On April 30, 2016, the DAO — an automated, decentralized venture capital fund — was launched on Ethereum. Less than two months later, it was hacked, and over $60 million worth of ether vanished in an instant.

The potential of new blockchain technology like Ethereum doesn’t count for much if it comes at the expense of security. Incidents like the DAO invite the question: Just how secure is the new, decentralized supercomputer that is Ethereum?

The short answer is this: Ethereum itself is more secure than you might think, but using a decentralized app or exchange that hasn’t be properly vetted could leave you and your ether compromised.

Read on for a breakdown of how best to understand the major security issues of Ethereum and its smart contracts.

“Is Ethereum secure?” is an ambiguous question

Asking whether Ethereum is secure is like asking if computers are secure: you need to be more specific if you want the question to be meaningful.

At bottom, Ethereum is a blockchain like Bitcoin’s blockchain: its mining community solves computationally complex problems in order to add new blocks to the public ledger of transactions. The functionality of Ethereum’s blockchain is different from Bitcoin’s, though: it’s designed to operate as a virtual machine that executes smart contracts, which developers can program in a Turing-complete programming language.

So, when you ask “Is Ethereum secure?”, you need to answer the further question: Are you talking about the security of Ethereum blockchain, or are you talking about the security of the smart contracts built on top of Ethereum?

Oftentimes, people will look at a high-profile hack that’s the result of a problem with smart contracts and infer that the Ethereum blockchain itself is unsafe to use. That’s a bad inference: it’s a little like pointing to scam emails and inferring that the entire internet is unsafe to use.

Making matters more complicated, Layer 2 networks, which are becoming increasingly popular, add another distinct dimension to the Ethereum ecosystem with its own security concerns. Layer 2 networks are distinct from the Ethereum blockchain, and strive to take some of the computational strain off of that main blockchain to increase its overall scalability.

For the purposes of this article, we’ll focus mostly on the infrastructure of the Ethereum blockchain and its smart contracts — but it’s worth noting that these Layer 2 networks won’t be an improvement on Ethereum if they compromise its security in the process.

To get the full picture of what it takes for the Ethereum ecosystem to be secure, we need to examine both the blockchain and smart contracts individually. Let’s start with the foundation: the blockchain that makes everything from DApps to ICOs possible.

“Ethereum hacks” usually don’t have much to do with Ethereum

Most of the high-profile “Ethereum security problems” you’ve read about — like the DAO hack — aren’t the result of vulnerabilities in the Ethereum blockchain itself. Those problems have more to do with the infrastructure of smart contracts; the blockchain, in contrast, has proven to be fairly reliable over time.

The basic concept of a blockchain — whether it’s Ethereum, Bitcoin, or something else altogether — is that no one can seize control of the network or add fraudulent blocks to the chain unless they control the majority of the network’s computational power. The economic incentives that Ethereum provides to its miners — transaction fees, along with newly minted ether, for every successfully mined block — encourages miners to act in the network’s best interests rather than trying to undermine or manipulate it.

Proof-of-stake could make the blockchain even more secure — but it’s not a sure thing

You might have heard that Ethereum is transitioning from proof-of-work mining to proof-of-stake mining. In the former model, miners race to solve computationally complex problems to add the next block to the blockchain. In the latter model, validator nodes on the network take turns proposing and validating blocks — and both the weight of a node and the size of its reward is based on the number of coins that the node is staking.

It’s natural to ask how this shift in consensus mechanism will impact network security: will this make it easier for bad actors to compromise the entire Ethereum blockchain?

There’s actually good reason to believe that proof-of-stake will make the Ethereum blockchain more secure. To take control of a proof-of-work blockchain, you need to control 51% of the computing power. To take control of a proof-of-stake blockchain, on the other hand, you need to control 51% of all the coins that are staked. It’s much more expensive to control that much ETH than it is to control that much computing power:

Proof-of-work 51% attack: according to 51crypto, a 1-hour attack on Ethereum using proof-of-work would currently cost $282,539.

according to 51crypto, a 1-hour attack on Ethereum using proof-of-work would currently cost $282,539. Proof-of-stake 51% attack: the current market cap on Ethereum is $38.67 billion, meaning that it would take $19.72 billion to control half of all ETH. Not all ETH will be staked, but if even 0.01% of ETH is staked, an attack would cost millions.

That’s not to say that proof-of-stake is categorically better than proof-of-work, and there are a lot of open questions that still need to be resolved before we can say for sure whether it’s an improvement in terms of safety.

For example: right now, many people keep their ETH and other crypto holdings directly on exchanges in order to execute trades quickly. However, if exchanges don’t explicitly adopt and enforce polcies that prevent them from doing so, they could end up staking their users’ ETH to passively generate more ETH — something roughly analogous to how banks invest the money that individuals store there. If exchanges have security vulnerabilities, this could lead to broader vulnerabilities in the Ethereum blockchain, not to mention greater risk for the users who store ETH there.

