Fundamentals of Smart Contract Security 세미나 2. 3장 Design Choices, Design Flaws, and Cryptoeconomics
아래 인용된 내용들을 먼저 주의깊게 여러 번 읽고 본문 내용을 빠르게 읽어나갑니다.
Blockchain is the right solution if the lack of trust in the third party is the primary concern: that is, when censorship, data integrity, transparency, persistence, interoperability, or privacy are non-negotiable features of the software to be built. Having these characteristics comes with an important disadvantage: decreased efficiency due to redundant data storage and computation. However, this very redundancy makes smart contracts unstoppable by default. Unless coded otherwise, they will keep operating as long as there is at least one active node on the network.
Systems employing smart contracts must be implemented carefully to avoid common programming mistakes (for example, re-entrancy), but also designed with centralization, fairness, and cryptoeconomic concerns in mind.
Although the blockchain that runs smart contracts is decentralized by design, smart contracts can be written in a way that gives special privileges, such as ownership, to some users, but not to others.
Everything depends on the requirements and intent of the contract. This section will delve into the various ways in which a “functioning” contract still contains vulnerabilities that undesirably alter the code’s behavior.
Cryptoeconomics is a widely used term in the blockchain space that describes the economics of cryptographic protocols on blockchains. It is an important concept, as many protocols developed in this space are not provably secure, but secure simply because it would be cost prohibitive to attack the system.
In this chapter, we discuss choices that can be made when designing smart contracts that may affect external issues (such as token value, or computation correctness) in addition to introducing more complex contract code which may introduce new sources of errors. Risks associated with such choices are illustrated in detail for token sale contracts. More general concerns regarding cryptoeconomic choices of smart contract-governed protocols are discussed at a high level at the end of the chapter.