From what I’ve gathered so far, I think there is somewhat of a usability/security issue in general for smart contracts. The only way to be sure the contract does what the creator purports it to do is by reviewing the source TEAL code itself. Non developers won’t be able to do this. So they would resort to client apps that hide the complexity behind pretty UIs and would just have to trust that the client app developer didn’t do anything malicious, such as displaying fake details about the transactions they are about to do and signing completely different transactions behind the scenes. Note that the original developer doesn’t have to be malicious either, in certain client app structures a hacker may be able to hijack the logic.
So to me it seems like there will still be a considerable amount of trusted parties in the ecosystem, even if the infrastructure supporting it is secure and decentralized (like all the dapps that exist out there today). When you sign contracts today, you can at least read into the terms and fine prints if you wanted to. Sure you may not be a lawyer and won’t understand some bits, but I’d think most people will find them more understandable than TEAL code. Is there a way to specify the contract in a manner that’s more comprehensible by the general public? Or is this a moot point and really the fine prints will be on the client apps and they will be regulated and held responsible for any malicious behavior?
The safest way to transact would be for everyone to be able to decipher the contract, and create and sign their own transactions at the low level. But that’s probably infeasible unless we dumb it down enough such that speaking this tech becomes like speaking English… Actually maybe we’re slowly getting to that point with coding becoming a core component in a growing number of curriculums?
I digress. Thoughts?