Ready to start your Web3 development journey?
→ Download our guide to developing smart contracts

Smart Contract Security Can’t Afford to Fail—and With the Clarity Programming Language, It Won’t

More than $55B is locked in smart contracts powering DeFi alone. The market cap of stablecoins exceeds $149B, and people spent about $44B on NFT smart contracts in 2021. In a decentralized future where billions of dollars are already being managed by smart contracts, and bugs and vulnerabilities in the code could be catastrophic, how do we empower developers to create high-assurance smart contracts?

Type
Deep dive
Topic(s)
Clarity
Published
October 4, 2022
Author(s)
CTO
Smart Contracts Can’t Afford to Fail — and With Clarity Language, They Won’t
Contents
Copy link

Current programming languages for smart contracts lack the capacity to enable developers to build secure decentralized applications. One of the reasons for this weakness is that smart contracts are only as secure as their underlying blockchain platform. Secondly, hackers could exploit vulnerabilities in the smart contract code, such as reentrancy, bad randomness, and time manipulation, in order to steal funds.

In this post, we discuss the Clarity language, the open-source programming language of the Stacks blockchain, and how it enables developers to write smart contracts secured by Bitcoin.

The Crypto Industry Can’t Afford the Failure of Smart Contract Security

Smart contracts are the foundational blocks of web3. They enable applications built on top of blockchains and power DeFi, NFTs, DAOs, and any other decentralized solutions you can think of. Since smart contracts are the cornerstone of blockchain applications, when they fail, the applications built with those contracts fail, and the entire ecosystem suffers.

Blockchains are a fundamentally different programming environment, which leads to new problems. For instance, bugs in smart contract code are almost impossible to fix because code on blockchains is immutable (by design). Today, existing smart contracts are exposed to varying degrees of risks, bugs, and vulnerabilities, and these bugs and vulnerabilities have real-life repercussions in industries with live use cases for smart contracts.

For instance, the DeFi sector, which is powered by smart contracts, is consistently being targeted by hackers. Blockchain Analytics company Elliptic reported that the DeFi industry recorded about $12B in losses in 2021, and as much as $5.5B was lost through code exploits. One such code exploit includes the BurgerSwap incident, in which an omission of a single line of code in the smart contract led to a $7.2M hack. In another, a hacker exploited the Proxy Lock Contracts of Poly Network across three different chains — Ethereum, BSC, and Polygon — to steal $611M, in what is the largest single hack in the cryptocurrency industry.

As decentralized solutions continue to gain increased adoption across multiple industries, hackers will be more active in their search for smart contract vulnerabilities to exploit. And the stakes are higher than just stolen funds.

Insecure Smart Contracts Will Have Regulatory Repercussions

Not only do hacks create the obvious problem of stolen funds, but they introduce more volatility to an already volatile space. A research paper by Klaus Grobys, a professor of financial economics, found that the price of Bitcoin and Ether became more volatile in the wake of a hack.

Regulators from around the world have cited high volatility risk as one of the reasons they advocate for strict rules on the role of cryptocurrencies in the global economy. Unfortunately, that volatility will stay high if hackers continue to find vulnerabilities to exploit in smart contract security. Combining volatility with insecurity is a recipe that invites unfriendly regulatory policies. Those policies, in turn, would stifle innovation and make it more difficult to build decentralized applications.

Insecure Smart Contracts Will Slow Down Crypto Adoption

Right now, the crypto industry is enjoying the inflow of early adopters, tech enthusiasts, and adventurers. However, crypto-assets may struggle to unlock mass-market adoption if the average person is worried about the security of their crypto assets or if they find decentralized apps unusable due to smart contract bugs.

Similarly, enterprises that adopt blockchain-powered solutions might face legal liability if the smart contracts powering their operations fail. Businesses that have built their brands on decades of reliability may hesitate to adopt decentralized applications if they can’t trust smart contracts to perform their designed function.

The immutability of blockchain technology makes it difficult to undo transactions, and it is practically impossible to recover stolen funds. If hackers find and exploit vulnerabilities in smart contracts, it would be difficult, if not impossible, to recover the losses. Therefore, there is a need in the industry for a programming language that makes it much harder to have bugs in the code, and that can enable tooling to surface vulnerabilities in smart contracts before they are deployed. The Clarity language excels at this, and it leverages Bitcoin to do it.

Smart Contracts Can Be More Secure If They Are Anchored by Bitcoin

Smart contract security is partially dependent on the blockchain network on which it is hosted. The consensus mechanism, cryptographic hashing functions, network effects, developer activity, and crypto-economics, among other things, influence the security of blockchains. Of the blockchains in existence today, Bitcoin is the most secure; its security has been battle-tested for a decade, and the capital requirements needed to attempt a successful attack on the network make such attacks unfeasible.

Other blockchains with robust smart contract mechanisms can’t quite boast the same level of security and reliability as Bitcoin. For instance, Solana was a victim of a distributed-denial-of-service (DDoS) attack, Ethereum Classic has been attacked three times, and fallout from the DAO hack on Ethereum is still fresh in memory.

While many of the most prominent blockchains have been hacked at some point in their history, the same can’t be said for Bitcoin, despite it being the longest-running blockchain. That’s by design. Bitcoin was created with a scripting language that makes it difficult to add new features that could introduce vulnerabilities. The Bitcoin script is a simple programming language used for processing transactions, and it has limited functionality. As a result, developers can’t write smart contracts on Bitcoin, but with Stacks and the Clarity programming language, they can.

