Ethereum’s smart contracts are full of holes
Computer programs that run on blockchains are shaking up the financial system. But much of the hype around what are called smart contracts is just that. It’s a brand-new field. Technologists are just beginning to figure out how to design them so they can be relied on not to lose people’s money, and—as a new survey of Ethereum smart contracts illustrates—security researchers are only now coming to terms with what a smart-contract vulnerability even looks like.
Digital vending machines: The term “smart contract” comes from digital currency pioneer Nick Szabo, who coined it more than 20 years ago. The basic idea, he wrote, is that “many kinds of contractual clauses (such as collateral, bonding, delineation of property rights, etc.) can be embedded in the hardware and software we deal with, in such a way as to make a breach of contract expensive (if desired, sometimes prohibitively so) for the breacher.” Szabo called physical vending machines a “primitive ancestor of smart contracts,” since they take coins and dispense a product and the correct change according to the displayed price.
Enter the blockchain: Today, the most common conception of a smart contract is a computer program stored on a blockchain. A blockchain is essentially a shared accounting ledger that uses cryptography and a network of computers to track assets and secure the ledger from tampering. For Bitcoin, that gives two parties who don’t know each other an ironclad guarantee that an agreed upon transfer of funds will happen as expected—that is, no one will get cheated.
Read more about smart contracts by clicking here