What are blockchain’s smart contracts? And how to secure them

Smart contracts are moving into the enterprise, but they aren’t bulletproof. These are the vulnerabilities and best practices for securing them.

hand holding magnifying glass over contract

Smart contracts are a key component of blockchains. These little slices of business logic are the self-executing code that enables developers to create the rules and processes that make up any blockchain-based application. However, while they have the potential to automate and simplify business processes, they are also the main target of any malicious actor looking to compromise such an application.

A study by the National University of Singapore and University College London earlier this year found over 34,000 vulnerable smart contracts on the Ethereum network. Attacks involving poorly coded contracts could be something as trivial as the ability to cheat in a blockchain-based game of rock paper scissors, to the loss of millions of dollars’ worth of cryptocurrency, to the need to fork the underlying platform entirely, as happened in the wake of the DAO hack.

What are the ways smart contracts can be exploited, and what best practices can be applicated to ensure secure smart contracts?

Common smart contract vulnerabilities

Smart contracts offer interesting new ways to do business and manage business processes. They also offer new avenues for potential malicious activity.

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.