Skip to main content
SpringerLink
Log in

Towards a Dynamic Testing Approach for Checking the Correctness of Ethereum Smart Contracts

  • Conference paper
  • First Online:
Risks and Security of Internet and Systems (CRiSIS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13857))

Included in the following conference series:

Abstract

One of the most essential concepts related to the development of Blockchain oriented software is smart contracts. Once deployed on the blockchain, these pieces of code cannot be altered due to the immutability feature of the blockchain technology. Therefore, it is necessary to verify and validate smart contracts before their deployment. This paper presents a model-based testing approach for validating and checking the correctness of Ethereum smart contracts. The adopted process comprises essentially four steps: (1) modelling the smart contract and its blockchain environment as UPPAAL Timed Automata, (2) generating abstract test cases by UPPAAL CO\(\surd \)ER tool, (3) executing in a dynamic manner the generated test cases, and finally (4) analyzing the obtained test results and generating test reports. To illustrate our proposal, we apply it on Ethereum Blockchain and especially on the electronic voting case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://solidity.readthedocs.io/.

  2. 2.

    Some test cases fail but there is no bug and the program is working correctly.

  3. 3.

    The number of Wei owned by this address.

  4. 4.

    The hash of the EVM code of this account.

  5. 5.

    The hash of the root node of a Merkle Patricia tree encoding the storage contents of the account.

  6. 6.

    http://user.it.uu.se/ hessel/CoVer/index.php.

  7. 7.

    A test case should traverse all edges of a given timed automaton.

References

  1. Blockchain platform: Ethereum. https://ethereum.org/en/. Accessed Mar 2022

  2. Blockchain platform: Hyperledger. https://www.hyperledger.org/. Accessed Mar 2022

  3. Solidity examples. https://docs.soliditylang.org/en/v0.5.11/solidity-by-example.html. Accessed Mar 2022

  4. Abbas, A., Alroobaea, R., Krichen, M., Rubaiee, S., Vimal, S., Almansour, F.M.: Blockchain-assisted secured data management framework for health information analysis based on internet of medical things, pp. 1–14. Personal and Ubiquitous Computing (2021)

    Google Scholar 

  5. Akca, S., Rajan, A., Peng, C.: Solanalyser: a framework for analysing and testing smart contracts. In: Proceeding of the 26th Asia-Pacific Software Engineering Conference (APSEC), pp. 482–489 (2019)

    Google Scholar 

  6. Ali, M.S., Vecchio, M., Pincheira, M., Dolui, K., Antonelli, F., Rehmani, M.H.: Applications of blockchains in the internet of things: a comprehensive survey. IEEE Commun. Surv. Tutor. 21(2), 1676–1717 (2018)

    Article  Google Scholar 

  7. Andesta, E., Faghih, F., Fooladgar, M.: Testing smart contracts gets smarter. In: Proceeding of the 10th International Conference on Computer and Knowledge Engineering (ICCKE 2020), pp. 405–412 (2020)

    Google Scholar 

  8. Behrmann, G., David, A., Larsen, K.G.: A tutorial on uppaal. In: Proceeding of the International School on Formal Methods for the Design of Computer, Communication, and Software Systems, SFM-RT 2004. Revised Lectures, vol. 3185, pp. 200–237 (2004)

    Google Scholar 

  9. Chan, W., Jiang, B.: Fuse: an architecture for smart contract fuzz testing service. In: Proceeding of The 25th Asia-Pacific Software Engineering Conference (APSEC), pp. 707–708 (2018)

    Google Scholar 

  10. Ben Fekih, R., Lahami, M.: Application of blockchain technology in healthcare: a comprehensive study. In: Jmaiel, M., Mokhtari, M., Abdulrazak, B., Aloulou, H., Kallel, S. (eds.) ICOST 2020. LNCS, vol. 12157, pp. 268–276. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-51517-1_23

    Chapter  Google Scholar 

  11. Fekih, R.B., Lahami, M., Jmaiel, M., Ali, A.B., Genestier, P.: Towards model checking approach for smart contract validation in the EIP-1559 ethereum. In: Proceeding of the 46th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2022, Los Alamitos, CA, USA, pp. 83–88. IEEE (2022)

    Google Scholar 

  12. Feng, X., Wang, Q., Zhu, X., Wen, S.: Bug searching in smart contract. CoRR abs/1905.00799 (2019)

    Google Scholar 

  13. Freedman, R.: Testability of software components. IEEE Trans. Software Eng. 17(6), 553–564 (1991)

    Article  Google Scholar 

  14. Gao, J., et al.: Towards automated testing of blockchain-based decentralized applications. In: Proceeding of IEEE/ACM 27th International Conference on Program Comprehension (ICPC), pp. 294–299 (2019)

    Google Scholar 

  15. Hartel, P., Schumi, R.: Mutation testing of smart contracts at scale. In: Ahrendt, W., Wehrheim, H. (eds.) TAP 2020. LNCS, vol. 12165, pp. 23–42. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-50995-8_2

    Chapter  Google Scholar 

  16. Hessel, A., Larsen, K.G., Mikucionis, M., Nielsen, B., Pettersson, P., Skou, A.: Testing real-time systems using uppaal. In: Hierons, R.M., Bowen, J.P., Harman, M. (eds.) Formal Methods and Testing, pp. 77–117 (2008)

    Google Scholar 

  17. Ivanova, Y., Khritankov, A.: Regularmutator: a mutation testing tool for solidity smart contracts. Procedia Comput. Sci. 178, 75–83 (2020)

