After the long-awaited integration of Ethereum, it’s time to think about how smart contracts can be improved as well. Basically, applications that run on the blockchain, smart contracts are a vital component of our Web3 applications. But interacting with them remains very dangerous, especially for non-developers. Many incidents where users lose their crypto assets are caused by malicious or buggy smart contracts.
As a Web3 application developer, this is a challenge that I often think about, especially as waves of new users continue to join the various blockchain applications. Fully Trust a smart contractthe consumer needs to know exactly What it will do when making a transaction – Because unlike in the world of Web2, there is no customer support hotline to call and get a refund if something goes wrong. But at the moment, it is almost impossible to know if a smart contract is secure or trustworthy.
One solution is to make wallets themselves smarter. For example, what if the wallet could tell us if a smart contract was safe to interact with? It’s probably impossible to know with 100% certainty, but wallets can, at least, collect and display a lot of the signals developers are actually looking for. This would make the process simpler and safer, especially for non-developers.
Here’s a deeper look at the advantages and disadvantages of smart contracts, why they look like the Wild West now, and how we can improve the user experience of using them.
The promise and danger of smart contracts
For developers, using a smart contract as a backend for their app has huge potential. It also increases the possibility of bugs and exploits. It’s great that developers can create smart contracts without asking anyone’s permission, but this can also expose users to significant risks. We now have hundreds of millions of dollars worth of apps with no security guarantees. As it stands, we simply have to trust that these apps are bug-free and do what they promise.
Many non-developers are unaware of the safety issues involved and do not take appropriate precautions when interacting with blockchain-based applications. An average user might sign a transaction thinking they will do one thing, only to discover that the smart contract is doing something else entirely. This is why malicious smart contracts are a primary vector for malicious party attacks.
Why smart contracts are the wild west?
When a Web3 application makes a smart contract call, you don’t know exactly what the transaction will do until you actually do it. Will it work on sk Non-Fungible Token (NFT)Or will it send your money and codes to a hacker? This unpredictability applies to any online application, of course, not just Web3 applications; It is very difficult to predict what the code will do. But it’s an even bigger problem in the Web3 world since most of these apps are inherently high-risk (they were designed to handle your money), and there’s very little protection for consumers.
The App Store is largely secure due to Apple’s review process, but this is not found in Web3. If an iOS app starts stealing users’ money, Apple will remove it immediately to mitigate losses and cancel its creator’s account.
On the other hand, malicious smart contracts cannot be canceled by anyone. There is also no way to recover stolen assets. If a malicious contract drains your wallet, you simply cannot dispute the transaction with your credit card company. If the developer is anonymous, as is generally the case with malicious contracts, there is often no option to take legal action.
From a developer’s point of view, smart contract code is best open source. Popular smart contracts usually publish their source code – a huge improvement over Web2 applications. But even then, it’s easy to miss what’s really going on. It can be very difficult to predict how the code will run in all scenarios. (Consider this scary long Twitter route By an experienced developer who almost fell into a complex scam, even after reading the respective contracts. Only after a second close examination noticed the vulnerability).
Compounding these issues, people are often pressured to act quickly when dealing with smart contracts. Consider the low NFT promoted by influencers: consumers will be worried about selling the lot quickly, so they will often try to make a transaction as fast as they can, Ignore any red flags they may encounter Along the way.
In short, the same features that make smart contracts powerful for developers — such as permissionless publishing and programmable funds — make them extremely dangerous for consumers.
I don’t think this system is fundamentally flawed. But there are plenty of opportunities for Web3 developers like myself to provide better firewalls for consumers who use wallets and smart contracts today.
Experience using wallets and smart contracts today
In many ways, wallets like MetaMask look like they were made for developers. They show a lot of deep technical and blockchain details that are useful when creating applications.
The problem with that is that non-developers also use MetaMask – without understanding what it all means. No one expected Web3 to go mainstream so quickly and conservatively Didn’t quite keep up with the needs From the new user base.
