Select Page

How to Read Smart Contracts for Dummies [+4 Ways to Identify Malicious Smart Contracts]

Learn how to read smart contracts with the help of our simple guide for dummies. Plus, we'll share 4 tips only the pros know.

by | Aug 12, 2022

Smart contracts are the basis of dApps, NFTs, and DeFi. Therefore, knowing how to read smart contracts can help you uncover a lot about new crypto coins and other blockchain projects.

For example, you might read a smart contract and find issues that lead you to believe the project is a scam. Uncovering this info before investing could save you tons of money – not to mention the stress of being rugged (i.e. scammed)! Thus, knowing how to read smart contracts can help mitigate risk when investing in crypto and NFT projects.

Best of all, reading a smart contract isn’t as difficult as many people think. Even if you have no background in coding, there is a lot of information you can gather from smart contract basics.

Want to give it a try? This guide to smart contracts for dummies provides simple explanations and examples that will help you learn how to read smart contracts.

Here’s what we’ll cover.

9

What are smart contracts?

9

How to view smart contract code

9

How to read smart contracts

9

Identifying malicious code

Keys and blocks representing the different types of blockchains

What are smart contracts?

Smart contracts are digital contracts that execute automatically. Smart contracts have conditions and functions programmed into them. As soon as particular conditions are met, a smart contract will execute – with no need for a middleman.

Smart contracts are used to automate tasks. As a result, they can be used in various industries to streamline historically time-consuming and paper-heavy processes.

For instance, smart contracts can be used to:

  • Issue loans
  • Complete sales
  • Make payments and withdrawals

Smart contracts are essential for cryptocurrency and blockchain. As well, they have the potential to improve industries like real estate and business!

Because smart contracts can be used to optimize tasks is so many industries, they are sure to gain popularity in the years to come.

Like a traditional contract, you can understand the terms and conditions of a smart contract by reading it. Therefore, it is an extremely valuable skill to know how to read smart contracts.

 

Smart Contract Example

Let’s take a look at a quick example to help clarify the smart contract explanation above.

Here’s how a simple DeFi smart contract might work:

 

To take out a loan, you must lock a certain amount of collateral on a DeFi platform. Once you have locked the required amount of collateral, a smart contract will automatically issue your loan. After you’ve repaid the entire loan amount (including interest), the smart contract will instantly release your collateral.

 

As you can see from this example, smart contracts are very efficient. There is no need for a middleman or legal documentation, as all necessary conditions, requirements, and processes are pre-programmed into the agreement.

That said, it is important to understand that, because there is no human intervention, you cannot back out of a smart contract. Unlike a traditional contract, where you may be able to change the conditions or reverse the agreement, smart contracts are binding. Therefore, once you agree to a smart contract, there is no going back. This is another reason why it is so important to know how to read smart contracts.

 

Smart Contract Platforms

Smart contracts can be created using several different platforms. Three of the top smart contract platforms include:

  • Ethereum
  • Binance Smart Chain (BSC)
  • Solana

Side Note: Smart contracts created on Ethereum and Binance Smart Chain use the programming language Solidity. On the other hand, smart contracts on the Solana network (called Programs) are built using Rust C, and C++ programming languages.

Now, if you want to know how to read smart contracts, you’ll first have to know how to view a smart contract. Here’s the easiest way to view smart contract code.

How to View Smart Contract Code

There are several different ways to view smart contract code.

The method you use to access a project’s smart contract(s) depends on what blockchain platform the project was built on.

 

Method 1 – How to View Smart Contract Code (Blockchain Platform Unknown)

Not sure which blockchain platform a crypto, NFT, or DeFi project was built on? No problem! Here’s how to read smart contracts for unfamiliar projects.