    Article  Google Scholar 

  18. Jabbar, R., et al.: Blockchain technology for intelligent transportation systems: a systematic literature review. IEEE Access 10, 20995–21031 (2022)

    Article  Google Scholar 

  19. Jiang, B., Liu, Y., Chan, W.K.: Contractfuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, pp. 259–269 (2018)

    Google Scholar 

  20. Kakadiya, A.: Block-chain oriented software testing approach. Int. Res. J. Eng. Technol. (IRJET) (2017)

    Google Scholar 

  21. Krichen, M., Ammi, M., Mihoub, A., Almutiq, M.: Blockchain for modern applications: a survey. Sensors 22(14), 5274 (2022)

    Article  Google Scholar 

  22. Lahami, M., Maâlej, A.J., Krichen, M., Hammami, M.A.: A comprehensive review of testing blockchain oriented software. In: Proceedings of the 17th International Conference on Evaluation of Novel Approaches to Software Engineering, ENASE 2022, Online Streaming, April 25–26, 2022, pp. 355–362. SCITEPRESS (2022)

    Google Scholar 

  23. Li, Z., Wu, H., Xu, J., Wang, X., Zhang, L., Chen, Z.: MUSC: a tool for mutation testing of ethereum smart contract. In: Proceeding of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), pp. 1198–1201 (2019)

    Google Scholar 

  24. Liu, Y., Li, Y., Lin, S.W., Yan, Q.: MODCON: a model-based testing platform for smart contracts. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 1601–1605 (2020)

    Google Scholar 

  25. Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269 (2016)

    Google Scholar 

  26. Mars, R., Youssouf, J., Cheikhrouhou, S., Turki, M.: Towards a blockchain-based approach to fight drugs counterfeit. In: Proceedings of the Tunisian-Algerian Joint Conference on Applied Computing (TACC 2021), Tabarka, Tunisia, pp. 197–208 (2021)

    Google Scholar 

  27. Mense, A., Flatscher, M.: Security vulnerabilities in ethereum smart contracts. In: Proceedings of the 20th International Conference on Information Integration and Web-Based Applications & Services, pp. 375–380 (2018)

    Google Scholar 

  28. Nakamoto, S., et al.: Bitcoin: a peer-to-peer electronic cash system (2008)

    Google Scholar 

  29. Nguyen, T.D., Pham, L.H., Sun, J., Lin, Y., Minh, Q.T.: Sfuzz: an efficient adaptive fuzzer for solidity smart contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, pp. 778–788 (2020)

    Google Scholar 

  30. Praitheeshan, P., Pan, L., Yu, J., Liu, J.K., Doss, R.: Security analysis methods on ethereum smart contract vulnerabilities: A survey. CoRR abs/1908.08605 (2019)

    Google Scholar 

  31. Sánchez-Gómez, N., Morales-Trujillo, L., Torres-Valderrama, J.: Towards an approach for applying early testing to smart contracts. In: Proceedings of the 15th International Conference on Web Information Systems and Technologies - APMDWE, pp. 445–453 (2019)

    Google Scholar 

  32. Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Bünzli, F., Vechev, M.: Securify: practical security analysis of smart contracts. In: Proceeding of the ACM SIGSAC Conference on Computer and Communications Security, pp. 67–82 (2018)

    Google Scholar 

  33. Utting, M., Legeard, B.: Practical Model-Based Testing: A Tools Approach. Morgan Kaufmann Publishers Inc. (2006)

    Google Scholar 

  34. Wang, X., Wu, H., Sun, W., Zhao, Y.: Towards generating cost-effective test-suite for ethereum smart contract. In: Proceeding of the IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 549–553 (2019)

    Google Scholar 

  35. Wood, G., et al.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper 151(2014), 1–32 (2014)

    Google Scholar 

  36. Wu, Z., et al.: Kaya: a testing framework for blockchain-based decentralized applications. In: Proceeding of the IEEE International Conference on Software Maintenance and Evolution (ICSME 2020), pp. 826–829 (2020)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ReDCAD Laboratory, National School of Engineers of Sfax, University of Sfax, BP 1173, 3038, Sfax, Tunisia

    Mohamed Amin Hammami, Mariam Lahami & Afef Jmal Maâlej

Authors
  1. Mohamed Amin Hammami
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mariam Lahami
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Afef Jmal Maâlej
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mariam Lahami .

Editor information

Editors and Affiliations

  1. University of Sfax, Sfax, Tunisia

    Slim Kallel

  2. University of Sfax, Sfax, Tunisia

    Mohamed Jmaiel

  3. Queen's University, Kingston, ON, Canada

    Mohammad Zulkernine

  4. University of Sfax, Sfax, Tunisia

    Ahmed Hadj Kacem

  5. Polytechnique Montréal, Montréal, QC, Canada

    Frédéric Cuppens

  6. Polytechnique Montréal, Montréal, QC, Canada

    Nora Cuppens

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hammami, M.A., Lahami, M., Maâlej, A.J. (2023). Towards a Dynamic Testing Approach for Checking the Correctness of Ethereum Smart Contracts. In: Kallel, S., Jmaiel, M., Zulkernine, M., Hadj Kacem, A., Cuppens, F., Cuppens, N. (eds) Risks and Security of Internet and Systems. CRiSIS 2022. Lecture Notes in Computer Science, vol 13857. Springer, Cham. https://doi.org/10.1007/978-3-031-31108-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-31108-6_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-31107-9

  • Online ISBN: 978-3-031-31108-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation