Smart contracts within blockchain platforms have a lot to offer, but lack of regulation and testing makes them a potential vulnerability.

In 2016, the Decentralized Autonomous Organization (DAO) announced that a hacker had exploited a vulnerability in Ethereum, a blockchain platform utilized by the group. The total loss to the DAO was reported at $150 million.

The flaw was not in the blockchain platform itself, but rather in the smart contract. The hacker was able to trigger a recursive send vulnerability where the act of sending funds triggered another “send funds” request. Etherium had done exactly what it was supposed to do, but a loophole in the smart contract code exposed the organization to a hack. It was reported that the DAO lost $60 million in just the first 12 hours.

Read More: Are You Ready for Blockchain? [infographic]

“Smart contracts will eventually automate the mass personalization of value exchange,” said Nigel Montgomery, research director at Gartner. “What that means is the ability to engage many times the number of customers and partners globally, but in an intimate and personalized manner dictated by today’s consumerized ‘instant response’ world. That is the aim. Yet today the technology is immature and mercurial, and once live, the outcome is irrevocable. Smart contracts are something CIOs should invoke at their peril.”

Digital Business The Real Business of Blockchain How leaders can create value in a new digital age. Download Book Chapter

What makes a smart contract?

A smart contract is a computer program or protocol that facilitates, verifies or executes the terms of a contract. Smart contracts have three characteristics:

They operate on a decentralized ledger technology. They are independent. They are immutable and irrevocable.

The immutability of a blockchain record and the distributed nature of a blockchain system make smart contracts an attractive option for enterprises. In theory they establish undisputable provenance. However, the immaturity of the technology means they also incur potentially significant drawbacks. For example, smart contracts are independent, which means they obey only their own code and, once deployed, cannot be controlled by either the originator or any legal system. Additionally, they are irrevocable, and can only be replaced by a completely new contract. The DAO example proves what can happen if that code is not exhaustively tested for every potential outcome.

Ask the important questions

Despite the risks, Gartner estimates that by 2022, ratified unbundled (that is, defined impact) smart contracts will be in use by more than 25% of global organizations. Unbundled means closely defined and with narrow impact, rather than complex nested contracts where the outcome permutations become nearly impossible to test. Nevertheless, smart contracts will increase in popularity over time, and will begin to impact global commerce.

Read More: What to Tell The Board About Blockchain

Companies and organizations looking to utilize smart contracts right now should be very deliberate and careful in adoption. Assessing technical maturity is a key component of a successful smart contract. When pursuing a solution, ask vendors five key questions:

Are you certain that this contract cannot be undertaken using tried-and-tested and legally binding traditional contract mechanisms? If the answer is no, opt for the tested route. Is anyone using the smart contract in production? I f the answer is no then you may be putting your business or brand at risk by being the first. Are you sure you want to take that risk? Do you, the smart contract creator, indemnify my organization if there is a problem, including unexpected behavior or unintended consequences? If they do not, then it means that you are taking the risk. What mechanisms for software assurance are in place? Are there tools in place for mathematical proof of correctness? More to the point, have they been applied to this smart contract, and where is the proof? Under what circumstances are escape lanes (get-out/cessation clauses) used in the software, and who can invoke them — and why? Escape lanes can increase vulnerability to exploitation and require rigorous clarity or purpose and impact.

Enterprises should consider proven traditional contracts when available and, if choosing smart contracts, ensure that the code has been tested exhaustively. Remember that there are no standards for testing smart contracts, and having “adequate” testing exposes the company to potential risk. Finally, remember that it’s impossible to see every potential error or issue given the complexity of the technology, and at the end of the process, the complexity could mean the contract fails to represent the original intentions of the signing parties.