Why is Anyone Still Developing on Ethereum in 2023?
After digging in, I found Ethereum to be not only slow and expensive, but I was also unexpectedly hacked through a surprising vector.
A few months ago, after about 18 months of just hodling my crypto and not really paying attention, I came back to make some adjustments, see how the FTX.us bankruptcy was unfolding (sheesh), and check out the development landscape for distributed apps.
Naturally, I started with Ethereum, which is currently the most widely used blockchain for decentralized app (DApp) and decentralized finance (DeFi) platforms. Ethereum is a 2nd-generation blockchain that differs from 1st generation blockchains like Bitcoin by supporting decentralized code execution.
According to Electric Capital, a crypto-focused VC firm that publishes the Developer Report, about 25% of all developers in crypto are building on Ethereum, with the remaining 75% spread out across hundreds of other projects. Ethereum’s full-time dev community is 2.5x the next largest community, which is Polkadot.
Ethereum’s smart contracts, stablecoins, ETH 2.0 Staking, DeFi apps, and the ability to earn passive income through liquidity mining — especially via the Curve DAO token (CRV) — all sounded very interesting and I dug in.
However, the lustre around Ethereum quickly wore off for me as I issued transactions to try these various things out — and found the cost, speed, and security all lacking. This has led me (and apparently many other developers) to look at 3rd and 4th generation blockchains that also support DApps, which, by market cap points to Cardano and Solana.
I first noticed how slow Ethereum is when converting ETH to CRV tokens. While my first transactions were at peak hour, they were taking anywhere from 7 to 20 minutes to confirm, with some transactions never completing. I’ve since experienced an average of 2 to 5 minutes for transactions to confirm. Compared to XRP, these transaction times are glacial. Per on-chain transaction volumes, Ethereum handles about 30 transactions per second (TPS), while Cardano handles around 257 TPS, with Solana claiming a top limit of around 57K TPS.
Maximum Transactions per Second (TPS)
- Ethereum — ~30
- Cardano — ~257
- Solana — ~57K
Next, I noticed how expensive Ethereum was to use, either when transferring funds, or converting from one token to another. I’m looking at a long ledger of $4 to $11 fees, with some of the fees being paid even for failed transactions. At peak times I’ve seen estimated fees in the $20–30 range, but I usually opt out. By contrast, it cost me almost nothing to transfer funds using XRP, and with a little digging, I found that the average fees for Cardano and Solana are much lower:
Average Transaction Fees:
- Ethereum — $4–12
- Cardano — $0.02
- Solana — $0.0002
Being slow and expensive are not great platform attributes for an aspiring developer, however, when I checked on my accounts and saw that I’d been hacked, well, this really got my attention.
Around the middle of July, I noticed that 500 tokens, in a stake pool that will remain unnamed for now, were withdrawn from the pool, quickly converted to ETH, and sent to some random wallet. I checked and double-checked all my balances and past transactions and confirmed that I’d been hacked.
It turns out that smart contracts on ETH will request and gain ‘Token approvals’ from the ETH wallet owner via an approval transaction that precedes the actual transfer or conversion of funds. In this case, I approved the conversion of ETH into 500 tokens representing the stake pool, and this approval was somehow left open and exploited by a hacker several hours later. Apparently, these authorizations can hang around for years and can be used to transfer tokens out of your wallet. (Even a hard wallet — I am using a well-known hard wallet solution that requires that a PIN code be entered into a device for every transaction.) To be safe, you have to explicitly revoke these authorizations through a special type of transaction that costs, you guessed it, more fees.
Revoke’s Approval Hacks & Exploits page documents millions of dollars worth of hacks that have been carried out against funds available to smart contracts via token approvals.
For now, my attention as a developer is focused on Cardano. Cardano also supports smart contracts, but built on top of peer-reviewed research and stringent methods, which aim to ensure their correctness and quality. Further, Cardano now supports the Ethereum Virtual Machine (EVM) on a sidechain, allowing Solidity developers to create and deploy Ethereum compatible apps on Cardano, with lower fees, better security, and access to existing developer tools.
So, that’s my experience, however, I’d love to hear your perspectives and experiences comparing Ethereum, Cardano, and Solana for developing Web3 apps.