MetaMask contains It has already done a great job of renaming a “mnemonic phrase” to a “secret phrase” to prevent consumers from inadvertently sharing it with hackers. However, there is more room for improvement.
Let’s take a look at the MetaMask user interface (UI), followed by some samples I’ve created that show some potential improvements that could direct consumers tosuccess pit. (By the way, MetaMask serves here as a reference because it’s so widely used across the Web3 world, but these UI ideas should also apply to just about any wallet application.) Some of these design tweaks can be created today, while others may technically require advancement on the smart contract side. .
The image below shows what the current MetaMask smart contract transaction window looks like.
We see the address of the smart contract we’re interacting with, the website that initiated the transaction, and then a lot of details about the money we’re sending to the contract. However, there is no indication that What does this contract do? or any indication that it Safe to interact with.
Possible solutions to improve smart contracts
What we would really like to see here are signals that help us as end users determine whether or not we trust this smart contract transaction. As an analogy, think of the little green or red padlock in the address bar of modern web browsers, which indicates whether or not the connection is encrypted. This color-coded indicator helps guide inexperienced users away from potential dangers, while experienced users can easily ignore them if they prefer.
As a visual example, here are two UX design templates for MetaMask transactions – one potentially secure and one less certain.
Here are some references in my model:
- Has the contract source code been published? Open source contracts are usually more reliable because any developer can read them to find bugs and malicious code. MetaMask already includes various links to Etherscan, so this will be a simple and convenient indication to add.
- Review result. Third party audit is another indication that can determine trustworthiness. The main implementation question here is how to determine this result. Are there any accepted standards for this already? If not, one simple way might be to use Etherscan, which supports upload audits. MetaMask, in this example, could maintain its own list of reviewers, or rely on a third-party list. (From what I can tell, MetaMask is already doing this for NFT APIs and token discovery.) In the future, it’s easy to imagine a decentralized autonomous organization to determine audit scores in a more decentralized way.
- What can this deal do? Can external contracts be called, and if so, what are they? This will be very Perfectly hard to define, but I’m wondering if a simple version of open source contracts would be possible. There are already a lot of smart contract vulnerability scanners out there. If this is not possible for Solidity, I wonder if we can design a smart contract programming language Do Allow this level of static analysis. Perhaps individual functions can declare the permissions they need, and the compiler can guarantee matching.
- Security tips and education. If the smart contract does not contain many trust signals (see the above form on the right), the user interface may recommend an appropriate set of precautions to be taken, such as checking if the contract address is valid and using a different account. These are the suggestions in orange text, as opposed to red, because the lack of signals is not necessarily dangerous; Here, we simply recommend that users choose to be a little more careful about their next steps.
Like many of the features in MetaMask, these suggested features can be turned off in Settings.
Towards a safer future
In the future, there will likely be many tools that focus on safety based on the primitive components provided by blockchain. For example, we will likely see security protocols that protect users from buggy smart contracts become popular. (These do exist, but they are still somewhat niche.)
However, consumers are already using Web3 apps, even in these early days, so I’d like to see the developer community add more protection for them. Currently. A few simple improvements to wallets can go a long way. Some of the above ideas will help protect inexperienced users while simplifying the transaction process for Web3 veterans at the same time.
In my view, anything outside of trading crypto assets on Coinbase (or other large companies) is still too risky for the average consumer. When friends and family ask about setting up a self-booking crypto wallet to use Web3 apps (let’s face it – usually, in order to buy NFTs), always start by warning them about the risks. This scares some of them away, but the most determined people will want to use them anyway. When our wallets get smarter, we’ll be able to feel a lot better about preparing the next wave of new users to Web3.
Devin Abbott He is the founder of Deco, a startup that has been acquired by Airbnb. He specializes in design and development tools, React and Web3 applications, and most recently with The Graph.
This article is for general information purposes and is not intended and should not be considered legal or investment advice. The opinions, ideas and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.