  1. Head to CoinMarketCap.
  2. Use the search option (top right corner) to find the project you’re looking for.
  3. Under the project name and logo, you’ll see various tabs. In the “Contracts” section, you’ll find the project’s smart contract address, along with the blockchain platform it was built on. Click on the smart contract address link.
    E.g. If you look up Chainlink, you’ll see that it was built on the Ethereum blockchain and that its smart contract address is 0x514910771af9ca656af840dff83e8264ecf986ca.
    Clicking on the smart contract link will open up an overview of the project in BscScan or Etherscan (depending on whether the project was built on BSC or Ethereum).
    Want to view the source code for the project? Click the “Source code” link in the row above “Contracts”. This will open GitHub. Here you’ll be able to view the project’s source code (and submit changes for open-source projects).
  4. Now that the project is open in BscScan or Etherscan, click on the link labeled “Contract” (in the “Profile Summary”).
  5. Scroll down until you will see several tabs running across the screen (i.e. Transactions, Internal TXNS, etc.). Click (or tap) on the “Contract” tab (this should have a green checkmark beside it). This will open the contract code.
  6. Above the source code, you’ll see three boxes labeled – “Code”, “Read Contract” and “Write Contract”. To view some of the basic functions and data in the smart contract, select “Read Contract”.If the project has an additional governance contract(s), you’ll be able to access it by expanding the “Governance” tab and clicking on the link.

Check out the example below for a walk-through of this process (images included).

 

Method 2 – How to View Smart Contract Code (Blockchain Platform Known)

If you know what blockchain platform the project was built on, you can speed up this process by using the appropriate blockchain explorer.

Here’s how.

  1. If the project was built on Ethereum, head straight to Etherscan. Or, if it was built on Binance Smart Chain (BSC), head to BscScan.Etherscan and BscScan were developed by the same team. Therefore, their interfaces are nearly identical. So, the following instructions on how to read smart contracts will work for both of these blockchain explorers.Keep in mind, many other blockchain platforms support smart contract development. Each platform should have a blockchain explorer that you can use to find smart contract code.
  2. Search for the project you want to review using the search feature in the top right-hand corner.
  3. Once you’ve found the project, click the contract link in the “Profile Summary”.
  4. Scroll down and select the “Contract tab”.
  5. Click “Read Contract” to skim through the smart contract details.

You can also find a project’s smart contracts on their official website, GitHub page, white paper, and Discord.

Now, let’s look at an example so you have a better idea of exactly how to view smart contract code.

We’ll use the Chainlink Token for our smart contract example.

 

Chainlink Smart Contract Code Example

First thing’s first, we know that Chainlink is built on the Ethereum blockchain. So, we can head right over to Etherscan.

 

Step 1 – Etherscan Search

On Etherscan, type “chainlink” in the search tool. Select the appropriate project from the dropdown – i.e. ChainLink Token.

 

 

Step 2 – Visit the Smart Contract Address

Click on the smart contract address in the “Profile Summary” section.

 

Step 3 – View the Smart Contract

Scroll down and select the “Contract” tab. This will reveal the smart contract code.

 

Step 4 – View Smart Contract Basics

To view the basics of the smart contract, click “Read Contract”.

 

That’s it! It’s that easy to view smart contract code.

Now that you know how to find and access the code, let’s discuss how to read smart contracts.

How to Read Smart Contracts

If you’re a programmer, you’ll be able to skim through the smart contract code and understand exactly what’s going on.

If you’re interested in programming and want to learn how to write a smart contract, there are numerous resources online.

If you’re a newbie or not interested in learning the actual programming behind a smart contract – no problem! There’s still lots you can learn about a blockchain or crypto project if you know how to read smart contracts – you just have to know what to look for.

As a non-programmer, the best way to read smart contracts is to use the basic contract info under the “Read Contract” tab (pictured above). As well, you can (and should) read the notes in the smart contract code.

Programmers leave notes throughout their code to explain the different functions and processes they have developed. These notes are typically greyed-out text that is led by // or /**.

By reading the notes, you should be able to get a good idea of what is going on in the smart contract.

Here’s an example.

 

Example of How to Read Smart Contracts

For this example, we’ll take a look at the Chainlink token smart contract.

In the Chainlink smart contract source code, we see the following function:

 

function transferFrom(address _from, address _to, uint256 _value) returns (bool) {

var _allowance = allowed[_from][msg.sender];

// Check is not needed because sub(_allowance, _value) will already throw if this condition is not met

// require (_value <= _allowance);

balances[_from] = balances[_from].sub(_value);

balances[_to] = balances[_to].add(_value);

allowed[_from][msg.sender] = _allowance.sub(_value);

Transfer(_from, _to, _value);

return true;

}

 

Let’s break down this function.

