This article explores four critical groups of systematic risk embedded in smart contract employment using the analytic hierarchy process (AHP). The four principal risk analysis groups include: 1) transparency in the light of corporate governance 2) IT security 3) contract management automation and 4) legality. The AHP assists both decision-makers and stakeholders alike in the evaluation process essential for identifying potential technological constraints posed within a permissioned blockchain environment using peer-to-peer format in the absence of digital currency. Based upon critical assessment, the AHP methodology enables pairwise comparisons among different features and consequently increases the knowledge regarding these attributes in light of the software’s risk assessment.
The smart contract has received attention due to both its characteristics and numerous application possibilities, offering users potential cost savings in a variety of conventional commercial aspects. The most advantageous benefits include reducing legal and transactional costs as well as increasing the intangible trust value among dispersed entities. While the technology is developed on the blockchain platform and computer codes have been intensely investigated by technologists worldwide, methodical risks are manifest due the characteristics of the smart contract. The ensuing body of research provides specific information regarding the hazards of misusing the smart contract from an analytic hierarchy process (AHP) risk assessment perspective. The following is comprised of five sections concerned with the identification and exploration of four distinct areas of risk confronting private smart contract utilization using basic AHP methodology. The objective of this body of research is to provide decision makers with a comparison model in order to assess the identified risks associated with the smart contract. The author will begin with a review of emerging and associated literature in conjunction with exploratory research to provide an understanding of the interrelationship between the smart contract and blockchain, and more importantly, how that relationship impacts risk management in a software project. The second section of this paper will provide a definition of risk and its management within a software project as well as the methodology used to identify the four main risk clusters pertaining to the smart contract. The third section will introduce the AHP method including the elemental framework comprising the AHP followed by an application of the AHP with regards to the four critical groups of systematic risk. Conclusively, the final section will provide a summation and discussion of the author’s findings.
In 1994, Nicholas Szabo became the first author to mention the term smart contract [
As one of the originating authors of Ethereum, [
The permissioned private blockchain and smart contracts have characteristics and risks distinct from the public network blockchain which does not require permission. The main difference delineating a public blockchain is the trusted participants that are allowed on the network [
In essence, the smart contract is a potentially disruptive innovative tool requiring a thorough understanding of both the benefits and potential harm implementation may render a business.
If smart contract employment is decided, identifying pertinent risks and monitoring their development and/or existence, becomes a matter of constant vigilance due to the clear research gap related to smart contract technology.
The foundation of this study concerns the organizations aspiring for consensus and collaboration in both the exploration and application of a private smart contract. The impetus of this study is a permissioned private blockchain network in conjunction with a smart contract developed for private trade in a peer-to-peer manner free from the use of a digital currency. The purpose for this is to attain a distributed reproduction of auditable transaction logs that are shared among the participants of interest. For clarity, the smart contract examined in this study takes into consideration that organizations and government that are involved in this process are ruled by the same set of applicable laws as shown in
Risk exists in all matters, and it is not different in business. Among several definitions of risk, [
Reference [
Corroborating, [
Controversial but elucidating, the Chaos Report (1994) issued by [
Additionally, [
Furthermore, [
In addition, [
Enriching the literature, [
Thus far, an attempt has been made to clarify that risk identification constitutes a precursor to software risk management. Hence, this study intends to help the decision-maker to fulfill part of the risk management process by identifying the main group of private smart contract risks and evaluating them utilizing the AHP method with the help of expert judgment.
