Yuepeng Wang,Shuvendu K. Lahiri,Shuo Chen,Rong Pan,Isil Dillig,Cody Born,Immad Naseer,Kostas Ferles

DOI: https://doi.org/10.1007/978-3-030-41600-3_7

2019-01-01

Abstract:Ensuring correctness of smart contracts is paramount to ensuring trust in blockchain-based systems. This paper studies the safety and security of smart contracts in the Azure Blockchain Workbench, an enterprise Blockchain-as-a-Service offering from Microsoft. In particular, we formalize semantic conformance of smart contracts against a state machine workflow with access-control policy and propose an approach to reducing semantic conformance checking to safety verification using program instrumentation. We develop a new Solidity program verifier VERISOL that is based on translation to Boogie, and have applied it to analyze all application contracts shipped with the Azure Blockchain Workbench and found previously unknown bugs in these published smart contracts. After fixing these bugs, VERISOL was able to successfully perform full verification for all of these contracts.

Zhiyuan Wan,Xin Xia,David Lo,Jiachi Chen,Xiapu Luo,Xiaohu Yang

DOI: https://doi.org/10.1109/icse-companion52605.2021.00104

2021-01-01

Abstract:Smart contracts have been plagued by security incidents, which resulted in substantial financial losses. Given numerous research efforts in addressing the security issues of smart contracts, we wondered how software practitioners build security into smart contracts in practice. We performed a mixture of qualitative and quantitative studies with 13 interviewees and 156 survey respondents from 35 countries across six continents to understand practitioners' perceptions and practices on smart contract security. Our study uncovers practitioners' motivations and deterrents of smart contract security, as well as how security efforts and strategies fit into the development lifecycle. We also find that blockchain platforms have astatistically significant impact on practitioners' security perceptions and practices of smart contract development. Based on our findings, we highlight future research directions and provide recommendations for practitioners.

Palina Tolmach,Yi Li,Shang-Wei Lin,Yang Liu,Zengxiang Li

DOI: https://doi.org/10.1145/3464421

IF: 16.6

2022-09-30

ACM Computing Surveys

Abstract:A smart contract is a computer program that allows users to automate their actions on the blockchain platform. Given the significance of smart contracts in supporting important activities across industry sectors including supply chain, finance, legal, and medical services, there is a strong demand for verification and validation techniques. Yet, the vast majority of smart contracts lack any kind of formal specification, which is essential for establishing their correctness. In this survey, we investigate formal models and specifications of smart contracts presented in the literature and present a systematic overview to understand the common trends. We also discuss the current approaches used in verifying such property specifications and identify gaps with the hope to recognize promising directions for future work.

computer science, theory & methods

Xiaomin Bai,Zijing Cheng,Zhangbo Duan,Kai Hu

DOI: https://doi.org/10.1145/3185089.3185138

2018-01-01

Abstract:Smart contracts can automatically perform the contract terms according to the received information, and it is one of the most important research fields in digital society. The core of smart contracts is algorithm contract, that is, the parties reach an agreement on the contents of the contract and perform the contracts according to the behaviors written in certain computer algorithms. It not only needs to make sure about the correctness of smart contracts code, but also should provide a credible contract code execution environment. Blockchain provides a trusted execution and storage environment for smart contracts by the distributed secure storage, consistency verification and encryption technology. Current challenge is how to assure that smart contract can be executed as the parties' willingness. This paper introduces formal modeling and verification in formal methods to make smart contract model and verify the properties of smart contracts. Formal methods combined with smart contracts aim to reduce the potential errors and cost during contract development process. The description of a general and formal smart contract template is provided. The tool of model checking, SPIN, is used to verify the correctness and necessary properties for a smart contract template. The research shows model checking will be useful and necessary for smart contracts.

