Blockchains provide mutually distrusting parties with shared, distributed databases. Most such systems allow the users to create programs, called smart contracts, which govern how the shared data may be changed. This shared data typically includes balances in a decentralized currency, balances of issuer-controlled tokens, and digital representations of other valuable assets. Security issues with smart contracts and distributed ledger platforms can thus inflict direct financial damage to the ledgers’ users, as they can result in valuable assets being stolen, destroyed, or rendered unusable.

As the prices of digital assets held on ledgers grow, so does the incentive for attackers. The attacks are by now estimated to have caused 21 billion USD in damages across different public distributed ledgers.

While smart contracts are just programs, securing them is exceptionally challenging compared to most other programming tasks, as their execution environment -- distributed ledgers -- can be extremely hostile. Ledgers usually allow the attacker to directly interact with the program code, instead of a restricted interface as common in most other platforms. The DLT platforms themselves often have properties that are complicated and poorly understood. All this calls for extreme caution while developing smart contracts. However, while the programming community around smart contracts is fast-moving and innovative, it is also immature and a proper software development life cycle is rarely followed. In fact, even recommendations for such a lifecycle are missing. This whitepaper aims to fill this gap, by providing a high-level overview of the smart contract secure development lifecycle.