Blockchain smart contracts: Applications, challenges, and future trends

Abstract

In recent years, the rapid development of blockchain technology and cryptocurrencies has influenced the financial industry by creating a new crypto-economy. Then, next-generation decentralized applications without involving a trusted third-party have emerged thanks to the appearance of smart contracts, which are computer protocols designed to facilitate, verify, and enforce automatically the negotiation and agreement among multiple untrustworthy parties. Despite the bright side of smart contracts, several concerns continue to undermine their adoption, such as security threats, vulnerabilities, and legal issues. In this paper, we present a comprehensive survey of blockchain-enabled smart contracts from both technical and usage points of view. To do so, we present a taxonomy of existing blockchain-enabled smart contract solutions, categorize the included research papers, and discuss the existing smart contract-based studies. Based on the findings from the survey, we identify a set of challenges and open issues that need to be addressed in future studies. Finally, we identify future trends.

Introduction

For more than a decade, the blockchain is established as a technology where a distributed database records all the transactions that have happened in a peer-to-peer network. It is regarded as a distributed computing paradigm that successfully overcomes the issue related to the trust of a centralized party. Thus, in a blockchain network, several nodes collaborate among them to secure and maintain a set of shared transaction records in a distributed way without relying on any trusted party. In 2008, Satoshi Nakamoto introduced Bitcoin [69] that was the first proposed cryptocurrency introducing the blockchain as a distributed infrastructural technology. It allowed users to transfer securely crypto-currencies, known as “bitcoins” without a centralized regulator. Besides, Ethereum [16], NXT [71], and Hyperledger Fabric [4] were also proposed as blockchain-based systems used for the cryptocurrency. Unlike Bitcoin, they can use smart contracts (SC). Blockchain technology overlaps traditional contracts by including the terms of agreements between two or more parties, but surpasses them thanks to smart contracts by automating the execution of agreements in a distributed environment when conditions are met.

Smart contracts are executable codes that run on top of the blockchain to facilitate, execute, and enforce an agreement between untrustworthy parties without the involvement of a trusted third-party [16]. Smart contracts gave network automation and the ability to convert paper contracts into digital contracts. Compared to traditional contracts, smart contracts enabled users to codify their agreements and trust relations by providing automated transactions without the supervision of a central authority [89]. In order to prevent contract tampering, smart contracts are copied to each node of the blockchain network. By enabling the execution of the operations by computers and services provided by blockchain platforms, human error could be reduced to avoid disputes regarding such contracts.

Although smart contracts have made progress in recent years, they still face many challenges. For instance, one infamous malicious attack took place in 2016 when the Decentralized Autonomous Organization (DAO) smart contract was manipulated to steal around 2 Million Ether 1(50 Million USD on the time) because of its re-entrancy vulnerability [103]. In addition to the vulnerability problem, smart contracts face several challenges including privacy, legal, and performance issues.

To understand current topics on smart contracts, we conduct a comprehensive survey, with the aim of better identifying and mapping research areas that need further studies. The focus of this survey is studying smart contracts from the technical point of view (e.g., codifying, security, performance issues) and the usage point of view (e.g., smart contract applications in finance, healthcare, etc). The major contributions of this paper are summarized as follows:

1. We propose a taxonomy of studies based on blockchain-enabled smart contracts including two categories, namely SC improvement and SC usage.

2. We categorize 200 papers that we have extracted from different digital databases and discuss the existing smart contract-based studies.

3. Based on the findings from the survey, we identify a set of smart contract challenges and open issues that need to be addressed in future studies. Therefore, this survey provides a helpful reference to the researchers who want to target smart contract improvement or usage in their future studies.

4. Finally, we discuss future trends of smart contracts and explain how they provide better solutions to the open research challenges.

Considering the above contributions, the remainder of this paper is structured as follows. Section 2 discusses background information about blockchain and smart contracts technologies. Section 3 discusses existing reviews studying smart contract-based approaches. Section 4 describes the adopted survey methodology and the solution taxonomy used to categorize existing smart contract-based solutions. In Sections 5–8, we present existing advances in modeling-driven smart contract improvement, optimization-driven smart contract improvement, resource-driven smart contract usage, and cross-organizational collaboration-driven smart contract usage. Section 9 discusses the study results by introducing challenges and future trends in the studied field. Finally, Section 10 concludes the paper.

Background

As aforementioned, blockchain technology has emerged as a distributed computing paradigm that successfully overcomes the problem related to the trust of a centralized party. Thus, in a blockchain network, several nodes collaborate among them to secure and maintain a set of shared transaction records in a distributed way without relying on any trusted party. Specific nodes in the network known as miners are responsible for adding new blocks to a distributed public ledger known as the blockchain.

The first system was Bitcoin [69], which allowed users to transfer securely the currency (bitcoins) without a centralized regulator. In the blockchain network, miners are responsible for collecting transactions, solving challenging computational puzzles (proof-of-work) in order to reach consensus, and adding the transactions as blocks to the blockchain. Since then, several blockchain-based development platforms have been proposed offering the ability to host/ use smart contracts to execute automatically events and actions., namely NXT [71], Ethereum [16], Hyperledger Fabric [4], etc.

We detail below the smart contract operational process and then discuss some blockchain platforms that support the development of smart contracts.

Operational process of smart contracts

A smart contract is a common agreement between two or more parties. It stores information, processes inputs, and writes outputs thanks to its pre-defined functions [16]. For instance, the smart contract can define the constructor function that enables the smart contract creation. Hosting a new smart contract in the blockchain is enabled by invoking the constructor function through a transaction, whose sender becomes the smart contract owner. A self-destruct function is another example of the functions that can be defined in a smart contract. Usually, only the smart contract owner can destruct the contract by invoking this function.

A smart contract is likely to be a class that includes state variables, functions, function modifiers, events, and structures [16] which is intended to execute and control relevant events and actions according to the contract terms. Besides, it can even call other smart contracts. Each smart contract includes states and functions. The former are variables that hold some data or the owner’s wallet address (i.e., the address in which the smart contract is deployed). We can distinguish between two state types, namely constant states, which can never be changed, and writable states, which save states in the blockchain. The latter are pieces of code that can read or modify states. We can distinguish between two function types, namely read-only functions, which do not require gas 2 to run and write functions that require gas because the state transitions must be encoded in a new block of the blockchain. Furthermore, paying currency is required to avoid infinitely smart contract runs.

As aforementioned, a smart contract is hosted in the blockchain by invoking its constructor function through a transaction submitted to the blockchain network, then the constructor function is executed, and the final code of the smart contract is stored on the blockchain. Once deployed, the creator of the smart contract got the returned parameters (e.g., contract address), then users can invoke any available smart contract’s function by sending a transaction.

Platforms for Smart Contracts

Smart contracts can be developed and deployed in different blockchain platforms (e.g., NXT, Ethereum, and Hyperledger Fabric). Several platforms offer distinctive features for developing smart contracts including contract programming languages, contract code execution, and security levels. Some platforms support high-level programming languages to develop smart contracts.

• Bitcoin [69] is a public blockchain platform that can be used to process cryptocurrency transactions, but with a very limited computing capability. Bitcoin uses a stack-based bytecode scripting language. The ability to create a smart contract with rich logic using the Bitcoin scripting language is very limited. Major changes would need to be made to both the mining functions and the mining incentivization schemes to enable smart contracts proper on Bitcoin’s blockchain [52].

• NXT [71] is an open-source blockchain platform that relies entirely on a proof-of-stake consensus protocol. It includes a selection of smart contracts that are currently living. However, it is not Turing-complete, meaning only the existing templates can be used and no personalized smart contract can be deployed.

• Ethereum [16] is the first blockchain platform for developing smart contracts. It supports advanced and customized smart contracts with the help of a Turing-complete virtual machine, called the Ethereum virtual machine (EVM). EVM is the runtime environment for smart contracts, and every node in the Ethereum network runs an EVM implementation and executes the same instructions. Solidity, as a high-level programming language, is used to write smart contracts, and the contract code is compiled down to EVM bytecode and deployed on the blockchain for execution. Ethereum is currently the most popular development platform for smart contracts and can be used to design various kinds of decentralized applications (DApps) in several domains.

• Rather than the public blockchain, such as Bitcoin and Ethereum that any party can participate in the network, Hyperledger Fabric [4] is permissioned with only a collection of business-related organizations can join in through a membership service provider, and its network is built up from the peers whose are owned and contributed by those organizations. Hyperledger Fabric is an open-source enterprise-grade distributed ledger technology platform, proposed by IBM and supports smart contracts. It offers modularity and versatility for a broad set of industry use cases. The modular architecture for Hyperledger Fabric accommodates the diversity of enterprise use cases through plug and play components.

Ethereum and Hyperledger Fabric smart contracts differ in multiple aspects. While Solidity is the well-known programming language used to write Ethereum smart contracts, Hyperledger Fabric supports multi-language smart contracts, such as Go, Java, and Javascript [4]. For contract code execution, the contract code in Ethereum is included in a transaction, which is propagated in the peer-to-peer network, and any miner that receives this transaction can execute it in its local virtual machine [16]. In Hyperledger Fabric, when a transaction is created by the application, the transaction is only executed and signed by specified peers (endorsing peers). After receiving the application’s transaction proposal, each of these endorsing peers independently executes it by invoking the chain-code to which the transaction refers [4]. For security, chaincode runs within a container environment (e.g., Docker) for isolation.

These blockchain-based development platforms are used in the existing studies that we detail in the following sections.

Related literature reviews/surveys

We provide a brief overview of the existing reviews that have studied blockchain-enabled smart contracts.

While several literature reviews/surveys are published in order to study the blockchain-enabled smart contracts, there are still some ongoing challenges that have not been addressed. Table 1 presents a comparative summary of the existing blockchain-enabled smart contract reviews/surveys according to six criteria, namely proposing a taxonomy, considering several blockchain platforms, considering application domains, covering smart contract improvement tools, identifying research gaps, and scope of literature review. We observe that there is a lack of taxonomy focusing on smart contract improvement (i.e., addressing smart contract security, privacy, and performance issues) and smart contract usage (i.e., addressing domain-specific issues).

Table 1.

Existing smart contract Reviews/Surveys: A comparative summary

Survey	Solution taxonomy?	Blockchain platforms?	Application domains?	Coverage of tools?	Research gap identification?	Scope of literature review
Our survey	✓	✓	✓	✓	✓	Until 09/2020
Atzei et al. [8]	✓	✓		✓		Until 2017
DHarz and Knottenbelt [25]		✓		✓		Until 09/2018
Angelo and Salzer [5]		✓		✓		Until 10/2018
Liu and Liu [56]	✓	✓		✓		2015-2018
Feng et al. [33]		✓		✓		Until 05/2019
Murray and Anisi [68]		✓		✓		Until 2019
Zou et al. [120]				✓		Until 2019
Gupta et al. [37]	✓			✓		2015-01/2020
Praitheeshan et al. [77]	✓	✓		✓	✓	Until 2019
Mohanta et al. [66]		✓	✓			Until 2018
Rouhani and Deters [81]		✓	✓			Until 04/2019
Bartoletti and Pompianu [12]	✓	✓	✓			2013-2016
Meng et al. [63]			✓			Until 2018
Hu et al. [41]		✓	✓			2015-2019
Maesa et al. [60]		✓				Until 2018
Cuccuru [21]		✓	✓			Until 05/2016
Alharby et al. [1]		✓	✓			Until 05/2017
Udokwu et al. [95]			✓			2013-2018
Wang et al. [99]		✓	✓		✓	Until 2018
Zheng et al. [117]		✓	✓		✓	Until 2019

To sum up, it can be said that the existing surveys concerning blockchain-enabled smart contracts focus on classifying the papers based on smart contract issues. Our work extends the existing surveys by studying the smart contract application domains, analyzing the smart contract challenges, and introducing some research gaps that need to be addressed in future studies.

Research Methodology and Solution Taxonomy

We describe below the adopted research methodology, such as the search strategy, filtering process, and inclusion and exclusion criteria. Besides, we present the solution taxonomy used to categorize the final set of included papers.

Systematic Literature Review

We used three existing databases, namely ScienceDirect, IEEEXplore, and ACM Digital Library to search for relevant works using the “smart contract” string keyword. In the first phase, we found 523 publications as shown in both Fig. 1a, which depicts the percentage of the acquired research paper per digital database as well as Fig. 1b, which depicts the total number of preliminary studies acquired from each digital database.

Fig. 1.

Publication trend

To choose the relevant papers to be analyzed in our review, we filtered the primary studies retrieved from the databases. To do so, we defined a set of inclusion and exclusion criteria, which are summarised in Table 2. Based on the outcomes of the first phase, we applied the set of inclusion and exclusion criteria to exclude the publications considered outside the scope of this review. Thus, we only included studies that satisfy all the inclusion criteria. We excluded duplicate publications, surveys, and literature reviews by filtering studies based on the title, the abstract, and the list of keywords.

Table 2.

Inclusion and exclusion criteria for relevant works

Inclusion criteria	Exclusion criteria
Be published online before September 2020	White papers, editorial comments, and book reviews
Studies are in the field of smart contracts	Studies that present surveys and review papers
Studies that are available in online archives	Studies that are not published in English

As a result of the filtering process, we excluded 323 publications and included 200 relevant publications for this systematic review. Figure 1b depicts also the number of the relevant studies included in this research from each digital database.

Publication trends and Categorization

To examine the trend of the smart contract field in terms of the publication date, Fig. 2 depicts the number of included studies published each year from 2015 to September 2020. We observe that the total number of published papers in the studied field increases in the past few years, indicating the importance of the topic. Thus, the smart contract field is rapidly growing in recent years.

Fig. 2.

Included articles per year

As a result of an in-depth analysis of the included studies in this review, a comprehensive taxonomy is constructed to provide an additional support for designers to understand the various dimensions that they have to consider when designing a smart contract. The major motivations of this survey are to identify (i) the main publications about smart contracts, (ii) the current state of research in this field, and (iii) possible gaps in the literature that could become research problems to be solved by the scientific community. Through this survey, we aspire not only to define the conceptual background of blockchain-enabled smart contracts, but also to identify research issues to be explored at new studies. Indeed, we categorize existing smart contract research into two major categories, namely smart contract improvement and smart contract usage. The former includes studies aiming at addressing the smart contract challenges, such as functionality verification, performance, vulnerabilities, and lack of trustworthy data feeding. The latter includes studies aiming at addressing domain-specific challenges using smart contracts. Figure 3 depicts the proposed taxonomy of blockchain-enabled smart contracts, including modeling-driven smart contract improvement (see Section 5), optimization-driven smart contract improvement (see Section 6), resource-driven smart contract usage (see Section 7), and cross-organizational collaboration-driven smart contract usage (see Section 8).

Fig. 3.

Taxonomy of blockchain-enabled smart contract based studies

Modeling-driven smart contract improvement

Smart contracts have suffered from multiple security vulnerabilities in the past few years [8], which have resulted in both theft and gigantic financial losses. Such vulnerabilities could have been avoided with the help of formal analysis and verification of such smart contracts before deploying them on the blockchain. Since existing programming languages, such as Solidity are not built for formal verification, several researchers have proposed alternative approaches in order to improve the smart contract functionality verification. In this category, we discussed modeling-driven smart contract improvement solutions, which can be categorized into programming-centric solutions (see Table 3) and formal verification-centric solutions (see Table 4).

Table 3.

Some examples of programming-centric solutions

Paper	Contribution	Description
Regnath and Steinhorst [78]	SmaCoNat	SmaCoNat is a domain-specific language that is tailored for a subset of the transaction logic found in smart contracts.
Schrans et al. [83]	Flint	Flint is a type-safe, capabilities-secure, contractoriented programming language specifically designed for writing robust smart contracts.
Sergey et al. [85]	Scilla	Scilla is a novel intermediate-level functional smart contract programming language, suitable to serve as a compilation target and also as an independent programming framework. Scilla aims at achieving both sufficient expressivity and tractability, while enabling formal contract verification.

Table 4.

Some examples of formal verification-centric solutions

Publication	Contribution	Description
Amani et al. [2]	Bytecode verifying method	It aims at verifying smart contracts at the level of EVM bytecode using the Isabelle/HOL. This formal method is generic to all Ethereum smart contracts.
Bai et al. [10]	Model checking method	It is introduced based on formal methods to model smart contracts and verify their properties. Formal methods combined with smart contracts aim at reducing the potential errors and costs during the development process of smart contracts.
Osterland and Rose [73]	Tool chain	Tool chain aims at translating chain code modeled in Solidity via its operational semantics into a formal representation that can be formally analyzed for correct implementation via model checking.
Yang and Lei [109]	FEther	FEther is an extensible hybrid verification proof engine for Ethereum smart contract verification. Based on Lolisa, which is a large subset of solidity mechanized in Coq, FEther guarantees the consistency between smart contracts and its formal model.

Programming-centric solutions

The essence of a smart contract is the computer code that can be executed automatically on the computer, so programming smart contracts correctly is an important research direction. Several researchers argued that developing new contract languages is an effective way to write a correct smart contract. Table 3 presents some newly proposed programming languages such as SmaCoNat [78], Flint [83], and Scilla [85]. For instance, Regnath and Steinhorst [78] proposed a human-readable, security, and executable programming language, called SmaCoNat. The authors converted programming language grammar into natural language sentences in order to improve program readability.

New contract languages promised to address the existing domain-specific language vulnerabilities. However, since they have not been put into practice, they could have their vulnerabilities. Thus, designing and implementing secure smart contracts still require adaptive software engineering technologies and expertise from multiple research domains, such as networking, programming languages, formal methods, and cryptography.

Formal verification-centric solutions

Typically, formal testing is applied to ensure that a software behaves and performs as expected in its specifications and requirements based on all possible inputs’ conditions. For smart contracts, Truffle [93], is an example of a development framework for Ethereum that enables writing formal test cases based on certain mathematical logic and rules for smart contracts written in JavaScript or Solidity languages. These test cases can be written in JavaScript and can be executed on a test network to check several properties of smart contracts. As aforementioned, formal testing can only make sure that a smart contract did what it is supposed to do based on its specification, however, it cannot help the smart contract developers to find bugs or vulnerabilities. Therefore, automated formal verification is a promising approach to detect bugs and other errors to guarantee the functional correctness of smart contracts. According to [2], formal verification can provide the highest level of confidence in the correct behavior of smart contracts. At present, the use of formal methods to verify smart contracts has been widely adopted by several researchers, and significant results have been achieved in practice. Table 4 presents some formal verification-centric solutions. For instance, Amani et al. [2] extended an existing EVM formalization in Isabelle/HOL by a sound program logic at the level of bytecode. The principle of the method is to organize the bytecode sequences into linear code blocks and create a logic program, where each block is processed as a set of instructions. Each part of the verification is validated in a single trusted logical framework from the perspective of bytecode.

Currently, formal verification tools are still in the experimental stage and have not been widely used. Therefore, the smart contract formalization research direction deserves a lot of attention, thus it provides the highest level of confidence about the correct behavior of smart contracts. Real progress in this research field can improve trust in the smart contract, especially when used to develop critical systems, such as financial, healthcare, and banking systems.

Optimization-driven smart contract improvement

Smart contracts have emerged as a new promising solution for developing fully decentralized applications without involving a trusted third-party. Despite the bright side of smart contracts, several concerns continue to undermine their adoption, namely performance issues, security threats, and privacy issues. Indeed, new smart contract applications are more demanding in terms of contract execution time, execution cost, security, and privacy fields. In this category, we discuss optimization-driven smart contract improvement solutions, which can be categorized into performance optimization-centric solutions (see Table 5) and security optimization-centric solutions (see Table 6).

Table 5.

Some examples of performance optimization-centric solutions

Publication	Contribution	Description
Dickerson et al. [26]	Parallel execution method	It is a novel way to permit miners to execute smart contracts in parallel, based on techniques adapted from software transactional memory. This method performed well on smart contract benchmarks, greatly speeding up contract execution efficiency.
Gao et al. [34]	Parallel execution scheme	It can run multiple smart contracts in parallel to improve the throughput of the system.
Chen et al. [18]	GasReducer tool	GasReducer is a tool to automatically detect multiple anti-patterns from the bytecode of smart contracts and replace them with efficient code through bytecode-to-bytecode optimization in order to save gas cost.

Table 6.

Some examples of security optimization-centric solutions

Publication	Contribution	Description
Vulnerability detection
Luu et al. [59]	Oyente	Oyente is a symbolic execution tool that aims at finding potential security bugs. It extracted the control map from the EVM Bytecode of the contract and found potential vulnerabilities in the contract by executing a control map.
Bragagnolo et al. [15]	SmartInspect	SmartInspect is a solidity smart contract inspector that aims at analyzing contract states using decompilation techniques driven by the contract structure definition. It also allows contract developers to better visualize and understand the contract stored state without needing to redeploy, nor develop any ad-hoc code.
Jiang et al. [47]	ContractFuzzer	ContractFuzzer is a novel fuzzer to test Ethereum smart contracts for security vulnerabilities. ContractFuzzer generates fuzzing inputs based on the ABI specifications of smart contracts, defines test oracles to detect security vulnerabilities, instruments the EVM to log smart contract run-time behaviors, and analyzes these logs to report security vulnerabilities.
Liu et al. [54]	ReGuard	ReGuard is a fuzzing-based analyzer to automatically detect re-entrancy bugs in Ethereum smart contracts. Specifically, ReGuard performs fuzz testing on smart contracts by iteratively generating random but diverse transactions.
Kolluri et al. [48]	EthRacer	EthRacer is an automatic analysis tool that runs directly on Ethereum bytecode and requires no hints from users in order to detect event-ordering bugs in blockchain smart contracts.
Transactional privacy
Kosba et al. [49]	Hawk	Hawk is a blockchain model of cryptography and privacy-preserving smart contracts. It does not make financial transactions available publicly on the blockchain to maintain transactional privacy.
Watanabe et al. [101]	Verifying contract protocol	It aims at deploying an encrypted smart contract on the blockchain. Only participants having a decryption key can access the contract’s content.
Trustworthy data feeding
Zhang et al. [113]	Town Crier	Town Crier acts as a bridge between smart contracts and existing web sites, which are already commonly trusted for non-blockchain applications.
Liu et al. [57]	Data carrier architecture	Data carrier architecture is cost-effective and elastic for blockchain-enabled IoT environment that enables smart contracts to fetch off-chain data. The evaluation results show that the proposal is more efficient and elastic compared with Oraclize Oracle data carrier service.

Performance optimization-centric solutions

Smart contract performance refers to the ability of smart contract systems to deliver in a reasonable response time and sustain performance when the number of contracts is increasing [1]. Table 5 presents some examples of performance optimization-centric solutions. Some performance issues in blockchain systems, not limited to, are throughput bottleneck, limited scalability, transactions latency. To overcome performance issues in smart contract systems, some researchers have proposed solutions to execute smart contracts in parallel instead of sequentially [26, 34]. For instance, Gao et al. [34] have proposed a parallel execution scheme that relies on two key techniques, namely a fair contract partition algorithm leveraging integer linear programming to partition a set of smart contracts into multiple subsets, and a random assignment protocol assigning subsets randomly to a subgroup of users. Other studies have been proposed for smart contract optimization by saving gas. In fact, if the smart contract execution exceeds an amount of gas (known as gas limit), an out-of-gas exception is raised, interrupting the current execution. For instance, GasReducer [18] is a tool for automatically detecting EVM operation sequences that can be replaced with other operations that have the same semantics but need less gas, and then replacing them with efficient code.