Alexandre Mota,Fei Yang,Cristiano Teixeira

2023-07-05

Abstract:Nowadays, smart contracts have become increasingly popular and, as with software development in general, testing is the standard method for verifying their correctness. However, smart contracts require a higher level of certainty regarding correctness because they are diffcult to modify once deployed and errors can result in significant financial losses. Therefore, formal verification is essential. In this article, we present our search for a tool capable of formally verifying a real-world smart contract written in a recent version of Solidity.

Software Engineering

Vilhelm Sjöberg,Kinnari Dave,Daniel Britten,Maria A Schett,Xinyuan Sun,Qinshi Wang,Sean Noble Anderson,Steve Reeves,Zhong Shao

2024-05-14

Abstract:Programs executed on a blockchain - smart contracts - have high financial stakes; their correctness is crucial. We argue, that this correctness needs to be foundational: correctness needs to be based on the operational semantics of their execution environment. In this work we present a foundational system - the DeepSEA system - targeting the Ethereum blockchain as the largest smart contract platform. The DeepSEA system has a small but sufficiently rich programming language amenable for verification, the DeepSEA language, and a verified DeepSEA compiler. Together they enable true end-to-end verification for smart contracts. We demonstrate usability through two case studies: a realistic contract for Decentralized Finance and contract for crowdfunding.

Programming Languages

Meihua Xiao,Yangping Xu,Zehuan Li,Hongbin Wan

DOI: https://doi.org/10.3390/electronics13204093

IF: 2.9

2024-10-18

Electronics

Abstract:The development of smart contracts remains in its early stages, with significant differences in underlying programming languages and application platforms resulting in a lack of standardization. This lack of standardization increases the susceptibility to vulnerabilities and associated financial losses. To address security vulnerabilities in smart contracts on the Ethereum blockchain platform, this paper proposes a security audit method based on formal verification. The method integrates an input module, static analysis module, formal verification module, analog execution module, and report and recommendation module, which can accurately discover the security vulnerabilities and logical flaws of smart contracts through formal verification and other analysis techniques, thus realizing correctness detection. During the experiment, the method detects 8 types of common vulnerabilities in 148 smart contracts and marks 21 smart contracts with vulnerabilities. After manual review and analysis, it is found that 17 of these 21 marked smart contracts do have security vulnerabilities. The experimental results show that the proposed method can accurately detect security vulnerabilities and logic flaws in smart contracts through formal verification and other analysis techniques before smart contracts are deployed, thus significantly improving the security of smart contracts and reducing the economic losses that may be caused by code defects.

engineering, electrical & electronic,computer science, information systems,physics, applied

Christian Bräm,Marco Eilers,Peter Müller,Robin Sierra,Alexander J. Summers

DOI: https://doi.org/10.48550/arXiv.2104.10274

2021-09-09

Abstract:Smart contracts are programs that execute inside blockchains such as Ethereum to manipulate digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is considerable interest in formally proving their correctness. However, the specification and verification of smart contracts faces challenges that do not arise in other application domains. Smart contracts frequently interact with unverified, potentially adversarial outside code, which substantially weakens the assumptions that formal analyses can (soundly) make. Moreover, the core functionality of smart contracts is to manipulate and transfer resources; describing this functionality concisely requires dedicated specification support. Current reasoning techniques do not fully address these challenges, being restricted in their scope or expressiveness (in particular, in the presence of re-entrant calls), and offering limited means of expressing the resource transfers a contract performs. In this paper, we present a novel specification methodology tailored to the domain of smart contracts. Our specification constructs and associated reasoning technique are the first to enable: (1) sound and precise reasoning in the presence of unverified code and arbitrary re-entrancy, (2) modular reasoning about collaborating smart contracts, and (3) domain-specific specifications based on resources and resource transfers, which allow expressing a contract's behavior in intuitive and concise ways and exclude typical errors by default. We have implemented our approach in 2vyper, an SMT-based automated verification tool for Ethereum smart contracts written in the Vyper language, and demonstrated its effectiveness in succinctly capturing and verifying strong correctness guarantees for real-world contracts.

