Quiz: Smart Contracts

20 multiple-choice questions · Click an option to check your answer

20Questions 0Correct
Score: 0 / 20

Question 1

Which statement best describes a smart contract?

  • (A) An AI system that negotiates contract terms between two parties
  • (B) A self-executing program stored on a blockchain that runs when
  • (C) A database query that retrieves financial data from a centralized server
  • (D) A legal agreement signed electronically via DocuSign
Answer: (B) A smart contract is code deployed on a blockchain that automatically executes when its conditions are triggered, without intermediaries.

Question 2

What is the primary purpose of the Ethereum Virtual Machine (EVM)?

  • (A) To convert Solidity code into JavaScript for web browsers
  • (B) To provide a deterministic execution environment
  • (C) To mine new Ethereum tokens using Proof of Work
  • (D) To store user passwords and private keys securely
Answer: (B) The EVM executes smart contract bytecode identically on every node, ensuring deterministic and verifiable computation across the network.

Question 3

Why does Ethereum require users to pay gas fees?

  • (A) To fund the Ethereum Foundation's research budget
  • (B) To pay software developers who write smart contracts
  • (C) To compensate users who hold ETH in their wallets
  • (D) To prevent spam and infinite loops by making
Answer: (D) Gas fees prevent abuse (e.g., infinite loops) by requiring users to pay for every unit of computation. This also compensates validators for processing transactions.

Question 4

A deployed smart contract contains a bug. What can the developer do?

  • (A) Deploy a new corrected contract and migrate users
  • (B) Edit the contract code on-chain to fix the bug
  • (C) Contact Ethereum customer support to remove the contract
  • (D) Roll back the blockchain to before the contract was deployed
Answer: (A) Smart contracts are immutable once deployed. The original buggy contract cannot be modified or deleted. The developer must deploy a new version and convince users to migrate.

Question 5

Why do token standards like ERC-20 exist?

  • (A) To allow the Ethereum Foundation to control token supply
  • (B) To prevent new tokens from being created on Ethereum
  • (C) To guarantee that all tokens will increase in value
  • (D) To ensure interoperability so any wallet or exchange can
Answer: (D) Token standards define a common interface (function names, events) so that wallets, DEXs, and dApps can interact with any compliant token without custom integration.

Question 6

A simple ETH transfer costs 21,000 gas. If the gas price is 30 gwei and 1 ETH = $3,000, what is the transaction fee in USD?

  • (A) $18.90
  • (B) $0.63
  • (C) $1.89
  • (D) $6.30
Answer: (C) Fee = 21,000 × 30 gwei = 630,000 gwei = 0.00063 ETH. In USD: 0.00063 × $3,000 = $1.89.

Question 7

A company wants to tokenize 1,000 identical loyalty points. Which standard should it use?

  • (A) ERC-721, because each loyalty point is a unique asset
  • (B) ERC-20, because the points are interchangeable
  • (C) ERC-1155, because the company might add NFTs later
  • (D) No standard is needed — just use a database
Answer: (B) Identical, interchangeable loyalty points are fungible by definition. ERC-20 is the correct standard for fungible tokens.

Question 8

Under EIP-1559, the base fee is 20 gwei and you set a priority tip of 2 gwei. Your transaction uses 50,000 gas. How much ETH do you pay, and what happens to it?

  • (A) 0.0022 ETH: half burned, half to the validator
  • (B) 0.001 ETH: all burned
  • (C) 0.0011 ETH: all goes to the validator
  • (D) 0.0011 ETH: 0.001 ETH burned
Answer: (D) Total = 50,000 × (20 + 2) gwei = 1,100,000 gwei = 0.0011 ETH. Base fee portion (50,000 × 20 = 1,000,000 gwei = 0.001 ETH) is burned. Tip portion (50,000 × 2 = 100,000 gwei = 0.0001 ETH) goes to the validator.

Question 9

A DAO has 1,000,000 governance tokens. A proposal requires >50% of votes cast to pass. Only 80,000 tokens are used to vote: 50,000 vote YES, 30,000 vote NO. Does the proposal pass?

  • (A) Cannot be determined without knowing the gas price
  • (B) No — a quorum of at least 50% of total supply must participate
  • (C) No — 50,000 is only 5% of total supply
  • (D) Yes — 50,000 / 80,000 = 62.5% of votes cast exceeds 50%
Answer: (D) 50,000 / 80,000 = 62.5% of votes cast. Since the rule requires >50% of votes cast, the proposal passes. (Note: many DAOs also have quorum requirements, but the question only states a majority-of-votes-cast rule.)

Question 10

Ethereum Layer-1 charges $5.00 per transaction. An optimistic rollup batches 500 transactions into a single Layer-1 proof that costs $250. What is the per-transaction cost on the rollup?

  • (A) $0.50
  • (B) $2.50
  • (C) $5.00
  • (D) $0.05
Answer: (A) Per-transaction cost = $250 / 500 = $0.50. This is a 10× cost reduction compared to Layer-1.

Question 11

In the 2016 DAO hack, the attacker exploited a reentrancy vulnerability. What does this mean?

