On March 14, the European Parliament endorsed new data regulations that could necessitate the incorporation of a kill switch in smart contracts to reset operations.
The 2022 Data Act, an EU bill, aimed to provide individuals with greater control over data from smart devices but has raised concerns within the Web3 community. The bill received 500 votes in favor, 23 against, and 110 abstentions from EU legislators.
During the bill's debate, lead legislator Pilar del Castillo Vera stated that the new regulations would enable consumers and businesses to decide how data generated by connected products are used. Del Castillo Vera's revised draft of the bill requires that smart contracts implement access controls, protect trade secrets, and include functions to pause or reset – stipulation experts fear could compromise their intended purpose.
Only some people support the bill. Thibault Schrepel, an associate professor at VU Amsterdam University, expressed concerns about Article 30 on Twitter before the vote, stating that it "endangers smart contracts to the extent that no one can predict." Schrepel, a blockchain legal expert, contends that the legislation is vague about who would be responsible for activating a smart contract's kill switch and that it conflicts with the fundamental concept that no one can modify automated programs.
While the EU Data Act aims to give people more control over their personal information, the Web3 community is concerned that mandating a kill switch in smart contracts could undermine decentralization and introduce security flaws.
In information technology, administrators frequently employ kill switches to deactivate a device, network, or software in response to a security risk. When applied to smart contracts, a kill switch could terminate the contract or initiate a stop, fix, and re-launch process in case of a significant flaw or violation.
One alternative to a classic kill switch is a pause function, which temporarily freezes the smart contract rather than destroying it. To avoid security risks, separate keys can be used for pausing and unpausing the contract and can be stored offline. A multi-signature approval protocol can be implemented to address centralization concerns, where emergency powers are granted for immediate action, while unpausing requires a quorum approval. Changing admin keys after a kill switch is used can further enhance security.
Although achieving complete decentralization might not be possible, smart contract developers can deploy the pause functionality, separate keys, and establish a multi-signature approval process to maintain security and limit centralization.
DISCLAIMER: The information provided is not legal, tax, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. The information provided is for general educational purposes only and is not investment advice. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information. A professional should review any action based on the information discussed. The author is not liable for any loss from acting on the information discussed.