Security optimization-centric solutions

Security of a smart contract refers to its robustness against attacks from malicious users that exploit generally the contract security vulnerabilities to gain profit or the lack of trustworthy data feeding to inject malicious data. Table 6 presents some examples of vulnerability detection tools, transactional privacy models, and trustworthy data feeding solutions.

Vulnerability Detection

Discovering potential vulnerabilities in the execution of contracts is important to improve the security and credibility of contracts. Indeed, several studies systematically summarized the contract vulnerabilities and analyzed the security risks [8, 77, 81]. For instance, Atzei et al. [8] have provided a taxonomy of smart contract vulnerabilities of three levels, namely Solidity, EVM, and Blockchain. In recent years, the most notorious attack is the Decentralized Autonomous Organization (DAO) attack that exploited a re-entrancy vulnerability to steal around 2 Million Ether from a smart contract [103]. Another attack has happened to the SmartBillions, which presented a fully decentralized and transparent lottery system when an attacker successfully manipulated the block hash of the smart contract’s lottery function twice, and forced the result in his favor to get 400 Ether [62]. To solve the smart contract vulnerabilities, several vulnerability detection solutions have been proposed. Some studies have given solutions to common vulnerabilities, such as Oyente [59], SmartInspect [15], and ContractFuzzer [47]. Some other work focused on specific vulnerabilities, such as ReGuard [54] to detect re-entrancy bugs and EthRacer [48] to detect event-ordering bugs.

Transactional privacy

The privacy issue represents a real challenge for smart contracts to keep critical functions secret, apply cryptography, and avoid disclosing data on the blockchain to the public. The lack of transactional privacy could limit the adoption of smart contracts. To address this issue, Kosba et al. [49] have proposed Hawk, a decentralized smart contract system. Hawk is a tool allowing smart contract developers to build privacy-preserving contracts without the need for implementing any cryptography. Its compiler automatically generated an efficient cryptographic protocol where contractual parties interact with the blockchain, using cryptographic primitives such as zero-knowledge proofs.

Trustworthy data feeding

The smart contract execution requires some external data about real-world states and events from outside the blockchain. Therefore, trustworthy data feeding mechanisms (known as Oracles) are required to build a bridge between blockchain and the external world (e.g., Web API). For instance, Zhang et al. [113] have proposed Town Crier, which acted as a link between existing commonly trusted non-blockchain based websites and smart contracts to provide authenticated data to smart contracts while preserving confidentiality with encrypted parameters. However, in case of malicious code or bad data fed to a smart contract, the latter processes the input as is, producing an incorrect and unpredictable outcome. Thus, oracles retain an enormous amount of power over smart contracts in how they are executed because the data they provide determines how the smart contracts execute.

To sum up, research on improving smart contract security and performance has emerged in recent years. While running smart contracts in parallel can speed up contract execution, it faces a challenge in how to execute contracts that depend on each other at the same time. Moreover, optimizing smart contract codes can effectively reduce potential vulnerabilities in contracts and ensure efficient and secure execution of contracts. However, the existing studies are still immature, and unknown vulnerabilities or bugs cannot be detected to be replaced. Thus, the optimization of smart contracts needs further research.

After discussing the smart contract from the technical point of view, we present in the following two sections the existing solutions focusing on smart contract usage in several domains.

Resource-driven smart contract usage

As we know, smart contracts are executable code hosted in the blockchain that store information, process inputs, and write outputs thanks to their pre-defined functions. They are used to improve data handling transparency, decentralize resource-constrained device management, and enable changes of the agreement terms at runtime while running on top of a decentralized and transparent network. In this category, we discuss resource-driven smart contract usage solutions, which can be categorized into data management-centric solutions (see Table 7), device management-centric solutions (see Table 8), and cloud-related solutions (see Table 9).

Table 7.

Some examples of data management-centric solutions

Publication	Contribution	Description
Data provenance
Angrish et al. [6]	FabRec	It is a decentralized approach to handle manufacturing information generated by various organizations using the blockchain. It decentralizes critical information about the manufacturer and makes it available on a peer-to-peer network composed of fiduciary nodes to ensure transparency and data provenance.
Javaid et al. [44]	BlockPro	BlockPro is a solution based on Physical unclonable functions (PUFs) and the blockchain for a safe and secure IoT environment to ensure data provenance and enforce data integrity by providing an immutable storage platform.
Data access
Ouaddah et al. [74]	FairAccess	FairAccess is a decentralized pseudonymous and privacy-preserving authorization management framework. It relies on smart contracts to express access control policies and blockchain to manage access control enforcement.
Guo et al. [36]	Multi-authority scheme	Multi-authority attribute-based access control (ABAC) scheme uses smart contract to issue a secret key to the data user to access the requested object.
Maesa et al. [61]	Access control system	It aims at codifying attribute-based access control policies as smart contracts and deploying them on a blockchain, hence transforming the policy evaluation process into a completely distributed smart contract execution.
Zhang et al. [114]	Access control framework	It is based on multiple access control contracts, one judge contract, and one register contract in order to achieve distributed and trustworthy access control for IoT systems.
Shi et al .[88]	AAA scheme	It is a blockchain-empowered Authentication/Authorization/Auditing (AAA) scheme to protect the data in the large-scale HetNet where the access control permission of data is stored on the blockchain.
Yu et al. [112]	AC scheme in IIoT	It is a blockchain-enhanced security access control scheme that supports traceability and revocability has been proposed in IIoT for smart factories.
Data sharing
Dagher et al. [22]	Ancile	Ancile is a blockchain-based framework for secure, interoperable, and efficient access to medical records by patients, providers, and third parties while preserving the privacy of patients.
Omar et al. [72]	MediBchain	It is a patient-centric healthcare data management system using blockchain technology as storage which helps to attain privacy. Cryptographic functions are used to encrypt patient’s data and to ensure pseudonymity.
Nizamuddin et al. [70]	Document sharing framework	Document sharing framework is a blockchain-based solution for document sharing and version control to facilitate multi-user collaboration and track changes. Smart contracts are used to govern and regulate the document version control functions among the creators of the document and its validators.
Eltayieb et al. [30]	BABSC	BABSC is a blockchain-based attribute-based signcryption scheme to provide secure data sharing in the cloud environment. It also provides secure data confidentiality and unforgeability.
Yu et al. [111]	Research support platform	It is a blockchain-based platform for data sharing against COVID-19. Smart contracts and pseudonym mechanism are used to preserve the privacy of patients.

Table 8.

Some examples of device management-centric solutions

Publication	Contribution	Description
Ellul and Pace [29]	AlkylVM	AlkylVM is a split-virtual machine that allows for resource-constrained IoT devices to interact with blockchain systems.
Javaid et al. [45]	IoT-Blockchain model	IoT-Blockchain model is an IoT device and server communication framework on Ethereum using a customized smart contract which enables a better defense mechanism against DDoS and rogue device attacks.
Loukil et al. [58]	PrivBlockchain	PrivBlockchain is an end-to-end privacy-preserving framework for the IoT data using blockchain technology. The proposed smart contracts are used to improve the data ownership, transparency, and auditability for users.
Singla et al. [90]	LMS	Leave Management System (LMS) is a secure reliable leave management system through blockchain smart contract handled via mobile or IoT devices.
Wang et al. [96]	PoRX	Proof-of-Reputation-X (PoRX) is a reputation incentive scheme for blockchain consensus of Industrial Internet of Things.
Wright et al. [104]	SmartEdge	SmartEdge is an Ethereum-based smart contract for edge computing. It is a low-cost, low-overhead tool for compute-resource management.
Zhao et al. [116]	Software update protocol	It is a blockchain based privacy-preserving protocol, which delivers secure and reliable updates for the IoT devices with an incentive mechanism while protects the privacy of involved users.

Table 9.

