- Smart contracts are contracts expressed as a piece of code that are designed to carry out a set of instructions.
- The term “smart contract” was coined in the 1990s, in an academic paper created by Nick Szabo.
- Dapps, or decentralized apps, are essentially a series of linked smart contracts.
We’re all familiar with apps and app stores. You browse, download the app you want, and away you go.
Behind the lovely UX and UI interfaces, these apps are performing a specific set of instructions as laid out by their creator. It could be a game, a calendar, or a way to buy goods and services.
Smart contracts perform a very similar function.
A smart contract is a contract—expressed as a piece of code—that’s designed to carry out a set of instructions.
The only difference is, with smart contracts there’s no middleman. There’s no person or company holding your information or verifying it. The blockchain verifies and holds a record for you.
How does a smart contract work?
So, you want to buy a car online without a smart contract. In order to do so you need:
- 📇 A listing site to hold the information on all the cars you’d like to see
- 📯 A way of communicating with sellers
- 💰 A payment system to allow you to exchange money once you’ve found your car
- 💳 Some capacity to get a refund if the car turns out to be a dud
- 👨⚖️ You’ll also need to register the exchange of car ownership with the authorities
Each of these points requires you to trust the site or service you’re accessing—and a lot of the time, each part of that process is controlled by a different company or individual.
It wouldn’t take much for a sneaky person or organisation to change any of the above, making the whole process void.
A smart contract removes the need to trust so many people in the process of buying something.
Why? Smart contracts are:
- 🔒 Secure: They use cryptography to stop people altering records.
- 🔍 Transparent: Everyone can see on the blockchain what the smart contract is and what it’s being used for.
- 🙏 Third-party free: Smart contracts don’t need a middleman to verify. The blockchain does that for you.
- 🤖 Autonomous: They work automatically, so you’re not having to wait for someone to push a button.
- ✅ Accurate: Because smart contracts are written in code, they don’t rely on the grey areas of a language and what words mean.
If this happens, do this
At the heart of a smart contract tends to be a mechanism that says (in computer code) “if this happens, then do this”.
These already exist today. Let’s say you want to pay for something using a debit or credit card. The software your bank runs on will use the “if this happens, then do this” in the following way:
- 💸If the amount in the bank account is larger than the sum requested, release the funds
- 🙅♀️ 💵If the amount in the bank account is smaller than the sum requested, don’t release the funds
The difference with smart contracts is, instead of a bank (or any third party) being the controller of that decision, it falls to the blockchain.
So taking the above example and applying it to a smart contract built on a blockchain you’d see the following:
- 💸If the amount in the digital wallet is larger and has not been spent already, release the funds.
- 🙅♀️ 💵If the amount in the digital wallet is smaller, or has been spent already, do not release the funds.
The exciting bit about smart contracts is it means anyone can enter into an agreement with anyone else, with the blockchain keeping a record of the whole thing.
Inside a smart contract
Like regular contracts, smart contracts are designed to enforce the terms of an agreement—whether this is an exchange of cryptocurrencies, tokenized rights, proof of identity, or practically anything else.
Smart contracts will automatically execute when pre-defined conditions are met. The operation of a smart contract can be briefly described with three main terms:
- 🤝 Interconnectivity: Each smart contract usually has a restricted set of functions. Several smart contracts can be set up to connect with one another and can form more complex arrangements known as decentralized applications (dapps).
- 💡 Objects: These are the signatories that interact with the smart contract and the subject/s which is/are modified by the smart contract based on predefined or newly-submitted terms.
- 🌍 Environment: Smart contracts are dependent on an underlying cryptographic environment. This ensures they can operate securely, and that the data they act on is immutable and generally transparent.
For most blockchains, the code underlying the smart contracts is immutable, though several blockchains also support updateable smart contracts.
Who created smart contracts?
Like the blockchain technology used to power most cryptocurrencies, smart contracts were derived from earlier technologies that weren’t quite complete. In the case of smart contracts, they are derived from earlier electronic instruction execution programs that used if/else statements other conditional logic to automatically produce an outcome based on the information it is presented with.
