“The blockchain is perfect; it is the most secure way to transact; able to send money anywhere on the planet in minutes for a fraction of the cost of traditional methods.” Until it fails. What happens when the blockchain fails? Well, Ethereum (ETH) has a 0.36 percent fail rate.
Digging into Perfection
The blockchain has been glorified for its security, transparency, ease of use and true perfection in the technological world. However, does it ever fail?
Researchers recently studied one million Ethereum (ETH) contracts and state that 3,686 were broken. This fail rate may seem like a minuscule amount as it would give ETH a 99.64 percent success or an A+ in any school in the world. However, this small rate of broken contracts could cost into the millions of dollars for those transferring funds across the network. Unsurprisingly the cause of the issue is not the ETH blockchain, but the humans programming it.
In the report titled, ‘Finding the Greedy, Prodigal, and Suicidal Contracts at Scale,’ multiple famous blockchain experts reviewed one million ETH contracts. These experts included; Ivica Nikolic from the School of Computing in Singapore, along with her colleague Prateek Saxena, and Aashish Kolluri. Other renowned authors of this report include Illya Sergey from the University College London, United Kingdom, and Aquinas Hobor from Yale-NUS College and School of Computing.
The authors are not just your average developers but leaders in both the blockchain and technology field. The fact that they took the time to do this demonstrates the importance of understanding what failed and broken transactions mean for a blockchain and its users.
The researchers discovered there were multiple different types of “broken” contracts. Each of these flawed contracts were divided into three categories to summarize their issues:
- Greedy Contracts: Simply put, can be manipulated to lock away the ETH in it,
- Prodigal Contracts: A contract that can be manipulated to release ETH to another address than the one provided to it. This can either be carelessly or intentionally,
- Suicidal Contracts: A contract that can be “killed” by an outsider.
The name says it all, “Greedy.” A Greedy Contract does not wish to release the held ETH. The risk is that all the ETH in the contract may be frozen indefinitely. The study found many examples in this of contract addresses that could receive ETH but had no way of transmitting them.
When the contract received the ETH, they would be “lost” as there would be no way for them to be sent to another address; this usually happens by accident or through malicious intent (why would an individual want to freeze their ETH on a contract address that cannot transmit?). There would be very little reason to do this except by accident or to sabotage.
In most situations, smart contracts on the ETH network will eventually need to release funds. Most of the Ethereum Games are smart contract-based where a player can either “win” or “purchase” the item, but if no sale or win occurs the funds will be sent back to the original user.
Prodigal Contracts are flawed in the sense that an unrelated address can find a way to withdraw funds without a valid reason within the smart contract. Such a withdrawal results in a loss of funds from the sender with the receiver having never received the expected transaction.
“Kill switches” are relatively common in smart contracts, and are used if the contract is malfunctioning, was issued accidentally, or any other issue has presented itself. However, sometimes they malfunction to the degree that impairs the entire contract.
Parity is the most commonly named example of a suicidal contract. What happens is the system does not set proper permissions for what triggers the kill switch, which would let any individual familiar with the blockchain manipulate the smart contract. Not so smart for a smart contract!
Parity Case Study
Parity is an ETH-based wallet that many individuals used, and still do use which can hold tokens on an online platform allowing the user to possess their hard keys. The online platform enables the user to supposedly remain in control of their tokens and their transferability at all times.
However, there was a major issue. A developer either accidentally or deliberately (depending on who you ask) killed the Parity library contract. The research group would call this a “suicidal contract.” Parity wallets were also “greedy,” this created a situation where the ETH ended up being permanently frozen. The programming glitch of epic proportions resulted in hundreds of millions of dollars in lost ETH.
The Parity system relied on multiple contracts which resulted in this ETH incident having both Suicidal Contracts and Greedy Contracts. Parity’s library contract would have considered being Suicidal while their wallet contract was deemed to be Greedy.
Solidity: The Language of Ethereum
The Ethereum blockchain is unique as it uses the coding language called Solidity. The biggest downside to using an advanced language such as Solidity is that programmers need to learn an entirely new language to create ETH-based contracts. Any mistake in the code can lead to an unforeseen error or can be intentionally inserted for later nefarious purposes. Considering the value of ETH, a mistake that freezes or allows the removal of ETH can be exceptionally costly.
Parity is famous for having one of the most expensive coding mistakes in history, but while coding languages are be grasped there will always be a learning curve where mistakes are made. Solidity is a useful language to master for coding on the Ethereum network, but anything less than mastery of it leads to adverse consequences.
Conclusion: A 99.6 Percent Success Rate is Pretty D*MN Good!
In almost any scenario a 99.6 percent success rate would be considered well above average. However, if that less than a half percentage can lead to millions in losses the success rate needs to be 100 percent. Studies like this will help developers understand the issues faced when using Solidity and where the biggest flaws exist in contracts. The researchers had an original goal to find bugs and errors in programs before they can be exploited. They succeeded in this goal while also categorizing a group of flawed contracts that had not previously been labeled.
Ethereum is not the easiest network to code on as the programmer must learn the entirely new language of Solidity. Critics of ETH highlight how cryptocurrencies like Cardano, DRGN, EOS, ICX, NEO, and Stratis bring more user-friendliness or allow the smart contracts to be programmed in languages the developers are already familiar with.
Hopefully, the thorough research revealed the inherent flaws in ample time to be fixed before they negatively impact more users. ETH had a very strong 2017, but with competition coming from every angle in 2018 the waters may be more choppy. ETH is the market leader in both ICO platform launches and Dapps so even with the competition they have already attained a better chance at mass market adoption.
Look at ETH like a blue chip in the cryptocurrency space. A great long-term play, but less likely to be a top percentage gainer for 2018.
To read the King’s prior articles, to find out which ICOs he currently recommends, or to get in contact directly with the King, you can on Twitter (@JbtheCryptoKing) or Reddit (ICO updates and Daily Reports).