Navigating cyberspace governance with the global digital compact: A cybersecurity perspective

Abstract

The global cyberspace faces many cybersecurity challenges, including illegal changes to contract terms and loopholes in the smart contract framework itself. This study adopts the automatic execution and intelligence of digital contracts, uses public key infrastructure technology digital certificates to establish trust relationships, encrypts data, and improves network security; the distributed ledger adopts the Byzantine fault-tolerant algorithm to prevent data from being tampered with, solving the problems of low efficiency and low security of traditional cyberspace manual governance. The study shows that after 28 companies applied digital contracts in 2023, the average authenticity of the data was 50.95% higher than the average authenticity of the data in 2022, the average integrity of the data was 36.44% higher than the average integrity of the data in 2022, and the average security of the data was 110.22% higher than the average security of the data in 2022. The findings highlight the critical role of digital contract implementation in enhancing the security and operational efficiency of global cyberspace governance, offering an effective solution to address the complex challenges inherent in managing today’s interconnected digital environment.

Keywords

global digital compact cyberspace governance network security public key infrastructure data encryption

Introduction

Global cyberspace governance emerges as a pivotal domain within the contemporary discourse of global governance research. Since the inception of the Internet, the exponential evolution of global cyberspace has significantly diminished the communication costs among diverse entities, effectively collapsing the barriers of time and space. This technological leap has precipitated profound transformations in traditional modes of production and daily living. The advent of global cyberspace has catalyzed unprecedented opportunities for the international community, fostering innovation and interconnectivity on an unprecedented scale. Concurrently, it has engendered novel challenges that are inherently complex and resistant to conventional control mechanisms. The extant frameworks and protocols of global cyber governance are ill-equipped to mitigate issues such as the expanding digital divide, the codification of cyberspace conduct norms, and the persistent cybersecurity threats. Consequently, there is an urgent imperative to refine and enhance the global cyber governance paradigm.

Some scholars have examined the future potential of digital contracts within the sharing economy, Internet platforms, and the Internet of Things, considering the challenges posed to contract law practice in the digital era.¹ Digital contracts provide higher security through encryption technology, smart contracts, and other means. Compared with traditional paper contracts, digital contracts can use encryption algorithms and digital signatures to ensure the integrity and authenticity of the contract and prevent tampering and forgery. The automatic execution of smart contracts also reduces the risk of human error and fraud in the middle. Researchers have proposed creating electronic files of paper certificates and related data, storing them in a database, and calculating their hash values. These hash values are then stored in a blockchain system, which generates corresponding QR codes and query strings. This process enables the production of tamper-proof and verifiable digital certificates.²

Cybersecurity risks are a threat to everyone, and they are global. To solve the problem of difficult attribution of cyber attacks, Pernice Ingolf aimed to explore the tools and methods of cybersecurity governance in a broad sense, drawing on Internet governance and starting from a constitutional perspective. It was based on shared responsibility, resilience and citizen participation in the development and future application of an inclusive global rule-making system.³ In the digital world, cybersecurity has become very important for companies, government agencies or organizations, and end users. To prevent the proliferation of cyber threats, Eugen Petac proposed to maintain global cybersecurity through information governance, which consists of data governance and information technology governance. He also discussed issues such as the type of attack, the relationship between the complexity of the attack and the technical knowledge of the intruder, and the security framework used to identify and prevent cyber attacks.⁴ To identify the factors that should be considered when repositioning international security cooperation, Bechara and Schuch (2021) proposed that cybersecurity was a global and complex issue that requires cooperation between states, as well as the participation of the private sector and civil society, and it also required good governance in the decision-making process.⁵ With the continuous outbreak of cyber crisis in the world, unilateral national governance of cyberspace cannot meet the current needs to solve the crisis, and global governance has become an inevitable choice.

The implementation of the digital compact has a positive impact on global cyberspace governance. In response to the problems of high cost, high risk and poor efficiency of traditional centralized trading methods, Hu et al. (2019) proposed an efficient trading mechanism of supply and demand network based on blockchain smart contracts. He introduced blockchain smart contracts in transactions to form a sealed quotation function, solving the problem of poor transparency and poor trust in traditional transactions. Studies have shown that blockchain-based smart contract transactions can achieve ideal security and effectiveness, which can effectively solve the problems of traditional centralized transactions.⁶ To prevent hackers from sending sensitive data across a global network, Abusukhon Ahmad proposed using mathematical operations to encrypt readable text into unreadable text, or encryption keys. The results show that this method can effectively reduce hacker intrusion.⁷ To understand the development and challenges faced by smart contracts, Lin Shi-Yi analyzed by summarizing the working principle and application research status of blockchain smart contracts. He introduced the deployment process of smart contracts, conducted comparative analysis from the technical level, and looked forward to the future research direction of blockchain smart contracts.⁸ Digital contracts use encryption and distributed technology to ensure the authenticity and immobility of information and improve the effect of global cyberspace governance.

The implementation of digital contracts provides higher security through encryption technology, smart contracts and other means, and the content of digital contracts can be encrypted and protected to ensure that it is not tampered with or forged. Smart contracts can reduce the risk of human error and fraud, which is essential to maintaining stability and security in global cyberspace. It is of great significance to study the impact of the implementation of digital contracts on global cyberspace governance. It would not only help to further improve the security, privacy protection and laws and regulations of digital contracts, but also help to promote the development and innovation of global cyberspace governance, and provide strong support for the sustainable development of global cyberspace.

This paper presents two key innovations: first, it highlights the critical role of digital contracts in enhancing security and trust within cyberspace governance. By leveraging technical mechanisms such as encryption and smart contracts, digital contracts effectively reduce network security risks while ensuring the integrity and enforceability of agreements. Second, beyond analyzing existing cybersecurity challenges, the study emphasizes how the adoption of digital contracts can transform cross-border transactions by eliminating geographical and temporal barriers. This facilitates seamless international economic cooperation and trade, thereby promoting global integration and advancing the development of a more interconnected digital economy.