As aforementioned, the private smart contracts deployed on the permissioned private blockchain are distinguished by their characteristics and risks when compared to the permissionless blockchain and public network. One of the attributes of the private blockchain and the smart contract is to have a network administrator, either a person, a group of persons or a set of rules, which makes it the target for cyberattacks [
Another important feature of the smart contract is the immutability of code [
Reference [
The smart contract is encrypted before being deployed on the private blockchain. The performance issues mentioned by [
Regarding the security of the blockchain system and a smart contract written on Ethereum, [
The controversial misuse of the hard fork operation is less appropriate to the private smart contract object of this study [
Reference [
Regarding the contract that should be translated to code, if a contract does not encompass all rules and conditions, it might lead to transaction costs, conflict, or even worse, the ruin of the program if a consensus is not established [
Regarding the legal perspective, [
As mentioned by [
The research work calls for conducting the process of risk identification and analysis on smart contracts deployed on the permissioned private blockchain network for private trade. The topic of assessing the smart contract risks in the literature is still not recognized from this basis [
In this context, therefore, a two-phase methodology has been proposed and utilized to meet the gaps mentioned above. The first phase is to group the most common smart contracts’ attributes based on their meaning after a review of smart contracts in the literature and resources. The second phase is the analysis of identified risks with expert judgment, with the intention of ranking them for determining their relative areas of concern under uncertain conditions by using the AHP approach.
This research work was performed between December 2017 and March 2018 utilizing the same systematic mapping study used in current research topics regarding smart contracts described by [
The search exercise was carried out with queries in ProQuest, Google Scholar, Elsevier, ScienceDirect, and Emerald Insight databases, focusing on quality papers published in conferences, journals, and workshops. The keywords used in the search were blockchain and smart contract, separated and in combination, using the connectors and/or, without excluding the books. Moreover, the search included the words: risk assessment, AHP, software risk management, and project management on the same databases. Additionally, based on the exclusion criteria performed by [
There is a lack of research on the subject that is associated with risk assessment; therefore, this study is classified as exploratory research [
To answer the research questions of which risks are intrinsic to private smart contracts and if they can be grouped, the data collection of smart contract characteristics was carried out based on the emergent literature review and interviews with specialists. The attempt was to group the repeated patterns identified
in the literature and to group them in a significant set. Later, confirmation of the relevance of the proposed four groups by the experts of that phenomenon was conducted during an interview. Thus, an effort was made to avoid the researcher’s bias and to confirm the concepts, based on the grounded theory research procedure as described by [
The solution methodology applied in this research study is displayed in
As seen from the preceding chapters, the literature presents characteristics of the smart contract. To recapitulate and to structure them, the characteristics are organized in
The software risk management and the features identified in
A decision-making approach should have a consensus-building approach, and it should be natural to our intuition and general thinking. For simplification purposes, grouping the risk characteristics of smart contracts mentioned in
As observed, there are pieces of evidence that indicate that attributes of the smart contract can be set up in four main clusters in order to concentrate the software risk analysis. Consequently, the use of AHP was selected to provide a methodology for pairwise comparison of the aspects identified, which can guide the adoption of decisions. The AHP has been used in different fields such as decision-making in construction management [
Smart contract features | Risk description | Source |
---|---|---|
1. Transparency | ||
1.1. Transactions are traceable and permanently recorded | In light of corporate governance, it is a risk if the transactions are not traceable. | [ |
1.2. Privacy | Accidental human interference or hacking information is an exposure risk and might have liabilities consequences. | [ |
1.3. Lack of consensus or collaboration | If consensus or collaboration is only partially achieved, then it might cause conflicts during the smart contract lifetime. | [ |
2. IT security | ||
2.1. Network administrator | Having a network administrator in the private environment becomes a focus of hacking attacks. | [ |
2.2. Immutability of code | Blockchain protocol can be changed through a hard fork, but in the private environment, it only happens through common consensus of the stakeholders | [ |
2.3. Vulnerability of code | Is the risk perception of how easy it is to invade the code and to modify it. | [ |
3. Automation | ||
3.1. Performance issues | Regarding the speed of transactions in private smart contracts and the requirement to perform the number of transactions. Additionally, the risk of downtime due to performance issues. In addition, the desirable system automation level which can be: 1) fully automated, 2) semiautomated and 3) slightly automated. | [ |
4. Legality | ||
4.1. Codifying smart contract | Complexity to translate the contract’s paper-based terms and conditions to programming code. | [ |
