The hardest smart contracts question we encountered
Validity Labs organises hands-on workshops for developers and corporates to get started with smart contracts. In the past months, we delivered a few of these to a diverse set of participants in Zurich.
The novelty of smart contracts enables us to make a great first impression on workshop participants. People are impressed by the technology when one demos the deployment of a DAO. Decentralised Autonomous Organizations (DAOs) are an entirely new form of organization with business rules encoded and upheld by smart contracts.
Our demos are inevitably followed by questions on the shortcomings of smart contracts when compared to traditional English language ones. Our attendees brought up the following points:
- Unlike English language contracts, smart contracts can’t be read / understood by the majority of users: The purpose and limitations of traditional contracts can be decently understood by a majority of people. The same is not true of smart contracts — a very small minority of people are able to read Solidity. How will smart contracts succeed as a technology if users don’t want to entrust their financial assets to a digital entity they don’t understand?
- Legal liability in case of smart contract bugs is undefined: Software developers intuitively grasp the complexity of deploying smart contract applications that might end up handling millions of dollars on a public adversarial network. Complications also arise due to the need for locking down the power of contract administrators to make trustless applications. What happens when there is a bug in an unalterable smart contract impacting million of dollars in user assets? Who is legally liable in these situations?
Smart contracts can also be deployed by anonymous developers. Do users have to hand over control of their financial assets to potentially bug-ridden entities they don’t understand deployed by anonymous actors? Why would the broader society trust such a technology?
Perhaps indemnity or insurance against bugs would help develop trust in the technology. To my knowledge, there is no definitive solution to the hard problem of assessing risk of bugs in a particular smart contract. There is no analog to this problem in the world of English language contracts.
- Lack of privacy: The great strengths of smart contracts — immortality, lack of a single owner, transparent accounting and censorship resistance — simultaneously create their Achilles’ heel. Keeping a user’s smart contract finances completely private is impossible with current systems. There are multiple tricks, like ring signature schemes and cross-witness algorithms, to break the linkage between accounts users own and the contracts they participate in. The User Interaction design challenge of making them easy to use and adopted at scale is unsolved.
Further afield, there are advances, such as Project Hawk, that enable stronger guarantees of contract privacy. We shall cover these systems in future blogs but it’s probably fair to say that these are several years away from being easy to use.
Traditional contracts fare better. They enable privacy for parties to a contract as long as no disputes are encountered.
- Contradictions with national laws: Consider the scenario where a smart contract is used as a mechanism for the inheritance of assets: A couple deploys a smart contract enabling their son to claim 75%, and their daughter 25% of their Ether upon deceasement. Such a smart contract could be interpreted as gender discriminatory and therefore violate national laws in many jurisdictions. For instance, India passed an amendment outlawing similar inheritance patterns in ancestral property. Traditional wills upheld by judicial systems shine through as more fit-for-purpose in upholding national laws.
The potential for using smart contracts to carry out actions deemed illegal is massive. Interested readers can browse this paper to see some great examples. Wouldn’t all the criminal innovation enabled by smart contracts taint this technology even while it is very young?
- Underdeveloped societal infrastructure: All of the above can be summed up by remarking that society is unprepared for the uptake of smart contracts at a large scale.
Any widespread technology needs a large set of collaborating infrastructure in order to function. Gasoline cars need a network of filling stations, maintenance services, oil refineries etc. in order to work. Legal technologies are no different — the current setup has notaries, lawyers, law schools, judges, basic contract literacy and other components working in concert.
The societal infrastructure needed for smart contracts including developers, educators, insurance firms etc. is in its infancy. How will this infrastructure be bootstrapped?
Given all the above, why would society adopt smart contracts on a massive scale? Is there an incremental path of achievements to take the technology from the current state and deploy it massively in the next decade? Are there hidden properties of smart contracts that make them compelling enough for society to adopt them despite all the above?
Or are the challenges just too massive to be surmounted?