MODULE 4

Smart Contracts
 Smart Contracts

A smart contract is a secure and unstoppable computer

program representing an agreement that is automatically
executable and enforceable.
Smart Contracts

• It encompasses agreements between parties in the form of

business logic.

• Another fundamental idea is that smart contracts are

automatically executed according to the instruction that is
coded in without requiring any intervention, for example,
when certain conditions satisfy.

• They are enforceable, which means that all contractual

terms perform as specifi ed and expected, even in the
presence of adversaries.
Smart Contracts

• They should work on the principle that code is the law,

which means that there is no need for an arbitrator or a
third party to enforce, control, or infl uence the
execution of a smart contract.
Smart Contracts
• They are secure and unstoppable, which means that these computer
programs are fault-tolerant and executable in a reasonable (fi nite )
amount of time .

• These programs should be able to execute and maintain healthy internal

state, even if external factors are unfavorable.

• For example imagine a typical computer program that is encoded with

some logic and executes according to the instruction coded within it.

• However, if the environment it is running in or the external factors it

relies on deviate from the usual or expected state, the program may react
arbitrarily or abort.

• Smart contracts must be immune to this type of issue.

 Properties of Smart Contracts

1. Automatically executable : It is self-executable on a blockchain without requiring

any intervention.

2. Enforceable : This means that all contract conditions are enforce automatically.

3. Secure: This means that smart contracts are tamper-proof (or tamper resistant)
and run with security guarantees. The underlying blockchain usually provides these
security guarantees; however, the smart contract programing language and the smart
contract code themselves must be correct, valid, and verifi ed.

4. Deterministic : The deterministic feature ensures that smart contract always

produce the same output for a specifi c input. Even though it can be considered to be
part of the secure property, defi ning it her separately ensures that the deterministic
property is considered one of the important properties.
Properties of Smart Contracts

5. Semantically sound : This means that they are complete and

meaningful to both people and computers.

6. Unstoppable: This means that adversaries or unfavorable condition

cannot negatively aff ect the execution of a smart contract. When the
smart contracts execute, they complete their performance
deterministically in a fi nite amount of time.
 Smart contract templates
• Smart contracts can be implemented in any industry where they are required, but
the most popular use cases relate to the fi nancial sector.

• The idea is to build standard templates that provide a framework to support legal
agreements for fi nancial instruments.

• Domain-specifi c languages (DSLs) should be built to support the design and

implementation of smart contract templates.

• A language named common language for augmented contract knowledge

(CLACK) has been proposed, and research has started to develop this language.

• This language is intended to be very rich and is expected to provide a large

variety of functions ranging from supporting legal prose to the ability to be
executed on multiple platforms and cryptographic functions.
Smart contract templates

• Research works are ongoing to develop smart contract

templates that support legally-enforceable smart
contracts.
 Research works related

 Christopher D. Clack et al. proposed this idea in their paper published in 2016,
named Smart Contract Templates: Foundations, design landscape and research
directions.
 The paper is available at

https://arxiv.org/pdf/1608.00771.pdf.

• Smart Contract Templates: essential requirements and design options .

• This paper is available at

https://arxiv.org/pdf/1612.04496.pdf .
 Research works related

• The main aim of above paper is to investigate how

legal prose could be linked with code using a
markup language.
• It also covers how smart legal agreements can be
created, formatted, executed, and serialized for
storage and transmission.
 Domain-specific languages (DSLs)

• This type of programming language can be developed to program smart contracts.

• DSLs are different from general-purpose programming languages (GPLs).

• DSLs have limited expressiveness for a particular application or area of interest.

• These languages possess a small set of features that are sufficient and optimized
for a specific domain only.

• Unlike GPLs, they are not suitable for building large general-purpose application
programs.
 Domain-specific languages (DSLs)

• Based on the design philosophy of DSLs, it can be envisaged that such

languages will be developed specifically to write smart contracts.

Eg: Solidity is one such language that has been introduced with the
Ethereum blockchain to write smart contracts.

