For some time now I’ve been tinkering with the idea of having a standard like ERC20 that enables automated trustless trading of contracts.

Before going into details, let’s look at the current way(s) how one would sell a contract:

After seller and buyer have agreed on all conditions and the payment has been made the actual change of ownership needs to be performed. If the contract has implemented some way of ownership management (e.g. is Ownable or is Claimable), after buyer and seller agree on a payment the seller would manually set the buyer as new owner. If the contract does not have a concept of ownership management, there is the option of handing out the private key of the address that controls the contract to the buyer.

Inherent for both methods is the problem that you need trust to perform the deal. How can the buyer be sure the seller does not run with the money? You can add manual escrow service to the deal, but this again needs trust in the escrow, most likely will cost significant amount of money and adds more manual steps to the process.

Solution outline

The obvious way to eliminate the need for trust from a system is to use verifiable smart contracts. Let’s see how this would work out:

Similar to the manual process at the core there would be three parties.

“Seller” — The entity owning a contract

Market/Escrow

“Buyer” — The entitiy that wants to buy the contract

What needs to happen for a successful trade?

The seller creates an offer through the market contract. Creating the offer includes transfer of contract ownership to the market contract. If a buyer decides to buy the contract, it provides the necessary funds to the market contract. When the market receives the required funds for an offer, it closes the deal by transferring the received payments to the Seller and in the same transaction transferring ownership of the contract to the buyer

Contract API

A contract that should be sell-able via the market needs to implement the following APIs:

Prepare a contract for being sold:

function prepareSell(address _market)

This function will make the market address known to the contract. This will enable the market to claim ownership of the contract when the owner is listing an offer. Calling this function should only be possible for the owner of the contract being sold.

Technically this does not need to part of a standard API, as it will not be called from the market. But something like this is necessary to prepare the contract being sold to be claimed by the market.

Start selling the contract:

function startSell()

This function will be called by the market when the seller creates an offer. It has to transfer full and exclusive ownership of the contract to the market. Calling this function must only be possible by the market!

Finalizing the deal:

function performSell(address _buyer)

This function will be called by the market when the buyer has paid the required funds. It has to to transfer ownership of the contract from the market to the buyer. Calling this function must only be possible for the market!

Cancel a sell offer:

function cancelSell()

This function will be called by the market in case the contract owner decides to cancel selling of his contract. It has to to transfer ownership of the contract from the market back to the seller. Calling this function must only be possible for the market!

Proof of concept

Naive implementation of a tradeable contract:

And the even more basic market contract:

Challenges

Obviously above proof of concept code is not very sophisticated. For example it is tailored for contracts that only have one owner address. How could this concept work in a generic way with multiple owners, like 3-of-5 multisig?

A malicious contract owner could implement the Tradeable API, but still keep a backdoor open in the code to keep control of the contract even after the deal has been finalized. To prevent this, the buyer needs to check the sources of the contract he is buying, and he needs to double-check that the deployed contract is matching the code that he received from the seller. This could be done in the same way like e.g. etherscan.io verifies contract source code. However there is a risk that a malicious player hides his backdoor so it is not obvious even through thorough code review.

Final words

Having a standard way of trading contracts opens up some possibilities. We could have various markets, starting from very simple escrow systems to Craigslist-like listing sites, different auction types, …

I’m looking forward to opinions! Do you think this concept is worth further discussion? Do you see a need for this at all? Or is it too specific and too much of a hassle to implement?