- Hands-On Blockchain for Python Developers
- Arjuna Sky Kok
- 885字
- 2021-07-02 13:13:09
Why smart contracts?
You have now seen a smart contract in action. So what is all the fuss about? What can smart contracts do that traditional programs (normal web applications) can't? When it comes to changing the value of a variable in a program that lives on the network, we can use remote procedure call. More commonly, we can store a variable in a database and people can change the value in the database from a web application. When sending money, we can integrate our web application with Stripe or PayPal, giving us the means to send money. Alternatively, you could create a table in a database for storing digital money. Ether in Ethereum is basically digital money. In fact, a normal web application can do everything a smart contract can do, but faster and cheaper. The key difference is that blockchain solutions can be trustless. This means that you can put trust in the program itself, but not the operator.
In a normal web application, we rely on trusting the operators (developers or system administrators) of the web application. We hope that they develop and deploy the web application honestly. There is no way for us, as a user of the web application, to make sure the web application does what it tells everyone it is trying to do.
Let's say we have a web application that hosts videos (such as YouTube or Vimeo). The web application can increase the number of likes on a video if a user clicks the Like button. The rule is that a user can only like a video once. Consequently, you would expect a video that contains 400 likes to have 400 users who have liked that video. What if I tell you that behind the scenes, a system administrator can increase the number of likes artificially? This means that among 400 likes, it could be that only 300 likes come from genuine users. The other 100 likes are inflated by the system administrator. It does not have to be as raw as updating a table in a database directly, for example, through UPDATE video_likes SET likes_amount = 400 WHERE video_id = 5;. The way to inflate the number of likes could be embedded inside the system.
Normal users would not notice this. The company behind the web application could publish the source code on GitHub. But how do you make sure the web application is indeed built from the source code hosted on GitHub? What if, after deploying the web application, the system administrator or the developer patches the system?
There are a number of ways to prevent this digital cheating. First of all, we can introduce an IT auditor. These could be from governmental or non-governmental organizations. They will audit the source code of the system and, more importantly, check what the code does in the production system. In this situation, you move your trust from the developers or system administrators to third-party auditors.
As an IT consultant, I make a livelihood by building web applications and mobile applications. I once encountered a prospective client who wanted to make a digital newspaper (along the lines of the Guardian or the New York Times). This client asked me whether there is a way to move any article into the most viewed articles section as desired. The motive here was to promote specific articles, even if it meant that the system would be lying to users about what the most frequently viewed articles are.
The CEO of Reddit recently issued a public apology for being caught modifying comments made about him on the website. More information on this is provided at the following link: https://techcrunch.com/2016/11/23/reddit-huffman-trump/.
Even well-known websites play with digital cheating. For instance, some cryptocurrency exchanges fake trading volumes. More information is provided on this at the following link: https://medium.com/@sylvainartplayribes/chasing-fake-volume-a-crypto-plague-ea1a3c1e0b5e.
Smart contracts are another means of preventing digital cheating. A developer of a smart contract could publish the source code and deploy the smart contract into Ethereum blockchain. People can verify whether the source code being published and the smart contract being deployed are one and the same. A developer could create a method to cheat inside the smart contract, but this will be caught by users because they could reconstruct the source code of the smart contract from the smart contract's bytecode in the blockchain. A developer could not patch the smart contract that is already being deployed.
There are other smart contract properties, such as autonomy and censorship resistance. However, none of these properties beat its transparency. Alternatively, you must have greater power than all 10,000 nodes working together to protect the credibility of the Ethereum system. To make the math simple, you need to buy more than 5,000 computers with high-end GPUs. Let's say you have that amount of resources in order to cheat. Honest miners will be alarmed when you cheat in the Ethereum system, and they will make a noise on the internet. So if you have the means to cheat in Ethereum, you cannot do it sneakily. Furthermore, if you have the means to obtain 5,000 computers with high-end GPUs, you could become a miner in the Ethereum platform and generate a nice income. Consequently, it is very hard to cheat in the Ethereum platform.