Excited neophytes think that so-called “smart” contracts may be a panacea for all transactional or data management activities that take place in a developing technological ecosystem. It’s a mistaken assumption, but still a noble goal that could yield unexpected dividends.
“Be like bamboo,” said my teacher, back when I was taking kung fu classes.
“Bamboo flexes when you hit it, and it always springs back with greater strength,” he said, before correcting my form with a couple steps in loong ham gim.
We both agreed that the exchange was incredibly cheesy (let’s face it, I’d started there on a whim after seeing The Matrix), but it was pretty darn true as well, as much as my motives for joining the studio had started out a little moon-eyed with the flash and the newness of it all. I’d been dazzled by a shiny retooling of my life with the westernized Zen-lite of Keanu’s “whoa”; it was a New Age vision of a lifestyle that was the solution to all my problems. But then it had deepened with practice into a very real undoing and reconstruction of my body, each sinew and ligament strengthening, my whole corpus strung together light and wiry and … flexible, a kind of mindful awareness of each extremity down to my fingertips that I had never experienced, growing up a bookish kid with a distaste for sports.
Years have passed since then. The tech world has lit up with an absolute fascination for what lots of folks are calling “smart contracts.” These so-called smart contracts are self-executing blockchain-based virtual machines unto themselves, living on the blockchain like a barnacle lives on a whale; the whale goes along, does its whale thing, and when the little barnacle sticks its wavy fronds out and encounters a tidbit of plankton (or data), its wonderful internal workings spring-load into action, contracting tiny tendrils to grab the food, draw it into its carapace, subject it to the munchings of its digestive system, extract nutrients (or, say, perform a specific action per a pre-coded set of instructions), process that substance in a particular way, and then expel back into the ecosystem … whatever the end result of this amazing little biological factory is. There are quite a lot of barnacles on this blockchain ploshing its magisterial length across the open seas, all chrome and shiny and new, fascinating to people who think all the activities of the world can be processed by different little computers doing different little things, producing various outputs.
The problem is with the popular name. There’s nothing “smart” about a smart contract. They do what’s in their DNA, in their barnacle instincts, and that’s it.
Perhaps a better name is “Executable Distributed Code Contract,” or EDCC. They’re simple binary agreements that work on the Ethereum blockchain. (We’ll stick with Ethereum for this example, but there are a good number of blockchains that allow for EDCCs.)
EDCCs Are Not Really Thinking About You
These small programs living on the blockchain are termed “distributed code” because they are a set of instructions (erm, code) distributed throughout the entire Ethereum platform. And they’re described as “executable” because they have the necessary agency to autonomously perform functions on the blockchain when the correct prerequisites or inputs are met.
Each EDCC is a bundle of programming rules designed to be responsive to triggers from stimuli within the Ethereum ecosystem; for example, an EDCC that transfers ownership of property to children when they come of age, or an EDCC that changes a company’s insurance rates when the system registers that it has hired 20 new employees. They’re thought of as contracts because they contain instructions that command “if X factor is met, then make event Y happen.” It’s a functional agreement. The “smart” label comes from the fact that the EDCC swings into action on its own when a certain string of data is fed into it, the way a vending machine dispenses a dinky little bottle of soda when you put 12 freakin’ quarters into a slot, to either cause a transaction or exchange information on the blockchain. It’s not an inert statement on a piece of paper. It does stuff. Automatically.
But it isn’t “thinking” about it.
“Smart” is a misnomer. Like a computer, EDCCs can perform very advanced functions, but also like a computer, EDCCs cannot think. They only perform the tasks they are programmed to perform. They are inflexible, not adaptable (maybe someday they will incorporate machine learning, but it’s not happening any time soon … even though things are accelerating). They do not bend like bamboo.
Smart contracts break.
Rigidity Is Breakable
Hrishi Olickel, a researcher at Yale-NUS College, published a research paper with colleagues Loi Luu, Duc-Hiep Chu, Prateek Saxena, and Aquinas Hobor in the summer of 2016 on the subject of vulnerabilities in “smart” contracts. Among the 19,336 Ethereum contracts existing at the time, their bespoke symbolic execution tool found potential security bugs in 8,833 of them, including the “TheDAO” vulnerability, which led to a $60 million loss in June of 2016.
