Smart contracts are a must-have feature for blockchain platforms. But smart contracts come in many forms. This article compares three different approaches.
Bitcoin was the first form of decentralized programmable money. Bitcoin’s built-in scripting language enables users to specify simple conditions attached to transfers – for example, requiring that two of three accounts have signed a transaction.
But blockchain can be used to execute far more complex and powerful logic. Since Ethereum launched in 2015, a slew of smart contract platforms has followed. Different platforms take different approaches – and each has its own benefits and risks.
The first and still the largest smart contract platform, Ethereum offers Turing-complete contracts. This means that theoretically any computational operation can be replicated on the Ethereum network. In other words, you can build pretty much anything.
Of course, the delays and bottlenecks of the blockchain mean you wouldn’t generally want to do that, but the point stands: Ethereum is an extremely powerful platform. That power is certainly an advantage, but it also brings vulnerabilities.
Ethereum is arguably too powerful, and too complex. Ethereum’s history is littered with examples of times when hackers were able to exploit vulnerabilities or features in a smart contract: The DAO, the two Parity wallet hacks, and many more. These were missed because the way Ethereum’s smart contract language, Solidity, operates means ‘edge cases’ are possible and it’s hard to figure out where all the security holes might be. Moreover, the fact that you can execute code of any complexity means it’s possible to write code that executes unpredictably – for example, it may be impossible to know how much it will cost to run.
Ethereum, then, is an amazing platform with exceptional innovation – but its power means it can also be risky. When you’re dealing with financial applications that process millions of dollars of users’ funds, that’s not a chance you want to take.
Funded by a year-long, $4 billion ICO, EOS has been called the ‘Ethereum killer’ – though it hasn’t yet delivered on this title. EOS is more like a blockchain operating system that enables a wide range of use cases. It’s massively more scalable than Ethereum, and doesn’t have transaction fees (removing that element of Ethereum’s vulnerability by default). But it’s also far more centralized, with just 21 Block Producers, and concerns that they could collude or be coerced to falsify blockchain data.
For its smart contracts, EOS uses WebAssembly (WASM), which enables developers to code in C++ and compile to WASM for use on EOS. It solves many of the issues of Solidity; as EOS’s GitHub explains, ‘In the world of blockchain, any non-deterministic behavior, unbounded computation, or unbounded use of RAM can take down the blockchain for everyone, not just a single user’s web browser. Single-threaded performance, fast compilation/validation of Wasm, and low-overhead calls to native code are critical to blockchains.’ It’s worth noting that C++ wasn’t designed for blockchains, and its standard can be messy, with implications for edge cases.
Ergo’s approach is similar in many ways, avoiding the most common issues that have plagued Ethereum. ErgoScript, which is based on Scala and designed specifically for execution in a blockchain environment, supports formal verification. it is always known in advance that a script will execute properly, and how much it will cost.
Ergo’s key difference is the use of Sigma Protocols, a powerful class of zero-knowledge protocols that enable very flexible use cases off the peg. In short, while you can do anything with Ethereum, trying to is often a bad idea. It’s either expensive, complex or risky. Ergo enables developers to implement use cases – including ring and threshold signatures, as well as other specialist cryptographic operations, for greater privacy and multi-party computation – easily and safely.
In itself, ErgoScript isn’t Turing complete. This is an intentional design choice taken to avoid the exploits that have seen tens of millions of dollars stolen from Ethereum applications or locked in its smart contracts. However, the Ergo platform can be used to create Turing-complete applications, but iterating operations over multiple blocks. This offers the best of both worlds: the safety provided by preventing unrestricted functionality, but nonetheless enabling complex dApps on the blockchain.