Smart Contract Do's & Don'ts

Nik Kalyani

June 30, 2020

Smart contracts can be intimidating. Whether you're just getting into the world of blockchain or you're a seasoned blockchain app developer, these 5 principles cover some basic Do's and Don'ts of smart contract development.

‍

‍

‍

1. Add Circuit Breakers

Do β€’ Add a circuit breaker to your smart contract

Smart contracts can't be changed after deployment. Always include a circuit breaker in your contract to reduce unnecessary (and expensive) bugs.

Don't β€’ Let contracts run without oversight

Allowing contracts to run without oversight is high-risk because contracts are irreversible and immutable (and discovering a vulnerability after deployment can be risky and expensive).

‍

‍

‍

2. Encrypt Data

Do β€’ Encrypt all sensitive data in contract storage

Data on public blockchains can be read by anybody, so encrypting sensitive data is an absolute must to preserve security and privacy.

Don't β€’ Assume private variables will hide your data (they won’t)

Private variables within a smart contract are not actually private. "Private" means within the execution scope of the contract, but the data is public and can be read by anyone.

‍

‍

‍

3. Add Limits

Do β€’ Enforce per transaction and rate limits

Smart contracts are immutable and bugs or errors can have significant unintended consequences. Enforcing rate limits helps mitigate risk.

Don't β€’ Permit uncontrolled loops, transfers and rates

Uncontrolled loops, transfers, and rates increase risk and potential for damage, including unintentionally depleting funds.

‍

‍

‍

4. Check Inputs

Do β€’ Check all inputs before using them in code

Because smart contracts are immutable, fixing errors is incredibly expensive and checking inputs before using them in code mitigates errors. β€œFail Fast” is a good tenet for your code.

Don't β€’ Make any assumptions about input values

Making assumptions can leave room for errors and cause smart contracts to execute code in a way that was not initially intended.

‍

‍

‍

5. Minimize On-chain Data

Do β€’ Keep smart contracts small and modular

Every line of code in a smart contract costs money to execute and storing data is incredibly expensive.

Don't β€’ Store unnecessary data on-chain

A best practice is to store a pointer to data in a smart contract, rather than storing the data itself. For example, data can be stored using decentralized data storage providers such as Sia or IPFS.

‍

‍

Smart contract development can be confusing, using great tools can make it easier. These best practices (and more!) are built into DappStarter, our full-stack blockchain application generator.

πŸ’Œ
Join the newsletter & get updates to your inbox.
Your information has been saved.
Looks like we're having trouble