No products in the cart.
- Latest
- Trending
ADVERTISEMENT
After the long-awaited Ethereum Merge, now is an ideal time to think about how smart contracts can be improved. Smart contracts, which are basically apps running on the blockchain, are a key component of Web3 applications. But interacting with them can be very dangerous, especially for non-developers. Many incidents of users losing crypto assets are caused by buggy or malicious smart contracts.
As a Web3 app developer, this is a challenge I often think of, especially as waves of new users continue to onboard to various blockchain applications.To fully trust smart contracts, consumers need to know Exactly Because unlike in the Web2 world, there is no customer support hotline to call and get your money back if something goes wrong. But right now, it’s nearly impossible to know if a smart contract is safe or reliable.
RELATED: Liquid Staking Is Key to Interchain Security
One solution is to make the wallet itself smarter. For example, what if a wallet could tell you if it’s safe to interact with smart contracts? It’s probably impossible to know that with 100% certainty, but wallets are at least a lot of what developers are already looking for. signals can be aggregated and displayed. This makes the process simpler and safer, especially for non-developers.
Here, we’ll take a closer look at the pros and cons of smart contracts, why it looks like the Wild West right now, and how the UX for using smart contracts can be improved.
For developers, using smart contracts as the backend of their apps has great potential. It also increases the chances of bugs and exploits. While it’s great that developers can create smart contracts without asking anyone for permission, it can also expose users to considerable risk. There are now apps trading hundreds of millions of dollars without security guarantees. As it stands, you have to trust these apps to be bug-free and do what they promise.
Many non-developers are unaware of the security issues involved and do not take proper precautions when working with blockchain-based apps. The average user may sign a transaction with the intention of doing one thing, but smart he just realizes the contract does something else entirely. That is why malicious smart contracts are the main attack vector for bad actors.
When a Web3 app makes a call to a smart contract, it doesn’t know exactly what the transaction does until it actually executes. Do you create non-fungible tokens (NFTs) or do you send money and tokens to hackers? This unpredictability applies to any online application, not just Web3 apps. It’s very difficult to predict what your code will do. But in the Web3 world, this is a bigger problem, as most of these apps are inherently risky (built to handle money) and offer little consumer protection.
The App Store is generally safe due to Apple’s review process, but Web3 doesn’t. If an iOS app starts stealing users’ money, Apple will quickly remove it to mitigate losses and revoke the creator’s account.
Related: Latin America Is Ready For Crypto Just Integrate With Payment Systems
Malicious smart contracts, on the other hand, cannot be deleted. AnyoneThere is also no way to retrieve stolen assets. If a malicious contract depletes your wallet, you cannot simply dispute the transaction with the credit card company. When developers are anonymous, as is often the case with malicious contracts, they often don’t even have the option of taking legal action.
From a developer’s perspective, it’s much better if the smart contract code is open source. Common smart contracts usually publish their source code. This is a huge improvement over Web2 apps. But even then, it’s easy to miss what’s really going on. It’s also very difficult to predict how your code will perform in all scenarios. (Think of this long, scary Twitter. thread By an experienced developer who nearly fell for a complex phishing scam even after reading the relevant contract. Only on a second closer inspection did he notice the exploit. )
Compounding these issues, people are often under pressure to act quickly when working with smart contracts. Consider an NFT drop driven by an influencer. Consumers worry that their collection will sell out quickly, so they often ignore the red flags they may encounter along the way and try to make the transaction as soon as possible.
In other words, the very same features that make smart contracts powerful for developers, such as unauthorized disclosure and programmable money, are becoming very dangerous for consumers.
I don’t think this system is fundamentally flawed. But there are plenty of opportunities for his Web3 developers like myself to provide better guardrails to the consumers currently using Wallet and his smart contracts.
In many ways, wallets like MetaMask feel like they were made for developers. You’ll see lots of in-depth technical and blockchain details to help you build your app.
The problem is that non-developers are also using MetaMask they don’t understand what all that means. No one expected Web3 to go mainstream so quickly. Also, wallets haven’t quite caught up with the needs of the new user base.
Related: Learn from Celsius Stop Exchanges from Seizing Your Money
in Metamask It’s already done a great job of rebranding “mnemonic phrases” to “secret phrases” to prevent consumers from unwittingly sharing them with hackers. However, there is still a lot of room for improvement.
Let’s take a look at MetaMask’s user interface (UI). Next, I looked at some mockups I created and called the consumer “pitfalls of success(By the way, MetaMask is used a lot in the Web3 world, so it serves as a good reference here, but these UI ideas should be applicable to almost any wallet app as well.) These designs Some of the tweaks can be built today, while others may require skill. Proceed on the smart contract side.
The image below shows what the current MetaMask smart contract transaction window looks like.
You’ll see the address of the smart contract you’re interacting with, the website that initiated the transaction, and many details about the funds you’re sending to the contract.but there is no sign of that Functionality of this contract call or it is safety make a conversation.
What I really want to see here is a signal that, as an end user, helps me decide whether to trust this smart contract transaction. As an analogy, think of the little green or red lock in the address bar of modern web browsers. This indicates whether the connection is encrypted. This color-coded indicator helps keep inexperienced users away from potential danger, but power users can easily ignore it if desired.
As a visual example, here are two simple user experience (UX) design mockups for MetaMask transactions.
Here are some of the signals in my mockup.
Like many existing features in MetaMask, these proposed features can be turned off in Settings.
In the future, we may see many safety-focused tools built on the fundamental components provided by blockchain. For example, insurance protocols that protect users from buggy smart contracts could become commonplace. (Those already exist, but are still pretty niche.)
Related: What Will Drive Crypto’s 2024 Bull Market?
However, consumers are already using Web3 apps in their early days, so we expect the developer community to add more protections. nowA few simple improvements to your wallet could go a long way. Some of the previous ideas will help protect inexperienced users while streamlining the transaction process for Web3 veterans.
In my view, anything other than trading crypto on Coinbase (or any other big company) is still too risky for the average consumer. When friends and family ask about setting up a self-custody crypto wallet to use Web3 apps (usually let’s face it to buy NFTs), always start by warning them about the risks. This scares some of them but the more determined people want to use them anyway if our wallets get smarter we’ll get the next wave of new users to his web3 You’ll feel better about onboarding.
Devin Abbott (@dvnabott) is the founder of Deco, a startup acquired by Airbnb. He specializes in design and development tools, React and Web3 applications, most recently with The Graph.
This article is for general information purposes and is not intended, and should not be construed as legal or investment advice. The views, thoughts and opinions expressed herein are those of the author and do not necessarily reflect or represent the views or opinions of Cointelegraph.
