|
META TOPICPARENT | name="FirstEssay" |
| | -- By ArashMahboubi - 04 Nov 2016 | |
< < | Introduction | > > | Smart Contracts Meet Financial Systems | | | |
< < | The tide of the Internet age has brought numerous dangers concealed amongst the benefits. Users have accepted, whether knowingly or not, risks associated with the Internet under the assumption that the benefits are too great to pass up. With this tide has come a recent invention—the smart contract—that is welcomed by many, yet dangerous in its current, imperfect state. Proponents envision smart contracts being a key component of next-generation blockchain platforms, and go as far as seeing its use in any practical enterprise application. However, smart contracts are still susceptible to the same errors as a traditional contracts, and these errors can be further magnified as the contract acquiesces to nothing besides the code. The "smartness" is not an inherently separate attribute of the contract type, but merely a by-product of the contract being self-executing. Therefore, the public should take a more cautious approach than they have with the likes of Facebook and Apple, and wait for the current state of smart contract technology to catch up to the lofty, idealistic goals.
Transformative Potential of Smart Contracts
To understand the potential dangers, one must first understand what a smart contract is and why it can be a valuable alteration to contract law. A smart contract is a computer program code that is "capable of facilitating, executing, and enforcing the negotiation or performance of an agreement (i.e. contract) using blockchain technology". The self-executing code automatically implements the contractual terms. The code defines the rules and consequences in the same way that a traditional legal document would, stating the obligations, benefits, and penalties which may be due to either party in various different circumstances. The code can enforce predetermined contractual obligations by electronically moving assets or virtual currency from one party to another. In its ideal state, smart contracts aim to increase efficiency compared to traditional contracts by providing better security, reducing transaction costs, and eliminating heavy reliance on third-party enforcement. However, all that promise, at best, remains to be unlocked. | > > | The tide of the Internet age has brought numerous dangers concealed amongst the benefits. With this tide has come a recent innovation—smart contracts—that is welcomed by many. Proponents envision smart contracts being a key component of next-generation blockchain platforms, and go as far as seeing its use in any practical enterprise application. While users would be sensible to prioritize the prevention of theft or modification of critical data that isn’t cryptographically secured, users should still be aware of the dangers that exist with cryptographically secured smart contracts in financial systems. The public should avoid the overeager approach it has taken with significant data threats like Facebook and Apple, and wait for the current state of smart contract technology in financial systems to catch up to the lofty, idealistic goals. | | | |
> > | What are Smart Contracts? | | | |
> > | To understand the potential dangers of smart contracts in financial systems, one must first understand what they are and why they can be a valuable addition. As succinctly put by Chris Ferris, “a smart contract is a stored procedure in a database.” Smart contracts are a piece of code that is stored on a blockchain, which is triggered by blockchain transactions and reads and writes data in that blockchain’s database. The code defines the rules and consequences in an analogous way that a traditional legal document might, stating any obligations, benefits, and penalties which may be due to either party in various different circumstances. A smart contract is capable of being used in financial systems to facilitate, execute, and enforce the negotiation or performance of an agreement (i.e. contract) using blockchain technology. In a practical application, for instance, the code can enforce predetermined contractual obligations by electronically moving assets or virtual currency from one party to another. | | Smart Contract Disaster | |
< < | The appeal of smart contracts, their code, has also been the liability that is stalling their widespread implementation. Ever since the invention of computers, hackers have been breaking systems by exploiting code. These hacks and data breaches occur regularly at smaller levels such as Facebook and emails, but parties potentially stand to lose much more if smart contracts are breached because smart contracts are usually tied directly to assets of the contracting party.
The recent hack of the Decentralized Autonomous Organization ("DAO"), which lives on the Ethereum blockchain, serves as a cautionary tale. The DAO was designed to crowdsource funds from anonymous stakeholders and invest it in projects voted on by the investors and administered through smart contracts. The DAO promised to revolutionize managing and allocating capital by functioning without a fund manager. Instead of the venture-capital firm being run by a traditional manager, the wisdom of the crowd would make the investment decisions. The investors then stand to gain on the profits, whether through dividends or an increase in the value of Ether (the Ethereum crypto-currency equivalent of Bitcoin). Soon enough, the DAO had become the largest crowdfunded project in history, raising over $150 million. | > > | The appeal of smart contracts, their code, has also been the liability that is stalling their widespread implementation in financial systems. Ever since the invention of computers, malicious programmers have been exploiting code. These data breaches regularly threaten critical data that isn’t cryptographically secured, but still pose risks to cryptographically secured financial data. | | | |
< < | In hindsight, the level of trust placed upon the code appears to be premature and misguided. The fatal flaw was that the entire platform hinged upon the code behind the smart contracts. Less than a year after the launch of the DAO, a hacker siphoned about $60 million worth of Ether through a recursive splitting function. The recursive splitting function was a feature of the smart contracts; and this feature within the code allowed funds to be siphoned into a sub-DAO, which is exactly what a user did. The attack shook faith in smart contracts, and left in its wake a lose-lose legal battle. | > > | The recent hack of the Decentralized Autonomous Organization (“DAO”), which lives on the Ethereum blockchain, serves as a cautionary tale. The DAO was designed to crowdsource funds from anonymous stakeholders and invest it in projects voted on by the investors and administered through smart contracts. The DAO promised to revolutionize managing and allocating capital by functioning without a fund manager. Instead of the venture-capital firm being run by a traditional manager, the wisdom of the crowd would make the investment decisions. The investors then stand to gain on the profits, whether through dividends or an increase in the value of Ether (the Ethereum crypto-currency equivalent of Bitcoin). Soon enough, the DAO had become the largest crowdfunded project in history, raising over $150 million. | | | |
> > | The DAO’s entire platform hinged upon the code behind the smart contracts. In hindsight, the level of trust placed in their code appears to be premature and misguided. Less than a year after the launch of the DAO, an individual siphoned about $60 million worth of Ether through a recursive splitting function. The recursive splitting function was a feature of the smart contracts; and this feature within the code allowed funds to be siphoned into a sub-DAO, which is exactly what the user did. The attack shook faith in the implementation of smart contracts in financial systems, and left in its wake what, on its surface, appears to be an intriguing legal battle, but in reality should be a fairly straight forward decision. | | | |
< < | Legal Ramifications | > > | Don't Overcomplicate the Legal Ramifications | | | |
< < | What made this hack unique was that it was not illegal according to the smart contracts. The DAO made clear that "The DAO's code controls and sets forth all terms of The DAO Creation". The platform's integrity rested upon the assumption that the code behind the smart contracts is the law. As the code allowed for the hack, then the hack should be legal. Consequentially, it might not even be appropriate to call the action a “hack” or a “theft”. | > > | What made this attack unique was that it was not illegal according to the smart contracts. The DAO made clear that “The DAO’s code controls and sets forth all terms of The DAO Creation”. The platform’s integrity rested upon the assumption that the code behind the smart contracts is the law. As the code allowed for the siphoning of funds, then the siphoning should be legal. Consequentially, it might not even be appropriate to call the action a “theft”. | | | |
< < | This left the DAO between a rock and a hard place. The DAO could either attempt to retrieve the funds or they could sit idle and let the code be exploited. The first option plugs a temporary hole. However, this would be seen, by smart contract idealists, as a violation of the trust placed in the smart contracts. Changing the code after the fact would be a betrayal of the promises set forth by the smart contracts. In the words of the DAO: "The DAO is borne from immutable, unstoppable, and irrefutable computer code, operated entirely by its members, and fueled using ETH which creates DAO tokens." The risk of such a betrayal would be the collapse of the very foundation the DAO rests upon, the supremacy of the code. The DAO essentially must pick between losing $60 million against the expectations of investors or risk losing the integrity of the entire platform. | > > | This left the DAO between a rock and a hard place. The DAO could either attempt to retrieve the funds or they could sit idle and let the code be exploited. The first option plugs a temporary hole. However, this would be seen, by smart contract idealists, as a violation of the trust placed in the smart contracts. Changing the code after the fact would be a betrayal of the promises set forth by the smart contracts. In the words of the DAO: “the DAO is borne from immutable, unstoppable, and irrefutable computer code, operated entirely by its members, and fueled using ETH which creates DAO tokens.” The risk of such a betrayal would be the collapse of the very foundation the DAO rests upon, the supremacy of the code. The DAO essentially must pick between losing $60 million against the expectations of investors or risk losing the integrity of the entire platform. | | | |
< < | The courts will likely be left to determine the intent of parties invested in the DAO and in the process sculpt the future of societal trust in smart contracts. Did the hacker violate the intent of the DAO by stealing money from others or is the hacker merely a legitimate operator within the bounds of the smart contracts? | > > | However, such an outlook disregards the obvious. Courts, steered by regular human judges, are not likely to see the world the same way the DAO does. Merely slapping a disclaimer on a contract in the real world does not supersede liability. There isn’t much reason to think courts would be more sympathetic to disclaimers by the DAO than they would to similar disclaimers by a corporation like Blackstone. Smart contract idealists might envision a financial world where the code is the law, but, unfortunately for them, they still remain under our nation’s legal system jurisdiction. The court is unlikely to view the DAO’s smart contracts as a new realm of contract law. Instead, it will likely empathize with the reasonable expectations of the investors just as it would in other financial systems. | | | |
< < | Conclusion | > > | Smart Contracts in Perspective | | | |
< < | Smart contracts might not be as “smart” as advertised. Parties involved are vulnerable to manipulations and exploitations of the code. As smart contracts are usually linked to assets, the public should be extra cautious and patient when determining whether or not a smart contract is suitable for their contractual needs. | > > | The dangers of smart contracts in financial systems are overblown in comparison to the social harm caused by attacks against critical data that isn’t cryptographically secured. Nonetheless, it is still a problem that merits acknowledgment because smart contracts might not be ready for incorporation into mainstream financial systems. | |
|
|