Eg: Vyper is another language that has been recently introduced for
Ethereum smart contract development.
 Domain-specific languages (DSLs)

• A smart contract modeling platform can be developed where a domain expert

(not a programmer but a front desk dealer, for example) can use a graphical user
interface and a canvas (drawing area) to defi ne and illustrate the defi nition and
execution of a fi nancial contract.

• Once the fl ow is drawn and completed, it can be emulated fi rst to test it and
then be deployed from the same system to the target platform, which can be a
smart contract on a blockchain or even a complete decentralized application
(DApp).

• This concept is also not new, and a similar approach is already used in a non-
blockchain domain, in the Tibco StreamBase product, which is a Java-based
system used for building event-driven, high-frequency trading systems.
 Domain-specific languages (DSLs)

• It has been proposed that research should also be

conducted in the area of developing high-level
DSLs that can be used to program a smart
contract in a user-friendly graphical user interface,
thus allowing a non-programmer domain expert
(for example, a lawyer) to design smart contracts.
 Smart contract templates
• There is also a growing interest in using general-purpose, already
established programming languages like Java, Go, and C++ to be used for
smart contract programming.

• A java expert can use their skills to write Java code instead of learning a
new language.

• The high-level language code can then be compiled into a low-level

bytecode for execution on the target platform.

• There are already some examples of such systems, such as in EOSIO

blockchains, where C++ can be used to write smart contracts, which are
compiled down to the web assembly for execution.
 Oracles

• An inherent limitation with smart contracts is that they

are unable to access any external data.

• The concept of oracles was introduced to address this

issue.

• An oracle is an off-chain source of information that

provides the required information to the smart contracts
on the blockchain.
 Oracles
• Oracles are an essential compo nent of the smart contract and blockchain ecosystem.

• The limitation with smart co ntracts is that they cannot access external data because
blockchains are closed systems witho ut any direct access to the real world.

• This external data might be req uired to control the execution of some b usiness log ic
in the smart co ntract; for example, the stock price of a security p rod uct that is
required by the contract to release divid end p ayments.

• In such situatio ns, o racles can be used to provid e external d ata to smart contracts.

• An o racle can b e defi ned as an interface that delivers d ata from an external source to
smart contracts.

• Oracles are trusted entities that use a secure channel to transfer off -chain data to a
smart contract.
Oracles

For example, in a Bitcoin blockchain, an oracle can write data to a

specifi c transaction, and a smart contract can monitor that transaction
in the blockchain and read the data.

Other methods include storing the fetched data in a smart contract's

storage, which can then be accessed by other smart contracts on the
blockchain via requests between smart contracts depending on the
platform. For example, in Ethereum, this can be achieved by using
message calls.
 Oracles : working

1. A smart contract sends a request for data to an oracle.

2. The request is executed and the required data is requested from the
source. There are various methods of requesting data from the source.

[These methods usually involve invoking APIs provided by the data

provider, calling a web service, reading from a database (for example,
in enterprise integration use cases where the required data may exist
on a local enterprise legacy system), or requesting data from another
blockchain. Sources can be any external off -chain data provider on the
internet or in an internal enterprise network.]
 Oracles : working

3. The data is sent to a notary to generate cryptographic proof (usually a digital

signature) of the requested data to prove its validity (authenticity). Usually,
TLSNotary is used for this purpose (https://tlsnotary.org ). Other techniques include
Android proofs, Ledger proofs , and trusted hardware-assisted proofs . The
data with the proof of validity is sent to the oracle.

5. The requested data with its proof of authenticity can be optionally saved on a
decentralized storage system such as Swarm or IPFS and can be used by the smart
contract/blockchain for verifi cation. This is especially useful when the proofs of
authenticity are of a large size and sending them to the requesting smart contracts
(storing them on the chain) is not feasible.

6. Finally, the data, with the proof of validity, is sent to the smart contract.
 Oracles : working

• The preceding diagram shows the generic data fl ow of a data request from a
smart contract to the oracle.

• The oracle then requests the data from the data source, which is then sent
to the attestation service for notarization.

• The data is sent to the oracle with proof of authenticity.

