Module 4: Smart Contracts & DeFi

Nick Szabo coined the term "smart contract" in 1994, predating blockchain technology by over a decade. He envisioned embedding contractual clauses into hardware and software.

The oracle problem refers to the fact that blockchains are isolated systems that cannot natively access external data. Oracles bridge this gap but introduce trust assumptions.

Traditional legal systems still apply to smart contracts. Code may execute perfectly but still violate laws, be based on fraud, or require external remedies. "Code is law" is a philosophy, not a legal reality.

A Ricardian contract is a document that is simultaneously human-readable (natural language), machine-readable (parseable markup), and cryptographically signed, bridging legal prose and executable code.

Gas is a unit measuring the computational effort required to execute operations on Ethereum. Users pay gas fees (in ETH) to compensate validators for processing transactions.

Decentralized oracles like Chainlink and Band Protocol aggregate data from multiple independent nodes, distributing trust rather than relying on a single source.

Wyoming was the first US state to recognize DAOs as LLCs in 2021, providing limited liability while allowing algorithmic governance.

"Private" does NOT mean secret. All blockchain data is publicly readable. "Private" only restricts which contracts can call a function - the underlying data is still visible to anyone reading the blockchain.

Solidity 0.8.0 introduced built-in overflow/underflow checks. Prior versions allowed integers to wrap around silently, causing numerous exploits. Always verify contracts use 0.8+ or SafeMath.

msg.sender is the address that called the current function. This differs from tx.origin (the original transaction sender), which should be avoided for authentication due to phishing vulnerabilities.

ERC-20 is the standard for fungible tokens (interchangeable). ERC-721 is for NFTs (non-fungible), ERC-1155 supports both, and ERC-2981 is for NFT royalties.

A view function can only read state, not modify it. View functions are free when called externally (no gas cost) since they don't change blockchain state.

Storage is the most expensive (20,000 gas for new slot) because it's permanent on-chain data. Memory is temporary and cheap, calldata is read-only and cheapest.

tx.origin returns the original sender, not the immediate caller. If a user interacts with a malicious contract, that contract can call a target contract while tx.origin still shows the user, enabling phishing attacks.

The DAO hack exploited a reentrancy vulnerability where an attacker could recursively call the withdraw function before the balance was updated, draining $60M. This led to the Ethereum hard fork.

The Checks-Effects-Interactions pattern prevents reentrancy by: 1) checking conditions, 2) updating state, 3) making external calls last. This ensures state is updated before any external call can re-enter.

Audits are point-in-time assessments with limited scope. Audited contracts have been hacked (e.g., Euler Finance, Wormhole). Multiple audits from different firms provide better coverage but cannot guarantee security.

Formal verification uses mathematical proofs to verify that a program satisfies a formal specification. Unlike testing (which shows bugs exist), formal verification proves their absence for specified properties.

Flash loan attacks use uncollateralized loans (borrowed and repaid in one transaction) to temporarily acquire massive capital for price manipulation or governance attacks.

This is a classic reentrancy vulnerability. The external call (sending ETH) happens before state update. A malicious contract could re-enter and withdraw again before the balance is zeroed.

Critical severity is for direct loss of funds or protocol takeover. Unlimited withdrawal capability is the most severe type of vulnerability.

TWAP oracles average prices over time, making them resistant to flash loan manipulation. Combining multiple sources further reduces manipulation risk.

Uniswap v2 uses the x * y = k formula where x and y are token quantities and k is a constant. This creates automatic price discovery based on supply and demand.

In DeFi lending, liquidators repay part of the debt and claim collateral at a discount when positions become undercollateralized. This protects the protocol from bad debt.

Impermanent loss occurs when token prices diverge after providing liquidity. LPs end up with more of the depreciated token and less of the appreciated one compared to simply holding.

DAI is a decentralized, crypto-collateralized stablecoin governed by MakerDAO. Users deposit collateral into Vaults and mint DAI. USDC, USDT, and BUSD are fiat-backed.

UST collapsed due to a death spiral in its algorithmic mechanism. When UST lost its peg, LUNA hyperinflated as the algorithm tried to restore the peg, destroying $40B+ in value.

A flash loan is an uncollateralized loan that must be borrowed and repaid within a single transaction. If not repaid, the entire transaction reverts as if it never happened.

TVL (Total Value Locked) measures the total value of assets deposited in a DeFi protocol. It's a key metric for assessing protocol adoption and risk.

DeFi composability is often called "Money Legos" because protocols can be combined like building blocks. A single transaction can interact with multiple protocols.

A rug pull is a scam where developers abandon a project and steal investor funds, typically by draining liquidity pools, minting unlimited tokens, or using hidden contract functions.

Multiple audits from reputable firms is a positive indicator, not a red flag. Anonymous teams, unlocked liquidity, and unrealistic APY promises are all warning signs.

Mango Markets was exploited through oracle manipulation. The attacker pumped MNGO price, used inflated collateral value to borrow $114M, then couldn't repay when price normalized.

Composability risk refers to cascading failures across interconnected DeFi protocols. A failure in one protocol can trigger liquidations or failures in dependent protocols.

A honeypot is a scam token that lets users buy but blocks them from selling. The code contains restrictions that only allow the developer to sell.

Dextools and block explorers can verify on-chain if LP tokens are locked in a timelock contract, which is crucial for rug pull prevention analysis.

ERC-1155 is a multi-token standard supporting both fungible and non-fungible tokens in a single contract, with optimized batch transfers. ERC-721 only supports non-fungible tokens.

NFT buyers typically do NOT receive copyright to the underlying artwork. They get token ownership and usage rights per the license, but the creator usually retains IP rights.

Bored Ape Yacht Club grants holders broad commercial rights, allowing them to create and sell merchandise, media, and derivative works using their ape's image.

Most NFT art is stored off-chain (IPFS, Arweave, or centralized servers). The NFT only contains a URL or hash pointing to the content. If storage fails, the NFT may point to nothing.

In Hermes v. Rothschild (2023), Hermes won against an artist selling "MetaBirkin" NFTs depicting the Birkin bag, establishing trademark protection extends to digital goods.

NFT royalties are marketplace-enforced, not blockchain-enforced. If buyers sell through non-compliant marketplaces, creators receive nothing. This is a contractual right, not a property right.

Revenue-sharing NFTs with passive income expectations are most likely securities - they involve investment of money, common enterprise, expectation of profit, and reliance on others' efforts.

In September 2023, the SEC charged Impact Theory for unregistered securities offering through their "Founder's Keys" NFTs, citing promises of future benefits and profit expectations.

Without a legal wrapper, a DAO may be treated as a general partnership, exposing all token holders to unlimited personal liability for the organization's debts and obligations.

Beanstalk was exploited via flash loan governance attack. The attacker borrowed enough tokens to pass a malicious proposal in 13 seconds, draining $182M without a timelock delay.

A Cayman Islands Foundation Company is a non-profit foundation with no members, governed by directors. Popular for protocol DAOs due to tax efficiency and flexible structure.

The CFTC served Ooki DAO by posting in the governance forum and Discord, and the court allowed this service method. This set precedent for how regulators can pursue DAOs.

Voter apathy refers to low participation rates in DAO governance. Many DAOs see less than 5% of token holders voting, concentrating power in a small group of active participants.

Gnosis Safe is the dominant multi-signature wallet for DAO treasury management, requiring multiple key holders (e.g., 4-of-7) to approve transactions.