Should You Use Smart Contracts?
CUTTER BUSINESS TECHNOLOGY JOURNAL VOL. 31, NO. 4
The authors provide us with a comprehensive discussion of smart contracts and how they work within a blockchain. They also consider the benefits of using the cryptocurrency app Ethereum for building and using smart contracts, detail the advantages and limitations of smart contracts, and impart some cautionary advice.
One of the major use cases for blockchain is smart contracts. Does it make sense for your organization to use smart contracts? In this article, we describe smart contracts, including a discussion of how they work and the possible benefits of using them. We also examine the downsides of their use and offer further considerations for the reader.
What Are Smart Contracts and How Do They Work?
So what are smart contracts? Imagine an agreement among multiple parties where certain, predetermined actions are agreed upon by the parties and executed per logic and when specific circumstances exist. There are many formal definitions as well. Back in the 1990s, cryptographer and legal scholar Nick Szabo described smart contracts as:
A computerized transaction protocol that executes the terms of a contract. The general objectives of smart contract design are to satisfy common contractual conditions (such as payment terms, liens, confidentiality, and even enforcement), minimize exceptions both malicious and accidental, and minimize the need for trusted intermediaries.
Szabo also stated that smart contracts enumerate “a set of promises, specified in digital form, including protocols within which the parties perform on the other promises.” His definition is certainly comprehensive, and for the purposes of this article we ask that you note the contractual provisions clause and how actions are enumerated. Of course, those of us who work with and implement electronic data interchange (EDI) as well as many enterprise software applications are generally familiar with other software that does some of what smart contracts do (i.e., use workflow rules to take specific actions previously agreed to among the parties).
An important distinction though: smart contracts work within the blockchain — a cryptographically protected distributed ledger. They use cryptocurrency as consideration for promises. Although Bitcoin — the first cryptocurrency app to use blockchain as its foundation — is the leading cryptocurrency app today, the leading app for building and using smart contracts is Ethereum and its cryptocurrency is Ether. There are also other cryptocurrency apps available that you can use with smart contracts.
Moreover, you may have heard about smart contracts under one or more other labels. Some companies and people who work with them use the term “computerized transaction protocols.” Another frequently used label is “conditional transactions,” since they feature conditional logic.
Both Bitcoin and Ethereum rely on the data storage and security foundation of blockchain. So, in effect, smart contracts use and benefit from blockchain to enable parties to have agreements that automatically execute specific, predetermined actions under predefined circumstances.
Bitcoin’s software is hard-wired to do financial transactions, but Ethereum, in contrast, supplies an environment to host many kinds of application functionalities, ranging from games and gambling to smart contracts. Apps written for Ethereum contain multiple “if xxx, then yyy” statements, and these statements are triggered when users supply variables. A unit in Bitcoin is based on a single financial transaction, but a unit in Ethereum is an account. There are two types of Ethereum accounts: (1) externally owned accounts controlled by private keys and (2) smart contract accounts that can only be initiated by an externally owned account.
Figure 1 shows the main components comprising the Ethereum environment, with its structure approximating the familiar three-tier architecture of: (1) user interfaces, (2) middle-tier functional components with minimal user interfaces within the Ethereum Virtual Machine (EVM), and (3) account data storage and security in the blockchain.
The EVM middle tier, however, is dramatically different from conventional architectures, since the EVM “lives” on each node (or user) connected to the Ethereum network. Thus, every node has access to the same smart contract apps and EVM software as seen by all other nodes on the network. The blockchain data itself is also downloaded to every node on the network.
At the top level of the Ethereum landscape, users comprise smart contract developers, smart contract users, and Ethereum blockchain miners. For the user interfaces located just below, programmers who develop smart contract apps can directly access the EVM with development tools to deploy apps to the production EVM. Hence, the environment lends itself to a broad array of applications, particularly smart contracts. Users can securely store the Ethereum cryptocurrency Ether in individual wallets via private keys. Wallets are available in software or hardware. So to implement and use smart contracts, users spend Ether — with Ether effectively being a means of exchange. Ethereum exchanges also store Ether and are quite different from wallets, allowing users to convert cryptocurrencies to other forms of money (including dollars), but they do not offer connections to the EVM.
