Between 2013 and 2014, Vitalik Buterin introduced the Ethereum whitepaper proposing the use of blockchain to store programs. Users could invoke these programs on nodes, allowing the programs to automatically execute transactions as agents of their creators without human intervention. This concept gave birth to smart contracts. Buterin believed this mechanism could safely facilitate programmatic transactions. This assumption proved to be a multi-billion-dollar mistake by 2020, as security issues with smart contracts led to the evaporation of 90 billion dollars’ worth of crypto assets.
In Ethereum and its numerous imitators, each smart contract manages its own ledger of issued tokens. This means that there is not just one ledger on these blockchains. The native coin has one ledger, and each token has its own ledger. Are they all decentralized ledgers? The ledger for the native coin is undisputedly decentralized. However, when it comes to the ledgers for tokens, we need to consider what truly defines decentralization.
Decentralization refers to each bookkeeper (miner) independently deciding on the content of their recorded ledger, rather than mechanically copying someone else’s ledger. This independence includes determining whether each transaction is legitimate and should be recorded. As long as fraudulent actors do not have the upper hand in the network, preventing illegal transactions from becoming the consensus of the blockchain network in this manner can protect asset security. If miners in a blockchain lack the ability to independently decide the legitimacy of each transaction, then that blockchain is not decentralized. Miners would have to rely on a centralized authority to determine the legality of each transaction, resulting in all ledgers being controlled by a single entity. This central authority could arbitrarily decide asset ownership, compromising the security guarantees for users. In Ethereum’s smart contract transaction model, the ledgers for smart contract tokens are managed by the contracts themselves, not by miners. Each contract is issued by a single project party, and while miners record the data generated by the contract, they do not understand this data. Miners simply record what the contract demands. This effectively turns all miners from bookkeepers into mere recorders, with the project party behind the contract calling the shots. Therefore, the ledgers of these tokens are not decentralized but rather centralized ledgers, which is highly insecure.
In Ethereum, smart contracts cannot even be accurately labeled as contracts. Yes, contracts can be executed through programs, but not every program execution constitutes a contract. Additional conditions need to be met for a program’s execution to be considered a contract. For a blockchain functioning as a decentralized ledger, one crucial requirement is that transactions must be validated. As Satoshi Nakamoto famously said, “Don’t trust, verify.” This principle is a fundamental rule of blockchain, and any violation of it inevitably leads to security issues. However, Ethereum does not validate the transaction results of smart contracts; it only validates the execution process of smart contracts. When users call smart contracts in Ethereum, nodes execute the contracts, and as long as the smart contract returns successfully, the node deems the transaction legitimate and records it. What are the implications of this model? After all, smart contract calls are initiated by users, so shouldn’t they accept the results of these calls? This is the Ethereum way of thinking.
Legally speaking, a contract is only valid if both parties agree. Both parties must agree on the contributions and benefits of the contract for it to be valid. So, when users invoke smart contracts, what are they agreeing to? Are they accepting any results generated by the smart contract, or the results claimed by the contract issuer? Since the majority of users are not programmers and cannot predict how a program will run, it is evident that they are agreeing to the results claimed by the contract issuer. However, Ethereum cannot verify whether the execution results of smart contracts align with the users’ expectations (i.e., the results claimed by the contract issuer) because Ethereum nodes lack this information. Therefore, each recorded transaction of a smart contract in Ethereum only proves that “the smart contract produced such results,” not that “both parties agreed to these results.” Confusing these two concepts can have fatal consequences.
Furthermore, Ethereum stores the transaction results of smart contracts as data for the contracts. In other words, assets acquired by users from smart contracts are recorded in the contracts’ own ledgers, not in the public ledger. Ethereum nodes do not verify the transfer of these assets; it is the smart contracts that process and validate these transfers. Users cannot directly control these assets; it is the smart contracts that control them. This is essentially inviting theft. Consequently, Ethereum users are at the mercy of smart contracts, with no security guarantees in their interactions. There is no transaction security because Ethereum cannot ensure that the results of contract execution align with user expectations. There is also no security in storing value because smart contracts can transfer user assets without their consent.
As a result, Ethereum has faced numerous security incidents related to smart contracts since its release. In contrast, Bitcoin has never experienced any security issues. Most people attribute the security issues with smart contracts to developer errors and negligence, leading the industry to standardize smart contract development processes, conduct formal verifications of smart contracts, perform security audits on code, and develop secure smart contract languages. However, fundamentally, the security issues with smart contracts stem from the industry’s incorrect understanding of decentralized contracts since Ethereum’s inception and the improper transaction model that follows. Addressing this problem could eliminate most security issues with smart contracts to date. Without resolving these issues, all current efforts may ultimately fail to eliminate the security vulnerabilities of smart contracts.