The Stacks blockchain taps into the security of Bitcoin and functions as a Layer 1.5 blockchain in which developers can write smart contracts and build decentralized applications that settle on Bitcoin. Some of the applications already built on Stacks that leverage Bitcoin’s security include:

  • Stackswap – the world’s first complete DEX built for the Bitcoin network
  • Gamma – an NFT marketplace for exploring, collecting, and selling NFTs
  • Sigle – a decentralized and open-source Web 3.0 writing platform for creatives
  • CityCoins – a decentralized community engagement platform that gives residents the power to improve and program their cities

The Clarity Programming Language: A Toolbox for Writing Secure Smart Contracts on Stacks

Developers write smart contracts on Stacks using the Clarity programming language. Clarity is a new open-source programming language developed by the Stacks foundation, Hiro, and Algorand, among others, that enables developers to write smart contracts for Bitcoin.

Since the Stacks blockchain launched in January 2021, Clarity has recorded rapid adoption within the Stacks ecosystem. To date, over 7,500 smart contracts written in Clarity have been published on the blockchain. Here are Clarity’s unique features that empower developers to create better smart contracts.

Editor's note: watch a workshop on the differences between Ethereum's Solidity and Clarity to learn more about the unique strengths of Clarity:

Write Secure Smart Contracts With Clarity

Clarity smart contract definition is specified in a LISP language, and since LISP’s syntax is very easy to parse, we can write a compact parser for Clarity programs (this parser is part of the Stacks blockchain). This reduces the surface area for potential bugs within the Clarity interpreter and allows for more sophisticated developer tooling (like the Check Checker in Clarinet).

The Clarity programming language also benefits from the time-tested strengths of other LISP-like languages, such as brevity, being easier to reason about (e.g. functions without side effects), and better composability. As a result of these strengths and the compact parser, smart contracts written with Clarity need less code than smart contracts written in other programming languages, and less code reduces the possibilities of bugs in smart contracts.

Clarity enables developers to write smart contracts secured by Bitcoin because Clarity exposes Bitcoin’s block timestamp as the block timestamp of the underlying Stacks blockchain. Therefore, unlike other smart contract programming languages that are vulnerable to time manipulation attacks, smart contracts written in Clarity will only be vulnerable if Bitcoin’s view of time becomes vulnerable, which is as infeasible as the possibility of hacking Bitcoin.

Similarly, Clarity is intentionally designed to prevent reentrancy attacks that might repeatedly call into contracts from a single transaction in a bid to corrupt the internal state of the contract. Whereas other smart contract languages, such as Solidity (Ethereum’s programming language), provide an optional [noReentrancy] guard that developers may or may not use, Clarity completely eliminates the reentrancy risk as part of its design.

Learn more about how Clarity addresses some of the major smart contract vulnerabilities, and check out how Clarity compares to Solidity in greater detail in our head-to-head comparison.

Write Predictable Smart Contracts With Clarity 

The Clarity programming language has a unique design that differentiates it from most other smart contract languages. Clarity sacrifices some types of functionality (e.g. arbitrary recursion) in favor of decidability, so  developers, users, and miners can know with certainty how the execution of their smart contracts will pan out.

In other words, the language is decidable. Developers can analyze Clarity code for runtime cost and data usage before running the code. This decidability helps developers and users predict how much it will cost to run a smart contract, and they can then make informed decisions to prevent the contract execution from failing in live use cases. 

Importantly, with Clarity, there are no compilers, assembly, or bytecode. Smart contracts are broadcast to the blockchain exactly as they were written. This means that both developers and users can audit the smart contract code and know exactly what to expect when the code runs. Clarity smart contracts adopt the WYSIWYG (What You See Is What You Get) principle, which enhances transparency by making the contracts auditable for both technical and non-technical users.

Unlike other smart contract programming languages in which most users will have to take a leap of faith and trust the developers, Clarity enables users to confirm that the smart contract code is unaltered from the source code and verify that it is free of bugs or malicious intent.

The fact that the source for every single Clarity contract is publicly readable on the blockchain has some interesting second-order effects. The first is that the blockchain effectively becomes a “GitHub” for Clarity contracts, where developers can look at and borrow from the code of other proven contracts.

Secondly, the fact that other developers can look through the code, in turn, raises the bar for quality because developers have a social incentive to write elegant code (no one wants to be the public author of a bad smart contract). Lastly, this trait makes it harder to pull off exploits because whatever an attacker does is visible to everyone else too.

The Future of Smart Contract Security Is Woven into Bitcoin 

The cryptocurrency industry has its earliest histories rooted in the cypherpunk movement of the 1980s, but in the last 10 years since Satoshi’s whitepaper, blockchains and their decentralized applications have gained mainstream recognition. Bitcoin substantiated the idea of peer-to-peer money, but beyond money, Bitcoin is an inspiration for how decentralized solutions can revolutionize entire industries.

While other blockchains have previously hogged the narrative about powering smart contracts, Bitcoin is the only blockchain that can provide the security component that smart contracts need to be as secure, or potentially more secure, than existing centralized solutions. Through the Stacks blockchain, the Clarity programming language lets developers code smart contracts that benefit from Bitcoin’s security.

Want to see how Stacks and Clarity compare to other Web3 ecosystems? Download our free guide to Web3 ecosystems.

Download Hiro's Guide to Web3 Ecosystems in 2022
Copy link
Hiro news & product updates straight to your inbox
Only relevant communications. We promise we won’t spam.

Related stories