UpToken Not Affected by BatchOverflow Bug
Several Ethereum-based tokens were effectively destroyed this week by a smart contract bug called BatchOverflow, but UpToken was not affected. Our decision to keep UpToken as simple as possible is paying off!
When we created the UpToken smart contract, we faced some criticism for being so conservative with our token design. We literally took the ‘minimum viable’ ERC-20 example code from Ethereum, and, without any alterations, used it to create UpToken. We didn’t even include the usual code for handling a token sale — we filled all our orders manually.
In doing this, we went charging in the opposite direction of most of the market: everybody else seems to be trying to out-do each other with ever more elaborate smart contracts. While these contracts undoubtedly have useful and interesting functionality, on balance, they are short-sighted, and reflect a poor understanding of the risks inherent in having valuable assets managed by unchangeable code.
If you are designing a smart contract, keep this in mind: every single line of code is a potential vulnerability. By creating a smart contract to handle millions of dollars of transactions, you are creating a cash prize of millions of dollars to anyone who can break your contract. The best minds in the world will spend hundreds of hours poring over every line of your contract, trying to find some way to break in.
Think of it this way — if you had millions of dollars of gold in a vault, how many doors would you want into your vault? Every single line of code is an additional door that someone might figure out a way to force open. Yes, smart contracts can do sexy, amazing things, but you need to ask yourself: is all that sexiness really worth a hundred additional doors into my vault?
On top of that, if a year from now someone notices a crack in one of those doors, you can’t just replace it with a better door — in most cases you are stuck with the smart contract you created FOREVER.
Writing a complex smart contract to hold millions of dollars requires a lot of time, money, and humility. If you really must do this, you need to have your code carefully reviewed by other security experts, made available to the public for months before it goes into action, and ideally you should have big cash prizes available to anyone who can break it before it is deployed.
Make sure you understand the risks of using a smart contract. If you must use one, use the simplest, oldest, and most widely used code you can find, and resist the temptation to tinker!
This post was written by UpToken Senior Blockchain Engineer and Founder of the ICO, J.R. Willett.
For more information on UpToken, please follow us on Twitter or join our Telegram Channel.