The EVM middle tier is the runtime environment where Ethereum smart contract apps are deployed to all nodes (users) connected to the network. The process of creating a smart contact app is familiar to many of us. We begin with functional requirements and then move to coding, testing, compiling, testing again, and implementing on the EVM, with Ether expenditures required at certain points in the deployment cycle. Ledger software is at the center of the EVM, containing the required functionality to control the reads and writes of account data to the blockchain. Here we can draw from different ledger software options, some proprietary, others open source.
Finally, data is stored in blocks in the Ethereum blockchain whenever information or value changes for an account. The miners compete to organize the account transactions (written by smart contracts) into blocks, with the winner receiving Ether for their work. Ethereum miners solve complex calculations and, for their effort, can receive Ether for successful solutions. Whenever an account changes, its data is written to the blockchain, but the data is not available to other smart contract users until the entire block is written to a block. While miners race to solve the calculation puzzle, they’re also verifying the accuracy of the data as it is entered into the blockchain. Thus, smart contracts are merely an application that uses blockchain. To round out the financial picture, Ethereum also charges transaction fees to users of the smart contracts and app developers to provide funds to pay the miners.
The Appeal of Smart Contracts
In theory, smart contracts may provide several benefits. In our experience, we’ve found that the greatest benefit is the process of developing and implementing the framework for smart contracts within an organization. Like many efforts, getting processes in place for the use of automated tools may be difficult, but ultimately rewarding, once over and operational.
Advocates for smart contracts list multiple benefits, most of which are derived from blockchain. Consider first that smart contracts promise autonomy; anyone, without consulting with or engaging an attorney, can create a contract. Hence, the process for reaching an agreement between parties could go faster and be more efficient than with legal counsel involved. (Of course, this raises several questions as well, including, but not limited to, not having the wisdom and experience of counsel to assist in reaching and executing an agreement. We discuss other related issues regarding the use of legal counsel later in this article.)
Another benefit of smart contracts is trust. Since documents are encrypted and stored on trustless public ledgers (TPLs), they offer parties a sense of “trust.” A third benefit is consistent backup. Due to sharing on TPLs, documents have a multiplicity of immutable “backup[s].” A fourth benefit, while not airtight, is safety. TPLs are complex and well coded; furthermore, encryption of documents on the ledger ensures protections against hacking (but not total protection). This benefit is particularly relevant for agreements that are relatively simple and replicable over multiple transactions; by contrast, more complex agreements among parties follow well-established processes where counsel and corporations maintain detailed records and copies of agreements. Fifth, smart contracts offer parties efficiency. Instead of people manually processing documents, computers parse the code, eliminating lag and minimizing the risk of human errors. When the specified condition occurs, payment and other actions are automatic. Smart contracts can also bring savings from the efficiencies since parties can limit their costs, both through the elimination of middlemen lawyers in contract formation and by obviating the resort to court if there is a breach. Finally, smart contracts offer users transparency, which could be a double-edged sword. Dealings, including terms (which some companies may prefer not to be public) are out in the open where “everyone sees.” Transparency may not, however, be wanted with certain types of transactions.
Although many of these benefits are already available with other technologies, by combining these technologies with the use of smart contracts, your organization may gain additional value. But like all technologies, the challenges are determining what agreements to automate using smart contracts and, as noted above, the implementation process. There are also other realities that you need to consider.
The Reality of Current Smart Contracts
Simply put, while smart contracts provide many benefits, they are neither easy to create nor facile to integrate within the blockchain, even for the technically adept. Thus, even though a key benefit of smart contracts is autonomy and the ability to avoid middlemen, an industry of intermediaries has emerged to create templates for building smart contracts on the blockchain.
These templates are readily available for use by individuals and corporations, but like templates for some legal documents, there are many limitations to consider. On the plus side, vendors of such templates tout that organizations can accept smart contracts and cryptocurrencies easily. The downsides are that “easily” is a relative term, and in our experience the process of actually using a template is complicated and often constrained by the templates, reducing the alleged benefits of smart contracts.