• Finally, the data is sent to the smart contract with cryptographic proof
(authenticity proof) that the data is valid.
Oracles : working

• Due to security requirements, oracles should also be

capable of digitally signing or digitally attesting the data
to prove that the data is authentic.

• This proof is called proof of validity or proof of

authenticity.
Oracles : working
• Smart contracts subscribe to oracles.

• Smart contracts can either pull data from oracles, or oracles can push data to
smart contracts.

• It is also necessary that oracles should not be able to manipulate the data they
provide and must be able to provide factual data.

• Even though oracles are trusted (due to the associated proof of authenticity of
data), it may still be possible that, in some cases, the data is incorrect due to
manipulation or a fault in the system.

• Therefore, oracles must not be able to modify the data.

• This validation can be provided by using various cryptographic proofi ng

schemes.
 Mechanisms to produce cryptographic
proof of data authenticity
• Software and network-assisted proofs

• These types of proofs make use of software, network protocols, or a combination of

both to provide validity proofs.

1. TLSNotary

• It is based on Transport Layer Security (TLS), which is a standard security

mechanism that enables secure, bidirectional communication between hosts.

• The key idea behind using TLSNotary is to utilize the TLS handshake protocol's
feature, which allows the splitting of the TLS master key into three parts. Each part is
allocated to the server, the auditee, and the auditor. The oracle service provider
(https://provable.xyz ) becomes the auditee, whereas an Amazon Web Services
(AWS) instance, which is secure and locked down, serves as the auditor.
 Mechanisms to produce cryptographic proof of data
authenticity

2. TLS-N based mechanism

• This mechanism is one of the latest developments in this space.

• TLS-N is a TLS extension that provides secure non-repudiation guarantees.

• This protocol allows us to create privacy-preserving and non-interactive

proofs of the content of a TLS session.

• TLS-N based oracles do not need to trust any third-party hardware such as
Intel SGX or TLSNotary type service
 Mechanisms to produce cryptographic proof of data
authenticity

• Hardware device-assisted proofs: These proofs rely on some hardware elements

to

provide proof of authenticity.

1. Android proof

• This proof relies on Android's SafetyNet software attestation and hardware

attestation to create a provably secure and auditable device.

• SafetyNet validates that a genuine Android application is being executed on a

secure, safe, and untampered hardware device.

• Hardware attestation validates that the device has the latest version of the OS,
which helps to prevent any exploits that existed due to vulnerabilities in the
previous versions of the OS.
 Mechanisms to produce cryptographic proof of data
authenticity

2. Ledger proof

• Two hardware wallets, Ledger Nano S and Ledger Blue, can be used for
these proofs.

• These devices run a particular OS called Blockchain Open Ledger

Operating System (BOLOS),
 Mechanisms to produce cryptographic proof of data
authenticity

• Trusted hardware-assisted proofs

• This type of proof makes use of trusted hardware, such as TEEs.

• A prime example of such a hardware device is Intel SGX.

• A prime example of a trusted hardware-assisted proof is Town Crier

Mechanisms to produce cryptographic proof of data
authenticity

Blockchain oracle problem: issue of trust.

With oracles, we are eff ectively trusting a third party to provide us with
the

correct data.

What if these data sources turn malicious, or simply due to a fault start
provide incorrect data to the oracles?

What if the oracle itself fails or the data source stops sending data?

This issue can then damage the whole blockchain trust model.
 Types of blockchain oracles
1. Inbound oracles

2. Outbound oracles
Types of blockchain oracles
Inbound oracles: This class represents oracles that receive incoming data from external
services, and feed it into the smart contract.

1. Software oracles

• These oracles are responsible for acquiring information from online services on the
Internet.

• This type of oracle is usually used to source data such as weather information, financial
data (stock prices, for example), travel information and other types of data from third-party
providers.

• The data source can also be an internal enterprise system, which may provide some
enterprise-specific data. These types of oracle can also be called standard or simple oracles.
 Types of blockchain oracles

2. Hardware Oracles

• This type of oracle is used to source data from hardware sources such as IoT
devices or sensors.

