1 Introduction

For more than a decade, the blockchain is established as a technology where a distributed database records all the transactions that have happened in a peer-to-peer network. It is regarded as a distributed computing paradigm that successfully overcomes the issue related to the trust of a centralized party. Thus, in a blockchain network, several nodes collaborate among them to secure and maintain a set of shared transaction records in a distributed way without relying on any trusted party. In 2008, Satoshi Nakamoto introduced Bitcoin [69] that was the first proposed cryptocurrency introducing the blockchain as a distributed infrastructural technology. It allowed users to transfer securely crypto-currencies, known as “bitcoins” without a centralized regulator. Besides, Ethereum [16], NXT [71], and Hyperledger Fabric [4] were also proposed as blockchain-based systems used for the cryptocurrency. Unlike Bitcoin, they can use smart contracts (SC). Blockchain technology overlaps traditional contracts by including the terms of agreements between two or more parties, but surpasses them thanks to smart contracts by automating the execution of agreements in a distributed environment when conditions are met.

Smart contracts are executable codes that run on top of the blockchain to facilitate, execute, and enforce an agreement between untrustworthy parties without the involvement of a trusted third-party [16]. Smart contracts gave network automation and the ability to convert paper contracts into digital contracts. Compared to traditional contracts, smart contracts enabled users to codify their agreements and trust relations by providing automated transactions without the supervision of a central authority [89]. In order to prevent contract tampering, smart contracts are copied to each node of the blockchain network. By enabling the execution of the operations by computers and services provided by blockchain platforms, human error could be reduced to avoid disputes regarding such contracts.

Although smart contracts have made progress in recent years, they still face many challenges. For instance, one infamous malicious attack took place in 2016 when the Decentralized Autonomous Organization (DAO) smart contract was manipulated to steal around 2 Million Ether Footnote 1(50 Million USD on the time) because of its re-entrancy vulnerability [103]. In addition to the vulnerability problem, smart contracts face several challenges including privacy, legal, and performance issues.

To understand current topics on smart contracts, we conduct a comprehensive survey, with the aim of better identifying and mapping research areas that need further studies. The focus of this survey is studying smart contracts from the technical point of view (e.g., codifying, security, performance issues) and the usage point of view (e.g., smart contract applications in finance, healthcare, etc). The major contributions of this paper are summarized as follows:

  1. 1.

    We propose a taxonomy of studies based on blockchain-enabled smart contracts including two categories, namely SC improvement and SC usage.

  2. 2.

    We categorize 200 papers that we have extracted from different digital databases and discuss the existing smart contract-based studies.

  3. 3.

    Based on the findings from the survey, we identify a set of smart contract challenges and open issues that need to be addressed in future studies. Therefore, this survey provides a helpful reference to the researchers who want to target smart contract improvement or usage in their future studies.

  4. 4.

    Finally, we discuss future trends of smart contracts and explain how they provide better solutions to the open research challenges.

Considering the above contributions, the remainder of this paper is structured as follows. Section 2 discusses background information about blockchain and smart contracts technologies. Section 3 discusses existing reviews studying smart contract-based approaches. Section 4 describes the adopted survey methodology and the solution taxonomy used to categorize existing smart contract-based solutions. In Sections 58, we present existing advances in modeling-driven smart contract improvement, optimization-driven smart contract improvement, resource-driven smart contract usage, and cross-organizational collaboration-driven smart contract usage. Section 9 discusses the study results by introducing challenges and future trends in the studied field. Finally, Section 10 concludes the paper.

2 Background

As aforementioned, blockchain technology has emerged as a distributed computing paradigm that successfully overcomes the problem related to the trust of a centralized party. Thus, in a blockchain network, several nodes collaborate among them to secure and maintain a set of shared transaction records in a distributed way without relying on any trusted party. Specific nodes in the network known as miners are responsible for adding new blocks to a distributed public ledger known as the blockchain.

The first system was Bitcoin [69], which allowed users to transfer securely the currency (bitcoins) without a centralized regulator. In the blockchain network, miners are responsible for collecting transactions, solving challenging computational puzzles (proof-of-work) in order to reach consensus, and adding the transactions as blocks to the blockchain. Since then, several blockchain-based development platforms have been proposed offering the ability to host/ use smart contracts to execute automatically events and actions., namely NXT [71], Ethereum [16], Hyperledger Fabric [4], etc.

We detail below the smart contract operational process and then discuss some blockchain platforms that support the development of smart contracts.

2.1 Operational process of smart contracts

A smart contract is a common agreement between two or more parties. It stores information, processes inputs, and writes outputs thanks to its pre-defined functions [16]. For instance, the smart contract can define the constructor function that enables the smart contract creation. Hosting a new smart contract in the blockchain is enabled by invoking the constructor function through a transaction, whose sender becomes the smart contract owner. A self-destruct function is another example of the functions that can be defined in a smart contract. Usually, only the smart contract owner can destruct the contract by invoking this function.

A smart contract is likely to be a class that includes state variables, functions, function modifiers, events, and structures [16] which is intended to execute and control relevant events and actions according to the contract terms. Besides, it can even call other smart contracts. Each smart contract includes states and functions. The former are variables that hold some data or the owner’s wallet address (i.e., the address in which the smart contract is deployed). We can distinguish between two state types, namely constant states, which can never be changed, and writable states, which save states in the blockchain. The latter are pieces of code that can read or modify states. We can distinguish between two function types, namely read-only functions, which do not require gas Footnote 2 to run and write functions that require gas because the state transitions must be encoded in a new block of the blockchain. Furthermore, paying currency is required to avoid infinitely smart contract runs.