The term “smart contract” itself was coined in the 1990s in an academic paper created by Nick Szabo, a prominent computer scientist and cryptographer that was also responsible for developing one of the earliest precursors to Bitcoin, known as Bit Gold. Szabo initially described smart contracts for a variety of basic purposes like fraud reduction and enforcing contractual arrangements, but later elaborated on the potential use-cases of the technology to digital cash, smart property, and more in a 1996 paper.
Ethereum implemented a Turing-complete language on its blockchain, allowing for complex and sophisticated logic in its smart contracts.
How do dapps use smart contracts?
Dapps, or decentralized apps, can be best thought of as a bunch of smart contracts tied together.
A smart contract on its own can only be used for one type of transaction. A dapp, however, can bundle multiple smart contracts together to do more sophisticated things.
A dapp can also put a friendly interface on top of the contracts—just like apps do today.
Some notable dapps
Who is using smart contracts?
Smart contracts are a relatively new technology, but they have already seen widespread implementation—particularly among pure crypto projects.
But they’ve also been adopted by a whole host of corporations, and even some governments have begun experimenting with smart contracts. Some of the most prominent examples include:
- 🎮 Ubisoft: Video games giant Ubisoft has embraced blockchain in a big way; among its many blockchain initiatives, it’s crafted specially-designed smart-contracts allowing users to own, transfer, and claim rare non-fungible tokens (NFTs) based on its popular Rabbids gaming franchise.
- 🏦 ING: Dutch bank ING has co-created Fnality, a blockchain-based trade-settlement system using smart contracts. It’s also involved in a number of other blockchain initiatives.
- 🇸🇪 The Swedish government: Sweden’s government has tested a blockchain-based land registry for proving the ownership of land, which is built on smart contracts.
Smart contracts aren’t always perfect
Although smart contracts are generally considered to be a “trustless” way of enforcing agreements and logic, they aren’t without their fair share of problems.
For one thing, smart contracts are immutable on many blockchains. This means that once launched, they cannot be changed or upgraded, which can lead to disastrous consequences if there are underlying issues with the code. This is perhaps best highlighted by the 2016 Ethereum DAO hack, which saw an unknown hacker siphon off millions of ether (ETH) by exploiting a loophole in the DAO’s split function.
Unknown and novel attack vectors can also often be exploited, usually ending with investors losing money. This was seen in September 2020, with the collapse of the test version of Eminence, a project by Yearn Finance’s Andre Cronje. It was exploited for $15 million by an unknown hacker after a huge number of investors sank their money into it.
Likewise, simple bad code can render the smart contract effectively useless. This was seen with the collapse in August 2020 of the DeFi yield farming project known as YAM, which used unaudited smart contracts and was thwarted by a critical bug that rendered its governance feature useless.
Auditing smart contracts
Though smart contracts are secured by their underlying blockchain technology, they also need to be secure by design—since certain functions or errors in their code can be exploited.
This has happened a number of times in the past, and remains one of the biggest challenges to wider adoption. In total, hundreds of millions of dollars worth of assets have been drained from unsecured smart contracts, including the aforementioned Eminence hack and an April 2020 hack that saw $25 million stolen from dForce.
A November 2020 report by blockchain investigation firm CipherTrace found that around $10 million a month is drained from DeFi projects alone.
To help minimize the risk of this, a number of third-party development and security firms, such as Mythx and ConsenSys Diligence (ConsenSys funds an editorially-independent Decrypt), now offer smart contract auditing services. This involves scrutinizing the smart contract code to identify any vulnerabilities, which can then be fixed. This usually occurs before a smart contract is made public.
Popular dapps will often post their smart contract audit in the footer of their website, providing confidence to users who don’t have the time or expertise to check its code themselves.
The future of smart contracts
Nowadays, most blockchains have smart contract functions, with active communities of developers creating dapps using smart contracts on blockchains such as Cosmos, NEO and Hyperledger. The scope of smart contracts’ capabilities can range from very simple on something like Bitcoin or Litecoin, to more advanced on dapp-capable blockchains like Ethereum, Tron, and Polkadot.
We’re still in the early days of what smart contracts and dapps can be used for. But there are companies and even governments experimenting with their potential already. They are now used for a huge range of tasks, including digital identities, supply chain management, insurance, data storage, and a whole lot more.