Another case study: An ERC, or Ethereum Request for Comments, is a request for input from the Ethereum community to help improve a product. ERC20 is an ongoing list of suggested standards that developers agree to follow when building their product, and all ERC20-compliant tokens can be interchanged easily with one another. Recently, a fair number of these tokens were discovered to share some particularly problematic issues. The bugs “batchOverflow” and “proxyOverflow” would have potentially allowed clever users to essentially boggle the smart contracts, by entering a number they’d never been designed to accommodate (much like the Y2K bug):
By entering a “_value” of 8 vigintillion (which has 63 zeros), researchers invalidated the logic checks designed to validate whether the “_value” is possible or not. This was based on multiplying “cnt” by the “_value,” an equation represented in line 257 of the example contract code.
By invalidating the logic of the smart contract, the balance of that account user would reset to zero, much like a car’s odometer after it passes 999,999 miles. With the account zeroed out, an attacker could go on to clear the logic checks in the contract‘s code and the now-infracted contract would add an incomprehensibly huge number of tokens to its balance. The exchanges OKEx, Changelly, Poloniex, QUOINE, and HitBTC all found themselves conducting internal audits as well as suspensions of transactions of the affected tokens.
Then there’s the Parity wallet vulnerability, which all came unraveled when, in November 2017, a user stumbled upon a Parity library contract housing the workings of a number of multi-signature hardware wallets. User “devops199” then mistakenly walked right into a hole in the code that allowed him to make himself the owner of the EDCC; panicking, he backed out of the situation by terminating the contract, unintentionally locking up about 500,000 Ether in the shut-down library. It remains frozen today, with much of the Ethereum community split on how to solve the dilemma.
These issues with EDCCs only lost money. What if a bug, an “unknown unknown” (or even one of which developers were aware – many of these bugs were know of ahead of time and ignored), made a mistake with your personal identity? Your home? Your hamburger?
And yet, a lot of folks have signed on board this ship of shiny new tools. It’s an alluring promise, a world defined by the clean click and whir of invisible instruments that have somehow found the meter and rhyme of our lives and translated it into an intelligible series of zeroes and ones, binary code that breaks down every possible contingency of every possible situation that could present itself. It’s a brilliant and worthy goal to reach for: Why, that’s perfection! Imagine if we could translate the tonal inflections of a star’s expiring song, or a whale’s call to its mate, or the pitch of an infant’s cry into a series of mathematical instructions telling us just what that child wanted, just what we need to do.
An interesting new ideology of an Internet of Agreements (IoA) imagines a world enfolded with smart contracts that can assist with many delicate social issues, managing government response to climate refugees and migrants, solving the problem of housing, even organizing global momentum for colonizing other planets. “Epochal in its impact,” the IoA philosophy seeks to decouple sovereignty over one’s identity or one’s property from the state, and to hand responsibility for decision-making over to EDCCs powered by complex algorithms, even incorporating “sanity checks” that attempt to govern all possible eventualities.
We Know This Already
IoA advocates such as Vinay Gupta acknowledge that “smart contracts are not particularly sophisticated yet. They’re nothing like legal contracts. They’re really much more like standing orders. Programmable payments or programmable money are good ways of talking about them.” Jorge Izquierdo, the co-founder of Aragon Project, stated at Devcon3 in 2017 that “dumb contracts are the best smart contracts.” Many posit that Ricardian contracts, ones requiring the electronic signatures of the involved parties and often involving a moderator (cryptographically attested to and verified), may be a better way to manage the sticky elements where a digital contract is involved with items or people that exist in the spaces between that which can be controlled digitally, and that which cannot. We can set up a smart contract to ensure that I ship a particular package to you, but the computer can’t control whether or not I ship you a box of rocks. No blockchain can truly promise your diamond was never stained with blood before it reached the auspices of said blockchain (yet). No tomato-tracking chip can prove your tomato was unadulterated on its way to your plate (again, not just yet, but they’re working on it).
“The more the smart contract is disconnected from controlling the item being exchanged, the weaker the integrity of contract,” wrote Dr. Washington Sanchez, the core developer for OpenBazaar, a decentralized marketplace, in a post on Medium just hours before the attack on The Dao.
In 2016, Solidity team leader at Ethereum, Dr. Christian Reitwiessner, wrote a roundup of a few basic EDCC liabilities.”Examples and patterns that were initially considered best-practice were exposed to reality and some of them actually turned out to be anti-patterns,” he pointed out. It’s been two years since then. As the blockchain scales up at an accelerating pace, how many have multiplied?
The developers and theorists behind Ethereum know that smart contracts aren’t ready for prime time. It’s those who’ve jumped onto the bandwagon behind them, considering EDCCs as the proverbial hammer to which every problem appears a nail, that in their enthusiasm to sell a new product or promote an ICO for a utility that doesn’t yet exist have fostered a great misunderstanding in this rapidly growing industry filled with noobs and hope that springs eternal.