The flexibility of Ethereum smart contracts undermines their security

When it comes to cryptocurrencies, there’s a tradeoff between flexibility and security: the more degrees of freedom you give developers on your blockchain, the more risk of hacking you introduce. The smart contracts of Ethereum are an object lesson in this exact tradeoff.

The programming languages of Ethereum — most prominently, Solidity — are designed with flexibility in mind. Unlike Bitcoin, whose programming language is intentionally limited in order to serve a very narrow functionality (namely, serving as a digital store of value and digital cash) Ethereum allows developers to make virtually any kind of DApp or token they could imagine.

This flexibility has led to many of the most prominent Ethereum-related security breaches over the years. Return to the DAO hack, for example. In his postmortem on the hack, Cornell research Philip Daian said that he “would lay at least 50% of the blame for this exploit squarely at the feet of the design of the Solidity language.”

[The DAO] contract, even if coded using best practices and the following language documentation exactly, would have remained vulnerable to attack. […] [T]his was actually not a flaw or exploit in the DAO contract itself: technically the EVM was operating as intended, but Solidity was introducing security flaws into contracts that were not only missed by the community, but missed by the designers of the language themselves.

In 2016, Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli outlined 12 potential Ethereum vulnerabilities — of these 12, 6 were problems with Solidity itself (3 more were in the EVM, and 3 more in the Blockchain). They emphasize that much of the Ethereum ecosystem’s vulnerability comes directly from its programming language.

Interestingly, this vulnerability may not be solely due to the language’s flexibility, but also because its semantics make it difficult for experienced programmers to master: as Atzei, Bartoletti, and Cimoli observe, Solidity looks a lot like Javascript but doesn’t always behave like Javascript, especially with respect to domain-specific functions like recording transcripts on a public blockchain. Imagine trying to learn a language with all the same words as English, but with significantly different grammar: in many ways, that could be harder than learning a totally foreign language, since you’re constantly being forced to fight your instincts.

There’s also a more pragmatic issue to keep in mind here, which illustrates one potential downside to the “decentralization” that so many within the crypto community reify: Atzei, Bartoletti, and Cimoli point out that “the documentation of known [smart contract] vulnerabilities is scattered through several sources, including the official documentation, research papers, and also Internet discussion forums.” Even with centralized organizations and resources increasingly growing around Ethereum, learning to write smart contracts requires a kind of scavenger hunt through a wide range of websites and chat rooms. That makes it all the more challenging to master a field that’s in a constant state of evolution.

If you want to keep up-to-date on the latest smart contract vulnerabilities, consider following PeckShield, a blockchain security advisory company that publishes bugs they’ve identified in Ethereum smart contracts. They keep a running list of bugs they’ve identified — from the start of the year until now, the count stands at 30.

Before you start using Ethereum, do your homework

So, how secure is Ethereum? Well, the protocol itself is more secure than you might expect. The entire concept of blockchain technology is predicated upon the miners who maintain and propagate the network being incentivized to act in the best interests of the network as a whole. And because the network is decentralized, there aren’t intrinsic points of failure that could compromise huge numbers of network users at once — points of failure like the Equifax servers, a hack of which compromised roughly 200,000 credit cards last year.

Similar to the internet, the “points of failure” in Ethereum are in decentralized apps with security that’s not up to snuff. Think back to the early, “Wild West” days of the internet: people started building and publishing content before cybersecurity could catch up. The current state of smart contract development is a little like that. While the Ethereum blockchain itself has proven fairly reliable, the smart contracts built on top of it are still maturing, and there are bound to be more security hiccups before the space fully matures.

So, the importance of due diligence can’t be overstated: before you pick a wallet to store ether in, and before you use ether in a particular DApp, do as much research as you can. Read the code critically. Listen to what are people saying about it on Reddit? Has it experienced any security breaches in the past? In crypto, a solid knowledge base is your strongest asset. That’s how you’ll reap all the benefits of the very first DApps and ICOs without getting burned in the process.

The above references an opinion and is for informational purposes only. It is not intended as and does not constitute investment advice, and is not an offer to buy or sell or a solicitation of an offer to buy or sell any cryptocurrency, security, product, service or investment. Seek a duly licensed professional for investment advice. The information provided here or in any communication containing a link to this site is not intended for distribution to, or use by, any person or entity in any jurisdiction or country where such distribution or use would be contrary to law or regulation or which would subject SFOX, Inc. or its affiliates to any registration requirement within such jurisdiction or country. Neither the information, nor any opinion contained in this site constitutes a solicitation or offer by SFOX, Inc. or its affiliates to buy or sell any cryptocurrencies, securities, futures, options or other financial instruments or provide any investment advice or service.