4.2. Framework of code in consensus | If the set of laws and rules are not common to all stakeholders, then there is a clear risk of compliance and can imply legal consequences. | [ |
4.3. Jurisdiction conflicts | If the smart contract does not encompass all required laws and rules, it might have conflicts with governments. | [ |
4.4. Immutability of the code | The immutability and consequently the automated transaction might not follow the civil jurisdiction where the business is established. | [ |
4.5. Termination of smart contract | The risk is the lack of proper evaluation of this possibility. | [ |
5. Software risk management | ||
5.1. Inadequate smart contract verification | Regarding testing before deployment which can impact or influence one group, partial groups or all groups cited above. | [ |
5.2. Lack of maturity | Intrinsic to actual smart contract infancy. | [ |
5.3. Human skills | Inherent in the programmer’s ability to write, codify, and identify risks and its potential consequences. Innumerable threats can be associated with it. | [ |
5.4. Software quality | Risk that is intrinsic to the selected programming code such as the differences among Solidity in Ethereum, NEO and LISK. In conjunction with the human skills related to developing the smart contract on such programming codes. | [ |
Group of smart contract risks | Meaning/Description | Source |
---|---|---|
Transparency in the context of corporate governance | To be understood as a digital public ledger of time-stamped transactions that is available for every participant in the blockchain network. All transactions are recorded in the blockchain and any transaction can be visited by the eligible user on the network and can verify the validity of any transaction. Therefore, all transactions are visible, accessible and auditable to everyone who is entitled to perform it. The risk is if the code is not translated to be visible or auditable to stakeholders, which might imply a lack of trust in the entire system | [ |
IT Security | A cryptographically secured transaction is possible due to cryptography science and allows the protection of sensitive information either in storage or communication. The use of the hash function allows a digital fingerprint on the block created in the blockchain. The hash function is also time-stamped, which provides additional security design. One block or transaction cannot be erased, copied, replaced or changed once it is registered in the blockchain. The risk is the cyberattacks or hackers trying to destroy, manipulate, disrupt or change the private blockchain environment and its smart contract. That might happen with the temporary suspension or even shutdown of the system in case of a cyberattack. It can incur financial losses, cause a lack of confidence in the system and identity disclosure | [ |
Automation | The smart contract is the translation of the traditional contract to a programming language. Thus, the terms and conditions are machine-readable, enforcing agreed upon rules previously established and agreed in consensus among all the involved parties without the requirement of any hierarchical power structure, i.e., self-executing smart contracts if conditions are satisfied. It will imply an instantaneous settlement, effectively eliminating counterparty risk. Consequently, the process can be classified as automated. However, the parties can determine the extent of the automation process. It was proposed to have three levels: 1) fully automated, 2) semiautomated and 3) little automated. | [ |
Legality | It refers to the legal perspective. The agreed terms and conditions translated to a machine-readable form are possible due to a specific programming language such as Ethereum, avoiding human misinterpretation of contract terms which might lead to a dispute between parties. The smart contract shall encompass all legal agreements made in consensus among the parties. Additionally, it shall respect the applicable laws and regulations regarding the government, society, and organization where the digital contract will be established. There will be a risk if the initial legal framework translated to a machine programming language does not comprehend all necessary rules which would impact the overall system validity. The expected outcomes must be extensively discussed and approved by everyone who is impacted by them. | [ |
The AHP developed by [
a i j = 1 / a j i is the generic element of the reciprocal positive matrix A i j (1)Additionally, the matrix A i j shall follow the condition (2) to be considered consistent.
a i j = a i k / a j k , where a i j > 0 and i , j , k = 1 , ⋯ , n (2)
The judgment scale of numbers used in AHP is from 1 to 9 [
Having the comparison matrix, it is possible to obtain a priority vector of a set of alternatives, such that n is the number of elements to be compared, λ max is the priority vector of matrix A, and w is the vector of priorities, where λ max = n and a i j = w i / w j if the choices made by the decision-maker are consistent. This being so, the vector must be found to satisfy Equation (2), and by Equation (3), the priority vector is obtained.
After forming the comparison matrices, the process moves to the phase of deriving relative weights for the various elements. The relative weights of the elements of each level with respect to an element in the adjacent upper level are computed as the components of the normalized eigenvector associated with the largest eigenvalue of their comparison matrix. The composite weights of the decision alternatives are then determined by aggregating the weights through the hierarchy. This is accomplished by following a path from the top of the hierarchy to each alternative at the lowest level and multiplying the weights along each segment of the path. The outcome of this aggregation is a normalized vector of the overall weights of the options. The mathematical basis for determining the weights has been established.