As aforementioned, a smart contract is hosted in the blockchain by invoking its constructor function through a transaction submitted to the blockchain network, then the constructor function is executed, and the final code of the smart contract is stored on the blockchain. Once deployed, the creator of the smart contract got the returned parameters (e.g., contract address), then users can invoke any available smart contract’s function by sending a transaction.

2.2 Platforms for Smart Contracts

Smart contracts can be developed and deployed in different blockchain platforms (e.g., NXT, Ethereum, and Hyperledger Fabric). Several platforms offer distinctive features for developing smart contracts including contract programming languages, contract code execution, and security levels. Some platforms support high-level programming languages to develop smart contracts.

  • Bitcoin [69] is a public blockchain platform that can be used to process cryptocurrency transactions, but with a very limited computing capability. Bitcoin uses a stack-based bytecode scripting language. The ability to create a smart contract with rich logic using the Bitcoin scripting language is very limited. Major changes would need to be made to both the mining functions and the mining incentivization schemes to enable smart contracts proper on Bitcoin’s blockchain [52].

  • NXT [71] is an open-source blockchain platform that relies entirely on a proof-of-stake consensus protocol. It includes a selection of smart contracts that are currently living. However, it is not Turing-complete, meaning only the existing templates can be used and no personalized smart contract can be deployed.

  • Ethereum [16] is the first blockchain platform for developing smart contracts. It supports advanced and customized smart contracts with the help of a Turing-complete virtual machine, called the Ethereum virtual machine (EVM). EVM is the runtime environment for smart contracts, and every node in the Ethereum network runs an EVM implementation and executes the same instructions. Solidity, as a high-level programming language, is used to write smart contracts, and the contract code is compiled down to EVM bytecode and deployed on the blockchain for execution. Ethereum is currently the most popular development platform for smart contracts and can be used to design various kinds of decentralized applications (DApps) in several domains.

  • Rather than the public blockchain, such as Bitcoin and Ethereum that any party can participate in the network, Hyperledger Fabric [4] is permissioned with only a collection of business-related organizations can join in through a membership service provider, and its network is built up from the peers whose are owned and contributed by those organizations. Hyperledger Fabric is an open-source enterprise-grade distributed ledger technology platform, proposed by IBM and supports smart contracts. It offers modularity and versatility for a broad set of industry use cases. The modular architecture for Hyperledger Fabric accommodates the diversity of enterprise use cases through plug and play components.

Ethereum and Hyperledger Fabric smart contracts differ in multiple aspects. While Solidity is the well-known programming language used to write Ethereum smart contracts, Hyperledger Fabric supports multi-language smart contracts, such as Go, Java, and Javascript [4]. For contract code execution, the contract code in Ethereum is included in a transaction, which is propagated in the peer-to-peer network, and any miner that receives this transaction can execute it in its local virtual machine [16]. In Hyperledger Fabric, when a transaction is created by the application, the transaction is only executed and signed by specified peers (endorsing peers). After receiving the application’s transaction proposal, each of these endorsing peers independently executes it by invoking the chain-code to which the transaction refers [4]. For security, chaincode runs within a container environment (e.g., Docker) for isolation.

These blockchain-based development platforms are used in the existing studies that we detail in the following sections.

3 Related literature reviews/surveys

We provide a brief overview of the existing reviews that have studied blockchain-enabled smart contracts.

While several literature reviews/surveys are published in order to study the blockchain-enabled smart contracts, there are still some ongoing challenges that have not been addressed. Table 1 presents a comparative summary of the existing blockchain-enabled smart contract reviews/surveys according to six criteria, namely proposing a taxonomy, considering several blockchain platforms, considering application domains, covering smart contract improvement tools, identifying research gaps, and scope of literature review. We observe that there is a lack of taxonomy focusing on smart contract improvement (i.e., addressing smart contract security, privacy, and performance issues) and smart contract usage (i.e., addressing domain-specific issues).

Table 1 Existing smart contract Reviews/Surveys: A comparative summary

To sum up, it can be said that the existing surveys concerning blockchain-enabled smart contracts focus on classifying the papers based on smart contract issues. Our work extends the existing surveys by studying the smart contract application domains, analyzing the smart contract challenges, and introducing some research gaps that need to be addressed in future studies.

4 Research Methodology and Solution Taxonomy

We describe below the adopted research methodology, such as the search strategy, filtering process, and inclusion and exclusion criteria. Besides, we present the solution taxonomy used to categorize the final set of included papers.

4.1 Systematic Literature Review

We used three existing databases, namely ScienceDirect, IEEEXplore, and ACM Digital Library to search for relevant works using the “smart contract” string keyword. In the first phase, we found 523 publications as shown in both Fig. 1a, which depicts the percentage of the acquired research paper per digital database as well as Fig. 1b, which depicts the total number of preliminary studies acquired from each digital database.

Fig. 1
figure 1

Publication trend

To choose the relevant papers to be analyzed in our review, we filtered the primary studies retrieved from the databases. To do so, we defined a set of inclusion and exclusion criteria, which are summarised in Table 2. Based on the outcomes of the first phase, we applied the set of inclusion and exclusion criteria to exclude the publications considered outside the scope of this review. Thus, we only included studies that satisfy all the inclusion criteria. We excluded duplicate publications, surveys, and literature reviews by filtering studies based on the title, the abstract, and the list of keywords.

