Blockchain projects need smarter contracts that build resilience
Smart contracts are a key foundational element of blockchain projects, ranging from decentralized finance to digital collectibles to carbon offset exchanges. Now that developers have a moment to breathe, it’s worth considering how this blockchain building block informs future projects.
Smart contracts are a bit flawed. Essentially, they are digital code that automatically performs an action if conditions are met. If you pay someone two ether, the non-fungible token (aka NFT) that proves their ownership of a digital collectible is transferred to you.
Contract Limitations
The last 18 months have shown that smart contracts currently have significant limitations, especially when it comes to legal rights. A smart contract is only as good as the developer(s) who create it and the pattern of conditions put in place to execute it.
Think about the last time you bought a house. Did you read the contract provision that describes the rights of the parties in the event of a condemnation event? The problem almost never comes up when you buy a home, but it’s usually part of the form contract to spread that risk.
This question begs the question of what level of smart contract coding is necessary to allocate varying risk between two parties? Does the smart contract have sufficient conditions for all risks that may arise? How do you determine whether a party to a contract acted reasonably?
It is very unclear. One answer is that we start using technology to increase the utility of existing smart contracts. An example could be the use of decentralized storage with a link to a license agreement. This link may be stored in the metadata that is part of the non-fungible token being sold.
It may provide the parties with permanent, unalterable access to a license agreement that sets out rights with respect to the digital asset for the parties. This technology solution can provide greater clarity around the legal rights surrounding the digital asset associated with a non-fungible token such as digital art.
The bottom line is that now is the time to identify the limitation of smart contracts and consider ways they can evolve to provide greater clarity among buyers and sellers about the terms of sale.
The impact of sanctions
The development of smart contracts has been affected by the Treasury Department acting through the Office of Foreign Asset Controls to sanction the Tornado Cash software protocol. Tornado Cash software is designed to protect the privacy of cryptocurrency traders.
In the case of North Korea, they used this software feature to hide the illegal laundering of stolen crypto funds. As a result, in an unprecedented and unusual move, OFAC sanctioned the Tornado Cash smart protocol itself. A Dutch government agency also arrested a person suspected of being a Tornado Cash developer.
The point of this story is to raise the question of how these sanctions will affect developers who want to create software protocols that respect privacy in an uncertain regulatory environment. Conversely, since cybercrime is prevalent in the industry, should emphasis be placed on developing software protocols that have features to facilitate law enforcement investigations and thereby deter crime? Many in the industry might say that goes against the decentralized and egalitarian ethos of the blockchain community.
Blockchain and Cyber Risk
Cybersecurity continues to pose significant challenges as blockchain use cases seek mainstream adoption. Not a week goes by without a significant hack on a blockchain. Since smart contracts are critical to so many use cases from non-fungible tokens to engine-driven DAOs, they are a prime target for threat actors. In the recent bull market where the need for speed to market was paramount, many developers were using existing code and not taking the time to audit the vulnerabilities in that code.
Moreover, since many projects used open source code, the same code was available for threat hackers to assess the same vulnerabilities. Security issues with open source plus valuable assets equal inevitable hacking and cybercrime. Building secure products by design is a competitive advantage as it builds trust, especially with business customers.
When you think about managing cyber risk with smart contracts the next time you get into your car, you probably don’t even think about the fact that you buckled your seat belt. That standard of behavior was not the case for your parents. What changed? Education about seat belts provides combined with changes in laws that made their use mandatory. As we consider new blockchain projects, we should create smart contract cybersecurity by designing the digital safety belt that protects the value stored in the smart contract.
While the current forecast in the blockchain industry is chilling, it also provides an opportunity to learn from the past. Recent history shows that the dot.com bust gave way to the essential internet we have today. Blockchain technology has similar potential. The question is how well the smart contract technology will develop, along with setting up the necessary regulatory guardrails.
This article does not necessarily reflect the opinion of Bloomberg Industry Group, Inc., the publisher of Bloomberg Law and Bloomberg Tax, or its owners.
Write for us: Author Guidelines
Author information
Josh Berger is Assistant General Counsel for CleanSpark, a sustainable bitcoin mining company.
Justin Daniels is an attorney at Baker, Donelson, Bearman, Caldwell & Berkowitz where he co-leads the Blockchain and Digital Assets Technology practice.