Considerations when looking at smart contracts

Potential issues and shortcomings

Martijn Dingeman Ardon
Jan 10, 2023

In our previous article, we provided a broad overview of the many compelling reasons why assets are increasingly being moved to decentralized blockchain networks. While smart contract platforms and applications have certainly brought many advantages and opportunities to the crypto space, they also present significant challenges and limitations.

In this article, we will take a closer look at these shortcomings and threats, examining the risks and limitations that smart contracts pose. By understanding these potential pitfalls, investors can make more informed decisions and navigate the complex world of decentralized finance more effectively. Ultimately, as with any investment, it is essential to fully understand both the benefits and the risks involved in smart contract platforms and applications.

Potential weaknesses of a smart-contract design
One of the biggest risks associated with smart contracts is the possibility of exploitation. Smart contracts are only as secure as the code they are built on, and even the best audits cannot catch all potential vulnerabilities. This means that there is always a risk that a smart contract could be hacked or otherwise compromised, potentially leading to significant financial losses. To address these challenges and limitations, Fourstack utilizes three distinct risk frameworks to assess the risk levels of protocols, middleware, and blockchains.

Automatic execution
Another limitation of smart contracts is their automatic execution. While this can be a benefit in many cases, it is not always better for all economic actions. For example, some transactions may need to be reversible or require human intervention to resolve disputes. Smart contracts do not offer this flexibility, which could be a limitation in certain situations.

The accuracy and reliability of smart contracts are highly dependent on the quality of their data inputs. Tampered or inaccurate data can compromise smart contract accuracy, resulting in negative financial consequences. Chainlink's decentralized oracle network provides a secure and reliable infrastructure for smart contracts to access off-chain data, ensuring accurate and tamper-proof data inputs. By leveraging Chainlink's oracle network, smart contract platforms can unlock new use cases and expand the potential of blockchain technology in various industries.

In order to address the limitation of irreversible transactions, committee-based financially incentivized decentralized nodes could potentially serve as the arbitrator to judge reversibility in certain cases. This would allow for flexibility in the execution of smart contracts while still maintaining security and trust in the system. While this is not a perfect solution, it could help to address some of the limitations of smart contracts and make them more accessible to a wider range of users.

Self-custody is a crucial aspect of using crypto and smart contracts. However, it can also be a major barrier for some users, particularly those who are not familiar with the technology or are uncomfortable with the idea of managing their own private keys. This is where committee-based oracles can play an important role. These oracles allow multiple parties to collectively retrieve and verify encrypted data, eliminating the need for a single entity to hold the user's private keys. By doing so, the risk of theft or loss is reduced, making self-custody a more viable option for a wider range of users.

Account abstraction is another promising development that could make self-custody easier and more accessible for the average user. This technology allows developers to abstract away the details of specific blockchains, allowing users to interact with decentralized applications without needing to know which specific blockchain their app is running on. This could make it easier for users to seamlessly switch between different blockchains and interact with a wider range of smart contracts, without needing to understand the underlying technology. Overall, as the crypto ecosystem continues to evolve and improve, we can expect to see better tools and interfaces that make self-custody and interacting with smart contracts easier and more accessible for everyone.

External threats and issues

Regulatory uncertainty
As smart contracts become more prevalent and complex, regulatory uncertainty remains a significant risk. Smart contracts are not explicitly addressed in most regulatory frameworks, leaving their status and legal implications uncertain. For instance, the SEC has taken a keen interest in the crypto space and has already deemed some tokens to be securities. A similar approach to smart contracts could create compliance challenges for developers and operators, limit the growth and adoption of smart contracts, and potentially create risks for users. In addition, there are currently different regulatory approaches to smart contracts in different countries. Australia, for example, is already redoing their digital asset framework. The UK has no clear strategy for regulating decentralized apps, while the US appears to take a more opaque and arbitrary approach to regulation.

Exclusionary towards older generations
While smart contract platforms have the potential to revolutionize various industries, there is a risk of leaving behind those who are not tech-savvy or who are opposed to the adoption of futuristic technology. This could create a digital divide where only certain groups benefit from the advantages of smart contracts, while others are left out. Additionally, there is a growing anti-crypto movement that views blockchain technology as a threat to established financial systems and traditional ways of doing things. 

Lacking Privacy
Privacy is also a significant concern with smart contracts. While blockchain transactions are pseudonymous, they are not truly anonymous. This means that anyone can see the details of a transaction, including the amount, sender, and receiver. While this may not be a problem for some users, others may prefer to keep their financial transactions private. Adding a privacy layer to smart contracts could help to address this limitation.

Maximum Extractable Value

Smart contracts can be subject to front-running and other types of MEV (maximum-extractable value) extraction, which can erode their value and impact. 

In the context of blockchain transactions, MEV refers to the extra profits that miners can make by exploiting information that is available to them before the transaction is processed. This can happen when miners are able to view and manipulate the order of transactions in a block, which can enable them to extract additional value.

For example, imagine a user wants to place a large buy order for a certain cryptocurrency. They submit the transaction to the blockchain, but before it can be processed, a miner sees the transaction and places a similar order of their own. This allows the miner to take advantage of the price increase caused by the user's order and sell their own holdings at a profit, leaving the user with a higher price to pay. This type of front-running can be particularly problematic in decentralized finance applications where trades are executed automatically and at a high frequency.

Smart contract platforms are highly dependent on oracle networks for providing reliable and accurate data inputs, and these oracle networks may be subject to manipulation or failure.

Smart contracts are only as good as the data they receive. Oracle networks serve as a bridge between the on-chain smart contract and off-chain real-world data. However, these networks can be vulnerable to manipulation, such as when a malicious actor provides incorrect data to the smart contract. In such cases, the contract may execute incorrectly or produce unintended outcomes, leading to potential financial losses for participants. As a general rule of thumb, if it's not Chainlink, it's not secure!

Bumps in the road
Smart contracts have many advantages and opportunities, but they also have challenges and limitations that we need to overcome. We must understand these limitations and work towards solutions that solve them so that we can fully realize the potential of smart contracts. Fourstack sees these threats and limitations as temporary and solvable problems. New design choices or protocols that solve part of these issues will not only do well but also benefit the blockchain ecosystem as whole.