Table 2 Inclusion and exclusion criteria for relevant works

As a result of the filtering process, we excluded 323 publications and included 200 relevant publications for this systematic review. Figure 1b depicts also the number of the relevant studies included in this research from each digital database.

4.2 Publication trends and Categorization

To examine the trend of the smart contract field in terms of the publication date, Fig. 2 depicts the number of included studies published each year from 2015 to September 2020. We observe that the total number of published papers in the studied field increases in the past few years, indicating the importance of the topic. Thus, the smart contract field is rapidly growing in recent years.

Fig. 2
figure 2

Included articles per year

As a result of an in-depth analysis of the included studies in this review, a comprehensive taxonomy is constructed to provide an additional support for designers to understand the various dimensions that they have to consider when designing a smart contract. The major motivations of this survey are to identify (i) the main publications about smart contracts, (ii) the current state of research in this field, and (iii) possible gaps in the literature that could become research problems to be solved by the scientific community. Through this survey, we aspire not only to define the conceptual background of blockchain-enabled smart contracts, but also to identify research issues to be explored at new studies. Indeed, we categorize existing smart contract research into two major categories, namely smart contract improvement and smart contract usage. The former includes studies aiming at addressing the smart contract challenges, such as functionality verification, performance, vulnerabilities, and lack of trustworthy data feeding. The latter includes studies aiming at addressing domain-specific challenges using smart contracts. Figure 3 depicts the proposed taxonomy of blockchain-enabled smart contracts, including modeling-driven smart contract improvement (see Section 5), optimization-driven smart contract improvement (see Section 6), resource-driven smart contract usage (see Section 7), and cross-organizational collaboration-driven smart contract usage (see Section 8).

Fig. 3
figure 3

Taxonomy of blockchain-enabled smart contract based studies

5 Modeling-driven smart contract improvement

Smart contracts have suffered from multiple security vulnerabilities in the past few years [8], which have resulted in both theft and gigantic financial losses. Such vulnerabilities could have been avoided with the help of formal analysis and verification of such smart contracts before deploying them on the blockchain. Since existing programming languages, such as Solidity are not built for formal verification, several researchers have proposed alternative approaches in order to improve the smart contract functionality verification. In this category, we discussed modeling-driven smart contract improvement solutions, which can be categorized into programming-centric solutions (see Table 3) and formal verification-centric solutions (see Table 4).

Table 3 Some examples of programming-centric solutions
Table 4 Some examples of formal verification-centric solutions

5.1 Programming-centric solutions

The essence of a smart contract is the computer code that can be executed automatically on the computer, so programming smart contracts correctly is an important research direction. Several researchers argued that developing new contract languages is an effective way to write a correct smart contract. Table 3 presents some newly proposed programming languages such as SmaCoNat [78], Flint [83], and Scilla [85]. For instance, Regnath and Steinhorst [78] proposed a human-readable, security, and executable programming language, called SmaCoNat. The authors converted programming language grammar into natural language sentences in order to improve program readability.

New contract languages promised to address the existing domain-specific language vulnerabilities. However, since they have not been put into practice, they could have their vulnerabilities. Thus, designing and implementing secure smart contracts still require adaptive software engineering technologies and expertise from multiple research domains, such as networking, programming languages, formal methods, and cryptography.

5.2 Formal verification-centric solutions

Typically, formal testing is applied to ensure that a software behaves and performs as expected in its specifications and requirements based on all possible inputs’ conditions. For smart contracts, Truffle [93], is an example of a development framework for Ethereum that enables writing formal test cases based on certain mathematical logic and rules for smart contracts written in JavaScript or Solidity languages. These test cases can be written in JavaScript and can be executed on a test network to check several properties of smart contracts. As aforementioned, formal testing can only make sure that a smart contract did what it is supposed to do based on its specification, however, it cannot help the smart contract developers to find bugs or vulnerabilities. Therefore, automated formal verification is a promising approach to detect bugs and other errors to guarantee the functional correctness of smart contracts. According to [2], formal verification can provide the highest level of confidence in the correct behavior of smart contracts. At present, the use of formal methods to verify smart contracts has been widely adopted by several researchers, and significant results have been achieved in practice. Table 4 presents some formal verification-centric solutions. For instance, Amani et al. [2] extended an existing EVM formalization in Isabelle/HOL by a sound program logic at the level of bytecode. The principle of the method is to organize the bytecode sequences into linear code blocks and create a logic program, where each block is processed as a set of instructions. Each part of the verification is validated in a single trusted logical framework from the perspective of bytecode.

Currently, formal verification tools are still in the experimental stage and have not been widely used. Therefore, the smart contract formalization research direction deserves a lot of attention, thus it provides the highest level of confidence about the correct behavior of smart contracts. Real progress in this research field can improve trust in the smart contract, especially when used to develop critical systems, such as financial, healthcare, and banking systems.

6 Optimization-driven smart contract improvement

Smart contracts have emerged as a new promising solution for developing fully decentralized applications without involving a trusted third-party. Despite the bright side of smart contracts, several concerns continue to undermine their adoption, namely performance issues, security threats, and privacy issues. Indeed, new smart contract applications are more demanding in terms of contract execution time, execution cost, security, and privacy fields. In this category, we discuss optimization-driven smart contract improvement solutions, which can be categorized into performance optimization-centric solutions (see Table 5) and security optimization-centric solutions (see Table 6).

