Ethereum Smart Contract: Its Strength Is Its Weakness

Ethereum Smart Contract: Its Strength Is Its Weakness

I used to read Vitalik Buterin’s name in some online magazine discussing Bitcoin and technology around it. His writings were always interesting and insightful. Not long after that, a surge jump in his career (I believe he was just a student in a uni in Canada) when he constructed a new cryptocurrency focusing on a more flexible programming capability, way over Bitcoin’s limited opcodes (operation codes).

When I first tried Ethereum, I immediately felt its difference to Bitcoin (and Litecoin, Dogecoin and several other, touted as version 1). It was hard to understand how the scripting worked. Unlike Bitcoin where you just need to produce “TRUE” as the result after evaluating the script, in Ethereum there is a completely different programming language of a smart contract (there were several of them, including Solidity the most popular one) I needed to learn, let alone its blockchain technology.

The focus of Ethereum is to provide a system where the codes are executed in a way that they can never be changed, similar to the traditional blockchain where data is supposed to be stored permanently in the blockchain. Instead of just storing regular data, the Ethereum blockchain also stores scripts or programs, and as with any other blockchain technology, the scripts and programs are permanent!

To some extent, this characteristic is beneficial for users who want to see a fair yet unchanged system where every input is treated independently regardless of any circumstances. But, as someone with a degree in cybersecurity, I really believe that this idea is flawed. Not being allowed to make bugs during programming is bad. The average bug in industry level is 15-50 bugs for every 1000 lines of code. So, if you write 300 lines of code (as in common token smart contracts), you have at least 5 bugs. Not mentioning the possibility of having a 0-day vulnerability which can happen in any layer of the system in the future.

It is hard to write a bug-free application, moreover if you use functions and libraries that were written by someone else. You cannot be sure that these libraries are bug-free and hence your application cannot be bug-free as well. There should be a way to update this smart contract without changing its openness and fairness to the users but at the same time allow the developer to fix bugs that may be in it.

Nevertheless, Ethereum and its smart contract feature have given the cryptocurrency world a useful system where groups of coders no longer need to worry about getting fund they need to develop new products, as they can sell tokens in ICOs. But there is an urgent need to solve this huge problem of avoiding having any bug in the permanent programs.

Leave a Reply

Your email address will not be published. Required fields are marked *