Some examples of cloud-related solutions

Publication	Contribution	Description
Hwang et al. [42]	Automatic indemnification mechanism	It is based on smart contracts for refunding cloud storage service clients when the service provider violates the service level agreement by raising objections to a smart contract.
Scoca et al. [84]	Smart contract negotiation	It is an autonomous negotiation of smart contracts in cloud computing, which analyses the cost and the necessary changes for reaching an agreement. It is based on a formal language that specifies interactions between offers and requests.
Wang et al. [98]	QoS-Aware service composition	It is a smart-contract based algorithm for constructing cloud service-based systems through the composition of existing services.
Zhou et al. [118]	Cloud SLA enforcement	It is a witness model to credibly enforce the cloud service level agreement (SLA) using the witness role based on blockchain and smart contracts to solve the trust issues about who can detect the service violation and how the violation is confirmed.

Data management-centric solutions

In the past, raw data are transferred to a cloud server to be stored and analyzed. However, this centralized solution has caused serious concerns regarding several aspects, such as the necessity to trust the cloud infrastructure security, control loss once data are externalized, and lack of data handling transparency. Consequently, blockchain-based data management emerged as a platform to facilitate transparent data transactions between untrustworthy involved parties on the network. Indeed, peer-to-peer-network-based data management is a more fair system as compared to a system where all transactions are handled by a central server. Table 7 presents some examples of data management-centric solutions concerning data provenance, data access, and data sharing.

Data Provenance

Data provenance refers to a historical record of the data and its origins showing which and how data item is stored, accessed, and processed by whom and for what purpose. Ensuring data provenance can increase data transparency and enforce data integrity. In this regard, a blockchain can offer an immutable storage of records and smart contracts can be used as a responsible for verifying the data origins before storing them. Similar ideas are applied in [6, 44], where a blockchain is used as a decentralized and immutable storage for enabling data provenance. For instance, Javaid et al. [44] have proposed a blockchain-based data provenance and integrity for secure IoT environments framework, called BlockPro. Ethereum and two smart contracts were used to implement it. The first smart contract established data provenance by interacting with the IoT devices and making sure they are legit and the data being uploaded is coming from a known and trusted origin. The second smart contract can only be called by the first one to storing data on and retrieving data from the blockchain.

Data Access

Data access is ensured according to rights given to involved parties in a network to perform some operations on data. These rights are expressed using access control policies, which consist of a set of conditions that are evaluated against the current context to make the access decision each time a request is received [40]. Recently, for obtaining decentralized self-evaluating policies, access control policies have been codified as executable code and have been managed through a peer-to-peer network while eliminating a central entity. For this purpose, smart contracts can be used to express access control policies to transform the policy evaluation process into a distributed smart contract execution. In this context, several studies [36, 61, 74, 88, 112, 114] have been proposed. For instance, Maesa et al. [61] proposed to exploit a blockchain to store access control policies and manage attributes, as well as to execute the access decision process. The access control policy is represented through a smart contract that evaluated the stored conditions to make the access decision.

Data Sharing

Data sharing refers to make data available to other parties by the data owner. However, two types of challenges faced data sharing schemes, namely (i) achieving good data sharing while losing the control over the shared data or (ii) remaining poor at sharing in order to keep strong control over the data. To address these challenges, blockchain technology is used because it offers immutable storage of records that improve data handling transparency and can host executable codes (i.e., smart contracts) that authenticate users, verify authorizations, and thereby ensure an efficient and secure data sharing in a peer-to-peer network. Several studies using blockchain-enabled smart contracts have been proposed for data sharing in healthcare [22, 72, 111], cloud environment [70], and for digital document version control [30]. In the healthcare context, medical devices and health care applications have been increasingly adopted by patients. However, wireless body sensors collect health records that are sensitive to individuals. Existing electronic health record management systems struggle with balancing data privacy and data access. Blockchain technology is an emerging technology that enables data sharing in a decentralized and transactional fashion. For instance, Dagher et al. [22] have proposed a blockchain-based framework, called Ancile for secure and efficient access to medical records by patients, providers, and third-parties while preserving the patients’ privacy. Ancile employed smart contracts, data obfuscation techniques, and cryptographic techniques in order to improve privacy and security in the healthcare domain. Recently, Yu et al. [111] have proposed a blockchain-based medical research support platform, which employed the characteristics of the alliance chain on which hospitals and medical research institutions are treated as nodes. Among them, users such as patients, doctors, and researchers needed to register and authenticate on the alliance chain. Smart contracts are used to upload the pseudonymous addresses of CEMRs to the alliance chain.

Device management-centric solutions

One of the technical challenges of having billions of devices deployed worldwide is the ability to manage and synchronize them. Using the current model of the server-client system may have some limitations for device management thus, several researchers are studying the benefits of the blockchain use in this field. Specifically, smart contracts are chosen to guarantee authentication, synchronization, and data integrity while running on top of a decentralized and transparent network. Table 8 presents some newly proposed device management-centric solutions [29, 45, 58, 90, 96, 104, 116]. For instance, Ellul and Pace [29] have proposed a split-virtual machine architecture to enable the integration of resource-constrained devices with blockchain systems, called AlkylVM. Each blockchain-connected device would run an instance of AlkylVM, which allows communication between blockchain and IoT devices using the Aryl blockchain node. The latter is responsible for monitoring smart contract transactions and events that would require interaction with IoT devices.

Cloud-related solutions

In cloud computing, both service requester and service provider agree on a set of requirements, obligations, and rights that is valid for the whole contract life-cycle. Recently, blockchain-enabled smart contracts have been used to enable changes in the agreement terms at runtime through the definition of conditions and actions. Table 9 presents some proposed cloud-related solutions [42, 84, 98, 118]. For instance, Zhou et al. [118] have proposed a witness model for enforcing cloud Service Level Agreement (SLA) using smart contracts. The game theory is leveraged to analyze that the witness has to offer honest monitoring service in order to maximize its revenue. The service provider needs to prepay fees to the smart contract for hiring witnesses. The service customer then decides whether to accept the SLA. If yes, it also needs to prepay fees including the service fee and its part of the hiring fee for witnesses. However, a small bug or attack on smart contracts can result in significant issues like privacy leakage or system logic modifications. Some of critical security vulnerabilities can include timestamp dependencies, mishandled exceptions, re-entrancy attacks on smart contracts in cloud-related solutions.

Although smart contracts fulfill many conditions related to data/device management, they have some drawbacks, based on basic design principles of blockchain technology. First, the data stored on smart contracts are publicly readable through public transactions with no read access restrictions. Thus, it is required to avoid storing private or device keys on smart contracts to the public availability of the information. For solving transparency problems related to blockchain, future research might investigate deploying complex cryptographic solutions for securing data stored on smart contracts without boosting cost. Second, the cost of storing data on the blockchain is very high. Therefore, creating hybrid solutions is required to benefit from the traceability of data transactions that are offered by blockchain networks and the efficient and private access and storage of data provided by external data repositories.

After discussing the resource-driven smart contract usage solutions, we present in the following section the existing solutions focusing on cross-organizational collaboration-driven smart contract usage.

Cross-organizational collaboration-driven smart contract usage

Smart contracts help to record an agreement between several untrustworthy parties in the form of code that cannot be altered or changed once deployed on the blockchain. Thus, smart contract development allows substituting traditional contracts and develops business growth in several industries, namely supply chain management, logistics and shipping, insurance, and charity. In this category, we discuss cross-organizational collaboration-driven smart contract usage solutions, which can be categorized into profit-centric solutions (see Tables 10, 11, and 12) and non-profit-centric solutions (see Table 13).

Table 10.

