Hacker News new | ask | show | jobs
by drchopchop 2092 days ago
Because there is no real formal verification process for smart contracts, it's extremely easy to slip bugs into the contract code, the contract itself is generally immutable (can't fix bugs), and the effects of a breach are generally catastrophic and irreversible.

Need more reasons?
3 comments
vvpan 2092 days ago
You are incorrect. Contracts are immutable but you can upgrade your application. There are different patterns, one where you make a shell contract that has pointers to contracts with actual business logic.

Also, there are patterns where the user needs to confirm that yes they want to use the new version.

There are also systems of insurance on contracts.

link
ShorsHammer 2092 days ago
> there is no real formal verification process for smart contracts

Not following here, instead of process you mean no requirement to do so? The process is pretty clear and simple, there's a few different frameworks being built for smart contract formal verification along with the traditional methods working fine.

What was the last bit of code you wrote or used that was formally verified?

https://sci-hub.se/https://ieeexplore.ieee.org/document/8905...

link
BTCOG 2092 days ago
This as well. Immutable bugs.
link