Part II: Designing Smart Contracts: Considerations Involved
Smart contracts are automated contracts with pre-established terms and with the spread of blockchain understanding the process is really important
The beginning of the era of blockchain has brought with itself numerous benefits in diverse areas, smart contracts being one of the foremost evolutions of blockchain use cases. By now we know that smart contracts are automated contracts with pre-established terms. This post goes a step ahead to help you understand how to design smart contracts.
Components of a Smart Contract
Typically, a smart contract would comprise of following components:
· Smart contract code: For instance, Solidity code (that is stored, verified and executed on a blockchain).
· Smart legal contracts: These are written as a specification for using smart contract code as a complement/substitute for legal contracts executed in traditional usage.
· Automation: Normally, in early stages, an actual contract may be a mere smart contract having certain off-chain logic and execution mechanisms, however, as it evolves it becomes a fully blockchain-executed smart contract. This means that the smart contract can now be fully automated. Nevertheless, other contracts may comprise of a mix of self-executing terms along with terms that exist outside the software code, primarily since not all decisions/steps in a smart contract may be condensed into logic statements for such contracts.
Designing Smart Contracts
A smart contract design, at the very least, is nothing but a set of structured codes that enforce obligations. All the virtues of modern design certainly apply while making smart contracts. In fact, even more so, because of the immutable nature of the blockchain: clear design, well-thought-out security, thorough tests, and life cycle management are musts for any smart contractual arrangement.
Below are some aspects relating to designing of smart contracts that every individual entering into such contracts must know.
Interfaces and Modules
For traditional coding, it is a prevalent practice to segregate the code into various sections, which is also true in designing smart contracts. There are a number of libraries available which contain modules that can be used when writing a contract. It is also preferable to reuse such already available modules since this widely reduces the risk of committing an error and saves valuable time to focus on the "unique' features of the contracts at hand. Even when a module needs to be modified to fit some particular needs, reuse of the corresponding tests to ensure nothing gets broken is highly recommended.
Hence, it is always advisable not to overdo the contract or use fanciful coding techniques. Instead, keep it modest, especially because most contracts used by the public are going to have the corresponding source attached on the blockchain for anybody to inspect and validate. Having a clear, simple contract that is easy to understand gains more trust and is actually less likely to contain flaws than a large over-engineered contract doing way more than actually needed.
2. Addressing Security
When designing smart contracts, it is important to think about security from the very start. Since contracts are public and visible on the blockchain, everybody can potentially call every function. Even if you do not submit the source code, there is still the bytecode so everyone with the right understanding of the EVM and proper endurance can figure out what the contract does and call it. Hence, it's not a very good idea to count on security by obscurity. In order to avoid this, most contracts implement the owner pattern that can be used to restrict the highest state "administrator" change functions, like setup, start, stop, and kill.
Further, in case of an unexpected event (such as a severe bug in the EVM or the discovery of a vulnerability within the code), the assets within the contract might be in danger. In this case, it will be a good idea to have a halt functionally that stops most (but not all) of the activity within the contract while the situation is evaluated. From a security perspective, the decision to halt the contract should be available for central system operators and security agencies, while the unhalt should be restricted to the owner, much like a normal emergency button where many people can stop the machinery, but only a few can start it again.
3. Designing Single Contracts
As a contract evolves and has more and more features added to it, it's easy to end up with a fat contract that does way too much and becomes difficult to manage. If nothing else is done, the development will end abruptly one day, simply because the combined cost of code deposit and create execution exceeds the total available gas within a single block execution. This is called block gas limit (BGL). A way to keep an eye on this is to look at the gas estimates in the JSON output of the compilation.
In general, if the contract creation estimate comes anywhere near to BGL, the contract design should be revised. Further, instead of putting all functionality into a single contract, it's often advisable to divide it into several contracts that act together. Ideally, you can reuse already existing base contracts that have been well designed, well tested, and have stood the test of time (for instance, standard tokens, etc.)
Proper consideration of the above aspects is crucial to execute a smart contract effectively. With the rising integration of smart contracts in regular usage, one cannot miss out on these aspects in order to avoid denial-of-service attacks or spam transactions.