 

  • The Function Name is transferFrom.
  • This function accepts three parameters: _from, _to, and _value (address and uint256 are data types. That is, address is the data type for the _from and _to parameters, and uint256* is the data type for the _value parameter).*uint256 refers to a non-negative integer that can have up to 115792089237316195423570985008687907853269984665640564039457584007913129639935 decimal places.
  • The function returns one Boolean value. There are two possible Boolean values – True or False.
  • To return a Boolean value, the function compares various parameters.

For our example, we won’t get into the comparisons required for the Boolean output. Instead, let’s take a look at the notes and what they can tell us about this smart contract function.

 

How to Read Smart Contract Notes

Above the function, you’ll notice the following notes in greyed-out text:

 

/**

* @dev Transfer tokens from one address to another

* @param _from address The address which you want to send tokens from

* @param _to address The address which you want to transfer to

* @param _value uint256 the amount of tokens to be transferred

*/

 

Here’s what these notes tell us about the “transferFrom” function.

 

  • * @dev Transfer tokens from one address to anotherThis note tells us that the function is used to transfer tokens from one address to another.
  • * @param _from address The address which you want to send tokens fromThis tells us that the _from parameter is the address which the tokens will be transferred from.
  •   * @param _to address The address which you want to transfer toThis note tells us that the _to parameter is the address to which the tokens will be transferred.
  • * @param _value uint256 the amount of tokens to be transferredThis note tells us that the _value parameter is the number of tokens that will be transferred from the _from address to the _to address. We know that this number must be a non-negative integer.

This is a simple function that doesn’t say too much about the overall project. But reading the rest of the notes in the smart contract is just as simple. And, if you know how to read smart contracts notes, you can learn a lot about a project, how it works, and the quality of the project!

Now, let’s take a look at what we can learn from reading the basics of the Chainlink token smart contract.

 

Understanding Smart Contract Basics

To see the basics, we’ll select the “Read Contract” tab.

Here’s what we can learn about the Chainlink token by looking at these smart contract basics.

 

  1. name – the project name is ChainLink Token
  2. totalSupply – Chainlink has a total supply of 1,000,000,000, tokens (i.e. 1 billion)
  3. Symbol – ChainLink’s ticker symbol is LINK

 

By exploring a project’s smart contract code, it’s possible to uncover malicious functions, flaws, and more. This is particularly helpful for finding rug pulls and other projects with bad intentions.

How to Read Smart Contracts to Identify Malicious Code

If you know how to read smart contracts, here are some suspicious characteristics you should watch out for.

1. Plagiarized Code

You may come across a smart contract that looks suspiciously similar to another smart contract you’ve read. If you come across a new project that is a clone of another, this is a sign that you should stay far away.

2. Not Open Source

Transparency is key in the crypto and blockchain sector – especially DeFi. To ensure transparency, most projects are open source. This means that their code is available for anyone to view and edit.

If a project does not have open source code, this could be a bad sign. Look into why the project has not released its code to the public. Do they have something to hide? Or is there a good reason for this?

3. Unusual Functionality

If you know how to read smart contracts, you can examine them for unusual functionality. If you notice that a smart contract is not using standard functions or it has modified versions of standard code, this is a bad sign and a warning to stay away.

Of course, this will be easier if you have a background in programming. But, even if you are not a programmer, you may still be able to notice functions that are out of the ordinary.

4. No Withdrawal Functions

If a smart contract allows you to deposit funds, it should also have a function to withdraw funds, right?

Keep an eye out for this when reading smart contracts. Rug pull projects often have code in place to allow deposits but no code to process withdrawals. This allows the project team to trap and steal funds from investors.

This is a sure sign of a malicious project – run (and don’t look back)!

 

Remember – practice makes better. So, keep practicing by reading smart contracts! The more you read smart contracts, the better you’ll get at understanding them.

Please note: knowing how to read smart contracts cannot protect you 100% in the crypto industry. Always do your own research before investing in any crypto project. And as always, never invest more than you can afford to lose.

More Helpful Crypto Content