Programming Languages

Xiaoyu Li,Cheng Su,Yan Xiong,Wenchao Huang,Wansen Wang

DOI: https://doi.org/10.1109/bigcom.2019.00021

2019-01-01

Abstract:Blockchain is a decentralized cryptocurrency framework which has gained considerable attention in research and many industries. Ethereum is an implementation based on blockchain technology. Ethereum blockchain offers smart contracts, a piece of program codes which can execute and record the transactions in blockchain. Users can use smart contracts to create their own tokens based on ERC-20 standard, and token smart contracts have been used to manage and transfer tokens, carrying millions dollars worth of virtual currencies. However, keeping token smart contracts secure can be difficult. When smart contracts are deployed on Ethereum successfully, they cannot be changed. Due to the openness of Ethereum, both users and attackers can invoke contracts. So errors in smart contracts have led and will lead to a loss. For example, the DAO bug led to a 60 million US dollar loss in June 2016. Therefore, the researches on security of smart contracts are urgently important. In this paper, we use a formal approach to verify smart contracts. We apply formal verification on a concrete smart contract example, BNB contract, which is one of the most popular token contracts. We analyze the contract and discover the two attributes in the contract, one is transfer attribute involving the functions of transferring tokens operations, and the other is owner attribute which involves the authority of contract owner. We verify these two attributes respectively. We model the contract using SAPIC, the applied pi calculus and then verify by Tamarin prover. We specify the processes of modeling and verifying. The results show we cannot find an attack path. The research method reduces the complexity of verifying smart contracts and can be used to analyze complex contracts.

Mark Utting,Liam Kent

DOI: https://doi.org/10.48550/arXiv.2106.14457

2021-06-28

Abstract:We describe the verification of an existing smart contract for a simple casino application, using the Whiley specification and programming language, with a fully automated verification engine based on Boogie and Z3. After finding and fixing several specification and code issues in the smart contract, we are able to verify all the operations of the smart contract.

Logic in Computer Science

Sunbeom So,Myungho Lee,Jisu Park,Heejo Lee,Hakjoo Oh

DOI: https://doi.org/10.48550/arXiv.1908.11227

2019-08-30

Abstract:We present VeriSmart, a highly precise verifier for ensuring arithmetic safety of Ethereum smart contracts. Writing safe smart contracts without unintended behavior is critically important because smart contracts are immutable and even a single flaw can cause huge financial damage. In particular, ensuring that arithmetic operations are safe is one of the most important and common security concerns of Ethereum smart contracts nowadays. In response, several safety analyzers have been proposed over the past few years, but state-of-the-art is still unsatisfactory; no existing tools achieve high precision and recall at the same time, inherently limited to producing annoying false alarms or missing critical bugs. By contrast, VeriSmart aims for an uncompromising analyzer that performs exhaustive verification without compromising precision or scalability, thereby greatly reducing the burden of manually checking undiscovered or incorrectly-reported issues. To achieve this goal, we present a new domain-specific algorithm for verifying smart contracts, which is able to automatically discover and leverage transaction invariants that are essential for precisely analyzing smart contracts. Evaluation with real-world smart contracts shows that VeriSmart can detect all arithmetic bugs with a negligible number of false alarms, far outperforming existing analyzers.

Programming Languages,Cryptography and Security

Haoxian Chen,Lan Lu,Brendan Massey,Yuepeng Wang,Boon Thau Loo

2023-08-02

Abstract:Smart contracts manage a large number of digital assets nowadays. Bugs in these contracts have led to significant financial loss. Verifying the correctness of smart contracts is, therefore, an important task. This paper presents an automated safety verification tool, DCV, that targets declarative smart contracts written in DeCon, a logic-based domain-specific language for smart contract implementation and specification. DCV proves safety properties by mathematical induction and can automatically infer inductive invariants using heuristic patterns, without annotations from the developer. Our evaluation on 20 benchmark contracts shows that DCV is effective in verifying smart contracts adapted from public repositories, and can verify contracts not supported by other tools. Furthermore, DCV significantly outperforms baseline tools in verification time.

