Smart contracts represent the next step in the evolution of blockchain technology from a transaction protocol to a utility with many use cases. Smart contracts provide a worthwhile solution in instances where there are frequent transactions that occur among several parties along with a variety of manual tasks or duplicative tasks that would otherwise be performed by third-party intermediaries.
However, implementing smart contracts also comes with a number of risks. It is important to understand these considerations when evaluation potential applications for your business. Here are the potential pitfalls of smart contracts that you should be aware of.
No Standardization
Currently, there are no standards that smart contract protocols must adhere to. With a range of languages for smart contracts, including Solidity, C#, and Java, smart contracts must become standardized if they are to become more mainstream.
While this is something that the entire industry must work toward, getting developers on board is a serious limitation at this point. Even the most well-known and well-funded blockchain projects are struggling to find developers who are proficient in Solidity, Ethereum’s contract-oriented programming language for writing smart contracts.
Unintended Consequences After Deployment
In order to protect your business, you have to be 100% sure that your smart contracts can not be undertaken by using legally binding traditional contract mechanisms. Remember, smart contracts can not be modified after they are deployed.
As a result, your business will be left to deal with unexpected behaviors or unintended consequences of the smart contract. One way you could try to protect your business from these issues is to include get-out or cessation clauses within the smart contract.
However, unless you’re explicit in regards to the parties that are permitted to invoke them you could also create unintended consequences that result in your business becoming more vulnerable to exploitation. Therefore, you must make certain that the code of a smart contract has been extensively tested before the smart contract is deployed.
A prime example of a smart contract failure occurred in 2016 when the Decentralized Autonomous Organization (DAO) announced that a hacker triggered a recursive send vulnerability in an Ethereum smart contract which resulted in a total loss of $150 million and the birth of the first Ethereum fork.
Security Vulnerabilities
While the address and code of a smart contract can not be modified since it is permanently written on the blockchain, there are security vulnerabilities that can put the execution of a smart contract at risk. Given that it could take literally thousands of years to uncover all of the potential vulnerabilities of smart contracts, security is paramount.
In addition to the DAO attack, in July 2017, users of the Parity wallet were exposed to a hack which ended up costing users about 30 million dollars. This was the result of a combination of both insecure visibility modifiers, as well as, the misuse of delegate call with arbitrary data.
A user managed to remove the library code which froze the funds in all Parity multi-sig wallets deployed after July 20, 2017. This hack is only one of many examples of the known exploits in the Solidity code.
While a hard fork is often recommended for reversing the consequences of a hack, the potential legal ramifications are enormous. In addition, a hard fork might not work in every instance, especially if the developers can not gain a consensus in favor of a hard fork.
Smart Contracts May Not Be Legally Enforceable
When it comes to contract law, in most countries the concept of a “smart contract” simply does not exist. That is because smart contracts by nature can not deal with ambiguity which is a major reason why they may not be considered as legally enforceable in many jurisdictions.
Some of the issues that smart contracts present are ones that the contract law has not yet determined. For example: Who are the parties? What was the exact agreement? Was there mutual consideration? Did a strategic breach of contract occur? Were there good faith efforts to mitigate or excuses made for a breach? Did the smart contract only deliver partial performance?
In addition, a contract might also be considered void if it contains provisions that are in direct violation of existing public policy. In fact, Andrew Glidden, a JD student at the University of California, Berkeley, argues that smart contracts should not be considered as contracts but simply evidence that a contract exists.
The Race to Connect Smart Contracts to the Real World
Although there are many issues that still need to be resolved with smart contracts, all of these drawbacks are evidence of a technology that is still in its early stages. Smart contracts still offer many advantages including speed, the lack of potential third-party interference, reliability, time and cost savings, and the removal of the human error factor.
Naturally, many other businesses have already come to the same conclusion: the potential benefits of smart contracts vastly outweigh the risks. That means the time to hire smart contract developers is now. With the right approach, your business can start to reap the benefits of smart contracts in the near future.
We here at Achievion are world-class at helping connect you with the blockchain development talent that you need to grow. Just fill out our contact form, and we’ll be happy to review your project to see if we can help!