  • (A) The attacker called a withdrawal function repeatedly before
  • (B) The attacker guessed the contract's private key
  • (C) The attacker submitted more transactions than the network could handle
  • (D) The attacker modified the contract's source code after deployment
Answer: (A) Reentrancy occurs when a contract sends ETH before updating its internal state. The attacker's contract re-enters the withdrawal function before the balance is decremented, withdrawing the same funds multiple times.

Question 12

What is the key difference between optimistic rollups and ZK-rollups?

  • (A) ZK-rollups require a 7-day dispute window; optimistic rollups do not
  • (B) Optimistic rollups assume validity and use fraud proofs
  • (C) Optimistic rollups are faster and cheaper in all cases
  • (D) Optimistic rollups only work with ERC-20 tokens
Answer: (B) Optimistic rollups assume transactions are correct unless someone submits a fraud proof (7-day window). ZK-rollups generate a mathematical proof (ZK-SNARK/STARK) that guarantees correctness without a dispute period.

Question 13

Why are cross-chain bridges particularly attractive targets for attackers?

  • (A) Bridges are unregulated and therefore have no security measures
  • (B) Bridges use outdated encryption algorithms
  • (C) Bridges only operate on private blockchains
  • (D) Bridges hold large pools of locked assets and concentrate trust
Answer: (D) Bridges lock assets on one chain and mint wrapped tokens on another, creating large "honey pots." A flaw in the bridge's validator set or smart contract logic can drain the entire pool.

Question 14

In a sandwich attack, a searcher observes a pending large buy order on a DEX. What does the searcher do?

  • (A) Places a buy order before the victim (frontrun) and a sell order after the victim (backrun), capturing the price impact
  • (B) Reports the victim's transaction to regulators
  • (C) Shorts the token on a centralized exchange
  • (D) Cancels the victim's transaction by paying higher gas
Answer: (A) The searcher buys before the victim (pushing the price up), lets the victim's trade push it higher, then sells immediately after at the inflated price — profiting from the victim's price impact.

Question 15

A single wallet holds 51% of a DAO's governance tokens. What is the primary risk?

  • (A) The DAO will run out of gas for voting transactions
  • (B) The Ethereum Foundation will revoke the DAO's smart contract
  • (C) The majority holder can unilaterally pass any proposal
  • (D) Other token holders will automatically lose their tokens
Answer: (C) With >50% of tokens, the whale can pass any proposal alone, defeating the purpose of decentralized governance. This is the "plutocracy" problem inherent in token-weighted voting.

Question 16

Why do sidechains (e.g., Polygon PoS) offer weaker security guarantees than rollups?

  • (A) Sidechains use older programming languages
  • (B) Sidechains have their own validator set
  • (C) Sidechains cannot process ERC-20 tokens
  • (D) Sidechains are always slower than Layer-1
Answer: (B) Sidechains rely on their own consensus mechanism and validator set. If those validators collude or are compromised, funds can be stolen. Rollups post data and proofs to Ethereum Layer-1, inheriting its security.

Question 17

A startup considers using a smart contract instead of a traditional legal agreement for an escrow service. Which argument against smart contracts is most valid?

  • (A) Smart contracts require the Ethereum Foundation's approval
  • (B) Smart contracts are too expensive to deploy compared to hiring a lawyer
  • (C) Smart contracts cannot handle ambiguity, edge cases
  • (D) Smart contracts execute too slowly for financial transactions
Answer: (C) Smart contracts execute rigid "if-then" logic. Real-world agreements often involve ambiguity, force majeure, and disputes that require human judgment. A smart contract cannot say "it depends" — a court can.

Question 18

A DeFi protocol needs fast finality (under 10 minutes) and strong security guarantees. It handles high-value trades. Which Layer-2 solution is most appropriate?

  • (A) A sidechain (own validators, fast finality)
  • (B) An optimistic rollup (7-day fraud proof window)
  • (C) A ZK-rollup (cryptographic validity proof, no dispute window)
  • (D) A state channel (near-instant, but only for two-party interactions)
Answer: (C) ZK-rollups provide fast finality (minutes, not 7 days) with cryptographic proofs of correctness, and inherit Ethereum's security. For high-value trades, the stronger security guarantee makes ZK-rollups the best fit.

Question 19

You are designing a DAO governance system. Which mechanism best mitigates flash loan governance attacks?

  • (A) Allowing only the contract deployer to vote
  • (B) Reducing the total supply of governance tokens
  • (C) Requiring voters to hold tokens for a minimum
  • (D) Increasing the gas cost of voting transactions
Answer: (C) A time-lock or snapshot-based voting system requires voters to hold tokens before a snapshot block, preventing attackers from borrowing tokens via flash loan and voting in the same transaction.

Question 20

A team uses an LLM to audit their Solidity code. The LLM reports "no vulnerabilities found." How should the team proceed?

  • (A) Treat the LLM report as a useful first pass but commission
  • (B) Ignore the LLM report entirely — AI cannot understand code
  • (C) Deploy immediately — LLMs are more thorough than human auditors
  • (D) Deploy to a testnet only and never use real funds
Answer: (A) LLMs can catch common patterns but may miss novel attack vectors and can produce false negatives. A professional audit (and ideally formal verification) remains essential for any contract handling real value.