Software Engineering

Jiao Jiao,Shuanglong Kan,Shang-Wei Lin,David Sanan,Yang Liu,Jun Sun

DOI: https://doi.org/10.48550/arXiv.1804.01295

2018-04-04

Abstract:Bitcoin has attracted everyone's attention and interest recently. Ethereum (ETH), a second generation cryptocurrency, extends Bitcoin's design by offering a Turing-complete programming language called Solidity to develop smart contracts. Smart contracts allow creditable execution of contracts on EVM (Ethereum Virtual Machine) without third parties. Developing correct smart contracts is challenging due to its decentralized computation nature. Buggy smart contracts may lead to huge financial loss. Furthermore, smart contracts are very hard, if not impossible, to patch once they are deployed. Thus, there is a recent surge of interest on analyzing/verifying smart contracts. While existing work focuses on EVM opcode, we argue that it is equally important to understand and define the semantics of Solidity since programmers program and reason about smart contracts at the level of source code. In this work, we develop the structural operational semantics for Solidity, which allows us to identify multiple design issues which underlines many problematic smart contracts. Furthermore, our semantics is executable in the K framework, which allows us to verify/falsify contracts automatically.

Programming Languages

Jun Jin,Wenhao Zhan,Haisheng Li,Yi Ding,Jie Li

DOI: https://doi.org/10.3390/math12152431

IF: 2.4

2024-01-01

Mathematics

Abstract:A composite smart contract can execute smart contracts that may belong to other owners or companies through external calls, bringing more security challenges to blockchain applications. Traditional static verification methods are inadequate for analyzing the dynamic execution of these contracts, resulting in misjudgment and omission issues. Therefore, this paper proposes a model checking approach based on dynamic behavior that verifies the security and business logic of composite smart contracts. Utilizing automata, the method models contracts, users, attackers, and extracts properties, focusing on six types of common security vulnerabilities. A thorough case study and experimental evaluation demonstrate the method’s efficiency in identifying vulnerabilities and ensuring alignment with business requirements. The UPPAAL tool is employed for comprehensive verification, proving its effectiveness in enhancing smart contract security.

Keerthi Nelaturu,Anastasia Mavridoul,Andreas Veneris,Aron Laszka

DOI: https://doi.org/10.1109/icbc48266.2020.9169428

2020-05-01

Abstract:Smart contracts enable the creation of decentralized applications which often handle assets of large value. These decentralized applications are frequently built on multiple interacting contracts. While the underlying platform ensures the correctness of smart contract execution, today developers continue struggling to create functionally correct contracts, as evidenced by a number of security incidents in the recent past. Even though these incidents often exploit contract interaction, prior work on smart contract verification, vulnerability discovery, and secure development typically considers only individual contracts. This paper proposes an approach for the correct-by-design development and deployment of multiple interacting smart contracts by introducing a graphical notation (called deployment diagrams) for specifying possible interactions between contract types. Based on this notation, it later presents a framework for the automated verification, generation, and deployment of interacting contracts that conform to a deployment diagram. As an added benefit, the proposed framework provides a clear separation of concerns between the internal contract behavior and contract interaction, which allows one to compositionally model and analyze systems of interacting smart contracts efficiently.

Ilya Grishchenko,Matteo Maffei,Clara Schneidewind

DOI: https://doi.org/10.1007/978-3-319-89722-6_10

2018-01-01

Abstract:Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed.In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.

Yu Dong,Yue Li,Dongqi Cui,Jianbo Gao,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.18293/seke2022-128

2022-01-01

Abstract:Ensuring functional correctness of smart contracts is a pressing security concern to blockchain-based systems.With the development of blockchain application, the trading scenarios and function implementation of smart contracts have become increasing complex, containing several interacted contracts or related functions.However, the existing contracts verifiers for proving functional correctness focus on verifying isolated contract or function but ignore the interactions between them, which makes it difficult to verify correctness of composite transactions, i.e., complex transaction scenarios that invoke multiple contracts or trigger a set of transactions.In this paper, we present SMIFIER, a formal verification tool for smart contracts to prove functional properties in composite transactions.SMIFIER defines a set of specifications for composite transactions and can automatically specify properties in these multiple complex transactions.Based on states extraction and mapping, SMIFIER translates annotated Solidity program into Boogie program and verifies relations between functions and properties for interacted contracts.Our experimental evaluation on 12 real-world projects and 65 properties, demonstrates that SMIFIER is practically effective in ensuring functional correctness of properties in composite transactions.

