Move and resource-oriented programming

Move and resource-oriented programming
Photo by Timon Studler / Unsplash

One blockchain ecosystem I’m particularly interested in is Movement. The team has an ambitious vision to grow Move adoption, and for good reason. Billions of dollars are lost to smart contract hacks every year due to bugs and reentrancy attacks. Move eliminates many of the low-hanging issues most common in Solidity smart contracts.

Move has been around for a few years and is used in Aptos and Sui. But Movement is the first team to bring the MoveVM to the modular stack. A longer piece on Movement is in the works, but here, I’d like to focus on an important concept in Move: resource-oriented programming.

Most people are familiar with object-oriented languages. In this paradigm, programs define objects with properties, methods, and access controls. In OOP, objects contain data and behavior, providing mechanisms like encapsulation, inheritance, and polymorphism to control interactions and modifications.

In the context of blockchains, additional security measures need to be built around objects to ensure state is managed securely and prevent unauthorized duplication and deletion of assets. This is an additional burden on developers and security auditors, who need to verify not only the accuracy of core business logic but also the guard rails around that logic.

Move implements a new programming paradigm: resource-oriented programming. Here, the resource is a first-class citizen, and rules around enforcing resource interactions are enforced by the compiler. Move developers never have to worry about a bug or a malicious actor leading to their assets being deleted because that simply cannot happen.

Here are a few interesting properties of resource-oriented programming:

  • Resource ownership is defined by where it’s stored, eliminating the need for a ledger or data store maintaining ownership data.
  • Resources can only exist in one place at a time, making it impossible to delete or duplicate them, whether unintentionally or maliciously.
  • Resources are considered to have real-world value, meaning code must adhere to rules that maintain their value.
  • Resource access methods are limited to the owner, so only the holder of an asset can perform operations on it.

In addition, Move was designed to be a highly secure, statically typed, and resource-oriented language. Its key features include:

  • Formal Verification: The Move Prover supports formal verification leveraging cutting-edge SAT-solver technology, ensuring code correctness and minimizing errors.
  • Strong, Static Typing: Move enforces variable types at compile-time, reducing the risk of type-related vulnerabilities.
  • Limited Mutability: Move restricts value changes to single, mutable references, preventing parallel modification vulnerabilities.
  • Parallel Transaction Support: The MoveVM implements BlockSTM, allowing parallel transaction execution by easily identifying resource interactions, improving scalability to upwards of 160k transactions per second.

Move and resource-oriented programming provide a clean framework to safely manage assets and practically eliminate the risk of common errors like asset duplication.

I’m eager to see this language gain more adoption among developers.