Between 2013 and 2014, Vitalik Buterin introduced the Ethereum whitepaper, proposing to store programs on the blockchain, allowing users to call these programs on nodes. Through this method, programs could automatically execute transactions as agents of their creators without human involvement. This concept gave birth to smart contracts. Buterin believed this mechanism was secure enough to conduct programmatic transactions. However, this assumption proved to be a multi-billion dollar mistake. In 2020 alone, security issues with smart contracts led to the disappearance of $90 billion worth of crypto assets.
In Ethereum and its numerous imitators, each smart contract manages its ledger of issued tokens. This means that there is not just one ledger on these blockchains. The native coin has its ledger, and each token has its ledger. Are they all decentralized ledgers? The ledger of the native coin is undisputedly decentralized. However, when it comes to the token ledgers, we need to examine what truly constitutes decentralization.
Decentralization refers to each bookkeeper (miner) independently deciding the content of their recorded ledger, rather than mechanically copying someone else’s ledger. This independence includes deciding whether each transaction is legal and should be recorded. As long as dishonest actors do not dominate the network, illegal transactions can be prevented from becoming the consensus of the blockchain network, thereby ensuring the security of assets. If miners in a blockchain lack the ability to independently determine the legality of each transaction, then the blockchain is not decentralized. Miners must rely on a centralized authority to decide the legality of each transaction, resulting in all ledgers being controlled by a central entity that can arbitrarily determine asset ownership, thus failing to provide security for users. According to Ethereum’s smart contract transaction model, the ledgers of smart contract tokens are managed by the contracts themselves, not by miners. Each contract is published by a single project party, and while miners record the data generated by the contract, they do not understand this data. They merely record what the contract demands. This transforms all miners from bookkeepers to recorders, with the project party of the contract being the one commanding these recorders. Therefore, the ledgers of these tokens are not decentralized but centralized, making them very insecure.
Even Ethereum’s smart contracts cannot truly be called contracts. Yes, contracts can be executed through programs, but not every program execution constitutes a contract. Additional conditions must be met for a program’s execution to be considered a contract. For a blockchain acting as a decentralized ledger, a crucial requirement is that transactions must be validated. As Satoshi Nakamoto said: “Don’t trust, verify.” This is the golden rule of blockchain, as violating it at any time will inevitably lead to security issues. However, Ethereum does not verify the transaction results of smart contracts but only validates the execution process of smart contracts. In Ethereum, when users call smart contracts, nodes execute the smart contracts, and as long as the smart contract returns successfully, the node deems the transaction legal and records it. What are the issues with this model? After all, smart contract calls are initiated by users, so shouldn’t they accept the results of these calls? This is the mindset of Ethereum.
Legally, a contract is only valid when both parties agree. Both parties must have reached a mutual understanding regarding the contributions and gains involved for the contract to be valid. So when users call smart contracts, what are they agreeing to? Are they accepting any results produced by the smart contract or merely the results claimed by the contract issuer? The majority of users are not programmers and cannot predict how a program will run. Clearly, they are agreeing to the results claimed by the contract issuer. However, Ethereum cannot verify if the execution results of smart contracts align with the user’s expectations (i.e., the results claimed by the contract issuer) because Ethereum nodes do not have this information. Therefore, each recorded smart contract transaction in Ethereum only proves that “the smart contract produced such a result,” not that “both parties agreed to this result.” Confusing these two can have fatal consequences.
Moreover, Ethereum stores the transaction results of smart contracts as the contract’s data. In other words, the assets obtained by users from smart contracts are recorded in the smart contract’s ledger itself, not in the public ledger. Ethereum nodes do not verify the transfer of these assets. The transfer of these assets is processed and verified by the smart contract. Users cannot directly control these assets; the smart contract controls them. This setup is akin to inviting theft. Consequently, Ethereum users are at the mercy of smart contracts, with no security guarantees in the face of smart contracts. There is neither transaction security because Ethereum cannot ensure that the results of contract execution meet user expectations, nor asset storage security because smart contracts can transfer user assets without their consent.
Therefore, since its release, Ethereum has experienced several security incidents related to smart contracts. In contrast, Bitcoin has never encountered security issues. It is widely believed that the security issues with smart contracts are a result of developer errors and negligence. The industry has made significant efforts to standardize the smart contract development process, conduct formal verification of smart contracts, perform code security audits, and develop secure smart contract languages. However, the fundamental security issues with smart contracts are a result of the industry’s misunderstanding of decentralized contracts and the inappropriate transaction models that stem from it since Ethereum’s launch. Addressing this problem could eliminate the majority of security issues with smart contracts to date. Without resolving these issues, all current efforts will ultimately fail to eliminate the security risks associated with smart contracts.