations trusting each other.

Consider what we put trust into on a regular basis. We believe in the value of a dollar bill, trusting others to accept pieces of paper in exchange for valuable items like food and electronics. We make agreements with peers, companies, and others on a daily basis, trusting all the parties involved to uphold their responsibilities. We trust institutions such as governments and legal firms to ensure wrongdoers suffer appropriate consequences. We read textbooks on every topic imaginable, trusting in the intelligence of the authors and accepting their word as truth. Every agreement comes together as a result of trust.

But what exactly powers these agreements, and how do we establish trust? Traditionally, legal contracts are the medium through which agreements are expressed and confirmed. In a common language, two parties agree to a set of terms, trusting that a third party will step in to justly mediate disputes and enforce the terms of the contract if the terms of the agreement have been violated .

Legal contracts, however, are open to interpretation. Human languages, though aiming for precision, rarely mean precisely the same thing to two different people regardless of the similarities in their knowledge base. Therefore, documents written in human languages require concomitant human interpretation and intervention as a result. This is not only expensive (consider the length of some legal cases) but also opens the possibility that a biased third party may interfere with objective decision making. Is there a way to establish agreements that not only lead to consistent behavior amongst non-trusting parties but that also do not need a third party to enforce every contract?

This is where smart contracts come in. Smart contracts capture the concept of formally describing agreements in a mathematical language. As opposed to traditional legal contracts, smart contracts are written in code, and interpreted and executed by machines. By using a computer language instead of a human language to write smart contracts, the behavior of the contract is now predictable. Unlike a human language, computer languages are not open to interpretation; anything expressed within a computer language will be interpreted the same way by any correctly behaving computer. Hence, smart contracts provide not only unchanging methods to express legal ideas and commitments but also remove human expense and error from the equation. Additionally, institutional organizations are no longer required to mediate situations. Instead, with any trusted computer, the contracts terms can be interpreted and executed all in one.

However, there is one problem; legal contracts rely on third parties for interpretation and enforcement. When it comes to smart contracts, who or what is responsible for determining the final truth? Sure, it must be a computer, but whose? Yours? Mine? The governments? A companys? Whatever computer is trusted with the task of running a smart contract must not be subject to manipulation by any other party with skin in the game either. If they are, then the whole point of a smart contract is defeated, since the terms of the agreement can be violated by a fraudulent third party. Unless a trusted third party exists to enforce all these computations, smart contracts lose their assumed reliability .

It wasnt until the advent of blockchain technology that smart contracts became feasible at a large scale. With blockchains, computation can be performed between untrusting peers without the risk of interference, as all computations within a public blockchain network such as Bitcoin and Ethereum are performed by thousands of different entities. These entities can trust that the messages they are sharing between each other are legitimate because each entity verifies that the messages they receive follow the strict rules of the peer to peer network. Hence, any two people who want to set up a smart contract can use the blockchain as the trusted third party, since manipulating blockchain networks requires claiming control of a majority of the voting power in the network, a difficult task to do.

Now, by integrating smart contracts into blockchains, weve achieved a way to make formal agreements accessible to anyone. However, there is one last caveat to tackle: what happens if theres a bug in our code? After all, the purpose of smart contracts is to remove the need for human intervention. However, in the presence of a bug, we hit a troublesome roadblock. A question arises: is the bug analogous to a loophole in a legal contract, undesirable but allowed? Or does this bug need to be resolved, by, say, another authority? If avoiding human intervention, then the answer must be that the bugs are respected as part of the agreement, and that the responsibility for due diligence lies on the authors of the contract and participants in the agreement rather than on refuting the terms of the agreement after the fact. This all boils down to a single question, and the purpose of this book: how do we ensure these agreements are written correctly?

Smart contract security exists precisely to ensure that smart contracts are written in a way that matches expectations, through what are known as smart contract audits. A smart contract audit is a thorough inspection of an individual smart contract or smart contract project to help ensure that the code cannot misbehave in any way or be misused by an attacker. This means not only looking for common computer science vulnerabilities such as integer overflow and memory mismanagement, but also more involved vulnerabilities often encountered in systems programming, such as race conditions. In addition to software vulnerabilities, smart contract audits must also investigate game theoretical security, avoiding misalignment of incentives which could allow an actor to gain an unfair economic advantage even though theyre technically following contract logic.

Through smart contract security, it is possible to secure agreements for all kinds of industries and groups around the world, as described further in the following sections.

A smart contract is an application of blockchain technology. It is software that codifies business logic and mimics the logic of a business agreement. Smart contracts do three things:

1. They store rules and agreements made by several parties;
2. They automatically detect when certain conditions have been met; and
3. They self-execute an agreement based on conditions they automatically detect.

Because smart contracts are decentralized and running on blockchains, they minimize the need for intermediaries such as banks, brokers, lawyers, courts, escrow agents, and corporations to guarantee execution.

The concept of smart contracts was first described in 1994 by Nick Szabo, an American cryptographer and programmer, long before blockchain technology came into existence in 2009 . He defined smart contracts as a set of promises, specified in digital form, including protocols within which the parties perform on these promises. Szabos idea could not be actualized in 1996 because the necessary technologies, in particular decentralized computation platforms, did not exist.

In 2009, the first cryptocurrency, Bitcoin, was introduced . This marked the first time that decentralized blockchain technology was ever used. Although innovative, the Bitcoin blockchain only allows simple transactions to take place: transferring bitcoins from one party to another. The programming language for the Bitcoin blockchain, Script, intentionally provides a small range of features and is not capable of supporting complex business logic. Script is not Turing-complete, meaning that it is incapable of performing generic kinds of computation such as loops. Nevertheless, Bitcoin provided the foundation for developing smart contracts and the technology necessary to secure them.