The rank reversal phenomenon is debatable. The criticism has been extensively discussed by many authors such as [
To evaluate the importance of the characteristics, a first approach to the specialists in information technology (IT) in different organization in Brazil was initiated, but the level of replies and feedback of those questionnaires was insufficient and not completed, which was most likely because of a misunderstanding regarding how to use Saaty’s nine-point scale. On the other hand, one company replied and opened a communication channel with the researcher. Consequently, a second effort was made to interview the IT specialists. The company is present in Brazil, and it is an operator in the oil and gas industry. It has a global presence, with its headquarters in Europe. The IT specialists’ profile is shown in
With respect to the qualitative approach on the AHP methodology, during the interview, questions to the interviewees were asked such as: In the context of software risk assessment, how much more important is security compared to transparency?
To construct the decision model and to solve the matrix, Super Decision software was used. This is professional software that can be freely accessed, and it is easy to use for constructing the pairwise comparison and solving the matrix as well as to acquire the consistency ratio. The consistency ratio is a measure of consistency that confirms that the original rates given by the interviewees have been maintained [
Based on
IT specialist 1 | IT specialist 2 | |
---|---|---|
Years of experience in IT | 14 | 18 |
Current job position | Project manager | Head of IT department |
Working on a future project about blockchain or smart contracts application | Yes | Yes |
Working on digitalization or automation | Yes | Yes |
Transparency | IT security | Automation | Legality | Weight factor | |
---|---|---|---|---|---|
Transparency | 1 | 1/7 | 3 | 1/5 | 0.095 |
IT security | 7 | 1 | 7 | 2 | 0.531 |
Automation | 1/3 | 1/7 | 1 | 1/5 | 0.054 |
Legality | 5 | 1/2 | 5 | 1 | 0.319 |
Consistency ratio: 0.06 |
After the AHP result, the interviewees did not expose surprise to the result and confirmed their previous expectation mentioned during the interview. Additionally, both experts mentioned the importance of the weight factor because it helps them to decide how internal resources can be allocated focusing on the higher risk. Also, they mentioned the AHP method simplifies communication with internal and external stakeholders.
During the interview, one of the experts highlighted the importance of risk identification of private smart contracts. According to the expert, the private smart contract enables data sharing among participants. However, when information from different sources are gathered and shared, the conjunction of information might trigger a new business insight. That new insight might start a new competitive business or a new business model. If that happens, it brings advantage to those who discovered first.
Additional point cited by both experts was the possibility to include the risk analysis of business intelligence, analytics, and data sharing into overall blockchain utilization. They said that big data is a source of valuable information if correctly used. The risk of utilization of big data available in any blockchain is unknown. Hacking that volume of data is considered a risk on private business. The outcome is unpredictable.
During the interview, the experts mentioned that smart contracts could be used to automate post-trade transactions, replacing the bureaucracy and the paperwork. None of the interviewees could mention further details of this application.
Innovative technologies applied to processes often present both potential benefits and risks [
This research study tackles the primary goal of software risk management, which is risk identification, and second, it confronts the risk factors with the aid of an expert by utilizing the AHP method. It seemed to have served a useful purpose and disclosed the possibility of using a similar methodology for other software risk assessments while helping the decision-maker perform better judgment in a systematic form.
The outcome of the experts’ input and the application of AHP show the IT security as the most critical topic following by legality. The experts mentioned the usage of big data in blockchain environment is considered an unknown risk. The smart contract is on early implementation stage, as mentioned during the interview. Another point highlighted during the interview was the proper business segment selection to implement the smart contract. Following the selection of the business segment, it is discussed which part of the business the smart contract could be applied and tested before a full escalation of this IT software. It is the premature usage of blockchain and smart contracts in the business as well as the risk identification of the software. Also, during the interview was possible to identify that the company might take baby steps implementing the smart contract until a full understanding of how the IT software works and how it runs in a permissioned blockchain environment.
