private blockchain dev

Ethereum network: What are the restrictions of Smart Contracts and how to bypass them?

 
Smart contracts are an essential part of Ethereum network and its key peculiarity. Ethereum is a distributed Blockchain platform, for which programmers can create any computable function.
 
Solidity programming language was released exactly for that purpose. Like Java, PHP, Python and other popular programming languages, Solidity refers to the Turing-complete group. Also, its syntax is similar to one of JavaScript.
 
Thus, a smart contract is a program, compiled and recorded in Blockchain, with its own network address. With the help of this address we can call smart contract code, while a smart contract will be run on one of the nodes, a part of Ethereum network. Unlike traditional programs, smart contracts run in a distributed Ethereum network and have some distinctive peculiarities and restrictions
 
While Blockchain and Ethereum are at their peak, one can get somewhat of wrong expectations of what they’re supposed to do. Here are some cases that cannot be resolved with smart contracts.
 

  1. Transaction initiated after a certain time

 

The main idea is that once initiated and recorded in Blockchain, a smart contract receives an address (along with the account’s one), and by using it we can call its code (public methods), as well as a smart contract, can perform certain actions. Thus, to run a smart contract we always need an external impact, a call from a network member who has the appropriate launch rights.
 
We can set up a time check in a smart contract when we can call the method initiating the payment, but here the following problem arises: we can’t attach to the block timestamp within the contract, as it can be changed by the miner, and thus disrupt the contract or make its completion result unpredictable. Also, this peculiarity can be used for intentional manipulation of smart contract behavior.

Ethereum 1

The scheme of a smart contract with a deferred payment and external service, which is based on block timestamp checking

 
The only guaranteed way to make a deferred call of a smart contract is to link current time check to the number of generated blocks. We know an average block generation speed and we can get the exact number of generated blocks (but an average block generation speed can vary).
 
We need to periodically run a smart contract: when the number of blocks is greater or equal to the specified value – the code will be executed. Anyway, a smart contract can’t be launched on its own – for that we need a third-party service that will perform this operation at certain intervals.

Ethereum 2

The scheme of a smart contract with a deferred payment and external service, which is based on checking the number of created blocks

 

Security note:

A smart contract must not send Ether during the activities completion as sending Ether can call another smart contract, which in turn may fail (for example, in case of incorrect address of Ether sending).
 

We will only record the number of Ether, which will take an address and implement a function, which translates the recorded amount of Ether to the address of the person who requested it. This pattern for smart contracts is called Pull Payment.

 

  1. Transactions that occur at certain intervals

 
Here we face the same problem as in the previous example. A smart contract can’t be launched on its own, therefore, for the operation of periodic transactions we need an external service which will periodically run the smart contract code. When the payment terms are met, a smart contract will transfer the funds to the previously written address.
 
For example, we want to create a smart contract that would do employees payroll once a month. We want to keep payout addresses, payment amount and frequency within the smart contract. We will store payment periodicity in the number of blocks that must be created before wages. The main goal of the smart contract is to keep the account of the created blocks from the beginning of smart contract work to the last payment, that will be updated once a day thanks to the launch of a third-party service.

Ethereum 3

The scheme of a periodic payment together with an external calling service

 

  1. To get current exchange rates in a smart contract

Because of Ethereum network restrictions, a smart contract can’t directly contact with external services, but only with other smart contracts and Blockchain. There are several ways to solve this problem:

 

1) To establish a currency rate in a smart contract by using a third-party service

 

The service will periodically call a smart contract method and transfer a current Ether rate to it. Because of the distribution and lack of guarantee for the transaction execution time we can’t be sure that in the case of payment we will be guided by the current Ether rate. Thus, we need to link currency rate changes and wage payment which requires a more complicated contract code and external services’ work coordination.

 

Ethereum 4

The scheme of the work of a contract with periodic payments, that form the basis of current currency exchange rates. An exchange rate is established by an external service.

 

2) Allow a smart contract to request a currency rate on its own

 
As a smart contract can’t directly interact with external services, it needs a mediator, that will be able to provide external data. Such intermediaries are called oracles, third-party services that communicate with smart contracts through constant reading and recording in Blockchain. That is communication out of the system for smart contracts is possible only on the level of Blockchain. A smart contract sends a request to an external service with the help of oracle, this request is fixed in Blockchain and the oracle that constantly scans Blockchain for new requests, makes a request to the service.
 
Then the oracle records the answer in Blockchain and sends a message about response readiness to the smart contract that made the request. This way we can create a request to the oracle for the current rate before each payment and make a payment when the request result is ready. Dealing with an oracle of a third-party provider, it’s important to have a high credibility level as all smart contract requests occur through oracle servers. Also we need to be sure that oracle server made the required request and didn’t forge anything in the response. In oraclize.it service, providing oracle services to confirm a response validity, TLSNotary method is used.

 

Ethereum 5

The scheme of receiving currency rate through oracle

 

  1. Hide transaction for other network members

We have learned to make payments to employees by using a smart contract with certain intervals and a link to the current Ether rate. However, here remains the problem of publicity of all transactions and smart contract, as the total work with payments occurs in Ethereum network, each participant can view all transactions that were carried out within it. Also, we can’t keep any confidential data in smart contracts, since they are stored in a public Blockchain, which is stored on a hard disk and in the RAM of each system member.
 
Each smart contract has its private database and variables, where it’s possible to store data, not available out of the smart contract. However, despite the fact we can’t provide access to smart contract private variables and methods from the other smart contract, it doesn’t interfere an experienced programmer in gaining access to the required data, as a smart contract is a part of Blockchain base, available for reading for everyone. We don’t want outsiders to know about the salaries of our employees and the frequency of their payments. We also don’t want employees to know each other’s wages.
 
Unfortunately, smart contracts are not enough for solving this problem. At moment Ethereum network doesn’t support access rights differentiation to transactions (but there are plans to add this support in the future) and the content of a smart contract, so many organizations create their own private Ethereum-based Blockchains. Unlike traditional public Blockchains, a private Blockchain generally represents a closed network within the organization with the limited access.
 

Some of them move further and create an Ethererum fork (they modify the source code) with private transaction support, access rights differentiation to transactions, mining complexity simplification (creation of new blocks) and transaction validation, as a private Blockchain is usually run on a limited number of servers of the organization (or several organizations).
 
The best example of a fork is Quorum from J.P. Morgan. Quorum supports the privacy of both transactions and smart contracts. It also has a light transaction confirmation mechanism. Quorum is a ready-to-use solution which is publicly available.
 
Ethereum 7

The scheme of access restriction to a transaction in a private Blockchain Quorum. The table shows the transaction sent by Party A to Party B. The transaction extends to all nodes, but is available for reading only those nodes that can decrypt it (Party A and Party B).

 

  1. Payment regulation out of Ethereum network

A smart contract can’t manage payment out of Ethereum network. A smart contract can manipulate only Ether and other currencies, created in Ethereum (tokens). If we want to link bank transfers to the work of a smart contract, we need an oracle that will constantly monitor Blockchain for the necessary transactions and then conduct them through the bank API.
 
We can also transfer the task of storing payment values to the oracle, and to only initiate payments through Blockchain, thereby removing all confidential information from the smart contract. Thanks to that we save necessary transaction confidentiality and can use Ethereum public Blockchain without having to create a private one.

 

Ethereum 6

The scheme of work with offchain transactions

 
Ethereum is the first platform for running Turing-complete smart contracts, that has series of restrictions. Some of them will be fixed in the in the next versions, and some will be solved in competing platforms (Lisk, EOS).  Meanwhile, to bypass many platform limitations one has to rely on traditional centralized solutions, the kind of guiders from Blockchain network to the Internet. Also, platform restrictions can be fixed by the gradual transition from centralized web applications to their decentralized analogs. Thus, there is no need to provide a high level of trust to such services.
 
Ethereum is a decentralized application and smart contract platform allowing to create solutions that run on Blockchain, a publicly shared, secure and decentralized ledger. Speaking about traditional server architectures, each app has to set up its own servers that run their own code in isolated silos, making data sharing really difficult. And if something goes wrong with a single application, it impacts many users and other apps as well.
 
On Blockchain, anyone can settle a server (node) which replicates the required data for all servers to reach an agreement and be compensated by both users and programmers. Thanks to that user data remain private and apps – decentralized. Ethereum network provides developers with the ability to build their own Blockchain solutions (smart contracts and decentralized applications), where they can implement their own ownership rules, transaction formats, and other features. It is possible due to using a built-in Turing-complete programming language, allowing to write any computable function.