After the long-awaited Merge of Ethereum, now is a good time to think about how smart contracts can be made better. Smart contracts, which are basically apps that run on the blockchain, are an important part of our Web3 apps. But interacting with them is still very dangerous, especially for people who aren’t developers. Many times when people lose crypto assets, it’s because of smart contracts that don’t work or are set up to do harm.
To fully trust a smart contract, a customer must know exactly what it will do during a transaction. If something goes wrong, there is no customer service line to call and get your money back. But right now, it’s almost impossible to tell if a smart contract is safe or trustworthy.
One answer is to give wallets more intelligence. What if, for example, wallets could tell us if interacting with a smart contract is safe or not? It might not be possible to know for sure, but wallets could at least collect and show a large number of the signals that developers already look for. This would make the process easier and safer, especially for people who aren’t developers.
Here is a deeper look at the pros and cons of smart contracts, why they are like the Wild West right now, and how we can improve the user experience (UX) of using them.
What smart contracts can do and what they can do wrong
Developers have a lot to gain from using a smart contract as the backend of an app. It also makes it more likely that bugs and attacks will happen. It’s great that developers can make smart contracts without asking for permission, but users can be put in a lot of danger by this. There are apps out there that deal with hundreds of millions of dollars without any guarantees of safety. At the moment, we just have to assume that these apps are bug-free and do what they say they will.
Many people who aren’t developers don’t know about the security issues and don’t take the right steps when using blockchain-based apps. The average user might sign a transaction thinking that it will do one thing, only to find out that the smart contract does something completely different. Because of this, bad actors use malicious smart contracts as their main way to attack.
Why is the Wild West like smart contracts?
When a Web3 app makes a call to a smart contract, you don’t know exactly what will happen until you finish the transaction. Will it create your non-fungible token (NFT) or send your funds and tokens to an attacker? This is true of all online apps, not just Web3 apps. It is very hard to predict how code will behave. In the Web3 world, however, the problem is made worse by the fact that most apps are inherently high-risk because they are designed to handle your money and consumers have so little protection.
Apple’s review process makes the App Store mostly safe, but Web3 doesn’t have this feature. If an iOS app starts stealing money from users, Apple will take it down right away to stop more money from being stolen and will close the developer’s account.
Malicious smart contracts, on the other hand, can’t be ended by anyone. Also, there is no way to get back things that have been stolen. If a bad contract steals money from your bank account, you can’t ask your credit card company to reverse the charge. If the developer is unknown, which is usually the case with malicious contracts, it is often impossible to take legal action.
From the point of view of a developer, open source code for a smart contract is better. The source code for popular smart contracts is usually made public, which is a big improvement over Web2 applications. Still, it’s easy to miss what’s really going on. Also, it can be hard to know how the code will be run in every situation. (Take a look at this long and scary Twitter thread by an experienced developer who almost fell for a complicated phishing scam even though he had read the contracts. (When he looked again, more closely, he saw the trick.)
In addition to these problems, people often have to work with smart contracts in a limited amount of time. Think about an NFT drop that was pushed by influencers: People often try to finish a transaction as quickly as possible, even if there are warning signs, because they are afraid that the collection will sell out quickly.
In short, the things like permissionless publishing and programmable money that make smart contracts useful for developers also make them risky for consumers.
The way wallets and smart contracts work right now:
Wallets like MetaMask feel like they were made for developers in a lot of ways. They give a lot of technical depth and specifics about blockchain that can be used to make apps.
MetaMask is used by people who aren’t developers, but they don’t know what everything means. No one saw how quickly Web3 would become popular, and wallets haven’t changed to meet the needs of its new users yet.
MetaMask has already done a great job of renaming the “mnemonic phrase” as the “secret phrase” so that people won’t share it with hackers by accident. Still, there is a lot that could be done better.
Let’s look at the user interface (UI) of MetaMask, and then I’ll show you a couple of mockups I made that show possible improvements that could help users get to the “pit of success.” (MetaMask is used as an example because it’s so popular in the Web3 ecosystem, but these UI ideas should work for almost any wallet app.) Some of these changes to the design could be made right away, while others might need smart contract-specific tech improvements.
The current MetaMask transaction window for smart contracts is shown in the picture below:
We see the address of the smart contract we’re interacting with, the website that started the transaction, and then a lot of information about the money we’re sending to the contract. But neither the reason for this business call nor a sign that it is safe to talk to are given.
Smart contracts could be made better in some ways
What we’d really like to see here are signs that help us, as end users, figure out if we can trust this smart contract transaction or not. Think about the small green or red lock that shows up in the address bar of modern web browsers to show whether the connection is encrypted or not. This color-coded indicator helps new users stay away from possible dangers, while more experienced users can easily ignore it if they want to.
As an example, here are two quick user experience (UX) design mock-ups of MetaMask transactions, one of which is likely to be more secure than the other.
On the way to a safer future
The basic building blocks that blockchains provide will likely be used to make a lot of safety-focused tools in the future. For example, it’s likely that insurance protocols that protect users from smart contracts that aren’t working properly will become common. (These already exist, but they aren’t as common as they could be.)
But people are already using Web3 apps, even though they are still in their early stages. A few simple changes to the wallet could make a big difference. Some of the above ideas would protect Web3 users who don’t have much experience while making transactions easier for Web3 veterans.
For the average person, it’s still too risky to do anything other than trade crypto assets on Coinbase or other large companies. When friends and family ask about setting up a self-custody crypto wallet so they can use Web3 apps (which, let’s be honest, is usually to buy NFTs), you should always tell them about the risks. Some people won’t use them because of this, but those who want to will use them anyway. When our wallets are smarter, it will be much easier to bring on the next wave of Web3 users.
Devin Abbott (@dvnabbott) is the founder of the startup Deco, which was bought by Airbnb. He just started working at The Graph, where he focuses on design and development tools, React, and Web3 apps.