Developing a smart contract is just as hard as building an aircraft control system, says blockchain expert Mihail Sotnichek. And these words are 100 percent true: there are too many risks and weak spots that developers simply forget about. In this post, Mihail gives you five expert security tips on writing smart contracts.
Understanding smart contracts
A smart contract is a program that executes automatically when predefined conditions are met.
With the increasing popularity of smart contracts, more and more industries are adopting this protocol. Use cases can be found in industries including banking, insurance, and IoT. Figure 1 below shows the most common uses for smart contracts.
Smart contracts can be simple or complex and have two, three, or even more parties. Based on their application, smart contracts can be divided into four large groups (see Figure 2).
Since the terms of a smart contract agreement are written directly into the code, smart contracts can securely transfer funds or data between parties to an agreement without requiring mutual trust. The involvement of regulators and intermediaries is also unnecessary.
For this to work, however, a smart contract has to be 100 percent secure and contain zero bugs in its code. On the plus side, these contracts are implemented within blockchains and therefore possess characteristics of blockchains:
- Distributed – Like regular transactions on a blockchain, smart contracts are validated (or blocked) by everyone in the network.
- Immutable – By design, smart contracts are supposed to be impossible to change or tamper with after release.
In addition, smart contracts have their own advantages.
Benefits of smart contracts
Among all the possible reasons people trust smart contracts, we want to focus on the four most important.
Let’s look closer at each of these advantages:
- Transparency – Just like regular transactions on a blockchain, smart contracts are fully visible to network users. All concerned parties can see the terms and conditions of the agreement.
- Cost efficiency – Smart contracts remove the need for additional validation of the agreement so you don’t have to waste your money on extra fees.
- Accuracy – The terms of the agreement are written into the code, and smart contracts follow these terms without any exceptions.
- Trust – The main idea behind smart contracts is that they can only execute if certain circumstances are met, leaving no space for fraud and manipulation.
Bot how secure are smart contracts? Unfortunately, they’re still prone to different vulnerabilities. Some of these vulnerabilities stem from the blockchain protocol, although programming mistakes, compiler errors, protocol bugs, and hacker attacks can also cause serious damage to a smart contract’s security.
In the next section, we give a brief overview of the six most popular smart contract platforms and some of their security issues.
Smart contract platforms
Currently, there are several dozen blockchain networks that support smart contracts. We’ll focus on the six most popular and widely used ones:
These platforms use different programming languages, tokens, and consensus algorithms. These differences inevitably lead to various security issues and vulnerabilities. Some blockchains have already experienced significant losses due to hidden smart contract vulnerabilities or mistakes in the code of a smart contract.
Ethereum, for instance, had to perform a hard fork back in 2016 because of the DAO hack. The reentrancy vulnerability exploited by hackers cost DAO members around $50 million. In NEO, one of the main weaknesses hides in the NEP-5 tokens. And in EOS, one of the most recently discovered smart contract security issues was the EOS node remote code execution vulnerability. To learn more about different smart contract and blockchain vulnerabilities, check out our blockchain blog.
The table below summarizes the main features of each of these six platforms.
Table 1. Comparison of smart contract platforms
|Tokens||ERC-20, ERC-223, ERC-777||EOSIO||NEP-5||Bitcoin||ADA||No tokens|
(currently transitioning to a hybrid PoW/PoS algorithm)
|DPoS||dBFT||PoW||Ouroboros (PoS)||No-op, PBFT, SIEVE|
You can see just how different all these blockchain networks are. So it should come as no surprise that they also have different security issues and vulnerabilities that you need to take into account. However, our blockchain expert Mihail Sotnichek has five smart contract security tips you can use to improve the quality of your code.
Five expert tips on improving smart contract security
Since smart contracts are basically just very specific programs, the main goal of developers is to ensure the accuracy and security of their code. Here are some best practices for smart contract development.
1. Be careful with extra functionality
The rich functionality of smart contracts is one of the reasons why platforms like Ethereum and EOS are so popular. This functionality, however, often comes at the price of security, says our blockchain expert Mihail.
When working with protocols that support complex, multifunctional smart contracts, you must follow the best practices of the corresponding blockchain networks. Otherwise, you risk adding fatal vulnerabilities to your code.