• This is useful in use cases such as insurance-related smart contracts where

telemetry sensors provide certain information, for example, vehicle speed
and location.

• This information can be fed into the smart contract dealing with insurance
claims and payouts to decide whether to accept a claim or not.

• Based on the information received from the source hardware sensors, the
smart contract can decide whether to accept or reject the claim.
 Types of blockchain oracles

• These oracles are useful in any situation where real-world data from
physical devices is required.

• However, this approach requires a mechanism in which hardware

devices are tamper-proof or tamper-resistant.

• This level of security can be achieved by providing cryptographic

evidence (nonrepudiation and integrity) of IoT device's data and an
anti-tampering mechanism on the IoT device, which renders the
device useless in case of tampering attempts.
 Types of blockchain oracles

3. Computation oracles

• These oracles allow computing-intensive calculations to be performed off chain.

• As blockchain is not suitable for performing compute-intensive operations, a

blockchain (that is, a smart contract on a blockchain) can request computations to
be performed on off -chain high-performance computing infrastructure and get the
verifi ed results back via an oracle.

• The use of oracle, in this case, provides data integrity and authenticity guarantees.

• An example of such an oracle is Truebit ( https://truebit.io).

• It allows a smart contract to submit computation tasks to oracles, which are

eventually completed by miners in return for an incentive.
 Types of blockchain oracles
4. Aggregation based oracles

• I n t h i s s c e n a r i o , a s i n g l e v a l u e i s s o u rc e d f ro m m a n y d i ff e re n t f e e d s .

• A s a n ex a m p l e , t h i s s i n g l e v a l u e c a n b e t h e p r i c e o f a fi n a n c i a l i n s t r u m e n t , a n d i t c a n b e r i s ky t o
re l y u p o n o n l y o n e f e e d .

• To m i t i g a t e t h i s p ro b l e m , m u l t i p l e d a t a p ro v i d e r s c a n b e u s e d w h e re a l l o f t h e s e f e e d s a re
i n s p e c t e d , a n d fi n a l l y , t h e p r i c e v a l u e t h a t i s re p o r t e d b y m o s t o f t h e f e e d s c a n b e p i c ke d u p .

• T h e a s s u m p t i o n h e re i s t h a t i f t h e m a j o r i t y o f t h e s o u rc e s re p o r t s t h e s a m e p r i c e v a l u e , t h e n i t i s
l i ke l y t o b e c o rre c t .

• T h e c o l l a t i o n m e c h a n i s m d e p e n d s o n t h e u s e c a s e : s o m e t i m e s i t ' s m e re l y a n a v e r a g e o f m u l t i p l e
v a l u e s , s o m e t i m e s a m e d i a n i s t a ke n o f a l l t h e v a l u e s , a n d s o m e t i m e s i t i s t h e m a x i m u m v a l u e .

• Re g a rd l e s s o f t h e a g g re g a t i o n m e c h a n i s m , t h e e s s e n t i a l re q u i re m e n t h e re i s t o g e t t h e v a l u e t h a t
is valid and authentic, which eventually feeds into the system.
 Types of blockchain oracles

5. Crowd wisdom driven oracles

• This is another way that the blockchain oracle problem can be addressed
where a single source is not trusted.

• Instead, multiple public sources are used to deduce the most appropriate
data eventually.

• In other words, it solves the problem where a single source of data may not
be trustworthy or accurate as expected.

• If there is only one source of data, it can be unreliable and risky to rely on
entirely.

• It may turn malicious or become genuinely faulty.

 Types of blockchain oracles

• In this case, to ensure the credibility of data provided by third-party

sources for oracles, the data is sourced from multiple sources.

• These sources can be users of the system or even members of the general
public who have access to and have knowledge of some data, for example,
a political event or a sporting event where members of the public know the
results and can provide the required data. Similarly, this data can be
sourced from multiple diff erent news websites.