For those who proclaim “code is law!” I have to demur; if these “smart” EDCC contract codes are laws, I do not want to be in any state governed by them. If code is law … we need to write better code.
The Future Soon
Johnathan Coulton, songwriter and humorist, who wrote the well-loved song “Still Alive,” at the end of “Portal” (a much loved video game about a factory run by an all-seeing, birthday cake-shilling robot out to kill its staff), wrote another fantastic piece called “The Future Soon,” a tale of a bionic young man besotted by unrequited love, whose ambitious robot creations go AWOL and launch a vast interstellar war. In it, the chorus plaintively states, “Well it’s gonna be the future soon, and I won’t always be this way, when the things that make me weak and strange get engineered away.”
No matter how “woke” a bitcoin bro is, it seems pretty clear to me that this vision of smart contracts making the important life decisions of a society is fueled by a “robots don’t cry” vision of how somehow, someway, when executed with enough precise finesse, with enough data and enough prescience, the world breaks down to black and white, zeroes and ones, no and yes, right and wrong, tab a, slot b, blue pill or red.
Imagining a world where our artificial intelligence could be that smart, to understand the vagaries of human behavior and the chaotic elements of life on life’s terms, is mind-blowing. I think many suspect that somehow, somewhere, exists a vast intelligence that can indeed be broken down into spinning fractals that explain space and time and Dylan Thomas’s “force that through the green fuse drives the flower.” It’s something to reach for, pure science that advances existing technology. I don’t think we can ever truly get there, though. It’s an asymptotic curve that approaches ever closer to, but doesn’t ever really reach, its goal.
As with space exploration, the pure science of blockchains always sets a goal with interstellar reach. It’s the process of reaching it that yields the greatest dividends, such as space ice cream, and Velcro. (Okay, space exploration has yielded many more impactful technologies, but these are my current favorites.) I cannot wait to see what comes about from our attempts to dowse the mysteries of choice and chance. And we don’t have to figure them all the way to infinity, just to the outermost reaches of our present understanding, and then, new knowledge in hand, again beyond that. It’s called learning.
Real life exists in shades of grey. Chaos and entropy live in every system, murk up the corners of our decisions; they’re why I unconsciously flinch when I see your pupils constrict without even knowing it, why you respond to my action by reaching out without knowing why. They’re why ownership of that estate shouldn’t automatically flip over to that newly-come-of-age scion because he is grappling with an addiction problem, they’re why we forget to buy a set of headphones we wanted, because, in fact, they weren’t really important anyway. The weirdness of real life is why it’s so effing hard for a computer to come up with truly random numbers. Hard and fast decisions decay, life is imprecise. Some choices can be expertly handled by a math equation. Many cannot. This is what new converts to the world of cryptographic solutions need to understand, and it’s actually a beautiful realization: how immense life is, how full of mystery. “The origin of all technical achievements is the divine curiosity and the play instinct of the working and thinking researcher as well as the constructive fantasy of the technical inventor,” stated one physicist in a speech from 1930 in Berlin.
So let me tell you about my roommate’s job.
She’s a nurse in her mid-fifties, with all the accompanying credentials and acronyms and years of learning and caring for others, her cool fingertips on aching skin, behind her name to back that up. She has cleaned up feces and birthed babies. She knows life is messy, weird, complex, and unpredictable.
She works for an insurance company. When your doctor decides you need a battery of tests to see if that thing is really just a cyst, the orders go to her desk. And her amazing brain, which is unerringly logical (most cut-and-dry lady you’ll ever meet), pores over your medical history all the way back to that broken bone you got when you were ten and the weird freckle you had removed at 32, and she thinks about your mom’s history with things that were just cysts until they suddenly weren’t any more, and she considers your age, and the meds you’re on and how long you’ve been taking them. She considers the price of the tests that were ordered. She reads over your name. She understands you are a real person, with a real life, and that you see out of the absolute center of your own unique little universe. She talks with your doctor over the phone and he tells her about your wife, who’s pretty upset. And she clicks a button that gives the go-ahead for a number of those tests, although maybe not some of the less important ones that she knows, with all her years of experience, will be useless to your diagnosis.
Then she comes home and listens to Tool and closes her eyes like a cat while she whirls her nunchaku around in the backyard (we’re two peas in a pod), with her bare feet on the grass to settle her mind. She has a tough job. You have to bend or you will break.
So now, which would you prefer going over your major life choices: my roommate, or a “smart” contract?
Who could write that algorithm, the one for her mind, for all those synaptic nets of experience and education and compassion and strength, full of the potential energy and tensile flexibility of bamboo?
When you write the code that does, then we’ll call it law.