Table 5 Some examples of performance optimization-centric solutions
Table 6 Some examples of security optimization-centric solutions

6.1 Performance optimization-centric solutions

Smart contract performance refers to the ability of smart contract systems to deliver in a reasonable response time and sustain performance when the number of contracts is increasing [1]. Table 5 presents some examples of performance optimization-centric solutions. Some performance issues in blockchain systems, not limited to, are throughput bottleneck, limited scalability, transactions latency. To overcome performance issues in smart contract systems, some researchers have proposed solutions to execute smart contracts in parallel instead of sequentially [26, 34]. For instance, Gao et al. [34] have proposed a parallel execution scheme that relies on two key techniques, namely a fair contract partition algorithm leveraging integer linear programming to partition a set of smart contracts into multiple subsets, and a random assignment protocol assigning subsets randomly to a subgroup of users. Other studies have been proposed for smart contract optimization by saving gas. In fact, if the smart contract execution exceeds an amount of gas (known as gas limit), an out-of-gas exception is raised, interrupting the current execution. For instance, GasReducer [18] is a tool for automatically detecting EVM operation sequences that can be replaced with other operations that have the same semantics but need less gas, and then replacing them with efficient code.

6.2 Security optimization-centric solutions

Security of a smart contract refers to its robustness against attacks from malicious users that exploit generally the contract security vulnerabilities to gain profit or the lack of trustworthy data feeding to inject malicious data. Table 6 presents some examples of vulnerability detection tools, transactional privacy models, and trustworthy data feeding solutions.

6.2.1 Vulnerability Detection

Discovering potential vulnerabilities in the execution of contracts is important to improve the security and credibility of contracts. Indeed, several studies systematically summarized the contract vulnerabilities and analyzed the security risks [8, 77, 81]. For instance, Atzei et al. [8] have provided a taxonomy of smart contract vulnerabilities of three levels, namely Solidity, EVM, and Blockchain. In recent years, the most notorious attack is the Decentralized Autonomous Organization (DAO) attack that exploited a re-entrancy vulnerability to steal around 2 Million Ether from a smart contract [103]. Another attack has happened to the SmartBillions, which presented a fully decentralized and transparent lottery system when an attacker successfully manipulated the block hash of the smart contract’s lottery function twice, and forced the result in his favor to get 400 Ether [62]. To solve the smart contract vulnerabilities, several vulnerability detection solutions have been proposed. Some studies have given solutions to common vulnerabilities, such as Oyente [59], SmartInspect [15], and ContractFuzzer [47]. Some other work focused on specific vulnerabilities, such as ReGuard [54] to detect re-entrancy bugs and EthRacer [48] to detect event-ordering bugs.

6.2.2 Transactional privacy

The privacy issue represents a real challenge for smart contracts to keep critical functions secret, apply cryptography, and avoid disclosing data on the blockchain to the public. The lack of transactional privacy could limit the adoption of smart contracts. To address this issue, Kosba et al. [49] have proposed Hawk, a decentralized smart contract system. Hawk is a tool allowing smart contract developers to build privacy-preserving contracts without the need for implementing any cryptography. Its compiler automatically generated an efficient cryptographic protocol where contractual parties interact with the blockchain, using cryptographic primitives such as zero-knowledge proofs.

6.2.3 Trustworthy data feeding

The smart contract execution requires some external data about real-world states and events from outside the blockchain. Therefore, trustworthy data feeding mechanisms (known as Oracles) are required to build a bridge between blockchain and the external world (e.g., Web API). For instance, Zhang et al. [113] have proposed Town Crier, which acted as a link between existing commonly trusted non-blockchain based websites and smart contracts to provide authenticated data to smart contracts while preserving confidentiality with encrypted parameters. However, in case of malicious code or bad data fed to a smart contract, the latter processes the input as is, producing an incorrect and unpredictable outcome. Thus, oracles retain an enormous amount of power over smart contracts in how they are executed because the data they provide determines how the smart contracts execute.

To sum up, research on improving smart contract security and performance has emerged in recent years. While running smart contracts in parallel can speed up contract execution, it faces a challenge in how to execute contracts that depend on each other at the same time. Moreover, optimizing smart contract codes can effectively reduce potential vulnerabilities in contracts and ensure efficient and secure execution of contracts. However, the existing studies are still immature, and unknown vulnerabilities or bugs cannot be detected to be replaced. Thus, the optimization of smart contracts needs further research.

After discussing the smart contract from the technical point of view, we present in the following two sections the existing solutions focusing on smart contract usage in several domains.

7 Resource-driven smart contract usage

As we know, smart contracts are executable code hosted in the blockchain that store information, process inputs, and write outputs thanks to their pre-defined functions. They are used to improve data handling transparency, decentralize resource-constrained device management, and enable changes of the agreement terms at runtime while running on top of a decentralized and transparent network. In this category, we discuss resource-driven smart contract usage solutions, which can be categorized into data management-centric solutions (see Table 7), device management-centric solutions (see Table 8), and cloud-related solutions (see Table 9).