• This data can then be aggregated, and if a suffi ciently high number of the
same information is received from multiple sources, then there is an
increased likelihood that the data is correct and can be trusted.
 Types of blockchain oracles

6. Decentralized oracles

Another type of oracles, which primarily emerged due to the decentralization

requirements, is called decentralized oracles

This type of oracle can be built based on a distributed mechanism.

It can also be envisaged that the oracles can fi nd themselves source data from
another blockchain, which is driven by distributed consensus, thus ensuring the
authenticity of data.

For example, one institution running their private blockchain can publish their data
feed via an oracle that can then be consumed by other blockchains.

A decentralized oracle essentially allows off -chain information to be transferred to a

blockchain without relying on a trusted third party.
 Types of blockchain oracles

Smart oracles

An idea of smart oracle has also been proposed by Ripple labs (codius). Its

original whitepaper is available at

https://github.com/codius/codius-wiki/wiki/White-

Paper#from- oracles-to -smart- oracles . Smart oracles are

entities just like oracles, but with the added capability of executing contract

code. Smart oracles proposed by Codius run using Google Native Client,

which is a sandboxed environment for running untrusted x86 native code.

 Types of blockchain oracles
Ou t bo u n d o r acl e s

• Thi s ty pe , a l so c a l l e d r e ve r se o r acl e s , a re use d to se nd da ta out from the bl oc kc ha i n

sm a rt c ontra c ts to t he outsi de worl d.

• The re a re two possi bl e s c e na ri os he re ; one i s whe re t he sourc e bl oc kc ha i n i s a produc e r

of s om e da t a suc h a s bl oc kc ha i n m e t ri c s, whi c h a re ne e de d for s om e othe r bl oc kc ha i n.

• The a c tua l da t a som e how ne e ds to be se nt out t o a not he r bl oc kc ha i n sm a rt c ont ra c t.

• The ot he r sc e na ri o i s tha t a n ex te rna l ha rdwa re de v i c e ne e ds to pe rform som e phy si c a l

a c t i v i t y i n res ponse to a tra nsa c t i on on-c ha i n.

• H owe v e r, not e t ha t thi s t y pe of sc e na ri o doe s not ne c e ssa ri l y ne e d a n ora c l e , be c a use

the ex te rna l ha rdwa re de v i c e c a n be se nt a si gna l a s a re sul t of the sm a rt c ont ra c t
e v e nt.
 Types of blockchain oracles

• On the other hand, it can be argued that if the hardware device is running on
an external blockchain, then to get data from the source chain to the target
chain, undoubtedly, will need some security guarantees that oracle
infrastructure can provide.

• Another situation is where we need to integrate legacy enterprise systems

with the blockchain.

• In that case, the outbound oracle would be able to provide blockchain data to
the existing legacy systems.

• An example scenario is the settlement of a trade done on a blockchain that

needs to be reported to the legacy settlement and backend reporting systems.
 Deploying smart contracts

In a Bitcoin blockchain, the transaction timelocks, such as the nLocktime field, the
CHECKLOCKTIMEVERIFY (CLTV), and the CHECKSEQUENCEVERIFY script
operator in the Bitcoin transaction, can be seen as an enabler of a simple version of a
smart contract.

These timelocks enable a transaction to be locked until a specified time or until a

number of blocks, thus enforcing a basic contract that a certain transaction can only be
unlocked if certain conditions (elapsed time or number of blocks) are met.
One example of a basic smart contract is to fund a Bitcoin address that can be
spent by anyone who demonstrates a hash collision attack .
Deploying smart contracts

Various other blockchain platforms support smart contracts such as Monax,

Lisk, Counterparty, Stellar, Hyperledger Fabric, Axoni core, Neo, EOSIO,

and Tezos

There are platforms that already support mainstream languages for smart
contract development, such as Lisk, which supports JavaScript.

Another prominent example is Hyperledger Fabric, which supports Golang,

Java, and JavaScript for smart contract development. A more recent

example is EOSIO, which supports writing smart contracts in C++.

Tutorial 6

Blockchain oracle services

Trusted Execution Environment

Decentralization terminology – Decentralized applications, Decentralized

Autonomous Organizations