Open in app

Sign in

Write

Sign in

How to Create Secure Smart Contract on NEAR Protocol with Rust

Blaize Team
Blaize_tech
Published in
7 min readMay 4, 2023

The growing adoption of blockchain technology and decentralized applications (dApps) highlights the importance of security in smart contract development. Developers and users alike face the challenge of ensuring that smart contracts are reliable and secure. In this article, we aim to help you understand how to create secure and dependable smart contracts on the NEAR Protocol platform using the Rust programming language. Blaize team has extensive experience in dealing with these challenges and has successfully developed secure smart contracts on the NEAR Protocol.

NEAR Protocol today is 750 active projects, 125 DAOs, and 550 thousand community members. NEAR platform nowadays isn’t the most popular network to create a smart contract with Rust but it definitely has several reasons to reckon it: low transaction cost, strong community, and, surely, a high level of security. How to reach the maximum secureness for your smart contract on Rust might be the most important answer while speaking about NEAR. Let’s take a closer look at its advantages.

We have already discussed the topic of how to choose the right blockchain for dApp development — the expert article is available.

Understanding Smart Contracts on NEAR Protocol

NEAR contract base is one of the most suitable for development. All core functionality is covered with macros, making working with memory relatively easy. Although scalability is not its strongest suit, it is an option if required. From a security perspective, there are no major vulnerabilities, except for the default ones present in any blockchain. Additionally, NEAR is capable of using the sharding mechanism, which facilitates the safe distribution of data storage requirements.

Sharding

The principle of sharding underpins the structure and development of the NEAR Protocol. Sharding is a method that breaks down a network’s design into multiple distinct nodes to lessen the computational burden on the system. Each node in the platform is responsible for handling a certain quantity of the platform’s transactions. Due to the segmentation of network nodes, data can be rapidly accessed and scaled in a decentralized network, replacing the conventional approach of requiring each node to execute the network’s code. This enables efficient data retrieval and scalability.

Low Transaction Fees

Compared to other blockchains, NEAR Protocol boasts low transaction fees, making it more accessible for developers and users alike.

User&Developer Friendly Environment

The NEAR Protocol provides a developer-friendly environment, complete with comprehensive documentation and a supportive community, to facilitate a seamless development process.

Robust Tooling

Developers can take advantage of a wide range of tools and libraries provided by the NEAR Protocol, allowing for efficient and effective smart contract development.

Interoperability

The NEAR Protocol is designed to be compatible with other blockchains, which enables developers to create dApps that can interact seamlessly with various networks.

Security

Security is a top priority for the NEAR Protocol, making it an excellent choice for developers looking to create secure smart contracts.

Why Rust for Smart Contract Development

Rust is a powerful and versatile programming language, well-suited for smart contract development. Its safety and performance features make it a popular choice among developers working on blockchain projects. One of the key advantages of Rust is its ability to be used as a low-level language, allowing developers to work directly with memory.

Many other blockchains can allow themselves to avoid spending time on writing polished interfaces and instead provide developers with an unfinished API because it’s faster for them. We can see this trend in other chains like Solana, Terra, Aptos, and many others. However, NEAR is one of the minority that has invested time and effort into creating a good API for development. The core team’s dedication to providing a well-crafted interface is one of the reasons why working on NEAR is a pleasurable experience most of the time.

In addition to NEAR’s commitment to providing a high-quality API, Rust programming language offers several advantages for smart contract development, such as:

  • Strong safety guarantees, which help prevent common programming errors and vulnerabilities.
  • Excellent performance, enabling fast and efficient execution of smart contracts.
  • A supportive community and a rich ecosystem of libraries and tools.

These features make Rust an excellent choice for developers looking to create secure and reliable smart contracts on the NEAR Protocol.

Creating a Secure Smart Contract on NEAR Protocol with Rust

Using Rust programming language for smart contracts on the NEAR Protocol involves a series of steps. You’ll need to prepare your development environment and tools to get started. Here’s a step-by-step instruction on how to create and deploy a smart contract using Rust on NEAR:

The first part of the table
The second part of the table
The third part of the table

By following these detailed steps, you can successfully create, test, and deploy a smart contract on NEAR Protocol.

Remember to adhere to best practices for ensuring security in smart contract development and leverage Rust and NEAR Protocol tools to test and audit your smart contract. Blaize team uses the most efficient instruments to provide our clients with the highest level of secureness.

How to Achieve The Security of Smart Contracts on the NEAR Protocol

Achieving maximum security for smart contracts on the NEAR Protocol requires addressing several specific issues. By being aware of these concerns and taking appropriate measures, you can ensure a higher level of security for your smart contracts. So to create a secure smart contract on NEAR protocol, one needs to follow these recommendations:

Managing Gas in Cross Contract Invocations

For any cross-contract invocation, you need to manually put gas into the call. This can lead to situations where gas is incorrectly counted, causing the invocation to fail. It is important to be aware of this issue, as local tests with simulations may pass with a specific gas amount, but fail on a real node. Make sure to accurately estimate gas requirements and allocate sufficient gas for cross-contract invocations.

Handling Storage Prefixes

NEAR requires you to pick a unique prefix for each container within a smart contract. This is necessary for the blockchain to detect which bits of data (all data in chains is stored in bit arrays) belong to which container inside the smart contract. There was even a public incident where an NFT was stolen because an existing prefix was used for another container. To avoid such issues, always use unique storage prefixes.

Addressing Cross Contract State Fallback

This issue is somewhat inherent to the nature of cross-contract invocations. In case of an error in a chain of cross-contract invocations, the fallback will occur only for the call where the error occurred, while previous changes in the call chain will remain. It is important to be aware of this issue and always check if a call leads to an error, making sure to revert actions as needed.

By addressing these specific concerns and following best practices for smart contract development, you can create secure and reliable smart contracts on the NEAR Protocol. Additionally, make use of Rust and NEAR Protocol tools to test and audit your smart contract to ensure its security and robustness.

Blaize Experience

Blaize is a Ukrainian blockchain development and security company with a track record of success in the NEAR ecosystem. Our accomplishments include:

  • Two wins in the Near Hack 2021, with the lending protocol for NEAR and DAO protocol for source reputation validation.
  • Omomo protocol: A complex TradeFi platform for spot trading. Platform with three functional modules: lending pools, limit orders over Ref.Finance and margin trade built upon previous modules. Within the framework of cooperation with OMOMO, Blaize team has won two hackathons representing our attainments in developing and deploying leverage trading systems and limit orders.
  • A series of audits for NEAR, including auditing of several modules from the Rainbow Bridge.

More Blaize development cases are available here. Take a closer look at it to get deeper into Blaize expertise and experience.

Conclusion

Creating secure smart contracts on the NEAR Protocol with Rust is a crucial skill for developers in the blockchain space. This article has provided an overview of the process, from understanding smart contracts on the NEAR Protocol to implementing best practices for security. With the right tools and knowledge, you can create secure, reliable smart contracts that meet the needs of your dApp and its users.

At Blaize, we have extensive experience in secure smart contract development with NEAR Protocol, and we’re always ready to help you dive deeper into this topic. If you’re interested in learning more or need assistance with your project, don’t hesitate to contact our team for expert guidance and support.

Article source: Blaize blog https://blaize.tech/article-type/web3-security/how-to-create-secure-smart-contract-on-near-protocol-with-rust/

Blaize
Web3 Security
Near Protocol
Rust
Smart Contract Security

--

--

Blaize Team
Blaize_tech

Written by Blaize Team

84 Followers
Editor for

We are a development & service company with an emphasis on blockchain technology

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams