Know Chuangyu Zhou Qipeng: In the future, smart contracts will involve a wider range of industries, with higher logic complexity, and non-developers can easily write

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

Know Chuangyu Zhou Qipeng: In the future, smart contracts will involve a wider range of industries, with higher logic complexity, and non-developers can easily write | Blockchain POD Conference

黄雪姣

2018-09-08 10:58

本文约5378字，阅读全文需要约22分钟

Difficulties in the social application of smart contracts in the future

On September 5th, the POD conference hosted by Odaily and strategically co-organized by 36Kr Group was held in Beijing. Knowing that Zhou Qipeng, head of Chuangyu's solution department, was invited to deliver a speech entitled "Smart Contract Security Status and Future" at the security forum of the conference.

In the sharing, Zhou Qipeng systematically introduced the generation and application of smart contracts, security incidents and security risk analysis, and proposed strategies to deal with smart contract security in the large-scale social application of smart contracts.

Zhou Qipeng said that there are three main difficulties in the social application of smart contracts in the future: first, with the arrival of the "blockchain +" wave, the industries involved will become wider and wider; second, the complexity of contracts required for industry applications will increase. The higher; the third is the future of smart contracts, in addition to developers, non-developers can also write, which will bring great challenges to the security of smart contracts.

The following is the full text of the speech, enjoy:

The following is the full text of the speech, enjoy:

My speech today is divided into four parts. The first one is to discuss the security incidents that have occurred in smart contracts that trigger our thinking, and why we should start discussing the security of smart contracts. The second part will make a brief summary of the security risks of smart contracts, and describe this issue to everyone. The third part is about the security of smart contracts in the case of blockchain + applications. The last one is how to do smart contracts in the future, and we also put forward our own ideas and suggestions.

The first is to look at the status quo of smart contract security.

Before that, I would like to explain a noun - smart contract. Smart contracts are one of the core technologies of the blockchain. The reason why it is called a smart contract is because a smart contract is a piece of program code that can be automatically executed in the blockchain, embedded in the top-level architecture of the blockchain. So we can simply understand that if the blockchain technology is compared to the smartphone operating system that everyone uses now, or the underlying technology of the blockchain can be considered as a network distributed operating system, smart contracts can be understood as It is the program running in this network distributed operating system. So a smart contract is an agreement to disseminate, verify and execute contracts in an informationized manner.

Smart contracts are based on the decentralized nature of the blockchain, allowing credible transactions without a third party, while these transactions are traceable and irreversible, these factors promote the development of smart contract technology. The ultimate purpose of the smart contract is to provide a better security solution than the original paper contract, or the contract text, while reducing the breach of the contract and the resulting disputes, which can greatly improve the efficiency of the transaction.

If you want to go back to history, this concept was proposed by scientist Nick Szabo in 1994. At that time, the Internet was still in its infancy, and it only proposed the idea of smart contracts. In 2008, the blockchain version 1.0 was born, providing a natural and trusted environment, but this environment lacks some things and cannot provide more interfaces that can be executed and invoked by third parties, so it can be said that blockchain 1.0 only supports some simple By 2014, the blockchain version 2.0 was released. At this time, while possessing the trusted environment attributes of the blockchain 1.0, it began to support Turing completeness, designed an interface for developers to call and execute, and provided a Likelihood of scenario resolution.

Next, we can review the pairs generated after the smart contract is actually run.Security incidents that have a relatively large impact on the entire historical process, This is what happened in 2016, the DAO event in Ethereum.

On June 15, 2016, the attack contract was created. On June 17, the attack started, and Vitalik Buterin notified the Chinese community immediately after learning about the attack. TheDAO guardians proposed that the community send spam transactions to block the Ethereum network to slow down the transfer of DAO assets. Vitalik then released the [Emergency Update: Vulnerabilities on DAO] announcement on the official blog. Explained some details of the attack and proposed a soft fork solution, there will be no rollback. No transactions and blocks will be reversed. The soft fork will consider any transactions related to the DAO and child DAO as invalid transactions starting from block height 1760000, thereby preventing attackers from withdrawing stolen assets after 27 days. After this there will be a hard fork to retrieve the assets.

Let's take a look at how the contract itself is attacked. First of all, the left side is the code snippet of the DAO smart contract, where a withdraw function is written, and the right side is the code snippet of the hacker attack contract. When the attack contract is executed, the withdraw function of the DAO smart contract can be called directly from the outside. Continuous recursive calls are executed layer by layer, so that hackers can use the attack contract to transfer many digital assets of the original contract through the external call of the contract, thus triggering the DAO incident. The biggest impact is on the public chain of Ethereum, because a hard fork has occurred.

Next analyze someSecurity Risks of Smart Contracts。

Let me share with you the characteristics of the smart contract code. I have summarized four categories:

The first is the design of the account. The smart contract has designed two types of accounts, one is an external account, which is controlled by the public-private key system, and the other is called a contract account, which is controlled by the code itself.
The second is that there is something called gas on blockchain 2.0. The more complicated the contract code is, the more gas I need to spend during the execution of the contract. This creates a problem. If the gas provided by the caller is insufficient, the code that has been executed in the contract will be rolled back. The caller of the contract can also design its own gasPrice, and miners will give priority to transactions with higher gasPrice, so If the gasPrice is designed relatively low, or if the design is too high, etc., it is unreasonable.
Next is the function, which involves several functions. The first one is the fallback function (Editor's Note: When we call a smart contract, if the specified function cannot be found, or no function is specified at all, the fallback function will be called), and at the same time design functions such as transfer, send, call.value, etc. to receive funds, and there is also a function such as selfdestruct to make contracts.
The last is the function call, which is similar to the traditional calling method.

Next, let's look at the characteristics of the smart contract language.

The default visibility of the functions involved in this language is public. As long as a contract is written, the functions will be public to users if they do not have design authority.

The second one involves a lot of numerical calculations.

The third is to design three exception handling methods, require, assert or revert. They are different. require is generally written in front of the function to check whether the input variables and cooperation state variables meet the conditions, and will only be executed if the conditions are met. Assert is a function written at the end of the function from the developer's point of view to check the internal errors of the function, and if an error occurs, it will be forced to stop. The revert function is more special. When encountering some invalid code, it will roll back all previous states. There is another difference between these three functions, revert can return, if the contract is not executed, the gas does not need to be paid.

As mentioned earlier, the contract itself has a distinction between an external account and a contract account, soThe first and most common problem of smart contract risk is the problem of access control.

Access control functions should be set such that only specific users can call such a situation. I am a contract user who can call some mining functions, but we can see in the code process that hackers can improve their authority by writing malicious contracts or writing attack contracts, so that everyone can become a contract owner. Or, invisibly exposing the entire contract content function, or contract account function, will cause a series of problems later.

Here's an example of an error in the Owner constructor.

The constructor is only called when the contract is deployed, and it is not linked to the chain itself. Ordinary functions can be called arbitrarily, and the code is also written in the blockchain. Everyone should understand a situation, whether it is data or contracts, once they are on the chain, they are all allowed to be viewed, so after ordinary functions are written on the chain, they can be referenced and studied by any team, malicious hackers or white hats .

Let's do a simple code combing. Here is a constructor Owner. In the function defined by the following function, you can see that the capitalization of the Owner function has changed. Due to capitalization errors, such a structure is caused. The function becomes an ordinary public function.

Next, we sorted out what we think in the smart contractThere are currently four reasons why security risks are relatively large.

First of all, the first one is that the smart contract belongs to the uppermost layer of the intermediate protocol layer in the entire blockchain architecture. On the top is our so-called distributed application, so the position where it appears is located in the upper layer application, and the upper layer application itself has security problems. Probability, according to the previous applications based on the windows operating system, the probability of problems will be relatively higher.

The second is that the development time of language is very short, and the language itself is not perfect. So far, this language version is about 0.4.24. Generally, the development language versions that can be released publicly are all in V1.0 or V1.1, etc., so it takes a long time for the development of the version itself.

The third problem belongs to the domestic project side. The current experience is not very sufficient, and the development time of the language itself is very short. There are relatively few examples or demonstration standard documents based on the solidity language, including official releases. Developers have less experience and are not familiar with language features. They will use traditional Internet development software to develop blockchains. Lack of security experience leads to problems.

Finally, there is currently no perfect standard for smart contract code review. If there is no such standard, there are still many things that everyone is not clear about, and more strange problems will arise.

The next one is to show the statistics of the open source project DAPS and the security issues of distributed applications announced. There are ten categories such as recursive call vulnerability, access control, integer overflow, unchecked underlying call, random error and so on.

The last reason is that the smart contract itself is also a top-level application, and there are still many unknown areas including its own security issues. It requires more project parties, more white hats, and more security vendors to work together to continuously make technology, There are also upper-layer applications that are more robust and serve more social applications.

Next, I want to make a big guess or an expectation about the future application scenarios of our smart contracts. First of all, now combined with our social applications, whether it is blockchain or smart contracts, they have actually been integrated with some things in our lives.

First of all, the first financial attribute, like the previous news of Ant Financial in Hong Kong, uses blockchain technology to do cross-border remittances, including some original financial applications such as insurance, securities, and equity registration, which are now slowly taking shape. up. The second Internet of Things application, now the Internet of Things and car rental applications based on the blockchain are gradually emerging. The third supply chain, when Baidu introduced it in the morning, the document editing and traceability for Baidu Encyclopedia is also in the process of landing construction. The field of peer-to-peer convenience sharing in the energy field, including the field of public services, has gradually emerged for such fields as our culture, education, property rights, and medical care.

Let’s show a few pictures below, and first introduce the difference between traditional remittance and blockchain remittance. In traditional remittances, domestic remittances are fine and the speed is very fast, but once it involves overseas cross-border remittances, the efficiency is very low, which involves a problem, called the intermediary bank and the clearing network, as a centralized institution to solve the trust problem, lead to a decrease in efficiency.

If this scenario is put on the blockchain and implemented with a smart contract, through the decentralized trust mechanism of the chain itself, the transfer of assets can be realized with a smart contract, and settlement from assets can be settled at any time, including asset transfers. When Ant Financial was doing it the first time, it took about tens of seconds to remit money from the Philippines to Hong Kong.

The second application is in traditional supply chain finance. We have seen some domestic institutions boldly use blockchain technology to try to trace the source of goods, such as the previously exposed vaccine incident. Although the vaccine manufacturer as the source cannot be controlled by blockchain technology, the entire vaccine is transported in the cold chain, and the data in each monitoring station and each hospital can be uploaded to prevent malicious behavior of some individuals in the middle, resulting in data loss during transmission. loss and tampering.

The third is for traditional logistics. It turns out that traditional logistics has many pain points and mutual distrust. When I used Taobao before, the biggest problem was whether the buyer paid first or the seller delivered first. Later, Alipay appeared to solve the third-party trust problem. Buy a house and give the money to the middle platform. If there is a blockchain that can be combined with online shopping and payment scenarios, the problem of mutual distrust can be solved. The buyer can submit the order information on the chain at the moment when the buyer receives the goods. At this time, the money in the buyer's account will be It can be sent directly to the seller's account through the smart contract, including the risk of order tampering and private information, including now that everyone encounters courier information leaking personal privacy. Information identity of hidden data.

For vaccines, hospitals, and the medical system, every drug factory’s drug information can be uploaded to the chain, and the pills sold by the pharmacy can be confirmed on the chain. Patients can also associate with doctors, and even use an APP to know this person. Health information, including historical medication information and which hospitals were checked, can all be found.

I made some bold fantasies before, let's take a lookWhat will be the state of smart contracts in the future.

The first one is blockchain + application, which may involve a wide range of industries in the future. Baidu’s blockchain platform introduced several features just this morning. The first one is combined with copyright. Many of our commercial pictures will be uploaded to the chain, including In the future, there may be digital music copyrights and digital movie copyrights, including postal services, games, etc., which are more and more deeply integrated with our lives and involve more and more industries.

The second is that as there are more and more industries, each industry has its own characteristics, so the complexity of industry applications is getting higher and higher. Now the code of smart contracts is 300 to 500 lines. In the future, smart contract applications, A contract may have thousands or tens of thousands of lines of code. The more complex the code logic, the more logical loopholes and security threats will definitely occur.

The last scenario is that there are still relatively few developers, and more and more developers will become more and more mature in the future. In the future, many smart contract applications will be provided, not only for developers, but also for ordinary people. Our people can simply input some data, quantity or price just like using APP now, and then they can generate smart contracts spontaneously. The latter is actually the standard set by the public chain for smart contracts and their own projects, so that more and more people. So they are creating more and more problems that are not realistic by the way they are currently used.

We know that Chuangyu 404 laboratory is also combined with the previous introduction. In the future, it is expected that there will be wider and more complex applications, and there will be more smart contract scenarios. We have designed and developed a smart contract smart verification system, which can be combined with In the case of manual auditing, it is more through automation and intelligence, through deep integration with many public chain project parties through AI, through deep integration, the smart contract standards generated by the entire chain, and the applications used by smart contracts generated in the future , make them healthier and stronger, reduce the security loopholes that appear, so that these smart contracts can bring convenience to our lives and reduce economic losses.

The latter two are screenshots of our current internal version. We define the name as Haotian Tower. Through such a product or such a system, we can provide safe services and guarantees for more smart contract developers and users.

Today’s introduction is here for the time being. I hope that there will be students or project parties who are concerned about the technology in the future. If you are interested, you can communicate with us. Thank you.

黄雪姣

作者文库