Why Move?: Key takeaways
- Solidity is bound to have security vulnerabilities due to structural issues. Consideration and efforts on secure smart contracts are essential for a healthy blockchain ecosystem.
- Move is specialized for smart contracts from the language design stage and provides high stability and flexibility.
- Innovations like Move are continuously needed for a healthy blockchain ecosystem.
Intro
Crypto is wild. For every groundbreaking dApp, there’s always the risk of a rug pull, exploit, or scam. This has been happening rapidly since blockchains gained a powerful weapon in the form of smart contracts. And it’s just a few lines of smart contract code that can control huge amounts of money.
Solidity was one of the first smart contracts to hit the market, and over the course of a decade, while there are many programming languages, most services on Web3 are developed with EVM-based Solidity. This has the advantage of being easy to develop with a well-established community, but for a healthy development ecosystem, various languages and infrastructures need to be supported. In this article, we’ll introduce Move, a new smart contract platform, and showcase its features.
Motivation for a New Smart Contract Language
The motivation for a new smart contract language is grounded in a fundamental concern: the safety of smart contracts is an existential threat to broader crypto adoption. Recurrent high-value hacks in the crypto space highlight this. Despite the careful and security-conscious nature of smart contract developers, the inherent complexities and risks remain high. For example, interfaces such as the call function used for low-level interactions in Solidity often lead to catastrophic problems such as reentrancy attacks. This is one of the unavoidable problems that stem from the functional requirements of smart contracts and Solidity’s linguistic limitations.
Reentrancy Attack
The solution?
Safer smart contract languages complemented by advanced testing, static analysis, and verification tools.
Move emerges as a candidate for addressing these challenges.
The Expanded Role of Smart Contracts: Simplifying Complexity
In the rapidly evolving landscape of blockchain technology, smart contracts have emerged not just as a tool for automation, but as foundational building blocks for decentralized applications. Their primary role revolves around three key functions: defining digital assets, setting governance policies for these assets, and executing prescribed actions under specific conditions. This trifecta forms the crux of any smart contract’s utility.
However, the journey of smart contracts over the past decade reveals a paradox. While they have been instrumental in the growth of blockchain ecosystems, their development has hit a plateau, often mired by repetitive coding patterns and a lack of innovation. This stagnation has led to an increased vulnerability to exploits due to the structural weaknesses inherent in existing smart contract languages.
The need of the hour is a language that streamlines the complexities of smart contract creation. It should offer a robust framework for asset definition, policy formulation, and action execution, all while ensuring security against external threats like re-entrancy attacks. In this regard, new players like Move are stepping up, offering innovative solutions to rejuvenate and secure the smart contract landscape.
Move’s Distinctive Approach
1. Type System and Bytecode Validation
The core of Move’s reliability is achieved through a rigorous type system and bytecode verification. Move’s type system is more than just a framework for defining data structures; it plays a comprehensive role in ensuring the stability of assets, memory, and resources. Move provides validation to ensure that all operations related to assets in a contract conform to a set of rules, preventing both permitted and unintended behavior. In addition, Move’s built-in Bytecode Validator provides the aforementioned system to strictly analyze the smart contract at the bytecode level before it is executed on the blockchain. This two-tiered structure ensures that contracts work as intended and prevents common errors and vulnerabilities.
2. Assets based on the Resource Model
Move is proposing a groundbreaking way to treat assets and ownership within smart contracts as first-class objects(citizens). This approach connects assets directly to the smart contract’s type system, making it intuitive and natural to deal with digital assets. In Move, this is called the Resource model, and it treats all digital assets as if they were physical entities. This approach is heavily inspired by Rust’s ownership model and prevents duplication, double spending, and destruction of assets.
Existing smart contracts like Solidity use secondary structures to represent assets, which is a major source of complexity and unreliability. Move adopts a design that breaks the existing paradigm by representing assets as primary types and managing them in a strict and clear form. This improves both developer experience and contract reliability, making interactions with assets smoother and more secure.
3. Stability through isolation and robustness
Move’s module system is a mechanism that provides isolation and robust safety to support secure interactions between different contracts. Each module in Move encapsulates types and functions and allows them to operate only within a defined scope, preventing unintended access by other modules. A module is defined as a collection of “types” representing Resources that represent assets and “functions” responsible for rules. Modules are stored within the account that published them and are isolated by restricting access. We’ll cover this in more detail in our article on the Move Resource model. The example below shows a module named ‘test’ published by the ‘0x42’ account, which contains a Resource named ‘Example’ inside the module.
This isolation is essential for ensuring the integrity and stability of multiple modules, especially when they interact in complex ways in a decentralized environment. In particular, it helps developers design new modules or integrate between existing modules in a way that minimizes errors and security issues.
Conclusion: The Dawn of a New Era in Smart Contract Programming
Move has changed the landscape of blockchain application development and security paradigms, going beyond just creating new smart contracts. It focuses on safety, simplicity, and versatility, demonstrating dynamic innovation. The more we delve into Move’s potential, the higher the possibility of redefining the standards for smart contracts. I believe it will become a significant milestone in the ever-evolving blockchain world.
Author : Harvey
Reviewer : Ryan