Global cyberspace governance: Current state and prospects

Illicit manipulation of contractual terms: Prevalent issues and implications

Contracts serve as the cornerstone of online transactions and digital collaboration. However, within the expansive realm of global cyberspace, the unauthorized alteration of contractual stipulations has emerged as a significant concern. There are various security vulnerabilities in cyberspace, such as malware, hacking attacks and phishing websites. These security vulnerabilities could allow hackers to access contract terms and tamper with them.^8,9 Certain online platforms and services are characterized by centralized control architectures, thereby granting them unassailable authority over the stipulations of their contracts. If these platforms fall prey to inadequate governance or are subjected to external disruptions, the integrity of contractual terms is susceptible to unwarranted modification. However, a smart contract is an autonomous digital transaction mechanism that executes, manages, and logs dynamic operations on a ledger without manual intervention. As a pivotal component of blockchain technology, smart contracts extend the utility of blockchain beyond cryptocurrencies, enabling a wide array of applications including education, entertainment, IoT, supply chain management, and healthcare.¹⁰

The present study encompasses an analysis of 80 international enterprises, selected through a rigorous process, to statistically evaluate the incidence of contract tampering and associated economic repercussions during the years 2020 and 2021. The findings are graphically represented in Figure 1. Specifically, Figure 1(a) illustrates the distribution of contract tampering instances through a pie chart devoid of Cartesian coordinate axes. In contrast, Figure 1(b) employs a Cartesian coordinate system where the horizontal axis denotes the enterprises, and the vertical axis signifies the monetary losses incurred, with the unit of measurement expressed in 10 thousand yuan.

Figure 1.

The situation of contract terms being tampered with and the resulting economic losses (a) Cases of tampering with contract terms, (b) economic losses resulting from tampering with contract terms in 2022 and 2023.

As shown in Figure 1, Figure 1(a) analyzes that among the 80 international enterprises, 35% (28) of the enterprises’ contract terms were tampered with, while 65% (52) of the enterprises’ contract terms were not tampered with. While the number of untampered enterprises was higher, 35% was high for cybersecurity.

Figure 1(b) shows the economic losses caused by the tampering of the contract terms of 28 enterprises, and the enterprises with the lowest economic losses were more than 100,000 yuan in 2022; in 2023, the enterprises with the lowest economic loss exceeded 200,000 yuan, indicating that with the growth of time, the economic loss caused by the tampering of contract terms is becoming more and more serious.

After the contract terms in the network are tampered with, the original agreement and agreement may be modified by the tamper, resulting in the loss of the rights and interests of other contract participants.¹¹ The impaired validity of the contract may cause disputes and affect the smooth progress of the transaction. The tampering of the contract terms may destroy the business trust between the contract participants. When one party maliciously or improperly modifies the contract terms, the trust of other participants in that party is greatly reduced, which may hurt the business relationship and future cooperation.^12,13 In e-commerce, the alteration of important terms such as payment amount, delivery terms, refund policy, etc., may cause a party to suffer economic losses. Therefore, this study posits that integrating the concept of smart contracts and related technologies into cyberspace governance is essential for ensuring the security of network transactions.

Smart contract vulnerabilities: Identification, analysis, and mitigation strategies

Smart contracts represent a novel form of digital agreement, programmatically encoded and autonomously executed on blockchain infrastructures. Despite their innovative potential, smart contracts are not a panacea. The inherent complexity and technical constraints associated with smart contracts may engender vulnerabilities. These vulnerabilities can precipitate security breaches and, consequently, significant financial repercussions. Their realization largely depends on the decentralized Ethereum Virtual Machine and the Solidity programming language. The security threats at the contract layer are intrinsically linked to blockchain mechanisms, including path explosion and the unsolvable issues of symbolic path constraints. Furthermore, discrepancies within the contractual code may introduce unpredictable behaviors, thereby undermining the reliability and efficacy of the smart contract ecosystem. For instance, since smart contracts can be written and deployed on the blockchain by users with varying levels of programming expertise and different development tools, there is no guarantee that these contracts will be free from security vulnerabilities or flaws.¹⁴

The execution of a smart contract may involve multiple participants accessing shared resources at the same time, such as account balances or transaction records.^15,16 If proper resource management mechanisms are not implemented, malicious users can exploit resource competition vulnerabilities to gain unauthorized access. Smart contracts often rely on external libraries and services, and if these dependencies are vulnerable or attacked, smart contracts can also be affected, and a lack of regulation of the security and reliability of dependencies can lead to smart contract vulnerabilities. The occurrence of smart contract vulnerabilities in 80 enterprises is shown in Figure 2 (Figure 2 has no horizontal and vertical coordinates), and the causes and consequences are shown in Table 1.

Figure 2.

The occurrence of smart contract vulnerabilities.

Table 1.

Causes and consequences of smart contract vulnerabilities (multiple choices).

Reason	Enterprises	Consequence	Enterprises
Programming error	6	Financial losses	30
Resource competition	8	Lapse of contract	26
Third-party dependencies	11	Unable to achieve expected goals	29
Security vulnerabilities	18	Damage to reputation	25

Figure 2 illustrates a detailed analysis of the vulnerability prevalence within enterprise smart contracts. The findings indicate that a significant proportion, approximately 37.5% (N = 30), exhibited identifiable vulnerabilities. Conversely, a reassuring majority, comprising 62.5% (N = 50), demonstrated no such security weaknesses.

An examination of Table 1 reveals that the primary cause of smart contract vulnerabilities is attributed to security loopholes, which were identified in 18 documented cases. Furthermore, the most frequently reported consequence of these vulnerabilities is economic loss, with a total of 30 cases highlighting this adverse outcome.

