Between 2013 and 2014, Vitalik Buterin introduced the Ethereum whitepaper proposing the use of blockchain to store programs. Users could invoke these programs on nodes, allowing them to automatically execute transactions as agents of the creators without human involvement, known as smart contracts. Buterin believed this mechanism was secure enough to conduct programmatic transactions, but it turned out to be a billion-dollar mistake. In 2020 alone, smart contract security issues led to the evaporation of $90 billion worth of crypto assets.
In Ethereum and its many imitators, each smart contract manages its own ledger of issued tokens. This means that there is not just one ledger on these blockchains. The native coin has one ledger, and each type of token has its own ledger. Are they all decentralized ledgers? There is no dispute over the ledger of the native coin, but when it comes to token ledgers, we need to examine what truly constitutes decentralization.
Decentralization refers to each bookkeeper (miner) independently deciding the content of the ledger they record, rather than mechanically copying someone else’s ledger. This independence includes deciding whether each transaction is legitimate and therefore should be recorded. As long as there are no more cheaters than honest participants in the network, illegal transactions can be prevented from becoming the consensus of the blockchain network, thereby safeguarding asset security. If miners in a blockchain lack the ability to independently decide on the legitimacy of each transaction, then the blockchain is not decentralized. Miners would have to rely on a centralized authority to determine the legality of each transaction, resulting in all ledgers being controlled by a central entity that can arbitrarily decide the ownership of assets, thus failing to provide security guarantees for users. Contrary to this, in Ethereum’s smart contract transaction model, the ledger of smart contract tokens is managed by the contract, not the miners. Each contract is issued by a single project party. While miners record the data generated by the contract, they do not understand this data; they only record what the contract instructs them to. This essentially turns all miners from bookkeepers into pens, with the project party controlling these pens. Therefore, the ledgers of these tokens are not decentralized but centralized, making them highly insecure.
Even Ethereum’s smart contracts cannot be considered contracts. Yes, contracts can be executed by programs, but not every program execution constitutes a contract. Additional conditions must be met to constitute a contract. For a blockchain serving as a decentralized ledger, it is crucial that transactions are verified. As Satoshi Nakamoto said: “Don’t trust, verify.” This is the fundamental principle of blockchain, and any violation of it will inevitably lead to security issues. However, Ethereum does not verify the results of smart contract transactions but only the execution process of smart contracts. When a user invokes a smart contract in Ethereum, the node executes the smart contract, and as long as the smart contract returns successfully, the node deems the transaction legal and records it. What issues does this model present? After all, smart contract calls are initiated by users; shouldn’t they accept the results of these calls? This is the Ethereum way of thinking.
Legally, a contract is formed when both parties agree. Both parties must reach an agreement on each other’s contributions and benefits for the contract to be valid. So, when users invoke smart contracts, what are they agreeing to? Are they accepting any results generated by the smart contract, or the results claimed by the contract issuer? The majority of users are not programmers and cannot predict how programs will run, so clearly, they are agreeing to the results claimed by the contract issuer. However, Ethereum cannot verify whether the execution results of smart contracts are consistent with the user’s expectations (i.e., the results claimed by the contract issuer) because Ethereum nodes do not have this information. Therefore, every smart contract transaction recorded in Ethereum only proves that “the smart contract produced such results” and not that “both parties agreed to such results.” Confusing these two can have fatal consequences.
To make matters worse, Ethereum stores the results of smart contract transactions as the contract’s data. In other words, assets obtained from smart contracts are recorded in the contract’s ledger itself, not in a public ledger. Ethereum nodes do not verify the transfer of these assets. The transfer of these assets is handled and verified by smart contracts. Users cannot directly control these assets; it is the smart contract that controls them. This is essentially giving thieves an open invitation. Therefore, Ethereum users are at the mercy of smart contracts, with no security guarantees in the face of smart contracts. There is no transaction security because Ethereum cannot ensure that the results of contract execution meet user expectations. Moreover, there is no security in asset storage because smart contracts can transfer user assets without their consent.
As a result, Ethereum has experienced multiple security incidents related to smart contracts since its launch. In contrast, Bitcoin has never experienced security incidents. Most believe that security issues with smart contracts are due to developer errors and negligence. Efforts have been made in the industry to standardize the smart contract development process, formally verify smart contracts, conduct code security audits, and develop secure smart contract languages. However, the security issues with smart contracts fundamentally stem from the industry’s misunderstanding of decentralized contracts and the improper transaction models that result from it since Ethereum’s release. Resolving this issue can eliminate the majority of security issues with smart contracts to date. Without addressing these problems, all current efforts cannot eliminate the security risks of smart contracts.