Table 7 Some examples of data management-centric solutions
Table 8 Some examples of device management-centric solutions
Table 9 Some examples of cloud-related solutions

7.1 Data management-centric solutions

In the past, raw data are transferred to a cloud server to be stored and analyzed. However, this centralized solution has caused serious concerns regarding several aspects, such as the necessity to trust the cloud infrastructure security, control loss once data are externalized, and lack of data handling transparency. Consequently, blockchain-based data management emerged as a platform to facilitate transparent data transactions between untrustworthy involved parties on the network. Indeed, peer-to-peer-network-based data management is a more fair system as compared to a system where all transactions are handled by a central server. Table 7 presents some examples of data management-centric solutions concerning data provenance, data access, and data sharing.

7.1.1 Data Provenance

Data provenance refers to a historical record of the data and its origins showing which and how data item is stored, accessed, and processed by whom and for what purpose. Ensuring data provenance can increase data transparency and enforce data integrity. In this regard, a blockchain can offer an immutable storage of records and smart contracts can be used as a responsible for verifying the data origins before storing them. Similar ideas are applied in [6, 44], where a blockchain is used as a decentralized and immutable storage for enabling data provenance. For instance, Javaid et al. [44] have proposed a blockchain-based data provenance and integrity for secure IoT environments framework, called BlockPro. Ethereum and two smart contracts were used to implement it. The first smart contract established data provenance by interacting with the IoT devices and making sure they are legit and the data being uploaded is coming from a known and trusted origin. The second smart contract can only be called by the first one to storing data on and retrieving data from the blockchain.

7.1.2 Data Access

Data access is ensured according to rights given to involved parties in a network to perform some operations on data. These rights are expressed using access control policies, which consist of a set of conditions that are evaluated against the current context to make the access decision each time a request is received [40]. Recently, for obtaining decentralized self-evaluating policies, access control policies have been codified as executable code and have been managed through a peer-to-peer network while eliminating a central entity. For this purpose, smart contracts can be used to express access control policies to transform the policy evaluation process into a distributed smart contract execution. In this context, several studies [36, 61, 74, 88, 112, 114] have been proposed. For instance, Maesa et al. [61] proposed to exploit a blockchain to store access control policies and manage attributes, as well as to execute the access decision process. The access control policy is represented through a smart contract that evaluated the stored conditions to make the access decision.

7.1.3 Data Sharing

Data sharing refers to make data available to other parties by the data owner. However, two types of challenges faced data sharing schemes, namely (i) achieving good data sharing while losing the control over the shared data or (ii) remaining poor at sharing in order to keep strong control over the data. To address these challenges, blockchain technology is used because it offers immutable storage of records that improve data handling transparency and can host executable codes (i.e., smart contracts) that authenticate users, verify authorizations, and thereby ensure an efficient and secure data sharing in a peer-to-peer network. Several studies using blockchain-enabled smart contracts have been proposed for data sharing in healthcare [22, 72, 111], cloud environment [70], and for digital document version control [30]. In the healthcare context, medical devices and health care applications have been increasingly adopted by patients. However, wireless body sensors collect health records that are sensitive to individuals. Existing electronic health record management systems struggle with balancing data privacy and data access. Blockchain technology is an emerging technology that enables data sharing in a decentralized and transactional fashion. For instance, Dagher et al. [22] have proposed a blockchain-based framework, called Ancile for secure and efficient access to medical records by patients, providers, and third-parties while preserving the patients’ privacy. Ancile employed smart contracts, data obfuscation techniques, and cryptographic techniques in order to improve privacy and security in the healthcare domain. Recently, Yu et al. [111] have proposed a blockchain-based medical research support platform, which employed the characteristics of the alliance chain on which hospitals and medical research institutions are treated as nodes. Among them, users such as patients, doctors, and researchers needed to register and authenticate on the alliance chain. Smart contracts are used to upload the pseudonymous addresses of CEMRs to the alliance chain.

7.2 Device management-centric solutions

One of the technical challenges of having billions of devices deployed worldwide is the ability to manage and synchronize them. Using the current model of the server-client system may have some limitations for device management thus, several researchers are studying the benefits of the blockchain use in this field. Specifically, smart contracts are chosen to guarantee authentication, synchronization, and data integrity while running on top of a decentralized and transparent network. Table 8 presents some newly proposed device management-centric solutions [29, 45, 58, 90, 96, 104, 116]. For instance, Ellul and Pace [29] have proposed a split-virtual machine architecture to enable the integration of resource-constrained devices with blockchain systems, called AlkylVM. Each blockchain-connected device would run an instance of AlkylVM, which allows communication between blockchain and IoT devices using the Aryl blockchain node. The latter is responsible for monitoring smart contract transactions and events that would require interaction with IoT devices.

7.3 Cloud-related solutions

In cloud computing, both service requester and service provider agree on a set of requirements, obligations, and rights that is valid for the whole contract life-cycle. Recently, blockchain-enabled smart contracts have been used to enable changes in the agreement terms at runtime through the definition of conditions and actions. Table 9 presents some proposed cloud-related solutions [42, 84, 98, 118]. For instance, Zhou et al. [118] have proposed a witness model for enforcing cloud Service Level Agreement (SLA) using smart contracts. The game theory is leveraged to analyze that the witness has to offer honest monitoring service in order to maximize its revenue. The service provider needs to prepay fees to the smart contract for hiring witnesses. The service customer then decides whether to accept the SLA. If yes, it also needs to prepay fees including the service fee and its part of the hiring fee for witnesses. However, a small bug or attack on smart contracts can result in significant issues like privacy leakage or system logic modifications. Some of critical security vulnerabilities can include timestamp dependencies, mishandled exceptions, re-entrancy attacks on smart contracts in cloud-related solutions.

