Between 2013 and 2014, Vitalik Buterin introduced the Ethereum white paper, proposing the use of blockchain to store programs. Users could invoke these programs on nodes, allowing the programs to automatically execute transactions on behalf of the creators without human intervention. This concept became known as smart contracts. Buterin believed this mechanism was secure enough to conduct programmable transactions, but this assumption proved to be a multi-billion-dollar mistake. In 2020 alone, security issues with smart contracts led to the disappearance of $90 billion worth of cryptocurrency assets.
In Ethereum and among numerous imitators, each smart contract manages its ledger of issued tokens. This means that there is not just one ledger on these blockchains; the native coin has one ledger, and each token has its own ledger. Are they all decentralized ledgers? There is no dispute regarding the ledger of the native coin, but when it comes to token ledgers, we must examine what truly constitutes decentralization.
Decentralization refers to each bookkeeper (miner) independently deciding on the content of their respective ledgers, rather than mechanically duplicating someone else’s ledger. This independence includes independently determining the legality of each transaction, thereby deciding whether to record it. As long as fraudulent actors do not have the upper hand in the network, this method can prevent illicit transactions from becoming the consensus of the blockchain network, thereby safeguarding asset security. If miners in a blockchain lack the ability to independently decide on the legality of each transaction, then the blockchain is not decentralized. Miners must rely on a centralized authority to determine the legitimacy of each transaction, resulting in all ledgers being controlled by a single center that can arbitrarily decide the ownership of assets, rendering the blockchain unable to provide security guarantees for users. In Ethereum’s smart contract transaction model, the ledgers of smart contract tokens are managed by the contract itself, not by miners. Each contract is issued by a single project party, and although miners record the data generated by the contract, they do not understand this data; they simply record what the contract demands. This transforms all miners from bookkeepers into mere pens, with the project party controlling these pens. Therefore, the ledgers of these tokens are not decentralized but rather centralized, making them extremely insecure.
Ethereum’s smart contracts cannot even be considered contracts. Yes, contracts can be executed by programs, but not every program execution constitutes a contract. Additional conditions must be met for a program’s execution to qualify as a contract. For a blockchain serving as a decentralized ledger, it is crucial that transactions undergo verification. As Satoshi Nakamoto said, “Don’t trust, verify.” This is a fundamental rule of blockchain; violating it at any time will inevitably lead to security issues. However, Ethereum does not verify the transaction results of smart contracts; it only verifies the execution process of smart contracts. In Ethereum, when users invoke smart contracts, nodes execute the contracts, and as long as the smart contract returns successfully, the node deems the transaction legal and records it. What is the problem with this model? After all, smart contract calls are initiated by users; shouldn’t they accept the results of the smart contract calls? This is the mindset of Ethereum.
Legally, a contract is formed when both parties agree. Each party must agree on what each party contributes and receives for a contract to be valid. So, when a user invokes a smart contract, what are they agreeing to? Are they accepting any results generated by the smart contract or the results claimed by the contract issuer? Most users are not programmers and cannot know how a program will run; clearly, they are agreeing to the results claimed by the contract issuer. However, Ethereum cannot verify whether the execution results of smart contracts match the user’s expectations (i.e., the results claimed by the contract issuer) because Ethereum nodes do not have this information. Therefore, each smart contract transaction recorded in Ethereum only proves that “the smart contract produced such a result” rather than “both parties agreed to such a result.” Confusing these two can have fatal consequences.
What’s worse is that Ethereum stores the transaction results of smart contracts as data for the contract. This means that the assets a user receives from a smart contract are recorded in the smart contract’s ledger itself, not in the public ledger. Ethereum nodes do not verify the transfer of these assets; it is the smart contract that handles and verifies the transfer. Users cannot directly control these assets; it is the smart contract that controls them. This is essentially an open invitation to theft. As a result, Ethereum users are at the mercy of smart contracts, with no security guarantees in their interaction with smart contracts. There is no transaction security because Ethereum cannot ensure that the results of contract execution align with user expectations. There is also no security in storing value because smart contracts can transfer user assets without their consent.
Therefore, since its release, Ethereum has experienced several security incidents related to smart contracts. In contrast, Bitcoin has never experienced security incidents. It is widely believed that the security issues with smart contracts are caused by developers’ errors and negligence. Therefore, the industry has made significant efforts to standardize the smart contract development process, perform formal verification on smart contracts, conduct code security audits, and develop secure smart contract languages. However, fundamentally, the security issues with smart contracts are a result of the industry’s misunderstanding of decentralized contracts since Ethereum’s launch and the inappropriate transaction models that have arisen from it. Addressing this issue can eliminate the majority of security issues with smart contracts to date. Without addressing these issues, all current efforts will ultimately fail to eliminate the security risks associated with smart contracts.