One of the major constraints we’ve seen and hear about from clients is that developing and using smart contracts requires experts to modify or build templates. Those “experts” are presently difficult to find. A talented developer would need expertise in blockchain, general business processes, and some general knowledge of the terms and related customs and practices involved among the parties for the specific smart contract. That individual would have multiple employment opportunities. Indeed, the challenge of finding such talent is a significant barrier to the development and use of smart contracts at many organizations. Ironically, we have found that some of the most active users and proponents of smart contracts are law firms. Some attorneys and staff at these law firms do have the technical expertise and general understanding of agreements relevant to their clients; hence, they can take a leading role in implementing smart contracts at their respective clients.
Here, though, the so-called benefit of savings may be less than what some advocates suggest. More specifically, the salaries of developers may be higher than that for lawyers, and the fact that such developers are often difficult to find and keep as employees renders the savings benefit questionable. It’s not just the financial cost, but the related cost in time searching for talent. By contrast, finding legal counsel is much faster and easier and given the present oversupply of lawyers, the financial cost may be much lower by simply working with legal counsel that has developed expertise in smart contracts.
Consider the case of Jincor, a platform that allows any business to work with smart contracts and cryptocurrency payments. Jincor claims that users will realize large savings using its templates because the platform will cut the cost of implementation from today’s approximate “[US] $5,000-$7,000 — just have a look at blockchain developers’ salaries and take into consideration that coding and proper security testing of a smart contract require many working hours of a qualified professional … to roughly $100-$500 per contract by removing the need to program them.” Unfortunately, the company does not have readily available data supporting its statements. And given that companies must hire qualified “technical” personnel who could, perhaps, be deployed in other activities that return more for the company, rather than lawyers, where there are many choices, the cost savings may be questionable.
Hence, a fundamental question arises: are smart contracts the best way to deploy your limited technical resources? Plus, consider the fact that your organization benefits from contract law, which has evolved over hundreds of years as society has evolved, too. To turn our backs on that history and on hundreds of years of collective thinking and reasoning and to substitute an automatic system where users lack recourses when issues arise may be foolish.
Modern institutions work well because they’re built on centuries of accumulated knowledge. Decentralized blockchain applications are in their infancy, guided mainly by trial and error. A lot of money has poured into the technology, but just because something is technically feasible doesn’t mean it’s a good idea just yet.
Turning to the benefit of safety, although, theoretically, smart contracts promise safety in practice, the blockchain and wallet apps for cryptocurrencies have, at best, a mixed record with hackers and theft. As one writer at Bloomberg Businessweek notes:
After a string of high-value losses, participants still chose to entrust hundreds of millions of dollars to a vulnerable wallet app. It seems that the friendly interface and accessibility that made Ethereum popular can also lull users into a false sense of security.
In fact, many of us are well aware that hackers have exposed users’ vulnerabilities. Consider the following case: In November of last year, a person known by the pseudonym “DevOps199” stumbled across a critical vulnerability in the code for a subset of Ethereum wallets. DevOps199 made itself the “owner” of this Ethereum code library, called a “smart contract,” and destroyed it. This shouldn’t have been possible, but DevOps199 nonetheless locked up roughly $150 million worth of other people’s digital coins. Once DevOps199 exploited this weakness in the code, the rightful owners had no recourse. While the code on the blockchain can be hacked, it is otherwise immutable, and there is no recourse to a higher authority. What’s worse, since activity on the blockchain is transparent, everyone can see as the code is hacked, but can do nothing to change the situation.
Conclusions and Thoughts for Action
We are actively involved in research and practice regarding blockchain and use cases such as smart contracts. At this time, however, despite the hype by advocates of smart contracts and, more broadly, blockchain, we strongly suggest you “watch and wait.”
A conversation with counsel, whether in-house, or outside, may be helpful. Keep in mind, too, a hybrid approach: use smart contracts, but add an arbitration clause. The processes your organization has in place regarding contracts likely work well, and while smart contracts may potentially offer benefits, it will take time and numerous steps along the way until you need to focus resources to learning in detail about smart contracts and actively using them.