Some examples of profit-centric solutions: Tracking-based

Publication	Contribution	Description
Baralla et al. [11]	Supply chain system	It is a generic agri-food supply chain traceability system based on blockchain technology implementing the “from-farm-to-fork” (F2F) model currently used in the European Union, which can integrate current traceability rules and processes.
Casado-Vara et al. [17]	Supply chain model	It is based on blockchain that aims at coordinating the tracking of food in the agriculture supply chain using smart contracts and a multi-agent system.
Dasaklis et al. [24]	Granularity level framework	It is a generic framework for defining granularity levels based on the product’s unique characteristics, supply chain processes, and stakeholders’ engagement by using smart contracts within a blockchain-enabled supply chain traceability architecture.
Hasan et al. [39]	Supply chain management	It is a blockchain-based solution for efficient supply chain management involving items shipped via smart containers. Smart contracts are used to manage shipment conditions, automate payments, legitimize receivers, and also issue a refund in case of violations to pre-defined conditions.
Islam and Kundu [43]	IC Traceability method	It is a method of integrated circuit (IC) supply chain traceability based on blockchain. Smart contracts allow supply chain participants to authenticate, track, trace, analyze, and provision chips throughout their entire life cycle.
Leng et al. [50]	Makerchain	Makerchain is a decentralized blockchain-driven model to handle the cyber-credit of social manufacturing among various makers. Smart contracts are used to automate the verification of the product life-cycle through a trail of historic events.
Lin et al. [53]	Food Traceability system	It is a trusted, self-organized, open, and ecological food traceability system based on blockchain and Internet of Things technologies.
Westerkamp et al. [102]	Tracing manufacturing processes	It is a system that allows for traceability of manufactured goods, including their components using tokens.
Xie et al. [105]	QuarkChain	QuarkChain is a blockchain-enabled interoperability framework and it has the reputation based Proof-of-Authority as a preliminary smart contract design for addressing challenges in biopharmaceutical supply chain management.
Xu et al. [108]	originChain	It is a blockchain-based traceability system that provides transparent tamper-proof traceability data with high availability and enables automated regulatory-compliance checking and adaptation in imported product traceability scenarios.

Table 11.

Some examples of profit-centric solutions: Digital asset-based

Publication	Contribution	Description
Asgaonkar and Krishnamachari [7]	Escrow trade protocol	It is a dual-deposit escrow trade protocol that uses double-sided payment deposits in conjunction with simple cryptographic primitives for provably cheat-proof delivery and payment for a digital good without a trusted mediator based on blockchain-enabled smart contracts.
Bader et al. [9]	CAIPY	CAIPY is a smart contract-based ecosystem for simple and transparent car insurance in which smart contracts do not replace but support current processes to enable significant cost savings for insurance claims.
Bogner et al. [14]	DAPP	DAPP is a Decentralised App for the sharing of everyday objects based on a smart contract that enables users to register and rent devices without involvement of a Trusted Third Party (TTP), disclosure of any personal information, or prior sign up to the service.
Dziembowski et al. [28]	FairSwap	It is a protocol for a fair exchange of digital goods using smart contracts that take the role of an external judge that completes the exchange in case of disagreement.
Liu et al. [55]	EV power trading model	Electric vehicles power trading model is based on smart contracts and aims at realizing the information equivalence and transparent openness of power trading.
Missier et al. [65]	IoT data trading marketplace	It is a decentralized, trusted, transparent, and open architecture for IoT traffic metering and contract compliance.
Wang et al. [100]	Energy demand management	It is a hierarchical framework for the energy demand-side management through peer-to-peer exchange of information and energy in the real-time market using smart contracts.
Xiong and Xiong [106]	Data trading mode	It is a solution to the data trading mode based on the smart contract using blockchain and machine learning. Smart contracts are used to authenticate and authorize the data owner before authorizing the data purchaser to download the purchased data.
Xu et al. [107]	BLESS	BLESS is a BLockchain-Enabled Social credits System that rewards the residents who commit to socially beneficial activities. Smart contract enabled authentication and authorization strategy prevents any unauthorized entity from accessing the credit system.
Yeh et al. [110]	Mobile payment scheme	It is a robust mobile payment scheme based on sturdy certificate-less signatures with bilinear pairing while making it suitable for computation-constrained mobile devices.

Table 12.

Some examples of profit-centric solutions: Crowdsourcing-related

Publication	Contribution	Description
Han et al. [38]	Fluid	Fluid is a blockchain based framework which supports foundations of general crowdsourcing platforms using smart contracts.
Shi et al. [87]	MPCSToken	MPCSToken is a smart contract enabled fault-tolerant incentivisation for mobile P2P crowd services to facilitate service auction, task execution and payment settlement process.
Wang et al. [97]	LoC	LoC is a financial loan management system based on smart contracts over permissioned blockchain Hyperledger Fabric.
Zichichi et al. [119]	LikeStarter	It is a smart-contract based social decentralized autonomous organization that combines social interactions with crowdfunding mechanisms, allowing any user to raise funds while becoming popular in the social network.

Table 13.

Some examples of non-profit-centric solutions

Publication	Contribution	Description
Cheng et al. [19]	VOLTimebank	Volunteer time bank (VOLTimebank) is a system for a mutual pension based on blockchain and smart contracts.
Farooq et al. [32]	Charity management platform	It is a blockchain-based charity management platform that aims at providing a transparent, secure, auditable, and efficient system. Smart contracts are used to buy, sell, and transfer CharityCoin to organizations and individuals, and call for donations.
Panja et al. [75]	Borda count voting	It is a self-tallying decentralized e-voting protocol for a ranked-choice voting system based on Borda count.
Saleh et al. [82]	Tracking donation platform	It offers transparent accounting of operations donors, charitable foundations, and recipients based on blockchain technology.
Shariar et al. [86]	Computational system	It is a decentralized model of a computational system built on blockchain for educational institutions by introducing a cryptocurrency within the network of the institute.
Sirisha et al. [91]	Charity-Chain	It is a decentralized network for tracking donations and helping donors (philanthropic organizations, impact investors, small donors) to monitor their transactions and hence restore their trust in giving to such social organizations.
Trotter et al. [94]	Smart donations	It is a blockchain-powered mobile platform and application that facilitates a novel model for real-time, condition-based donations using smart contracts.
Zhao and O’Mahony [115]	BMCProtector	BMCProtector is a blockchain and smart contract-based application to protect music copyright and ensure holders’ income rights.

Profit-centric solutions

The smart contract protocol aims at making contracts more secure, executed in real-time, and more transparent, which are the exact challenges with the existing profit-centric cross-organizational collaboration. Profit-centric solutions aim at increasing the profit by reducing real-time tracking costs, improving cross-border payments, and enhancing distributed problem-solving transparency. Tables 10, 11, and 12 present some examples of profit-centric solutions concerning tracking-based solutions, digital asset-based solutions, and crowdsourcing-related solutions, respectively.

Tracking-based solutions

Although business processes may operate well within a centralized mechanism managing internal activities with individual local databases, there still exists a demand for transparency across processes and trust relationships among involved parties. Indeed, real-time tracking may reduce the unnecessary wait for the confirmation of information. Thus, using a distributed system can enhance the transparency and performance of business processes. Smart contracts can be used to automate the transfer of various types of ownership of assets, property, and value and therefore, lead to more visible and less-intermediated working processes. In this context, several studies using smart contracts have been proposed for supply chain management of foods [11, 17, 53], manufactured products [24, 43, 50, 102], shipped items [39], bio-drugs [105], and imported products [108]. For instance, Casado-Vara et al. [17] have proposed a model for agriculture tracking involving blockchain, smart contracts, and a multi-agent system. The blockchain is used to store all transaction information in the supply chain. Besides, the multi-agent system used smart contracts to manage the entire supply chain process more efficiently while removing intermediaries. Furthermore, according to industry estimations, the global halal food market will reach USD 2.55 trillion by 2024 [92]. Thus, several companies are using blockchain to improve traceability in the halal food supply chain. For instance, a UK based company has partnered with a blockchain platform provider in order to track livestock and fresh food from farm to table through the halal food chain using the blockchain technology [92].