Although smart contracts fulfill many conditions related to data/device management, they have some drawbacks, based on basic design principles of blockchain technology. First, the data stored on smart contracts are publicly readable through public transactions with no read access restrictions. Thus, it is required to avoid storing private or device keys on smart contracts to the public availability of the information. For solving transparency problems related to blockchain, future research might investigate deploying complex cryptographic solutions for securing data stored on smart contracts without boosting cost. Second, the cost of storing data on the blockchain is very high. Therefore, creating hybrid solutions is required to benefit from the traceability of data transactions that are offered by blockchain networks and the efficient and private access and storage of data provided by external data repositories.

After discussing the resource-driven smart contract usage solutions, we present in the following section the existing solutions focusing on cross-organizational collaboration-driven smart contract usage.

8 Cross-organizational collaboration-driven smart contract usage

Smart contracts help to record an agreement between several untrustworthy parties in the form of code that cannot be altered or changed once deployed on the blockchain. Thus, smart contract development allows substituting traditional contracts and develops business growth in several industries, namely supply chain management, logistics and shipping, insurance, and charity. In this category, we discuss cross-organizational collaboration-driven smart contract usage solutions, which can be categorized into profit-centric solutions (see Tables 1011, and 12) and non-profit-centric solutions (see Table 13).

Table 10 Some examples of profit-centric solutions: Tracking-based
Table 11 Some examples of profit-centric solutions: Digital asset-based
Table 12 Some examples of profit-centric solutions: Crowdsourcing-related
Table 13 Some examples of non-profit-centric solutions

8.1 Profit-centric solutions

The smart contract protocol aims at making contracts more secure, executed in real-time, and more transparent, which are the exact challenges with the existing profit-centric cross-organizational collaboration. Profit-centric solutions aim at increasing the profit by reducing real-time tracking costs, improving cross-border payments, and enhancing distributed problem-solving transparency. Tables 1011, and 12 present some examples of profit-centric solutions concerning tracking-based solutions, digital asset-based solutions, and crowdsourcing-related solutions, respectively.

8.1.1 Tracking-based solutions

Although business processes may operate well within a centralized mechanism managing internal activities with individual local databases, there still exists a demand for transparency across processes and trust relationships among involved parties. Indeed, real-time tracking may reduce the unnecessary wait for the confirmation of information. Thus, using a distributed system can enhance the transparency and performance of business processes. Smart contracts can be used to automate the transfer of various types of ownership of assets, property, and value and therefore, lead to more visible and less-intermediated working processes. In this context, several studies using smart contracts have been proposed for supply chain management of foods [11, 17, 53], manufactured products [24, 43, 50, 102], shipped items [39], bio-drugs [105], and imported products [108]. For instance, Casado-Vara et al. [17] have proposed a model for agriculture tracking involving blockchain, smart contracts, and a multi-agent system. The blockchain is used to store all transaction information in the supply chain. Besides, the multi-agent system used smart contracts to manage the entire supply chain process more efficiently while removing intermediaries. Furthermore, according to industry estimations, the global halal food market will reach USD 2.55 trillion by 2024 [92]. Thus, several companies are using blockchain to improve traceability in the halal food supply chain. For instance, a UK based company has partnered with a blockchain platform provider in order to track livestock and fresh food from farm to table through the halal food chain using the blockchain technology [92].

8.1.2 Digital asset-based solutions

Because of their resilience to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect certain agreed rules like in financial services. Therefore, smart contracts in the finance application domain manage, gather, and/or distribute the money as a preeminent feature. The lack of a centralized authority reduced costs and in theory provided more control and access to the investors [46]. To this end, some smart contracts are used for cross-border payments without relying on banks. For instance, the blockchain payment provider, called Ripple is a blockchain solution for payments that is proven in the real world by connecting existing bank ledgers to facilitate near real-time cross-border payments. Ripple may also reduce costs and provide additional pricing transparency of real-time cross-border payments [3]. Table 11 presents other smart contracts that implemented data/good trading service [7, 65, 106], insurance service [9], rent/exchange good service [14, 28], energy trading and demand management service [55, 100], social credit system [107], and mobile payment system [110]. For instance, smart contracts are exploited in the insurance industry to automate claims processing, verification, and payment, thus to increase the speed of claim processing as well as to prevent fraud and reduce manual mistakes. Recently, a smart contract-based flight insurance system has been proposed to refund automatically the insured passengers in case of a flight delay [13]. Moreover, blockchain-based systems can provide solutions to the cyber insurance challenges by realizing an automated, real-time, and immutable feedback loop between the insurer, its customer, and potential auditors [20]. Moreover, blockchain technology can mitigate the problems faced by traditional insurance while complying with religious principles [67]. Indeed, a smart insurance model based on Islamic insurance, called Takaful is proposed in [64]. The main difference between Takaful and conventional insurance that in Takaful, insured funds belong to them, the insurance company is just a manager. Thus, by using blockchain and smart contract technologies, insurance companies can be more transparent, which is the highest feature requested by customers. The authors in [64] have suggested transforming the traditional insurance policies into smart contracts that can be executed automatically in order to refund the policyholders without causing compensations for fake incidents.

