The rise of smart contracts and strategies for mitigating cyber and legal risks
By Jerome Desbonnet, Vice-President, Chief Technology Innovation Officer, Capgemini and Oded Vanunu, Chief Technologist & Head of product’s vulnerability research, Check Point Software Technologies
This article is part of Centre for the Fourth Industrial Revolution, World Economic Forum
Imagine a world where contracts are executed seamlessly without human intervention, reducing costs and enhancing efficiency across industries – from finance to real estate. This is the promise of smart contracts, self-executing agreements embedded in blockchain technology.
However, the rapid adoption of this revolutionary technology comes with significant risks. In 2016, a coding flaw in the Decentralized Autonomous Organization (DAO) smart contract on the Ethereum platform led to a theft of $50 million worth of ether, illustrating the potential vulnerabilities.
With the smart contracts market projected to reach $73 billion by 2030, expanding at a compound annual growth rate (CAGR) of 82.2% as reported by Grand View Research, the urgency to address these risks is paramount.
Smart contracts are playing an increasingly important role and being more widely adopted across various sectors. As platforms like Ethereum continue to dominate the market, ensuring their security and reliability is crucial for the broader adoption and trust in smart contracts.
Technical risks of smart contracts
Smart contracts are highly dependent on the precision of their code and the security of the blockchain infrastructure they operate on.
Even minor flaws or oversights can lead to severe consequences such as unauthorized access, fund misappropriation or unintentional legal disputes. To enhance the security and reliability of smart contracts, adopting a multi-faceted approach is essential.
Formal verification tools are critical for checking the correctness of code before deployment. Following established best practices and standards in smart contract development, along with comprehensive auditing processes, can further minimize vulnerabilities.
Additionally, employing advanced encryption techniques and stringent access controls can safeguard sensitive contract data and transactions from malicious attacks. Implementing these measures can help mitigate technical risks and enhance the trustworthiness of smart contracts.
Evolving crypto threats and legal risks
Despite improvements in blockchain security, vulnerabilities in smart contracts continue to be exploited, leading to significant losses.
In 2023, the value lost in decentralized finance (DeFi) hacks declined by more than 63%, showing a positive trend in reducing the impact of these incidents, as reported by Chainalysis. However, the overall number of crypto hacks increased, indicating that the threat landscape is evolving and remains a significant concern.
These developments highlight a critical challenge: as the adoption of smart contracts grows, so does the sophistication of attacks targeting them.
One of the biggest challenges with smart contracts is that the rules aren't always clear. It's like playing a board game where the rules differ from one place to another; what's acceptable in one country might be illegal in another. This can create confusion about how secure these contracts are and what happens if things go wrong.
Let's say a smart contract is supposed to pay you when you deliver a project, but the payment never arrives due to a flaw in the programme. Who do you call? Usually, you might take legal action, but with smart contracts, it's not always clear how you can enforce your rights. The laws that apply to traditional contracts don't always match up with how smart contracts work.
Economic risks and security concerns
Think of a smart contract like a vending machine. You pick a snack, pay the money, and the snack comes out. Everything usually works smoothly unless the machine jams. Now, imagine if the price of the snacks suddenly changed while your money was still inside because of a rapid market shift.
That happened to a digital platform called MakerDAO during a major market crash. When the market fell abruptly, the digital contracts couldn't adapt quickly enough, causing people to lose money unexpectedly. This incident shows how sudden changes in market conditions can make these automated systems unreliable, a bit like a vending machine that takes your money without giving you the snack.
In November 2017, a seemingly innocent game involving digital cats, CryptoKitties, became so popular that it clogged the Ethereum network. This cute overload caused a significant slowdown across the network, delaying transactions and escalating fees.
This incident is a textbook example of how scalability challenges can lead to economic inefficiencies, which in turn compromise the security of all operations on the network, making every transaction, not just game-related, vulnerable to attacks and failures.
The Infrastructure Investment and Jobs Act passed in the US in 2021 shook the foundations of many blockchain projects. This legal shake-up illustrated how swiftly changing regulations could destabilize the smart contract landscape, forcing projects to adapt or perish.
This regulatory unpredictability doesn't just affect the economics of projects; it poses serious security risks, as projects rush to comply with new laws, potentially overlooking vulnerabilities or making hasty changes to their infrastructure.
Smart contracts will be revolutionary
Smart contracts are poised to revolutionize how we conduct transactions, promising more efficient and secure ways to manage agreements digitally.
Yet, the journey toward widespread adoption is laden with hurdles – technical glitches, legal ambiguities and economic fluctuations. Overcoming these challenges requires not just innovative technology but a comprehensive strategy that includes robust security measures, clear legal standards and adaptive economic policies.
As we continue to navigate this complex landscape, the success of smart contracts will hinge on our ability to secure and stabilize them against an ever-evolving backdrop of risks.
Comments