Smarter smart contracts?



Crypto Inferno



Yesterday we wrote about the recent smart contract bug affecting some ERC20 tokens. The batchOverflow issue enabled attackers to create very large quantities of tokens – far in excess of pre-determined supply – on affected contracts. Exchanges halted trading while their list of tokens was hastily checked for the bug.

We also mentioned the Parity bug multi-sig bugs, which somehow escaped a professional audit. We need to publish a correction here. In fact, the buggy code never passed an audit. There was a professional audit, and it appears that the code that was checked was passed, but then Parity changed the code without going back to the auditor, thereby introducing the bug.

In the context of all this, it’s meaningful that Waves has just released its own version of smart contracts on testnet. Waves’ implementation is different to Ethereum’s. They are starting with non-Turing complete functionality: basic account controls like multi-sig, balance freezing (to prevent people spending tokens they are sent for a period of time) and other simple functions. These cover the vast majority of popular use, can be accessed from the main client, and don’t require any complex code or programming expertise to create. Later, Turing complete contracts will follow, allowing developers and experts to create more sophisticated use cases.

Moreover, Waves smart contracts – in common with one or two other emerging alternatives to Ethereum – take a fundamentally different approach to the way their programming language is structured. Ethereum’s Solidity, as we noted yesterday, is arguably part of the problem. Waves’ smart contracts language will be strongly typed – that is, you can’t force a variable to be treated like a different type of variable (e.g. an integer like a string, or a floating-point number as an integer), and errors that could be caused by this are spotted early, before code is executed. Additionally, the costs of running a contract are known and up-front (and low). This has been a problem with Ethereum, when a contract is executed without knowing the costs in advance. There are potential exploits and certainly inconveniences around this property.

So, we will watch Waves’ smart contracts with interest. This area is an intriguing one for blockchain development and applications, and it’s possible that a slightly less powerful implementation will be, counter-intuitively, smarter.





__________________________

Red hot news, scorching wit and searing opinion pieces from Crypto Inferno.

Join us on Telegram