Zhiyuan Wei,Jing Sun,Zijian Zhang,Xianhao Zhang,Meng Li,Liehuang Zhu

2023-11-02

Abstract:Blockchain smart contracts have emerged as a transformative force in the digital realm, spawning a diverse range of compelling applications. Since solidity smart contracts across various domains manage trillions of dollars in virtual coins, they become a prime target for attacks. One of the primary challenges is keeping abreast of the latest techniques and tools for developing secure smart contracts and examining those already deployed. In this paper, we seek to address these challenges from four aspects: (1) We begin by examining ten automatic tools, specifically focusing on their methodologies and their ability to identify vulnerabilities in solidity smart contracts. (2) We propose a novel criterion for evaluating these tools, based on the ISO/IEC 25010 standard. (3) To facilitate the evaluation of the selected tools, we construct a benchmark that encompasses two distinct datasets: a collection of 389 labelled smart contracts and a scaled set of 20,000 unique cases from real-world contracts. (4) We provide a comparison of the selected tools, offering insights into their strengths and weaknesses and highlighting areas where further improvements are needed. Through this evaluation, we hope to provide developers and researchers with valuable guidance on selecting and using smart contract analysis tools and contribute to the ongoing efforts to improve the security and reliability of smart contracts.

Distributed, Parallel, and Cluster Computing

Guannan Wei,Danning Xie,Wuqi Zhang,Yongwei Yuan,Zhuo Zhang

DOI: https://doi.org/10.1145/3656416

2024-01-01

Abstract:Ensuring the reliability of smart contracts is of vital importance due to the wide adoption of smart contract programs in decentralized financial applications. However, statically checking many rich properties of smart contract programs can be challenging. On the other hand, dynamic validation approaches have shown promise for widespread adoption in practice. Nevertheless, as part of the programming environment for smart contracts, existing dynamic validation approaches have not provided programmers with a notion to clearly articulate the interface between components, especially for addresses representing opaque contract instances. We argue that the “design-by-contract” approach should complement the development of smart contract programs. Unfortunately, there is only limited linguistic support for that in existing smart contract languages. In this paper, we design a Solidity language extension ConSol that supports behavioral contracts. ConSol provides programmers with a modular specification and monitoring system for both functional and latent address behaviors. The key capability of ConSol is to attach specifications to first-class addresses and monitor violations when invoking these addresses. We evaluate ConSol using 20 real-world cases, demonstrating its effectiveness in expressing critical conditions and preventing attacks. Additionally, we assess ConSol’s efficiency and compare gas consumption with manually inserted assertions, showing that our approach introduces only marginal gas overhead. By separating specifications and implementations using behavioral contracts, ConSol assists programmers in writing smart contract code that is more robust and readable.

Ye Liu,Yi Li,Cyrille Artho,Yixuan Liu

2024-03-20

Abstract:Smart contracts are computer programs running on blockchains to implement Decentralized Applications.The absence of contract specifications hinders routine tasks, such as contract understanding and testing. Inthis work, we propose a specification mining approach to infer contract specifications from past transactionhistories. Our approach derives high-level behavioral automata of function invocations, accompanied byprogram invariants statistically inferred from the transaction histories. We implemented our approach as toolSmConand evaluated it on eleven well-studied Azure benchmark smart contracts and six popular real-worldDApp smart contracts. The experiments show thatSmConmines reasonably accurate specifications that canbe used to facilitate DApp understanding and development in terms of document maintenance and test suite improvement.

Software Engineering