Digital asset-based solutions

Because of their resilience to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect certain agreed rules like in financial services. Therefore, smart contracts in the finance application domain manage, gather, and/or distribute the money as a preeminent feature. The lack of a centralized authority reduced costs and in theory provided more control and access to the investors [46]. To this end, some smart contracts are used for cross-border payments without relying on banks. For instance, the blockchain payment provider, called Ripple is a blockchain solution for payments that is proven in the real world by connecting existing bank ledgers to facilitate near real-time cross-border payments. Ripple may also reduce costs and provide additional pricing transparency of real-time cross-border payments [3]. Table 11 presents other smart contracts that implemented data/good trading service [7, 65, 106], insurance service [9], rent/exchange good service [14, 28], energy trading and demand management service [55, 100], social credit system [107], and mobile payment system [110]. For instance, smart contracts are exploited in the insurance industry to automate claims processing, verification, and payment, thus to increase the speed of claim processing as well as to prevent fraud and reduce manual mistakes. Recently, a smart contract-based flight insurance system has been proposed to refund automatically the insured passengers in case of a flight delay [13]. Moreover, blockchain-based systems can provide solutions to the cyber insurance challenges by realizing an automated, real-time, and immutable feedback loop between the insurer, its customer, and potential auditors [20]. Moreover, blockchain technology can mitigate the problems faced by traditional insurance while complying with religious principles [67]. Indeed, a smart insurance model based on Islamic insurance, called Takaful is proposed in [64]. The main difference between Takaful and conventional insurance that in Takaful, insured funds belong to them, the insurance company is just a manager. Thus, by using blockchain and smart contract technologies, insurance companies can be more transparent, which is the highest feature requested by customers. The authors in [64] have suggested transforming the traditional insurance policies into smart contracts that can be executed automatically in order to refund the policyholders without causing compensations for fake incidents.

Crowdsourcing-related solutions

Crowdsourcing is an online, distributed problem-solving and production model in which individuals or organizations obtain goods and services from a large group of participants. For instance, crowdfunding has become one popular form of collective funding among several categories of crowdsourcing. Crowdfunding is a process, in which small donations or investments, made by groups of people, support the development of new projects in exchange for free products or different types of recognition. Traditional crowdsourcing is based on a central system where requesters post tasks on a central server or platform, however, this centralized model currently faces various challenges such as prohibitive cost, single point of failure, and vulnerability to malicious attacks. To this end, blockchain is considered as a promising technology that aims at addressing the aforementioned challenges by eliminating the single point of failure, enhancing transparency, and enforcing rules using smart contracts. In this context, several studies using blockchain-enabled smart contracts [38, 87, 97, 119] have been proposed, as shown in Table 12. For instance, Zichichi et al. [119] have proposed a smart contract-based social decentralized autonomous organization for crowdfunding, called LikeStarter where social network site users can raise funds for other users through a simple “like”, built on top of the Ethereum blockchain. Smart contracts are used to control and manage funds without the need for a trusted third entity. LikeStarter assigns Likoins (i.e. tokens related to an artist) to users that fund a given project. These tokens can be employed and converted to buy artifacts and they provide users with voting capabilities (i.e. they can contribute to the decision of the price of certain artifacts).

Non-profit-centric solutions

Blockchain technology is needed in a cross-organizational collaboration area suffering from a decline in trust from involved parties (e.g., volunteers, donors, voters, etc.) who are unable to know how their contributions are spent/handled. Indeed, smart contracts enable “fully auditable” performance data, which is secure and extremely difficult to falsify or hack.

Table 13 presents some examples of non-profit-centric solutions including volunteer system [19], philanthropic-related systems [32, 82, 91, 94], e-voting service [75], system for educational institutions [86], and copyright protection [115]. For instance, Cheng et al. [19] have proposed VOLTimebank, a volunteer time bank system for a mutual pension based on blockchain and smart contracts. VOLTimebank provides a channel for volunteers to serve the elderly and gives volunteers a way to exchange the services they can offer today with the services that they hope to get in the future. In the philanthropy context, the collection processes are not transparent, and due to this, the involved organizations struggle to gain donors’ trust and interest. Thus, some efforts have been made to map the charity collection process on blockchain technology, for instance, Farooq et al. [32] have proposed a charity collection platform, which is based on blockchain technology, and is transparent for donors and legal authorities to conduct an audit. The design uses smart contracts and digital wallets to transfer money in real-time with complete data security and an auditable trail of every transaction. These smart contracts have been introduced to securely transfer donations to individual beneficiaries, organization, and their associated projects. Zhao and O’Mahony [115] have proposed BMCProtector, a prototype implementation based on an Ethereum blockchain and smart contract technologies, for effective protection of music copyright and rights of copyright owners. The deployed smart contract is responsible for sharing the copyright parameters.

Despite the benefits of blockchain and smart contracts in reforming operations in a wide variety of industries, namely supply chain, insurance, and charity, certain challenges to their widespread adoption still exist. These challenges include legal issues, lack of standards and protocols, privacy issues, and error intolerance. Arguments that smart contracts are no panacea for all financial use cases doubt the applicability of smart contracts to certain scenarios as far as agreement type and scale.

Discussion

We discuss below the study results and present challenges and future development trends in smart contract research.

Challenges and Open issues

As an emerging technology, smart contracts currently face many challenges, such as legal, reliance on “off-chain” resources, immutability, scalability, and consensus mechanism issues (see Fig. 4).

Fig. 4.

Challenges and open issues

Legal issues

The legal issue of smart contracts is another crucial aspect of smart contract challenges. For example, the European General Data Protection Regulation (GDPR) [35] stipulates that citizens have a “right to be forgotten” which is inconsistent with the immutable nature of blockchain-enabled smart contracts. Other legal issues can be cited including, (i) each country has its own laws and regulations, hence, it is complicated to ensure compliance will all regulations, (ii) law clauses or conditions are not quantifiable, thus it is still complicated to model these conditions in smart contracts so that they are appropriate and quantifiable for a machine to execute them, and (iii) governments are interested in a regulated and controlled use of the blockchain technology in many applications, however, this means that the untrustworthy network will regress to a third-party trusted network, losing part of its essence [79].

Reliance on “off-chain” Resources

Several smart contracts require receiving information or parameters from resources that are not on the blockchain itself, so-called off-chain resources. For this purpose, oracles are used as trusted third parties that retrieve off-chain information and then push that information to the blockchain at predetermined times. Although existing oracles are well tested, their use may introduce a potential “point of failure”. For instance, an oracle might be unable to push out the necessary information, provide erroneous data, or go out of business. Therefore, smart contracts will need to account for these eventualities before their adoption can become more widespread [51].

Immutability issue

The immutability feature is an important characteristic of smart contracts. Indeed, once a smart contract is deployed, the code cannot be changed by any party. However, the dark side of the immutability concept in smart contracts lies mainly in the fact that in the event of any errors made in the code, the immutability feature of a smart contract prevents it from being rectified. Similarly, if circumstances change (e.g., the parties have mutually agreed to change the parameters of their business deal, or if there is a change in law, etc.), no simple path to amend a smart contract is possible. Therefore, extensive and possibly expensive reviews of the smart contract performed by experts before its deployment in a blockchain are required to address the immutability issue.

Another limitation in the blockchain itself that impacts the smart contracts is the irreversible nature of the blockchain, thus once the smart contracts are deployed, they cannot be changed. Moreover, any blockchain nodes can be hacked or misused to report erroneous data that will be logged on the blockchain in an immutable manner.

Scalability issue

Scalability is the primary concern for many blockchain networks. For instance, the Ethereum blockchain can verify 14 transactions per second, which is slow as compared with Visa that can handle up to 24,000 transactions per second. Indeed, the scalability issue leads to network congestion, increased commission fees for transactions, and an increase in the time required to confirm the transactions [80]. In order to address the scalability issue, extensive research focusing on increasing the number of transactions per second by smart contract platforms is required in the future. However, the transaction verification depends on the consensus mechanism used by the smart contract platforms. Therefore, scalability depends on consensus mechanisms, which is another issue in smart contracts.

Consensus mechanism issue

The consensus mechanism plays the leading role to maintain security, scalability, and decentralization in the blockchain networks at the same time. There are several existing consensus algorithms, including Proof-of-Work (PoW), Proof-of-Stake (PoS), etc. Although the PoW algorithm enables security in the blockchain, it wastes resources. Thus, many organizations switch from the PoW algorithm to new consensus mechanisms that promise lower fees for transactions as well as lower energy costs for the block production process. Therefore, future studies can use new consensus mechanisms, such as proof-of-activity (PoA) or delegated proof-of-stake (DPoS) in order to test them and eventually improve their quality.