A contract lapse may mean that the contract fails to achieve its intended objectives, and the participants may have made actions or commitments based on the conditions of the contract, but they may not be able to achieve the desired results due to an invalid contract. Contract vulnerabilities could result in stolen or inaccessible funds, and attackers could use the vulnerabilities to execute unauthorized transactions, tamper with contract configurations, or steal funds, which would directly lead to financial loss for users. In recent years, smart contracts have gained significant popularity, with a market value reaching hundreds of billions of dollars. Unfortunately, like all other computer programs, smart contracts are susceptible to security vulnerabilities, which have resulted in losses amounting to billions of dollars over the past decade.¹⁷ Consequently, this study proposes a novel smart contract algorithm mechanism to address and mitigate existing security loopholes.

Assessing network vulnerabilities: Current challenges and enhancement avenues

With the development of technology and the acceleration of the networking process, network security threats also increase, and new technologies, platforms and applications provide more opportunities for malicious actors to invade and attack.¹⁸ Although the Chinese government has been strengthening the management and supervision of network security, there are still some enterprises and institutions that do not pay enough attention to network security or fail to effectively deal with security threats, and there are certain gaps in the investment, technical strength and personnel training of network security.¹⁹ This paper mainly analyzes the data of website security in China in 2023 and compares it with the data in 2012. The growth rate refers to the growth rate in 2020 compared with that in 2019, as shown in Table 2.

Table 2.

Security situation of China border government website.

Type	2022	2023	Growth rate (%)
Government website that has been tampered with	787	1030	30.9%
Number of information system security vulnerabilities	16,193	20,721	28.0%
High-risk vulnerabilities	4877	7422	52.2%

*Note. Data were collected from the Wechat public account platform, conducted by CNNIC (2023), available at https://mp.weixin.qq.com/s?__biz=MzUzNDYxOTA1NA==&mid=2247509244&idx=3&sn=aadae4f6f8a7e9d0d0e3d7cff3806f0d&chksm=fa93123dcde49b2b4bd6049235822cbd7bfa8947f457a25b9fe6babadaf76bac542062f59c0a&scene=27

As demonstrated in Table 2, the growth rate of tampered government websites in 2023 increased by 30.9% compared to 2022. Additionally, the number of information system security vulnerabilities grew by 28.0%, while the growth rate of high-risk vulnerabilities surged by 52.2%.

As a major global internet power, China has become both a target and conduit for numerous international cybercrimes. These crimes pose a significant threat to China’s cybersecurity, complicating and exacerbating the nation’s cybersecurity challenges. In terms of cybersecurity awareness education, China still faces certain shortcomings. Many users possess insufficient awareness of network security threats and lack vigilance against online risks, making them more susceptible to network attacks and creating opportunities for hackers and cybercriminals.²⁰ By examining the Chinese case, we can provide a model for global cyberspace governance, utilizing new technologies and methods to enhance the security of digital channels in numerous countries.

Application of digital contract in network security

Digital identity authentication and data encryption

Generally speaking, identity authentication is the most basic link in network security, and digital contracts allow users to authenticate themselves without revealing their identity information.²¹ When a user authenticates using a digital contract, they only need to provide the public key, and the private key would be verified in the background to ensure the correctness of the user’s identity. This authentication method avoids the risk of traditional username and password logins being hacked.

Registration and authentication

When users register in cyberspace, they can sign a digital contract with a service provider and provide the necessary identity information, which would be verified by the service provider and recorded in the digital contract.²² When a user registers in cyberspace, a digital contract can be signed with a service provider to ensure the authenticity of the user’s identity and the credibility of the data. The authentication diagram is shown in Figure 3.

Figure 3.

Authentication diagram.

As shown in Figure 3, information is transformed into information digest by the Hash function; the private key is computed in the signature algorithm; the private key can be computed by the authentication algorithm, and the Hash function is also transformed into information digest.

In the digital contract, the information provided by the user at the time of registration is combined with the private key to generate a verification result, where the Hash function is to convert the identity information into a hash value of a certain length. The private key is the secret key kept by the user. By hashing the combination of the identity information and the private key, the authentication result is generated to verify the authenticity of the user’s identity information. In the digital contract, the service provider records the identity information and verification results provided by the user in the digital contract. By recording the identity information and verification results in the digital contract, the authenticity of the user’s identity information can be ensured and provided to the service provider for subsequent identity verification.

Authentication process

In digital contracts, the use of Public Key Infrastructure (PKI) is a common encryption and authentication method that uses an asymmetric key encryption algorithm, which is also a public-key encryption algorithm. The main idea of public key encryption is to associate the encryption and decryption processes with two keys, namely, the public key and the private key. The public key is public and can be disclosed to anyone. The private key must be kept strictly confidential by the owner; the public key is used for encryption and the private key for decryption.

The basic principle of PKI is to establish a trust relationship through a digital certificate. A digital certificate is an electronic certificate issued by an authority and contains a public key and some identity information, such as the name of the certificate holder and the name of the certificate authority. A digital certificate allows a user’s public key to be recognized and trusted for encryption and authentication.

In PKI, Formula (1) is used to encrypt:

C = M^{e} \cdot m_{n}

(1)

In the formula, $M$ is the plaintext to be encrypted; $e$ is the recipient’s public key, and $n$ is the recipient’s public key module. $C$ indicates the encrypted ciphertext.

Decrypt:

M^{'} = C^{d} \cdot m_{n}

(2)

$d$ is the private key index of the recipient. The application of PKI in digital contracts can provide encryption and authentication services to protect the security and credibility of information. Through the use of PKI and digital certificates, sensitive information can be securely transmitted while ensuring the authenticity and integrity of the information.

Digital signatures

In digital contracts, the digital signature algorithm is a widely used method for authentication and information verification. It functions as a digital identifier, akin to a handwritten signature, and is employed to verify the authenticity and integrity of a message. Digital signature technology is typically used in conjunction with Public Key Infrastructure (PKI) to ensure the reliability and security of signatures. The digital signature diagram is presented in Figure 4.

