The Cardano blockchain was designed and built to be secure from the beginning in addition to being scalable, sustainable for generations, and interoperable. The objective was to create a distributed and open-source platform leveraging scientifically proven technology that supports all types of economic activity for everyone wanting access.
This emphasis on security also extends to Cardano smart contracts. As we have discussed previously, the blockchain industry is plagued with hacks and exploits. The average blockchain or dApp hack in Q1 2023 amounted to approximately $10.5 million per hack!
The trend is slowing down as many blockchain networks focus on their security, but the state is far from ideal. Let’s look closer at Cardano smart contracts and why Cardano can be considered to be more secure.
Cardano extended the Unspent Transaction Output (UTxO) model prevalent in Bitcoin in a unique way to support the execution of smart contracts. In a nutshell, the Cardano blockchain comprises a list of unspent transactions, which users can only consume.
The transaction, in this case, is a change of a group of already existing UTxOs into some new sets of unspent transactions. These UTxOs have rules attached to them that specify what transaction can be spent. It’s the Cardano network’s job to validate a transaction if it follows the made rules for every single one of the inputs in the transaction.
The most simple rule of these is that of the signature. An input can only be spent if it’s associated with a signature made by the account with the UTxO. That’s how regular transactions work for Bitcoin, but also for Cardano and the few blockchains that continue to use the UTxO model.
The ‘E’ in the Cardano EUTxO stands for ‘extended’ which is the innovation of the network. Transactions in the Cardano model can be signed by a smart contract address and be spent only by transactions that obey rules coded in the smart contracts.
The rules are encoded using the languages that were created to build on-chain code such as PlutusTx, Aiken, Plutarch, and others. The name given to these rules that must be followed to sign a transaction is ‘validators’.
The validator is a function that requires all the inputs to be correct, which are:
Context: can check anything about the transaction being processed like the inputs, outputs, or minted tokens.
Datum: some additional data attached to the UTxO for the validator to potentially use. For example the address of the owner, the price of an NFT, or exchanging token A for token B on a DEX.
Redeemer: is just any data that the spender can attach to the transaction. For example, in a simple transaction, a redeemer is the signature of the wallet which contains the UTxO a user wants to spend.
These are the inputs that can go into a validator to process a transaction. They are finite and as a rule, the number of inputs must equal the number of outputs, minus the network fee. The one exception to the rule is when new tokens are minted, so the output grows by the number of new tokens minted on the network.
This design is what allows an EUTxO network, such as Cardano, the ability to process custom logic or smart contracts. Among the UTxO protocols, it was the first to have such a design and it proved the UTxO created by Bitcoin can be used for this purpose.
Two aspects make Cardano more secure than other networks.
Firstly, we have the EUTxO model that was developed for the blockchain. It means it’s easy to check the logical steps a transaction needs to be successful and verify if there are any vectors of attack.
The fact that a validator has a predictable number of inputs and can only produce a set number of outputs is perfect for audits. The auditors only need to follow the logic of the validator to see which of the outputs is desirable and suggest correction if undesirable outputs are present.
In this way, smart contracts on the Cardano network can be easily mapped. The results just form inputs to outputs and generate a concise logic to test. This is very different from the model of smart contracts on account-based blockchains where the interactions of smart contracts are uncertain.
On Cardano, the EUTxO model makes transactions deterministic, meaning the outcome of a transaction is predictable. In other networks, transactions are usually non-deterministic, meaning the outcome cannot be exactly predicted and there are always uncertain states possible.
Secondly, Cardano uses native tokens. Other blockchains have decided to use smart contracts for the generation of tokens and other assets. This creates a need for smart contracts to have a hierarchy of permissions where assets need to be spent by other smart contracts.
Think of a DEX in this model, when you want to swap a token the DEX asks for authorization to spend token A, the one the user is using for the swap with token B. This means the smart contract of the DEX has control of token A. If the smart contract is malicious, it can steal token A from the user.
Additionally, these smart contracts must always borrow different levels of permission from one another. This means there is a complex web of authority delegations that can be exploited or where mistakes can be made.
On Cardano, the native tokens don’t have this issue. The Cardano ledger treats every asset as native to the blockchain. This means a transfer of a token only needs the regular signature of the user’s wallet, and the user does not need to surrender any control of the token.
In the case of a smart contract, the only thing needed is the logic in the validator. The UTxO used by the user are the only ones the validator can see, as inputs to the transaction, and cannot spend anything else.
Cardano was designed with an emphasis on security from the beginning. The EUTxO model has now been battle-tested. For over two years there have been no major breaks in security and developers can create dApps with confidence.
On the other hand, auditors know that smart contracts follow a predictable logic. This makes their job more straightforward and reduces the possibilities of outcomes not foreseen by the steps coded into the rules of the validator.
Are you new to Cardano and want to understand Cardano?
Have you been in the Cardano community for a while and want hands-on instruction about building dApps on Cardano?
Then, follow EMURGO on X (formerly Twitter) for EMURGO Academy course offerings, free webinars, and more!
- Official Homepage: emurgo.io
- X (Global): @EMURGO_io
- YouTube: EMURGO channel
- Facebook: @EMURGO.io
- Instagram: @EMURGO_io
- LinkedIn: @EMURGO_io
You should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained herein shall constitute a solicitation, recommendation, endorsement, or offer by EMURGO to invest.