8.1.3 Crowdsourcing-related solutions

Crowdsourcing is an online, distributed problem-solving and production model in which individuals or organizations obtain goods and services from a large group of participants. For instance, crowdfunding has become one popular form of collective funding among several categories of crowdsourcing. Crowdfunding is a process, in which small donations or investments, made by groups of people, support the development of new projects in exchange for free products or different types of recognition. Traditional crowdsourcing is based on a central system where requesters post tasks on a central server or platform, however, this centralized model currently faces various challenges such as prohibitive cost, single point of failure, and vulnerability to malicious attacks. To this end, blockchain is considered as a promising technology that aims at addressing the aforementioned challenges by eliminating the single point of failure, enhancing transparency, and enforcing rules using smart contracts. In this context, several studies using blockchain-enabled smart contracts [38, 87, 97, 119] have been proposed, as shown in Table 12. For instance, Zichichi et al. [119] have proposed a smart contract-based social decentralized autonomous organization for crowdfunding, called LikeStarter where social network site users can raise funds for other users through a simple “like”, built on top of the Ethereum blockchain. Smart contracts are used to control and manage funds without the need for a trusted third entity. LikeStarter assigns Likoins (i.e. tokens related to an artist) to users that fund a given project. These tokens can be employed and converted to buy artifacts and they provide users with voting capabilities (i.e. they can contribute to the decision of the price of certain artifacts).

8.2 Non-profit-centric solutions

Blockchain technology is needed in a cross-organizational collaboration area suffering from a decline in trust from involved parties (e.g., volunteers, donors, voters, etc.) who are unable to know how their contributions are spent/handled. Indeed, smart contracts enable “fully auditable” performance data, which is secure and extremely difficult to falsify or hack.

Table 13 presents some examples of non-profit-centric solutions including volunteer system [19], philanthropic-related systems [32, 82, 91, 94], e-voting service [75], system for educational institutions [86], and copyright protection [115]. For instance, Cheng et al. [19] have proposed VOLTimebank, a volunteer time bank system for a mutual pension based on blockchain and smart contracts. VOLTimebank provides a channel for volunteers to serve the elderly and gives volunteers a way to exchange the services they can offer today with the services that they hope to get in the future. In the philanthropy context, the collection processes are not transparent, and due to this, the involved organizations struggle to gain donors’ trust and interest. Thus, some efforts have been made to map the charity collection process on blockchain technology, for instance, Farooq et al. [32] have proposed a charity collection platform, which is based on blockchain technology, and is transparent for donors and legal authorities to conduct an audit. The design uses smart contracts and digital wallets to transfer money in real-time with complete data security and an auditable trail of every transaction. These smart contracts have been introduced to securely transfer donations to individual beneficiaries, organization, and their associated projects. Zhao and O’Mahony [115] have proposed BMCProtector, a prototype implementation based on an Ethereum blockchain and smart contract technologies, for effective protection of music copyright and rights of copyright owners. The deployed smart contract is responsible for sharing the copyright parameters.

Despite the benefits of blockchain and smart contracts in reforming operations in a wide variety of industries, namely supply chain, insurance, and charity, certain challenges to their widespread adoption still exist. These challenges include legal issues, lack of standards and protocols, privacy issues, and error intolerance. Arguments that smart contracts are no panacea for all financial use cases doubt the applicability of smart contracts to certain scenarios as far as agreement type and scale.

9 Discussion

We discuss below the study results and present challenges and future development trends in smart contract research.

9.1 Challenges and Open issues

As an emerging technology, smart contracts currently face many challenges, such as legal, reliance on “off-chain” resources, immutability, scalability, and consensus mechanism issues (see Fig. 4).

Fig. 4
figure 4

Challenges and open issues

9.1.1 Legal issues

The legal issue of smart contracts is another crucial aspect of smart contract challenges. For example, the European General Data Protection Regulation (GDPR) [35] stipulates that citizens have a “right to be forgotten” which is inconsistent with the immutable nature of blockchain-enabled smart contracts. Other legal issues can be cited including, (i) each country has its own laws and regulations, hence, it is complicated to ensure compliance will all regulations, (ii) law clauses or conditions are not quantifiable, thus it is still complicated to model these conditions in smart contracts so that they are appropriate and quantifiable for a machine to execute them, and (iii) governments are interested in a regulated and controlled use of the blockchain technology in many applications, however, this means that the untrustworthy network will regress to a third-party trusted network, losing part of its essence [79].

9.1.2 Reliance on “off-chain” Resources

Several smart contracts require receiving information or parameters from resources that are not on the blockchain itself, so-called off-chain resources. For this purpose, oracles are used as trusted third parties that retrieve off-chain information and then push that information to the blockchain at predetermined times. Although existing oracles are well tested, their use may introduce a potential “point of failure”. For instance, an oracle might be unable to push out the necessary information, provide erroneous data, or go out of business. Therefore, smart contracts will need to account for these eventualities before their adoption can become more widespread [51].

9.1.3 Immutability issue

The immutability feature is an important characteristic of smart contracts. Indeed, once a smart contract is deployed, the code cannot be changed by any party. However, the dark side of the immutability concept in smart contracts lies mainly in the fact that in the event of any errors made in the code, the immutability feature of a smart contract prevents it from being rectified. Similarly, if circumstances change (e.g., the parties have mutually agreed to change the parameters of their business deal, or if there is a change in law, etc.), no simple path to amend a smart contract is possible. Therefore, extensive and possibly expensive reviews of the smart contract performed by experts before its deployment in a blockchain are required to address the immutability issue.

