Ethereum: Why the Code Needs to be Improved

Introduction

The Institute for Crypto Code Review (ICCR) analyzes the underlying codebase (e.g. C++, Java) of cryptocurrencies and other DLT solutions. We determine a score for the quality of the code, which is easy to understand and comparable. Further, we point out possibilities to improve the codebase but also potential risks. In the case of Ethereum, we analyzed over 30,000 lines of code and identified issues or possible improvements in over 25% of the code. In most cases the issues were minor and not critical but there are also sections of the code, which require improvements by developers. The institute aims to provide transparency, insights from reviewing the code of cryptocurrencies and to support investors, analysts and other blockchain enthusiasts with assessing crypto projects. Before jumping directly to the review of the Ethereum code, let us take a look at the blockchain technology itself. For everyone who is familiar with the concept of Ethereum, feel free to skip this section and continue reading in the next section.

The Ethereum technology

Ethereum is a blockchain solution, which goes far beyond the function of a cryptocurrency. The open-source platform allows developers to build and run custom decentralized applications. Similar to other blockchain solutions, the Ethereum network is decentralized and consists of many individual computers (nodes), which communicate with each other by the use of the Ethereum protocol. The interactions on the Ethereum network are cryptographically secure, which means that private data remains private and transactions or written data are immutable to undesired modifications. The Ethereum network is based on consensus, which means that the authenticity of transactions or data has to be verified by several nodes before it is permanently stored on the blockchain. This verification process is done by miners, who provide computing power and receive tradable crypto tokens (Ethers) in return. One major advantage over normal cryptocurrencies can be found in the usage of smart contracts. Smart contracts can be described as computer code, which can automatically execute the exchange of money, content, property, shares, or anything of value[i]. With smart contracts, complex transactions, like an amortizing loan, can be settled with only a few lines of code. Both parties have confidence in the fulfilment of the contract since the execution is automated and predefined after the smart contract was signed electronically. The smart contracts run on the blockchain and are therefore secured against fraud, downtime or any third-party interference. This feature of Ethereum is very powerful and clears the path for numerous new applications, which make economic transactions and operations more efficient and reliable. Ethereum is a first layer blockchain and all miners are rewarded by the native token (Ether) for validating transactions. Developers can also issue tokens, which are built on top of the existing Ethereum blockchain and extend the Ethereum protocol to specialized tasks.[ii]

Review of the Ethereum codebase

Ethereum is equipped with many functions, which are all defined in the Ethereum code. The code is the backbone of the Ethereum software, which runs on every node of the network. Therefore, the quality and the security of this codebase is crucial for the long-term success of the Ethereum project. We used an innovative and new approach to analyze the quality of the code. With the help of a software, we automatically analyzed the C++ codebase of Ethereum and determined the quality of the code. Since the Ethereum code is published under the open source GPL 3 license, the codebase is easy accessible on GitHub. [iii]

Figure 1: Rating scale for the quality of crypto code [-5, +5]

Analysis: Ethereum scores only 1.69 on a [-5,+5] scale

Most of you probably want to know where Ethereum ranks on this scale. The second largest cryptocurrency scores only at 1.69 and unveils potential for further improvements. In the further course of this article we will analyze this number in more detail. The score can be further subdivided into four categories: design, metrics, duplications and code issues. For each category, an individual score is calculated, which helps to identify the origin of the issues. Figure 2 visualizes all of the subcategories of the Ethereum version from 2018–03–13. In the following, each category is explained in detail and the results will be interpreted. This part might be a little bit more technical but still plausible for non-coders.

Figure 2: Distribution of total score for Ethereum on a [-5,+5] scale
Figure 3: Example of anti-patterns in the “libethereum” component of Ethereum
Figure 4: Example of code issues in the “libethash” component of Ethereum

Summary: Ethereum code needs to be improved

We, the Institute for Crypto Code Review, automatically analyzed the Ethereum code and the algorithms unveiled several areas, which should be improved. The system classified the results into hotspots according to the urgency of the issue. As Figure 5 shows, almost 5% of the total Ethereum code is flagged as “critical” and needs further attention by developers. The problem can be narrowed down to the “libethereum” component, where over 1,200 lines of code are affected. But also, other components contain hotspots with the classification “high”. Even though the code seems to function correctly, also these parts should be reviewed by developers. Since Ethereum is open-source, different programmers can contribute to the project. This makes it difficult to develop a code with a consistent design and to avoid anti-patterns. The analysis also unveils a decrease in code quality between two releases of the Ethereum code. Therefore, a new version of Ethereum does not necessarily mean an improvement in the code quality. Obviously, there are also good news, over 20,000 lines of code have no issues and demonstrate high quality.

Figure 5: Distribution of hotspots in the Ethereum code

Remarks

The results shown in this paper are based upon an automatic analysis of the code. Please note that this analysis does neither represent financial advice, nor is it supposed to be understood or interpreted as solicitation to buy or sell any securities, coins or tokens.

  • Blockchain knowledge: We wrote a Medium article on how to acquire the necessary blockchain knowledge within a workload of 10 working days.
  • Our two blockchain books: We have edited two books on how blockchain will change our society (Amazon link) in general and the everything related to finance (Amazon link) in particular. Both books are available in print and for Kindle — currently in German and soon in English. The authors have been more than 20 well-known blockchain experts in startups, corporations and the government from Germany, Austria, Switzerland and Liechtenstein — all contributing their expertise to these two books.
Our two books: the first one on blockchain and the society and the second one on blockchain and finance

Authors

Prof. Dr. Philipp Sandner has founded the Frankfurt School Blockchain Center (FSBC). From 2018 to 2021, he was ranked among the “top 30” economists by the Frankfurter Allgemeine Zeitung (FAZ), a major newspaper in Germany. He has been a member of the FinTech Council and the Digital Finance Forum of the Federal Ministry of Finance in Germany. He is also on the Board of Directors of FiveT Fintech Fund, 21e6 Capital and Blockchain Founders Group — companies active in venture capital financing for blockchain startups and crypto asset investment management. The expertise of Prof. Sandner includes crypto assets such as Bitcoin and Ethereum, decentralized finance (DeFi), the digital euro, tokenization of assets, and digital identity. You can contact him via mail (m@philippsandner.de) via LinkedIn or follow him on Twitter (@philippsandner).

Endnotes

[i] See Buterin, V. (2014). A next-generation smart contract and decentralized application platform, 2014. URL: https://github.
com/ethereum/wiki/wiki/White-Paper

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Philipp Sandner

Philipp Sandner

Professor | Lecturer | Author | Investor | Frankfurt School Blockchain Center