From Ethereum smart contracts to Solana programs: two common security pitfalls and beyond

Ethereum is a well-know blockchain that supports “turing-complete” smart contracts. Solana is a rapidly growing blockchain that also supports smart contracts — called Solana programs, and it seems to be superior to Ethereum in terms of transactions per second and cost.

Why Solana programs are faster than Ethereum smart contracts? What are their key differences? This article explains an essential difference between the two and illustrates two common security pitfalls in Solana programs.

Subscribe to Coinmonks Youtube Channel to get daily crypto news.

Code and data, couple or decouple?

In computer programs, there are always two things: (1) code — instructions that are executed by a computer’s CPU, GPU or other computing units; (2) data —inputs to the code or states of a program that are processed by the code. An essential difference between Ethereum and Solana lies in how code and data are represented in smart contracts.

In Ethereum, data and code are coupled together. A smart contract in Ethereum contains both the code and the data processed by the code. For example, in the Ownable contract written in Solidity below, the state variable _owner is data, and the function owner() is code. This coupled design is intuitive to write a smart contract, and it’s easy to understand the code. However, it makes Ethereum difficult to achieve high…