The Framework that Protects Your Assets

Within Agoric’s technology stack, Zoe is the service that dApp users and developers interact with to mint tokens, trade digital assets, and create sophisticated financial derivatives. With Zoe, developers can deploy their own code to the chain, and users can interact with this code with limited risk. This code deployed on Zoe that is used for trading or creating digital assets is called a “smart contract.” 

What Are Smart Contracts?

A smart contract performs some of the same tasks as a contract in the traditional legal system, in that it provides assurance beyond a mere promise. However, a smart contract is expressed in code, where the behavior of the program enforces the terms of the contract.

Smart contracts are designed to automatically carry out an agreement, whether that be a property owner transfer (digital/physical), Non-Fungible Tokens (NFTs), peer-to-peer trade, auction or more in a trustless manner, without requiring any centralized intermediaries or authorities. Importantly, the code of the smart contract itself can hold assets independently of any user or human being, meaning that you can escrow tokens in a smart contract without having to directly rely on the good behavior of other people.

Users usually interact with smart contracts by visiting a webpage that is connected to the smart contract. This kind of application is called a “dApp” or decentralized application. In most cases, smart contracts built on one platform can only interact with assets and other smart contracts on that same platform — meaning there is little in the way of interoperability between distinct blockchains. Agoric, on the other hand, breaks the status quo with a holistic approach to smart contracts — using Inter-Blockchain Communication (IBC) to allow for the formation of cross-chain capable dApps.

What is Offer Safety?

Zoe introduces a novel feature known as offer safety — which essentially means that when interacting with a Zoe smart contract, you’ll either get what you specified or get your funds back. Zoe achieves this by escrowing all of the assets to be manipulated by the smart contract, and then only reallocating them if offer safety holds.

As a user, you can quickly specify what assets you are giving, and what assets you want in return, in a clear, human-readable fashion, and Zoe ensures that the smart contract cannot violate this invariant. At worst, you will get a full refund if the smart contract is unable to deliver the agreed-upon assets. 

Using a simple escrowed peer-to-peer transaction as an example, Zoe would be responsible for re-allocating any agreed-upon digital assets between involved parties. So if you agree to exchange 5 tokens for a single digital baseball card, Zoe will securely facilitate this transfer if and only if the transfer would satisfy what both parties want.

This is important for several reasons. First, developers aren’t always perfect — bugs can and sometimes do find their way into live smart contract code. Likewise, smart contracts can be malicious, taking users’ money, either due to vulnerabilities or bad intentions — posing a major hurdle for broad adoption. 

While buggy or malicious code has historically caused major issues and loss of funds, this generally isn’t the case on Agoric, since Zoe-based smart contracts cannot execute a transfer unless all constraints specified within the agreement are met. 

Zoe provides peace of mind to end-users, but also to developers — who no longer have to worry that errors in their code will cause catastrophic losses for their users. That isn’t to say that smart contracts won’t still have bugs — we haven’t yet invented a solution to bugs in code 😊  — but, any smart contract errors will, at worst, give users a full refund of anything they contributed to the contract. 

For instance, a developer might inadvertently code an auction contract that is unable to correctly choose a winning bid. In this case, all participants will simply get their bids back in their original form (lossless refunds). 

Because Zoe escrows and protects users’ funds from malicious or buggy smart contracts, smart contract audits are a much simpler task: every movement of funds is clearly identified and protected with offer safety. Although we can never guarantee that a smart contract always behaves correctly, the misbehavior is much easier to spot in audits. 

What You Can Do With Zoe

Zoe is designed to make building powerful smart contracts as open and intuitive as possible, thanks to its JavaScript-based runtime environment. This makes smart contract development accessible to more than 13.8 million JavaScript developers worldwide. 

To be more specific, Zoe allows developers to build their smart contracts using a subset of the JavaScript language that removes known insecurities and pitfalls such as prototype pollution This cut-down version of JavaScript, also known as SES, essentially accomplishes two main things:

  1. Minimizes the risks that come with calling or using another smart contract by creating and enforcing clear boundaries

  2. Lowers the barriers to entry, making smart contract development more accessible.

Zoe is built on top of Agoric’s token standard, the Electronic Rights Transfer Protocol (ERTP) — which is used for creating, transferring, and using both fungible and non-fungible digital assets in JavaScript. We’ll have an ELI5 article up for ERTP very soon. 

Together, Zoe, ERTP, and the rest of the Agoric platform can be used to create intuitive, highly secure, and scalable decentralized applications — including those built for community or enterprise use cases. 

We’ve already created a range of modular components that can be used for building the first wave of these products. Some of these DeFi legos include:

  • Swaps and sales contracts

  • OTC desk

  • Trustless loans

  • Automated market makers

Want to start building on Zoe? Take a look at some of our pre-built smart contract templates to get started on the Agoric testnet. As of May 2021, Zoe is still in beta.