Regarding legality, the experts show similar preoccupation if the terms and conditions of the formal and regular paper contract are not translated correctly to program code because it can ruin the business and expose participants to any government agency, then possible penalties. Therefore, it is imperative to reach the consensus among players when writing the smart contract and attain attention to the national laws wherever the business might occur. Also, they mentioned the difficulties when writing the smart contract because it involves different technical areas on the first time such as IT programmers, lawyers, and different stakeholders.
Following the AHP method and result as per
The last risk is the level of automation that smart contract can offer. The experts believe that the automation of the regular paper contract and its terms and conditions are achievable once there is a consensus among parties when writing the computer code. The execution of the computer codes can be defined among the parties. The automation can have three levels: 1) fully automated, 2) semiautomated, and 3) little automated. Having a fully automated smart contract means zero participation of any external resource and the rules are executed as per computer code.
On the other hand, the semiautomated system means that an external resource might be used. The external resource can be a person, a group of persons or another computer code. They can be used to check a few points in the process. After checking those points and having agreement among participants, it is authorized the execution of the computer code in the smart contract.
The little automation level is possible, but it is not desirable, as per interviewees. They said that it would be a regression if the participants choose little automation because it would involve several stops in the process and several checks before any computer code execution. Choosing little automation level would be a paradox after having achieved a good IT security level, legality as well as transparency in the process. Also, the choice of little automation level implies more risk because human errors might occur, and might be a time-consuming task. The smart contract should be designed to reduce the human interpretation of the codes or rules, and its full automation might be appreciated as a benefit to the business.
The proposed methodology in this research study suggests that the literature review was relevant to group of the four main risks based on their meaning as well as the application of the AHP method to compare the risks. It seems to be a feasible technique for identifying the software risks in organizations.
Limitations of This Study and Opportunity for Future WorkA thorough search of the relevant literature yielded no related articles attempting to provide a risk identification of a private smart contract application. One of the limitations is that the study could have been performed with more interviewees to enhance the risk assessment and evaluation. The perception threshold of different experts can vary from business to business, from environment to environment, and from culture to culture. Nonetheless, this study is exploratory and unique regarding the risk perception of private smart contract attributes insofar as this research study does not intend to be complete but rather a provide a primary approach. On the other hand, the proposed convenience sample can be extended to include subcategories for each main group of risks. In addition, other multicriteria decision analysis methods can be selected and applied, and thus, the results can be compared and examined.
Another limitation regards the risk of the human work needed to write the code. Hence, it requires human skills and ability to choose which programming language to code and to fulfill application demands. The point is that there is a risk of faults while programming the code which might lead to a combination, to some extent, of the risks mentioned in this paper. This particular risk was not assessed as a sole risk of the private smart contract, the object of this study, but it should be evaluated by the decision-maker as an essential factor when deciding on the utilization of the smart contract. Perhaps, utilizing another methodology, such as the PMBoK, will identify other risks as well. Furthermore, each stage in the software development lifecycle should be adequately risk-assessed in favor of identifying risks and problems early on and reacting to them effectively.
An additional constraint might be the protocol used for grouping the risks. First, in the literature review, there are many websites, blogs, white papers, free video-hosting websites and general information about blockchains and smart contracts available on the Internet. Although they are not considered as scientific studies, and they were not considered in this research, it is evident that there are technical discussions around the same topic, involving entrepreneurs and software developers, among others, who are enthusiastic contributors on the same subject. Furthermore, there might be risks not realized by the interviewees or the author, and it can be criticized that proposing the four main groups mentioned in this study is cursory. However, as described by [
The specificities of private smart contract implementation and usage were not part of this study, as well as the infrastructure of the IT part, but they are recommended areas of research. A valuable extension that would complement the preceding ideas and generally help with the understanding of risk is a case study related to smart contract implementation and an understanding of how the software risks were evaluated.
This research did not receive any specific grant from funding agencies in the public, commercial, or not-for-profit sectors.
The author declares no conflicts of interest regarding the publication of this paper.
Luciano, R. (2019) The Hazards of Misusing the Smart Contract: An AHP Approach to Its Risk. Journal of Information Security, 10, 25-44. https://doi.org/10.4236/jis.2019.101002