Some networks, like Zilliqa and Cardano, help developers improve the security of their code by adding more restrictions to smart contracts. And while these restrictions may reduce contract functionality, the additional control improves contract security. In addition, when working with these networks, you can create automatic validation tools contracts to get a 100 percent guarantee of your smart contract safety.
2. Choose your programming language wisely
One of the reasons why many blockchains invent their own programming languages is to reduce the number of possible bugs and errors in code. When working with popular programming languages, even experienced developers aren’t immune to making mistakes. There are just too many factors to keep in mind, including problems with the interaction between the language, the compiler, and the blockchain.
On the other hand, there are less complex programming languages that have simpler semantics, like the Scilla language that’s used for writing Zilliqa smart contracts. The simplicity of languages like Scilla makes it much easier for a developer to avoid programming mistakes when writing a contract.
But no matter what language you choose, remember to follow the best practices according to the developers of the language and the blockchain you’re working with. For instance, here you can find best practices for Ethereum smart contracts, and here are recommendations for writing secure smart contracts for the EOS platform.
3. Use blockchain-specific development practices
Even though smart contracts can be classified as a type of software, they require development practices that take into account the specifics of blockchain technology. According to Mihail, the price of a development mistake in a blockchain in general (and in smart contracts in particular) is much higher than in other software solutions. In this field, you can’t just move fast and break things. Otherwise, you risk making lots of critical errors that could have been easily avoided.
For instance, mechanisms of most blockchain networks allow calling the code of a contract in an unexpected way. Inexperienced developers may leave this issue out of a probability and write vulnerable code.
4. Remember that testing and security audits are vital
Just like with other software, you can’t foresee everything when developing a smart contract. That’s why running preliminary tests is a must.
Mihail suggests using all the testing options available, from using unit tests to cover basic contract functionality to releasing your smart contract on a test network first. This way, you can significantly increase your chances of finding critical errors in your code while you’re still able to fix them.
Since many blockchains use their own languages for writing smart contracts, you’ll have to use network-specific frameworks for each blockchain. In Ethereum, for instance, you can use the Truffle framework, and in EOS you can choose EOSFactory or GTest.
Security audits are another necessary measure for ensuring a high level of security for your smart contracts. This is the case firstly because professional auditors can not only detect possible flaws in your code but also give you some valuable advice on how to fix and optimize it.
Secondly, having a few people from outside your project take a look at the code gives you a fresh perspective. Consider hiring an independent penetration testing team and offering a bug bounty to make this process a bit faster.
5. Use additional testing tools
Additional testing can’t harm your smart contracts. Since each blockchain network has its own set of specific tools, we’ll give you some examples of the most popular ones for Ethereum.
Here are tools that can help you improve the security of your Ethereum smart contracts:
- Test coverage analyzers – In Ethereum, you can use solidity-coverage for testing and code coverage of contracts written in Solidity.
- Linters – Use specific tools to analyze your code for any potential bug, error, and suspicious construct and flag them. You can also use specific tools for running static and dynamic analysis of your contracts. In Ethereum, you can use the open-source security analyzer Mythril Classic and the Solidity linter solhint for validating both the style and security of your code.
- Formal verification – K Framework is one of the tools you can use for formally verifying smart contracts on several platforms, including Ethereum and Cardano.
- Symbolic execution – Tools like Manticore can be used for testing your smart contracts for any potential bugs and vulnerabilities in code logic.
The set of preferred tools for security audits and testing varies from blockchain to blockchain. Small and young smart contract platforms might not have any specific tools yet.
Smart contracts are a popular solution with lots of benefits: they’re trustworthy, accurate, and more cost-efficient than traditional legal contracts. But just like any other program, a smart contract is prone to code errors and hidden vulnerabilities.
There are many factors that can affect the security of a smart contract: what blockchain network you work with, what programming language you use, and what testing tools you use. To improve the security of smart contracts, follow the best practices for the particular language and platform you’re using and test your contract before releasing the final version.
At Apriorit, we have a team of professional blockchain developers and security testers who can help you improve the security of smart contracts on any platform. Get in touch with us and we’ll get back to you shortly.