The Dangers of Smart Contracts
One of the hottest business buzzwords of the last few years is bitcoin. When the price of the cryptocurrency reached $20,000 back in December 2017, it seemed inevitable that bitcoin and its main platform, the blockchain, would take all over things business. In the world of contract management, that would mean the application of smart contracts to execute contracts and settle payments among parties. In this article let’s take a closer look into what are smart contracts and why enterprises should delay implementing this technology.
To learn more, read our Introduction to Contract Management eBook.
What Are Smart Contracts?
Smart contracts are self-executing contracts with the terms of the agreement between buyer and seller being directly written into lines of code. Since that coding structure and the contracts are stored and distributed in a decentralized blockchain network, no central authority or legal system oversees those transactions. The use of blockchain technology makes each transaction under a smart contract traceable, transparent, and irreversible.
The easiest analogy to explain a smart contract is a soda vending machine. Anybody can approach one of these machines but the machine only would sell you a beverage that you select after you provide payment. No payment, no soda. Transactions take place without no supervision but they are all traceable, visible, and can’t be undone.
The Appeal of Smart Contracts
There are several industries that are ripe for the benefits of software automatically performing actions when pre-defined conditions occur. One of them is the banking sector. According to Accenture research published at the start of 2017, investment banks alone could save up to $12 billion per year by 2025 by adopting blockchain and smart contracts.
Some parts of the finance sector could also have a complete takeover by smart contracts. For example, derivatives trading is mostly conducted through computer networks using complex term structures.
Even more, Gartner has estimated that by 2022 more than 25% of global organizations will use some form of smart contracts.
But are smart contracts really ready for prime time?
Why Smart Contracts Are Still Far Away
While smart contracts have a lot of potential and are rising in popularity, companies and organizations should be very deliberate and careful in adoption. The reality is that adoption of smart contracts is not as close as we think.
The fact is that nobody writes perfect code. Ethereum, the second most valuable cryptocurrency after bitcoin by market capitalization, has been praised by many as having a superior code to that of bitcoin. There was so much trust in this code that a group of investors called the Decentralized Autonomous Organization poured more than $150 million into a project for decentralized investing. The plan was that the code would democratize investing: instead of a board, anyone who invested would have a say in how the funds were investing. And that the software would keep funds secured at all times.
However, in 2016, a hacker exploited that same “bulletproof” smart contract code and made away with more than $60 million in just the first 12 hours of his attack. Today’s state of blockchain technology is so mercurial and immature that any company using smart contracts is exposing itself to potential threats.
This is why in its report predicting that by 2022, 25% of global organizations would use some form of smart contracts, Gartner suggests that enterprises only undertake tried-and-tested and legally binding contract mechanisms; In simpler terms, sticking with regular contracts. If a smart contracts provider doesn’t commit to indemnifying your organization in case of a problem, including unexpected behavior or unintended consequences as in the DAO case, then your organization is assuming all of the risk.
In an effort to address concerns, some smart contracts developers are looking into get-out/cessation clauses. However, those some types of clauses increase vulnerability to exploitation and require rigorous clarity of purpose and impact. It should go without saying that implementation of cessation clauses is very challenging because nobody writes perfect contracts and code. From scope creep to subcontracting challenges to best efforts clauses, there are just too many issues already affecting the creation and execution of contracts. Adding an untested platform to the contract lifecycle mix is an unnecessary risk at this stage of the technology.
Given the current state of smart contracts, enterprises should use proven, traditional contracts whenever available. The lack of standards for smart contracts technologies shifts most of the burden to the enterprise as it exposes its contract data to potential risk. As the DAO case demonstrates, the implemented smart contract could fail to represent the original intentions of the signing parties. The 11,000 investors who sank $150 million into the project never intended to a third-party to take out money from the fund but that is what exactly happened.
Image Credit: Mohammed Hassan