Don’t judge smart contracts by their name—it’ll give you the wrong idea. Smart contracts are programmed scripts that execute based on the rules within the program, but seems to hold more meaning than as an actual thing at this point. What makes them smart is their inability to be interpreted: they are a well-defined process, unlike a physical contract that lawyers might argue over. This is due to the set of rules being interpreted by an actual interpreter (most commonly the interpreter in the ). I want to very quickly be pedantic and say there is nothing about these contracts in the first place, they get their “intelligence” from this universal interpreter. If there were multiple interpreters, there could be multiple interpretations, just as if there was a single lawyer in the world overseeing all contracts there would only be a singular process.
But the real problem with these contracts is that they don’t have any failsafe: because they are run by an interpreter, not by humans, they run exactly as specified. And because (in the case of the , which contains the largest group of smart contracts and smart contract development) they run on the public , they are public themselves. This means if someone is able to find an exploit in the contract, they are able to do whatever they like with it.
The DAO Hack
On the 18th of June in 2016, a hacker out of “The DAO,” the name of a popular decentralized autonomous organization. This came just a couple of months after the organization was able to .
How?
The quick and dirty of it is that the hacker was able to transfer money from The DAO to a personal account many times with relatively small amounts in each transfer in such a way that checks were performed about the total transfer after the fact. From the first article I have listed below:
The basic idea is this: propose a split. Execute the split. When the DAO goes to withdraw your reward, call the function to execute a split before that withdrawal finishes. The function will start running without updating your balance…
That doesn’t even scratch the surface of what really happened, as it gets much more technical, and I highly recommend the two articles below:
These articles are fantastic, but I want to focus on something they gloss over a little: where does this smart contract get executed? Isn’t the reliant on trust? Couldn’t it be removed?
Confirmations and Execution
Let’s switch our view to for a second, and look at how transactions are defined there, paying close attention to confirmations.
As we can see, the transaction is first confirmed when it was added to the chain. This is because chances are it wasn’t someone with malicious intent that added it, especially when your transaction is so small. As transactions get longer though, recommends to wait for longer chains of blocks to trust the transaction.
But the payment is confirmed by the server once it is received: as balances are , and summed over all coins, just has to compare these outputs to a certain address.
Looking at smart contracts makes things a little more difficult: because the language that is Turing-complete, unlike ’s, it can perform much more interesting tasks (which is a one of ’s main selling points—and vulnerabilities). This means that something actually has to execute, unlike in which coins are simply tracked.
Well, that’s what I thought at first, but I think after research I’ve changed my mind. It seems to me that is exactly the same as in this regard, but simply performing more complex operations. Take a look at a few explanations below:
Let’s break it down into steps:
- A smart contract (transaction) is published and sent out
- Miners receive the transaction and validate it by running it
- Miners put valid transactions in a block and once a nonce is found, add that block to the chain. In doing this, they send it to the network which runs it again.
This is the same process as with transactions, except with smart contracts on the . Once one gets added to the chain, it is confirmed (and “run,” whatever that might mean).
An important point to make is that in the DAO hack, all the transactions were valid—they were added to the chain by whoever mined the next block, not by the hacker. That means that the miner just had to wait for his contract to be picked up by a miner and added to the chain; once added to the chain it would drain the DAO’s funds.
Smart contracts seem to be another case of a buzzword taking over the meaning of something. These are simply scripts that execute publicly, and come with the same requirements and restrictions as any code dealing with important things such as large sums of money. Smart contracts can be no smarter than the people who write them.
Published at Tue, 26 Feb 2019 01:08:54 +0000
