Petar Tsankov, a research scientist at ETH Zurich, once stated that in blockchain, deploying a smart contract is somewhat like launching a rocket; it can’t be undone, and so the software can’t afford to make a mistake.
Blockchain at one point was considered the “unhackable” system, at least by many, and certainly by the media. However, geniuses can choose to use their power for good or evil. Before long, lone hackers and organizations were showing that there can indeed be weaknesses in blockchain—both the code and the architecture. The fear of a bad actor controlling a node is alleviated by the fact that the consensus is decentralized, and a majority can overcome the ill intent of an individual. That is until a number of platforms were attacked in 2018 by “51% attacks”: hackers gaining control of over half the network nodes and essentially rewriting the blockchain to exploit and steal currency. Many other weaknesses have been found in various platforms, and the platform teams themselves have thankfully identified many more before the code goes live. But with the industry now holding many, many billions, it is important to have incredibly robust, trustworthy code that can protect this major source of money, and as a result, this major target for hackers worldwide. What are the key challenges with traditional blockchain code, and why are the Substrate and Javascript languages particularly adept at overcoming them?
Key Challenges with Blockchain Code
While there are many different concerns and challenges with blockchain code, some of the biggest vulnerabilities are caused by three inherent traits of blockchain architecture.
You Can’t ReWrite History
For many blockchains, a smart contract is set up to run and not be changed at all. While sometimes platforms can correct an issue by writing another smart contract to interact with the original, sometimes a flaw is permanent. For Ethereum, a major flaw that was identified was too big to ignore, and the community decided on a hard fork—essentially jumping onto a slightly different blockchain as one and choosing to use it instead of the old chain. This caused a lot of controversy in the community, a lot of work, and a lot of concern. A small minority even chose to stay on the old chain, which is now known as Ethereum Classic.
A Public Blockchain Has Visible Code
The difficulties are even worse for public blockchains, as their source code is openly available to view. While this promotes transparency, it also gives hackers a greater chance of finding and exploiting a weakness and one that may be difficult to fix even if the platform is aware of it.
Not Enough Support for All Blockchain Programming Languages
There are a lot of languages used to build blockchains. While some are well known, others are rarely used, and many have limited documentation. This is concerning for code that could potentially facilitate the movement of billions in people’s investments. Pair this with the fact that some of these languages are simply difficult to audit, and it becomes clear that some languages are better than others for blockchain construction.
So what can be done to solve these problems? While there aren’t 100% solutions that make anyone language bulletproof, some languages are better than others at addressing these issues. Substrate and Javascript have proven themselves flexible, robust, and able to protect against hackers and roll with the punches.
Building a Foundation with Substrate
What It Is:
First, the name. A substrate is a foundation that supports the layers or processes above it. Like any foundation, it is built to be strong and to make the rest of the building process more manageable. While Substrate is often paired with the popular Polkadot, it is a separate entity. The connection is that Polkadot was built with Substrate, and those platforms that want to win a slot on Polkadot (or Kusama) will be able to integrate with ease if they’ve been built using Substrate. The goal of Substrate is to pre-develop those core, common elements that all blockchain platforms need. Features such as consensus, finality, and the logic that defines block voting; Substrate uses the robust Byzantine Fault Tolerance (BFT) to handle bad actors and still work seamlessly. Other features include networking, a Webassembly runtime, the setup to run a node in a browser so it can communicate with desktop/cloud nodes, and efficient client updates. Efficient updates are particularly special for a blockchain language, as it allows the code to be updated without requiring a fork. Since over time, it is guaranteed that slight bugs and potential vulnerabilities will be found in any language, this provides a solution for one of blockchain’s biggest weaknesses.
Why We Like It:
Substrate is well-audited, well-tested, and has many examples where it has aided in taking care of the basics so the team can focus more on a platform’s key value proposition. Polkadex, for example, is a fully decentralized peer-to-peer order book-based cryptocurrency exchange for the DeFi ecosystem and was built on Substrate. It was built with security as a top priority, more so than other financial platforms. This is because Polkadex’s key features rely on complete client peace of mind. Its order book allows users to leave their assets on the exchange (saving transaction fees), set up multiple hot wallets, and delegate assets to third parties. This requires a lot of trust, and Substrate has been able to deliver.
The Universal Appeal of Javascript
What It Is:
Javascript needs less of an introduction than Substrate. It’s been around in various forms for a long time but continues to improve, evolve, and has plenty of runtime, with it being a universal go-to for web applications, games, and more.
Why We Like It:
What you might not realize about Javascript is that it is so versatile, it can be used to build an entire blockchain platform. With a range of training resources, it is very helpful for ambitious teams who want to create an advanced blockchain platform. It is especially useful for platforms with a highly web-facing environment, and for those that feature a large amount of movement, animation, interactions, but require a strong base to also handle transactions, NFTs, and more. A prime example of Javascript at its best in the crypto world is with Kawaii Islands, a fantasy-universe game with beautiful and whimsical graphics, allowing users to simultaneously control their characters, craft and build, farm, while at the same time experience DeFi gamification incentives and NFT minting. This combination takes a lot to handle without the user experiencing either graphic lags or endangering their ability to interact with the underlying smart contract. Its success is helped a great deal by the core strengths of Javascript.
Putting it Together
Blockchain languages have different strengths and weaknesses, and every platform team needs first to understand what kind of platform they want and which features are most important to them. This insight will help inform the best blockchain language to use. Still, as thousands of platforms are already deployed and seeing real-time usage, there are some languages that are earning their reputation for flexibility, robustness, and trust.