Figure 4.

Schematic diagram of digital signature.

As shown in Figure 4, plaintext is digitally abstracted through the Hash function operation; digitally signed through private key encryption, and plaintext is decrypted through private key.

Digital signature technology can not only be used for authentication, but also for ensuring the integrity and credibility of data transmission. In a digital contract, users can use digital signature technology to sign their identity information, so that the service provider can confirm the authenticity of the user’s identity. Signature in digital signature technology:

S = s i g n (U, Y)

(3)

In the formula, $U$ is the message to be signed; $Y$ is the private key of the signer, and $S$ is the generated digital signature.

The formula for verification is:

V = v e r i f y (w, S, e)

(4)

$w$ indicates the message to be verified, and $V$ indicates the verification result. If the authentication succeeds, the authenticity and integrity of the message are confirmed.

The application of digital signature technology in digital contract can provide identity verification and information verification services to protect the security and credibility of information. Through the use of public key encryption algorithm and digital signature technology, it can realize the secure transmission of sensitive information, while ensuring the authenticity and integrity of the information, to prevent the data from being tampered or forged.

Access control

The access control of digital contracts in network security refers to the use of digital technology and contract mechanisms to control and manage network resource access to ensure that only authorized users can access protected resources.^23,24 Digital contracts can be combined with identity authentication, authorization and access control mechanisms to achieve refined access control policies.

After identity authentication, the digital contract authorizes the user based on the user’s identity and permission information. The authorization can be based on factors such as user role, organizational structure, and resource classification. The digital contract can record the user’s permission information and determine whether the user has the right to access the requested resources according to certain authorization policies.^25,26

The identity information provided by the user is combined with the private key to generate an authentication result, which is used to verify the real identity of the user. According to the user’s identity and the requested resource, the authorization result can be calculated to determine whether the user has the right to access the requested resource:

G = H a s h (I_{d} + Y)

(5)

$I_{d}$ stands for identity information. Based on the user’s identity, requested resources, and access behavior, check the access policy to determine whether to allow users to access operations:

R_{i} = r_{t} (I_{d} + o_{i})

(6)

$R_{i}$ stands for authorization; $r_{t}$ stands for calculating authorization policies, and $o_{i}$ stands for requesting resources. Through the access control of digital contracts, network resources can be effectively controlled and protected to ensure that only authorized users can access, improve network security and data protection. At the same time, the digital contract can record the user’s access behavior, which is convenient for subsequent audit and traceability.

Data encryption

Digital contracts can help strengthen the security of network data. Under the use of digital contracts, data can be encrypted, and only the user with the key can access and decrypt the data (Stevens, 2018). This encryption method can prevent data from being hacked and stolen, so as to ensure the security of data.

Data encryption formula:

encrypted_data = encrypt (data, key)

(7)

data indicates the data to be encrypted, and key indicates the key used for encryption. Data encryption formulas are used to encrypt sensitive data to protect data confidentiality. The sender can use the key to encrypt the transmitted data and generate the encrypted data. The receiver uses the same key to decrypt the received data to obtain the original data content. By using a data encryption formula, it is impossible to crack and obtain the original content of sensitive data even if the data is intercepted during transmission.

Data decryption formula:

decrypted_data = decrypt (encrypted_data, key)

(8)

$decrypted_data$ indicates encrypted data. The data decryption formula uses the same encryption algorithm and correct key to decrypt the encrypted data and restore the original data content. Only the receiver with the correct key can perform the decryption operation and obtain the contents of the original data. By using data encryption and data decryption, the confidentiality of sensitive data can be protected during data transmission and storage. Even if the data is intercepted in transit, the attacker cannot break the encrypted data because the decryption process is based on the encryption algorithm and the correct key. This encryption and decryption mechanism ensures that only legitimate recipients can access and use the encrypted data.

Distributed ledger

Applications of digital contracts in network security include distributed ledgers, which can ensure data consistency, traceability and security.²⁷ Distributed ledgers can realize the distribution and consensus of the verification, execution and recording of transactions, ensuring the consistency, traceability and security of data.

Features of distributed ledgers include:

Decentralized: A distributed ledger is a decentralized technology that distributes transaction information across multiple nodes, where multiple nodes work together to manage and verify transactions without relying on a central authority. This design eliminates the possibility of single point of failure and improves the reliability and safety of the system.

Consensus mechanisms: Common consensus mechanisms include proof of work and proof of interest. These mechanisms require nodes to agree and verify the legitimacy of a transaction before it can be added to the ledger. Therefore, if someone wants to tamper with transaction data, they need to control the computing power of most nodes or hold enough equity, which is very difficult in practice.

In the proof-of-work mechanism, each node performs hash calculation according to the transaction data, the hash value of the previous block and the random number. If the calculated hash value is less than the target value, it represents that the node has completed the proof-of-work. The target value is a difficulty coefficient set by the system, and the difficulty of the workload can be controlled by adjusting the difficulty coefficient. The completed proof-of-work node has the power to add new blocks to the ledger and is rewarded accordingly.

Proof of work formula:

H a s h (n o n c e + previous_h a s h + transaction_data) < target

(9)

$n o n c e$ is a random number; $previous_h a s h$ is the hash value of the previous block, $transaction_data$ is the transaction data of the current block, and target is a target value. By constantly adjusting the value of $n o n c e$ , the node performs hash calculation until it finds a hash value that meets the conditions, and then it can obtain the right to add a new block.

The ratio of the verification weight to the number of equity owned needs to meet a certain probability, and the node that completes the verification has the right to add new blocks to the ledger and receive the corresponding reward. Proof of interest formula:

\frac{Stake}{Total} ≻ Probability

(10)

$Stake$ is the number of equity owned by the node; $Total$ is the total equity of all nodes in the system, and $Probability$ is the probability that the node is selected for verification. The ratio of the verification weight of a node to the number of equity owned needs to meet a certain probability to be selected for verification.

