Petar Tsankov, a research scientist at ETH Zurich, once stated that in blockchain, deploying a smart contract is somewhat like launching a rocket; it can’t be undone, and so the software can’t afford to make a mistake.
Key Challenges with Blockchain Code
While there are many different concerns and challenges with blockchain code, some of the biggest vulnerabilities are caused by three inherent traits of blockchain architecture.
You Can’t ReWrite History
For many blockchains, a smart contract is set up to run and not be changed at all. While sometimes platforms can correct an issue by writing another smart contract to interact with the original, sometimes a flaw is permanent. For Ethereum, a major flaw that was identified was too big to ignore, and the community decided on a hard fork—essentially jumping onto a slightly different blockchain as one and choosing to use it instead of the old chain. This caused a lot of controversy in the community, a lot of work, and a lot of concern. A small minority even chose to stay on the old chain, which is now known as Ethereum Classic.
A Public Blockchain Has Visible Code
The difficulties are even worse for public blockchains, as their source code is openly available to view. While this promotes transparency, it also gives hackers a greater chance of finding and exploiting a weakness and one that may be difficult to fix even if the platform is aware of it.
Not Enough Support for All Blockchain Programming Languages
There are a lot of languages used to build blockchains. While some are well known, others are rarely used, and many have limited documentation. This is concerning for code that could potentially facilitate the movement of billions in people’s investments. Pair this with the fact that some of these languages are simply difficult to audit, and it becomes clear that some languages are better than others for blockchain construction.
Building a Foundation with Substrate
What It Is:
First, the name. A substrate is a foundation that supports the layers or processes above it. Like any foundation, it is built to be strong and to make the rest of the building process more manageable. While Substrate is often paired with the popular Polkadot, it is a separate entity. The connection is that Polkadot was built with Substrate, and those platforms that want to win a slot on Polkadot (or Kusama) will be able to integrate with ease if they’ve been built using Substrate. The goal of Substrate is to pre-develop those core, common elements that all blockchain platforms need. Features such as consensus, finality, and the logic that defines block voting; Substrate uses the robust Byzantine Fault Tolerance (BFT) to handle bad actors and still work seamlessly. Other features include networking, a Webassembly runtime, the setup to run a node in a browser so it can communicate with desktop/cloud nodes, and efficient client updates. Efficient updates are particularly special for a blockchain language, as it allows the code to be updated without requiring a fork. Since over time, it is guaranteed that slight bugs and potential vulnerabilities will be found in any language, this provides a solution for one of blockchain’s biggest weaknesses.
Why We Like It:
Substrate is well-audited, well-tested, and has many examples where it has aided in taking care of the basics so the team can focus more on a platform’s key value proposition. Polkadex, for example, is a fully decentralized peer-to-peer order book-based cryptocurrency exchange for the DeFi ecosystem and was built on Substrate. It was built with security as a top priority, more so than other financial platforms. This is because Polkadex’s key features rely on complete client peace of mind. Its order book allows users to leave their assets on the exchange (saving transaction fees), set up multiple hot wallets, and delegate assets to third parties. This requires a lot of trust, and Substrate has been able to deliver.
What It Is:
Why We Like It:
Putting it Together
Blockchain languages have different strengths and weaknesses, and every platform team needs first to understand what kind of platform they want and which features are most important to them. This insight will help inform the best blockchain language to use. Still, as thousands of platforms are already deployed and seeing real-time usage, there are some languages that are earning their reputation for flexibility, robustness, and trust.