Between 2013 and 2014, Vitalik Buterin introduced the Ethereum whitepaper, proposing the use of blockchain to store programs. Users could call these programs on nodes, allowing the programs to automatically execute transactions as agents of their creators without human involvement. This concept gave rise to smart contracts. Buterin believed this mechanism could securely conduct programmatic transactions. However, this assumption proved to be a billion-dollar mistake. In just 2020 alone, security issues with smart contracts led to the evaporation of 90 billion dollars worth of crypto assets.
In Ethereum and its many imitators, each smart contract manages its own ledger of issued tokens. This means that there is not just one ledger on these blockchains. The native coin has its own ledger, and each type of token has its own ledger. Are they all decentralized ledgers? The ledger for the native coin is undisputedly decentralized. However, when it comes to the ledgers for tokens, we must examine what truly constitutes decentralization.
Decentralization refers to each bookkeeper (miner) independently deciding the content of their recorded ledger, rather than mechanically copying someone else’s ledger. This independence includes deciding independently whether each transaction is legitimate and should be recorded. As long as network fraudsters are not in the majority, preventing illegal transactions from becoming the consensus of the blockchain network in this way can ensure asset security. If miners in a blockchain do not have the ability to independently decide on the legality of each transaction, then the blockchain is not decentralized. Miners would rely on a centralized authority to determine the legality of each transaction, resulting in all ledgers being controlled by a single center. This centralized center could then arbitrarily determine asset ownership, failing to provide security guarantees for users. In Ethereum’s smart contract transaction model, the ledgers for smart contract tokens are managed by the contract, not the miners. Each contract is issued by a single project party. While miners record the data generated by the contract, they do not understand this data. They merely record what the contract demands. This turns all miners into mere recorders, with the project party of the contract directing them. Therefore, the ledgers of these tokens are not decentralized but centralized, posing significant security risks.
Smart contracts in Ethereum cannot even be called contracts. Yes, contracts can be executed through programs, but not every program execution constitutes a contract. Additional conditions must be met for a program’s execution to constitute a contract. For a blockchain serving as a decentralized ledger, it is crucial that transactions are validated. As Satoshi Nakamoto said: “Don’t trust, verify.” This is the fundamental principle of blockchain, and any violation of it will inevitably lead to security issues. However, Ethereum does not verify the transaction results of smart contracts, only the execution process of the smart contract. When a user calls a smart contract in Ethereum, the node executes the smart contract, and as long as the smart contract returns successfully, the node deems the transaction legal and records it. What issues does this model present? After all, smart contract calls are initiated by users, so shouldn’t they accept the results of the smart contract calls? This is the mindset of Ethereum.
Legally, a contract is only valid when both parties agree. Both parties must reach an agreement on what each contributes and receives for the contract to be valid. So, when a user calls a smart contract, what are they agreeing to? Are they accepting any results produced by the smart contract, or the results declared by the contract issuer? The majority of users are not programmers and cannot know how a program will run. It is evident that they agree to the results declared by the contract issuer. However, Ethereum cannot verify whether the execution results of smart contracts align with the user’s expectations (i.e., the results declared by the contract issuer) because Ethereum nodes do not have this information. Therefore, each recorded smart contract transaction in Ethereum only proves that “the smart contract produced such results,” not that “both parties agreed to such results.” Confusing these two can have fatal consequences.
Moreover, Ethereum stores the transaction results of smart contracts as the data of the contract. That is, the assets users receive from smart contracts are recorded in the smart contract’s own ledger, not the public ledger. Ethereum nodes do not verify the transfer of these assets. The transfer of these assets is handled and verified by the smart contract. Users cannot directly control these assets; it is the smart contract that controls them. This is akin to leaving the door wide open for theft. As a result, Ethereum users are at the mercy of smart contracts, with no security guarantees in their interactions with smart contracts. There is no transaction security because Ethereum cannot ensure that the results of contract execution align with user expectations. There is also no security in storing value because smart contracts can transfer user assets without their consent.
Therefore, since its inception, Ethereum has experienced numerous security incidents related to smart contracts. In contrast, Bitcoin has never experienced security incidents. The general consensus is that security issues with smart contracts stem from developer errors and negligence. Thus, the industry has made significant efforts to standardize the smart contract development process, conduct formal verification of smart contracts, perform security audits of the code, and develop secure smart contract languages. However, fundamentally, the security issues with smart contracts have arisen from the industry’s misconceptions of decentralized contracts and the improper transaction models that result. Addressing this issue can eliminate the majority of security problems with smart contracts to date. Without resolving these issues, all current efforts cannot ultimately eliminate the security risks posed by smart contracts.