Distributed ledgers use consensus algorithms to ensure that all nodes reach agreement, reject network malicious operations and double payments.²⁸ Byzantine fault-tolerant algorithm is a consensus algorithm with fault tolerance, which can ensure that honest nodes in the system can reach agreement in the case of multiple malicious nodes. Byzantine fault-tolerant algorithms include proposal broadcasting, proposal verification, proposal confirmation, etc.

Practical Byzantine Fault Tolerance (PBFT) is a consensus algorithm used for fault tolerance in distributed systems, particularly suitable for distributed consensus in asynchronous network environments. The PBFT algorithm aims to solve the Byzantine Generals problem, which is how to ensure that the system can still reach consensus in the event that some nodes may experience failures or malicious behavior.

The PBFT algorithm achieves consensus through a multi-stage voting mechanism, with core steps including pre-preparation, preparation, and submission stages. In the pre-preparation phase, the main node broadcasts the proposed block to all replica nodes. In the preparation phase, replica nodes mutually verify proposals and broadcast preparation messages. During the submission phase, the node reconfirms the prepared message and submits the result. PBFT can tolerate up to (n-1)/3 Byzantine error nodes, where n is the total number of nodes, which means that in a system containing four nodes, it can tolerate up to 1 malicious node.

The advantage of PBFT algorithm lies in its efficiency and reliability, especially in financial and blockchain applications with high Byzantine fault tolerance requirements. Although PBFT has certain scalability limitations in terms of network communication complexity and node count, its application in small-scale and medium-sized distributed systems is still very extensive, effectively ensuring system security and consistency.

Proposed broadcast formula:

Z = p_{i} (Z)

(11)

$p_{i} (Z)$ indicates the message that a node broadcasts to other nodes. This formula indicates that the message broadcast by the node is the message held by the node itself.

Proposed verification formula:

F_{i} (j) = {true, false}

(12)

$F_{i} (j)$ represents the verification result of the node on the proposal. If the node verifies the proposal, it is considered that the proposal is legal and effective, then $F_{i} (j)$ is $true$ ; otherwise $F_{i} (j)$ is $false$ . Proposal validation is to ensure that the received proposals are legitimate and consistent.

Proposed confirmation formula:

D_{i} (j) = {true, false}

(13)

$D_{i} (j)$ indicates the confirmation result of the node on the proposal. If the node collects enough legitimate proposals and confirms that the proposals are valid, then $D_{i} (j)$ is $true$ ; otherwise $D_{i} (j)$ is $false$ . Proposal confirmation is to reach a consensus result, and when the node has collected enough legitimate proposals, it can confirm a definitive transaction result.

Immutable: once a transaction is recorded in the distributed ledger, it is almost immutable, and since each node has a copy of the ledger and the records are continuous, any tampering would be detected by other nodes. Distributed ledgers store copies of data on multiple nodes in the network, each containing the complete ledger information, and this distributed storage ensures data redundancy and reliability.

In the distributed ledger, participants need to be authenticated to ensure their real identity. The authentication formula combines the participant’s identity information with the private key to generate an authentication result through a hash algorithm. The private key is the secret key kept by the participant. The authentication result generated by the combination of the identity information and the private key can be used to verify the real identity of the participant. In a distributed ledger, transactions need to be verified before they can be recorded:

k = f \cdot V

(14)

$f$ indicates transaction information.

The transaction verification formula combines the transaction information with the private key through the hash algorithm to generate a verification result. By hashing the combination of the transaction information and the private key, the generated verification result can be used to verify the authenticity and integrity of the transaction.

In the distributed ledger, transaction records are recorded through the application of digital contracts, and the combination of transaction information and verification results is stored to ensure the security and consistency of transactions. The transaction record formula takes the transaction information as the key and the corresponding verification result as the value to form a key-value pair. By recording the information of each transaction and verifying the results, the transaction can be traced and audited.

Smart contract

Smart contracts are self-executing contracts based on code and conditions that can execute and manage the terms of a contract without the intervention of a third party. The security and reliability of smart contracts can be achieved using condition judgment, transaction verification and security mathematics. Based on the conditions and parameters in the contract, it is possible to ensure that the execution and interaction of smart contracts meet security and compliance requirements according to preset rules and logic. The smart contract diagram is shown in Figure 5.

Figure 5.

Smart contract diagram.

As shown in Figure 5, smart contracts include developing contracts, deploying contracts, signing contracts, and initiating transactions.

Conditional judgment allows the corresponding code logic to be executed in a smart contract according to the conditions, thus enabling the ability to make different decisions based on different situations. Condition judgment formula:

if (condition) {statement}

(15)

$condition$ indicates a condition, which can be a condition judgment on variables or parameters in the contract, and $statement$ indicates the code that needs to be executed when the condition is met. Conditional judgment allows people to set conditions in a smart contract and execute the corresponding code logic according to different conditions.

Transaction verification is used to verify that a transaction meets the requirements of a contract, ensuring that only transactions that meet certain conditions can be executed. Transaction verification formula:

h = require (condition, false)

(16)

This formula acts as a transaction verification and security guarantee in smart contracts, ensuring that only transactions that meet certain conditions can be executed.

Secure mathematics is used to perform secure mathematical calculations in smart contracts, ensuring the security of the calculation process and the results. Safety mathematical operation formula:

c_{h} = a_{i} + b_{i}

(17)

In the formula, $a_{i}$ and $b_{i}$ represent variables or parameters in the contract, and $c_{h}$ represents the result of the operation. The formula represents the secure math in a smart contract. In smart contracts, some mathematical operations may involve security requirements such as encryption algorithms and digital signatures, through which smart contracts can automatically execute contract terms and provide transparent and secure transactions and contract management.