Another limitation in the blockchain itself that impacts the smart contracts is the irreversible nature of the blockchain, thus once the smart contracts are deployed, they cannot be changed. Moreover, any blockchain nodes can be hacked or misused to report erroneous data that will be logged on the blockchain in an immutable manner.

9.1.4 Scalability issue

Scalability is the primary concern for many blockchain networks. For instance, the Ethereum blockchain can verify 14 transactions per second, which is slow as compared with Visa that can handle up to 24,000 transactions per second. Indeed, the scalability issue leads to network congestion, increased commission fees for transactions, and an increase in the time required to confirm the transactions [80]. In order to address the scalability issue, extensive research focusing on increasing the number of transactions per second by smart contract platforms is required in the future. However, the transaction verification depends on the consensus mechanism used by the smart contract platforms. Therefore, scalability depends on consensus mechanisms, which is another issue in smart contracts.

9.1.5 Consensus mechanism issue

The consensus mechanism plays the leading role to maintain security, scalability, and decentralization in the blockchain networks at the same time. There are several existing consensus algorithms, including Proof-of-Work (PoW), Proof-of-Stake (PoS), etc. Although the PoW algorithm enables security in the blockchain, it wastes resources. Thus, many organizations switch from the PoW algorithm to new consensus mechanisms that promise lower fees for transactions as well as lower energy costs for the block production process. Therefore, future studies can use new consensus mechanisms, such as proof-of-activity (PoA) or delegated proof-of-stake (DPoS) in order to test them and eventually improve their quality.

9.2 Future Development Trends

Future development trends of smart contracts are introduced from two aspects namely, Layer 2 protocols, and contract management solutions.

9.2.1 Layer 2 protocols

In order to address the aforementioned challenges faced by smart contracts, a viable solution, called Layer 2 is appeared to tackle the blockchain scalability problem. While Layer 1 is the used term to describe the underlying main blockchain architecture, Layer 2 is an overlaying network that lies on top of the underlying blockchain. Indeed, Layer 2 refers to the multiple solutions or protocols being built on top of an existing blockchain system. The main goal of Layer 2 protocols is to solve the transaction speed and scaling difficulties that are being faced by the major cryptocurrency networks. Therefore, Layer 2 protocols refer to a secondary framework, where blockchain transactions and processes can take place independently of Layer 1 (“main-chain”). Two major examples of Layer 2 solutions are the Bitcoin Lightning Network [27] and the Ethereum Plasma [76]. The Lightning Network, which in part developed at the MIT Media Lab’s Digital Currency Initiative, is a lightweight software solution for scaling public blockchains and cryptocurrency interoperability. It aims at greatly reducing cost and time constraints by shifting small transactions to a cryptographically secure “off-chain” environment so that only large netting transactions need to be directly settled into a resource-constrained blockchain [27]. Ethereum Plasma is a series of smart contracts, which allows for many blockchains within a root blockchain. The root blockchain enforces the state in the Plasma chain. The root chain is the enforcer of all computation globally but is only computed and penalized if there is proof of fraud. Many Plasma blockchains can co-exist with their business logic and smart contract terms. Indeed, Plasma enables persistently operating decentralized applications at a high scale [76]. To sum up, thanks to Layer 2, a great portion of the work that would be performed by the “main-chain” can be moved to the second layer. So while the “main-chain” provides security, the second layer protocols provides better solutions for the scalability issue by offering high throughput, being able to perform hundreds, or even thousands, of transactions per second.

9.2.2 Contract management solutions

Smart contracts encompass far more than just the benefits of blockchain technology. Rather, the term captures the entire digital life cycle of a contract, from negotiation to control and verification of the fulfillment of contractual obligations. Now, it is already possible to use smart contracts even without blockchain technology. Thus, contract management solutions could overcome both the immutability issue and the irreversible nature of blockchain by handling the contract’s life-cycle while eliminating limitations of the technology itself. In state-of-the-art contract management solutions [31], all parties to the contract must provide proof of identity and authenticate their access to data in order to ensure the basis of trust. Besides, all documents that are associated with the contract are stored in a revision-secure manner and encrypted form on a cloud-based platform developed and operated in Europe. This ensures transparency and traceability for all events, the actions associated with these events, and the designation of the persons responsible [23]. For instance, Fabasoft Contracts [31] is one of the latest contract management solutions that is ready-to-use, cloud-based software to support users throughout the entire contract life cycle: from cross-company contract preparation, efficient handling of review and approval processes, to the revision-secure contract archiving. It enables the modeling of contract rights and obligations, which can be automatically verified and enforced. There are several benefits offered by revision-secure contract management, including providing traceability when monitoring the cold chain of food delivery or proving the authenticity of spare automotive parts, as opposed to counterfeit articles [23].

10 Conclusion

The decentralization, auto-enforcing ability, and verifiability characteristics of smart contracts enable their encoded business rules to be executed in a peer-to-peer network, where each node is “equal” and none has any special authority without the involvement of a trusted authority or a central server. Thus, smart contracts are expected to revolutionize many traditional industries, such as financial, healthcare, energy, etc. In this paper, we presented a comprehensive survey of blockchain-enabled smart contracts from both technical and usage points of view. Thus, we introduced a taxonomy of existing blockchain-enabled smart contract solutions, categorized the included research papers, and discussed the existing smart contract-based studies. Based on the findings from the survey, both smart contract challenges and open issues are identified to be addressed in further studies. Finally, we discussed future trends of smart contracts. This study provides informational support to stakeholders interested in the research of smart contracts.