Future Development Trends

Future development trends of smart contracts are introduced from two aspects namely, Layer 2 protocols, and contract management solutions.

Layer 2 protocols

In order to address the aforementioned challenges faced by smart contracts, a viable solution, called Layer 2 is appeared to tackle the blockchain scalability problem. While Layer 1 is the used term to describe the underlying main blockchain architecture, Layer 2 is an overlaying network that lies on top of the underlying blockchain. Indeed, Layer 2 refers to the multiple solutions or protocols being built on top of an existing blockchain system. The main goal of Layer 2 protocols is to solve the transaction speed and scaling difficulties that are being faced by the major cryptocurrency networks. Therefore, Layer 2 protocols refer to a secondary framework, where blockchain transactions and processes can take place independently of Layer 1 (“main-chain”). Two major examples of Layer 2 solutions are the Bitcoin Lightning Network [27] and the Ethereum Plasma [76]. The Lightning Network, which in part developed at the MIT Media Lab’s Digital Currency Initiative, is a lightweight software solution for scaling public blockchains and cryptocurrency interoperability. It aims at greatly reducing cost and time constraints by shifting small transactions to a cryptographically secure “off-chain” environment so that only large netting transactions need to be directly settled into a resource-constrained blockchain [27]. Ethereum Plasma is a series of smart contracts, which allows for many blockchains within a root blockchain. The root blockchain enforces the state in the Plasma chain. The root chain is the enforcer of all computation globally but is only computed and penalized if there is proof of fraud. Many Plasma blockchains can co-exist with their business logic and smart contract terms. Indeed, Plasma enables persistently operating decentralized applications at a high scale [76]. To sum up, thanks to Layer 2, a great portion of the work that would be performed by the “main-chain” can be moved to the second layer. So while the “main-chain” provides security, the second layer protocols provides better solutions for the scalability issue by offering high throughput, being able to perform hundreds, or even thousands, of transactions per second.

Contract management solutions

Smart contracts encompass far more than just the benefits of blockchain technology. Rather, the term captures the entire digital life cycle of a contract, from negotiation to control and verification of the fulfillment of contractual obligations. Now, it is already possible to use smart contracts even without blockchain technology. Thus, contract management solutions could overcome both the immutability issue and the irreversible nature of blockchain by handling the contract’s life-cycle while eliminating limitations of the technology itself. In state-of-the-art contract management solutions [31], all parties to the contract must provide proof of identity and authenticate their access to data in order to ensure the basis of trust. Besides, all documents that are associated with the contract are stored in a revision-secure manner and encrypted form on a cloud-based platform developed and operated in Europe. This ensures transparency and traceability for all events, the actions associated with these events, and the designation of the persons responsible [23]. For instance, Fabasoft Contracts [31] is one of the latest contract management solutions that is ready-to-use, cloud-based software to support users throughout the entire contract life cycle: from cross-company contract preparation, efficient handling of review and approval processes, to the revision-secure contract archiving. It enables the modeling of contract rights and obligations, which can be automatically verified and enforced. There are several benefits offered by revision-secure contract management, including providing traceability when monitoring the cold chain of food delivery or proving the authenticity of spare automotive parts, as opposed to counterfeit articles [23].

Conclusion

The decentralization, auto-enforcing ability, and verifiability characteristics of smart contracts enable their encoded business rules to be executed in a peer-to-peer network, where each node is “equal” and none has any special authority without the involvement of a trusted authority or a central server. Thus, smart contracts are expected to revolutionize many traditional industries, such as financial, healthcare, energy, etc. In this paper, we presented a comprehensive survey of blockchain-enabled smart contracts from both technical and usage points of view. Thus, we introduced a taxonomy of existing blockchain-enabled smart contract solutions, categorized the included research papers, and discussed the existing smart contract-based studies. Based on the findings from the survey, both smart contract challenges and open issues are identified to be addressed in further studies. Finally, we discussed future trends of smart contracts. This study provides informational support to stakeholders interested in the research of smart contracts.

Biographies

Shafaq Naheed Khan

an is an Assistant Professor at the College of Engineering and Information Technology, University of Dubai. She holds a PhD degree in Computer Science from Salford University and MSc in Computing and Information Systems from University of Hull. She is a certified ethical hacker (CEH), SAP certified business associate, certified project management professional (PMP) and cloud infrastructure and services (CIS) associate. Her research interests are in IS management, cloud computing, IT governance, IS security and green computing.

Faiza Loukil

is a postdoctoral researcher at the Laboratory of Industrial and Human Automation Control, Mechanical engineering and Computer Science (LAMIH) of Univ. Polytechnique Hauts de France (UPHF). In 2019, she received the Ph.D. degree in computer science from Jean Moulin Lyon 3 University in the service-oriented computing research team at the Lyon Research Center for Images and Intelligent Information Systems (LIRIS) associated with the French National Center for Scientific Research (CNRS) in Lyon, France. In 2016, she received the Master degree from Faculty of Economics and Management of Sfax, Tunisia at the Laboratory-Miracl. Her research interests include semantic web, privacy, Internet of Things (IoT), and blockchain technology.

Chirine Ghedira-Guegan

is a Full Professor of Computer Science at iaelyon school of Management at Jean Moulin Lyon 3 University (UJML3) and co-head of the service oriented computing research team at the Lyon Research Center for Images and Intelligent Information Systems associated with the French National Center for Scientific Research (CNRS) in Lyon, France. She focused her work on the large-scale integration of heterogeneous data sources in different settings with an attention on servitisation on sources, data privacy and security. Her recent didactic and research activities cover the digital strategy, smart services for emergent diseases? detection, data lakes and integration of structured and unstructured data in health decision process. Previously, her research interests included serviceoriented architectures and computing; interoperability; complex, autonomic, and adaptive systems; context-aware computing; data services; privacy; and cloud computing. Chirine Ghedira Guegan has a research habilitation in computer science from University of Lyon 1, a PhD in Computer Science and Information for the Society, a Master in Manufacturing Engineering, specialty: Economic organization and computer engineering for the company, and an Engineering degree in computer Science from INSA Lyon, and an Engineering degree in industrial Computer Science from ENIM Tunisia.

Elhadj Benkhelifa

is a Full Professor of Computer Science and the Head of Professoriate at Staffordshire University. Elhadj is the founding director of the Smart Systems, AI and Cybersecurity Research Centre aappthe founding head of the Cloud Computing and Application Research Group. Elhadj research areas cover cloud computing and applications in its centralised and decentralised forms (Fog/Edge computing, Cloudlet, Blockchain etc), with special interest in concepts of, Digital Transformation, Service Computing, Cybersecurity, Data (Governance, Semantics, analytics, Social Networks), Artificial Intelligence and Software Engineering methods. Elhadj has been a keynote speaker to many international venues and has edited a number of conference proceedings and special editions of Scientific Journals. He has published 140+ research papers in conferences and journals and has been the Principal Investigator of a number collaborative projects.

Anoud Bani-Hani

is an active research Faculty at the College of Technological Innovation and the Chair of the Research Ethics committee at Zayed University. Dr Bani-Hani received her doctorate degree in Computer Science from from Loughborough University in UK, where she did an industrial base PhD. She also holds an MSc in Multimedia and internet computing from the same university. Prior to working at Zayed University, she worked as an ERP developer in a private company in UK and as a lecturer in Jordan University of Science and Technology (JUST). She has led on a number of research projects as the Principal Investigator and/or co-investigator. She has been the academic leader in developing industrial partnerships with SAP, Microsoft, IBM, NXN. Dr Banihani research interest includes ERP Implementation, Knowledge management in SMEs, Social network analysis, Cloud computing, Ontology and digital transformation.

Declarations

Conflict of Interests

The authors declare that they have no conflict of interest.