Impact of digital contracts on global cyberspace governance

Strengthening network security

Traditional contract negotiation, signing, archiving, and other links are still mainly in paper form, which is easy to be interfered with by tampering, loss and other problems. Digital contracts, on the other hand, use cryptography technology for signature, verification, encryption and other operations to effectively prevent tampering and disclosure of contract contents and improve the level of network security.²⁹ Digital contracts can enhance network security by providing secure and reliable authentication and access control mechanisms. Participants can use digital certificates and encryption keys to verify their identity and control access to sensitive information and resources based on permissions and roles, which helps prevent unauthorized access and data breaches.³⁰

This article analyzes the 28 companies whose contract terms have been tampered with in order to use digital contracts for international cybersecurity governance in 2023. The truth degree, integrity degree and security degree of data of 28 enterprises in 2022 and 2023 are shown in Figure 6 (the horizontal coordinate on both sides of Figure 6 represents the truth degree, integrity degree and safety degree, and the vertical coordinate represents the percentage).

Figure 6.

Average values of truth, integrity and safety of data of 28 enterprises in 2022 and 2023.

As shown in Figure 6, the left side of Figure 6 shows the average truth degree, integrity degree and safety degree of the data of 28 enterprises in 2022, which were 57.88%, 64.57%, and 41.68%, respectively. The right side of Figure 6 shows the average values of the truth degree, integrity degree and safety degree of the data of 28 enterprises in 2023, which were 87.37%, 88.10%, and 87.62%, respectively. The average truth, integrity, and safety of enterprise data in 2023 were higher than the average truth, integrity, and security of 28 enterprise data in 2022.

After the application of digital contracts in 28 enterprises in 2023, the average value of data authenticity, integrity and security is 50.95% $(\frac{87.37 - 57.88}{57.88} = 50.95 %)$ , 36.44% $(\frac{88.10 - 64.57}{64.57} = 36.44 %)$ and 110.22% $(\frac{87.62 - 41.68}{41.68} = 110.22 %)$ higher than the average value of data authenticity, integrity and security in 2022.

All transactions and operations in a digital contract are recorded on an immutable distributed ledger, and participants can verify the authenticity and integrity of the data, which helps prevent data tampering and fraud, and provides a basis for audits and investigations. The decentralized nature of digital contracts makes security more robust, and traditional centralization is an easy target and can lead to a single point of failure. Using distributed nodes and consensus algorithms, digital contracts provide higher resistance to attack and fault tolerance, even if a node is attacked or suffers from failure, the network can still run normally.

Protecting rights and privacy

Smart contracts for digital contracts are often based on cryptography and encryption technologies that ensure the confidentiality and security of transaction data. Through encryption algorithms, sensitive information can be encrypted and only authorized parties can decrypt and access this information, which ensures the protection of data during the transaction and reduces the risk of information leakage and abuse. Digital contracts can give users more control and participation. Smart contracts can set specific permissions and conditions, ensuring that the enterprise has the right to decide and choose in the transaction. Users can choose whether or not to share their data, and under what conditions, which enhances the control of their data and the protection of privacy.

The network security situation of 28 enterprises in 2022 and 2023 is shown in Table 3.

Table 3.

Cybersecurity situation of 28 enterprises in 2022 and 2023 (multiple selections).

Types	2022		2023		Reduction rate (%)
Information leakage	15	53.57%	2	7.14%	46.43%
Information abuse	18	64.29%	0	0.00%	64.29%
Online harassment	6	21.43%	0	0.00%	21.43%
Internet fraud	22	78.57%	1	3.57%	75.00%
Bad information	21	75.00%	1	3.57%	71.43%

From Table 3, it is evident that in 2022, a significant majority of the 28 surveyed enterprises experienced online fraud (N = 22) and malicious information (N = 21), with 78.57% of the enterprises encountering online fraud. However, by 2023, the proportion of these enterprises experiencing cyber fraud had dramatically decreased to just 3.57%, with the most common issue being information leakage, which affected only 7.14% of the enterprises.

This marked improvement in cybersecurity can be attributed to the implementation of advanced security protocols and digital contracts, which have fortified the enterprises’ defenses against cyber threats. The data underscores the efficacy of these technological interventions in mitigating online fraud and enhancing the overall security landscape for businesses. This trend highlights the critical role of adopting robust cybersecurity measures in safeguarding digital transactions and sensitive information in the corporate sector.

Improving transaction efficiency

Digital contracts can automate contracts and transactions on the network, reducing the paper-based and manual processing of traditional contracts, thereby improving transaction efficiency and security. Digital contracts can also enable cross-border transactions and cross-border dispute resolution, providing security for the development of global cyberspace. Digital contracts enable fair and transparent records of contract execution and store these records on technologies such as blockchain to ensure the openness and reliability of the data.^31,32 The transaction time of sales contracts and procurement contracts of various enterprises in different years is shown in Figure 7 (horizontal coordinate represents enterprises; vertical coordinate represents time; unit is hour).

Figure 7.

Transaction time of sales contracts and procurement contracts of various enterprises in different years (a) transaction times for individual enterprise sales contracts in 2022 and 2023, (b) transaction times for individual corporate procurement contracts in 2022 and 2023.

As shown in Figure 7, Figure 7(a) shows that the transaction time of the sales contracts of 28 enterprises in 2023 is generally shorter than that of the sales contracts of 28 enterprises in 2022. Figure 7(b) shows that the procurement contract transaction time of 28 enterprises in 2023 is also shorter on the whole than that of 28 enterprises in 2022.

Digital contracts automatically enforce preset rules and conditions, and once a consensus is reached, the contract automatically triggers execution under certain conditions without human intervention or third-party intermediaries. This eliminates the cumbersome processes and delays in traditional transactions, speeding up the speed and efficiency of transactions. Traditional transactions usually require the involvement of intermediaries and involve a large number of documents and procedures. Digital contracts, through their decentralized nature, allow transactions to take place directly between participants, eliminating the need for intermediaries. This reduces transaction links, reduces costs and time, and reduces the risk of human error and interference. Digital contracts use distributed ledger technology, where all transactions and operations are recorded on an immutable ledger. Participants can view and verify transaction status and results in real time, thus increasing the reliability and transparency of transactions, which helps reduce disputes and improve transaction efficiency.

Promoting international cooperation

Digital contracts are not subject to geographical restrictions and can be interacted and executed globally through the Internet. Traditional contracts often need to face the differences in the legal systems and judicial systems of different countries, while digital contracts overcome these limitations to a certain extent.^33–35 Through digital contracts, individuals, businesses, and organizations in various countries can work together directly, without the involvement of intermediaries or cross-border agencies, promoting the ease and efficiency of international cooperation. The number of international orders of different enterprises in 2022 and 2023 is shown in Figure 8 (horizontal coordinate represents the month in Figure 8; the vertical coordinate represents the number of orders; the unit is millions of pieces).

Figure 8.

Number of international orders by different companies in 2022 and 2023 (a) the number of international orders of different enterprises in 2022, (b) number of international orders by different companies in 2023.

As shown in Figure 8, the 28 enterprises in Figure 8(a) in 2022, regardless of any period, had an international order quantity of less than 200 million, while the international order quantity in Figure 8(b) in 2023 was more than 200 million.

Data analysis outcomes and interpretations

This study empirically validates the role of digital contracts in enhancing the security and convenience of digital transaction processes within enterprises. As shown in Figure 6, the adoption of digital contracts by enterprises in 2023 resulted in a significant improvement in the authenticity, integrity, and security of data. This enhancement can be attributed to the robust cryptographic algorithms and secure protocols inherent in digital contract technology, which ensure data remains tamper-proof and verifiable. Furthermore, the adoption of digital contracts has streamlined verification processes, reduced the risk of fraud, and increased overall trust in digital transactions. Consequently, this has established a more secure and efficient digital ecosystem for enterprises, enabling them to conduct transactions with greater confidence.

This study analyzes the technical mechanisms by which digital contracts enhance digital transactions and information security within enterprises. Table 3 illustrates the cybersecurity improvements among the 28 enterprises in 2023. Digital contracts utilize distributed ledger technology to transparently record and verify transaction data, enabling individuals to monitor their transaction history and usage records at any time, thereby understanding how their data is utilized. Moreover, digital contracts can establish a clear informed consent mechanism through smart contracts, ensuring explicit user consent during the utilization and sharing of personal data. Furthermore, digital contracts provide enhanced data security and protection measures in the global cyberspace. Smart contracts can integrate built-in security features to safeguard personal data from unauthorized access, tampering, and disclosure. These features encompass access controls, data encryption, and regular security audits. This multi-layered approach to data protection not only strengthens the security framework but also fosters greater trust and transparency in digital transactions among enterprises, instilling reliability in digital trade practices.

The data from this study indicates that adopting digital contracts can stimulate growth in international trade volumes for enterprises. As depicted in Figure 8, there was an increase in international orders by enterprises in 2023. Compared to traditional international collaborations, digital contract-based partnerships no longer require complex payment and remittance processes. Digital contracts can autonomously execute payment conditions through smart contracts, facilitating swift and secure fund settlements. This reduction in collaboration costs enhances international cooperation. Furthermore, digital contracts integrate digital currencies and blockchain technology, ensuring transaction data security through cryptography and encryption techniques, effectively preventing data tampering and theft. This is crucial for facilitating secure cross-border data flows. Ensuring the secure international flow of data through global digital contracts significantly enhances enterprises’ confidence and capabilities in conducting international collaborations, particularly for projects involving sensitive information and intellectual property. Therefore, enhancing the security of digital contracts through new algorithms can increase cross-border business for enterprises, elevate mutual trust among businesses, and provide a reliable foundation for international cooperation.

Conclusions and future directions

This study utilizes quantitative methods to empirically demonstrate the transformative role of digital contracts in enterprise transactions, cross-border business, and international collaboration. The research reveals that digital contracts offer a secure and reliable framework for data exchange by integrating encryption and authentication technologies, effectively protecting participants’ privacy and preventing unauthorized access or data misuse. This enhanced security fosters greater user trust and contributes to the sustainable growth of the digital economy. Moreover, the paper argues that digital contracts can establish a trustworthy online environment for various economic activities—including international corporate cooperation, cross-border settlements, financial transactions, and the dissemination of critical information. By ensuring transparency and accountability, digital contracts help reduce fraudulent practices, deceptive behaviors, and false transactions, thereby minimizing legal disputes and enhancing operational efficiency. Smart contract technology further strengthens this system by automating execution processes, ensuring fairness and credibility in transactions, and driving the expansion of e-commerce, online services, and the integration of the real economy with the digital ecosystem.

The Global Digital Compact serves as a foundational framework comprising legal norms, regulatory guidelines, and ethical standards for governing global cyberspace. It facilitates coordinated regulation of diverse online behaviors and enhances the overall efficiency of internet governance. The study also highlights how digital contracts can support international cooperation in cyberspace governance, promoting the globalization of the digital economy and fostering deeper cross-border engagement. However, the successful deployment of digital contracts requires strict adherence to legal and regulatory requirements. This underscores the need for stronger international collaboration to develop unified standards and norms for digital contract implementation. Looking ahead, continued exploration into the regulatory potential of digital contracts, along with the development of advanced technologies to address existing vulnerabilities, is essential for advancing research and practice in global cyberspace governance.

Footnotes

ORCID iDs

Zhi Li

Runhua Tang

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

Declaration of conflicting interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Data availability statement

The data used to support the findings of this study are available from the corresponding author upon request.*

References

Zhang

, et al. Global Digital Compact: a Mechanism for the governance of online discriminatory and misleading content generation. Int J Hum Comput Interact 2025; 41(2): 1381–1396.

Finkelhor

Kerryann

Jones

, et al. Youth internet safety education: aligning programs with the evidence base. Trauma Violence Abuse 2021; 22(5): 1233–1247.

Wang

Liu

Chen

, et al. The mediating effect of self-control on the relationship between exposure to violence and fighting among Chinese secondary school students. J Sch Violence 2021; 21(1): 34–47.

Cho

Cook

Rager

. Uncertainty-based false information propagation in social networks. ACM Trans. Soc. Comput 2019; 2(2): 1–34.

Pan

Liu

, et al. The problem and root cause analysis of false information in AIGC from the perspective of information quality. Libr Inf Knowl 2023; 40(4): 32–40.

. A secure transmission method for computer network data based on data encryption technology. China Comput & Commun 2022; 34(15): 229–231.

Huang

Wang

. A protection method for communication data privacy based on unbalanced blockchain category networks. Telecom Power Technol 2022; 39(22): 104–106.

Yazdeen

Subhi

Mohammed Sadeeq

, et al. FPGA implementations for data encryption and decryption via concurrent and parallel computation: a review. Qubahan Academic Journal 2021; 1(2): 8–16.

Gohdes

. Repression technology: internet accessibility and state violence. Am J Pol Sci 2020; 64(3): 488–503.

10.

Gaudette

Ryan

Vivek

. The role of the internet in facilitating violent extremism: insights from former right-wing extremists. Terrorism Polit Violence 2022; 34(7): 1339–1356.

11.

Backe

Pamela

Jennifer

. Networked indiiduals, gendered violence: a literature review of cyberviolence. Violence Gend 2018; 5(3): 135–146.

12.

Maswood

Suparna

. Social transmission of false memory in small groups and large networks. Top Cogn Sci 2019; 11(4): 687–709.

13.

Ghanem

Paolo

Francisco

. An emotional analysis of false information in social media and news articles. ACM Trans Internet Technol 2020; 20(2): 1–18.

14.

Zannettou

Michael

Jeremy

, et al. The web of false information: rumors, fake news, hoaxes, clickbait, and various other shenanigans. J Data Inf Qual 2019; 11(3): 1–37.

15.

Sun

Yuan

, et al. Fighting false information from propagation process: a survey. ACM Comput Surv 2023; 55(10): 1–38.

16.

Vosoughi

Deb

Sinan

. The spread of true and false news online. Science 2018; 359(6380): 1146–1151.

17.

Babcock

David

Kathleen

. Different faces of false: the spread and curtailment of false information in the black panther twitter discussion. J Data Inf Qual 2019; 11(4): 1–15.

18.

Entman

Nikki

. Framing in a fractured democracy: impacts of digital technology on ideology, power and cascading network activation. J Commun 2018; 68(2): 298–308.

19.

Molina

Shyam

, et al. “Fake news” is not simply false information: a concept explication and taxonomy of online content. Am Behav Sci 2021; 65(2): 180–212.

20.

Ahmed

Al-Sakib

. False data injection attack (FDIA): an overview and new metrics for fair evaluation of its countermeasure. Complex Adapt Syst Model 2020; 8(1): 1–14.

21.

Saravistha

Sukadana

Kadek

. Urgency of contract model settings in the global digital market related to tourism business: a study on consumer protection and electronic information and transactions. Budap Int Res Crit Inst J 2022; 5(1): 4549–4556.

22.

Aljasir

Maisoon

. Cyberbullying and cybervictimization on digital media platforms: the role of demographic variables and parental mediation strategies. Humanit Soc Sci Commun 2022; 9(1): 1–9.

23.

Liu

. Research on network data encryption system based on improved GANs algorithm. Int J Wireless Mobile Comput 2023; 25(1): 68–75.

24.

Klijn

Iris

. Governance and media attention: a research agenda about how media affect (network) governance processes. Perspect Public Manag Gov 2018; 1(2): 103–113.

25.

Gorod

ALH

Tiep

. A systemic approach to complex project management: integration of command‐and‐control and network governance. Syst Res Behav Sci 2018; 35(6): 811–837.

26.

Cragg

McNamara

Descubes

, et al. Manufacturing SMEs, network governance and global supply chains. J Small Bus Enterp Dev 2020; 27(1): 130–147.

27.

Fauziah

Haznah

Xavier

, et al. Application of blockchain technology in smart contracts: a systematic literature review. APTISI Trans Technopreneursh 2020; 2(2): 160–166.

28.

Savant

Rupali

. A review on network security and cryptography. Res J Eng Technol 2021; 12(4): 110–114.

29.

Lin

Zhang

, et al. A survey of application research based on blockchain smart contract. Wirel Netw 2022; 28(2): 635–690.

30.

Branch

. What’s in a name? Metaphors and cybersecurity. Int Organ 2021; 75(1): 39–70.

31.

Cavety

Egloff

. The politics of cybersecurity: balancing different roles of the state. St Antony's Int Rev 2019; 15(1): 37–57.

32.

Hartmann

Carmenate

. Academic research on the role of corporate governance and IT expertise in addressing cybersecurity breaches: implications for practice, policy, and research. Curr. Issues Auditing 2021; 15(2): 9–23.

33.

Hurel

Lobato

. Unpacking cyber norms: private companies as norm entrepreneurs. J. Cyber Policy 2018; 3(1): 61–76.

34.

Stevens

. Assembling cybersecurity: the politics and materiality of technical malware reports and the case of Stuxnet. Contemp Secur Policy 2020; 41(1): 129–152.

35.

Calliess

Baumgarten

. Cybersecurity in the EU the example of the financial sector: a legal perspective. Ger. Law J 2020; 21(6): 1149–1179.