Abstract
Blockchain technology has created a new software development context, with its own peculiarities, mainly due to the guarantees that the technology must satisfy, that is, immutability, distributability, and decentralization of data. Its rapid evolution over the last decade implied a lack of adequate verification tools, exposing developers and users to critical vulnerabilities and bugs. This paper clarifies the extent of block chain-oriented software (BoS), that goes well beyond smart contracts. Moreover, it provides an overview of the challenges related to software verification in the blockchain context, encompassing smart contracts, blockchain layers, cross-chain applications, and, more generally, BoS. This study aims to highlight the shortcomings of the state-of-art and of the state-of-practice of software verification in that context and identify, at the same time, new research directions.
Article PDF
Similar content being viewed by others
Explore related subjects
Find the latest articles, discoveries, and news in related topics.Avoid common mistakes on your manuscript.
References
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf (2008). Accessed: 06/2023
Bonnici, V., Arceri, V., Diana, A., Bertini, F., Iotti, E., Levante, A., Bernini, V., Neviani, E., Dal Palù, A.: Biochain: towards a platform for securely sharing microbiological data. In: Proceedings of the 27th International Database Engineered Applications Symposium. IDEAS ’23, pp. 59–63. Association for Computing Machinery, New York (2023). https://doi.org/10.1145/3589462.3589501
Kar, A.K., Navin, L.: Diffusion of blockchain in insurance industry: an analysis through the review of academic and trade literature. Telemat. Inform. 58, 101532 (2021). https://doi.org/10.1016/j.tele.2020.101532
Mühle, A., Grüner, A., Gayvoronskaya, T., Meinel, C.: A survey on essential components of a self-sovereign identity. Comput. Sci. Rev. 30, 80–86 (2018). https://doi.org/10.1016/j.cosrev.2018.10.002
Saberi, S., Kouhizadeh, M., Sarkis, J., Shen, L.: Blockchain technology and its relationships to sustainable supply chain management. Int. J. Prod. Res. 57(7), 2117–2135 (2019). https://doi.org/10.1080/00207543.2018.1533261
Al-Jaroodi, J., Mohamed, N.: Blockchain in industries: a survey. IEEE Access 7, 36500–36515 (2019). https://doi.org/10.1109/ACCESS.2019.2903554
Porru, S., Pinna, A., Marchesi, M., Tonelli, R.: Blockchain-oriented software engineering: challenges and new directions. In: 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C), pp. 169–171 (2017). https://doi.org/10.1109/icse-c.2017.142
Bosu, A., Iqbal, A., Shahriyar, R., Chakraborty, P.: Understanding the motivations, challenges and needs of blockchain software developers: a survey. Empir. Softw. Eng. 24(4), 2636–2673 (2019). https://doi.org/10.1007/s10664-019-09708-7
Popper, N.: A hacking of more than $50 million dashes hopes in the world of virtual currency. The New York Times. June 17th (2016)
Destefanis, G., Marchesi, M., Ortu, M., Tonelli, R., Bracciali, A., Hierons, R.: Smart contracts vulnerabilities: a call for blockchain software engineering? In: 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), pp. 19–25 (2018). https://doi.org/10.1109/IWBOSE.2018.8327567
Lantz, L., Cawrey, D.: Mastering Blockchain: Unlocking the Power of Cryptocurrencies, Smart Contracts, and Decentralized Applications. O’Reilly (2020)
Antonopoulos, A.M.: Mastering Bitcoin: Programming the Open Blockchain, 2nd edn. O’Reilly, Sebastopol (2017)
Buterin, V.: Ethereum whitepaper. https://ethereum.org/en/whitepaper/ (2013). Accessed: 06/2023
Antonopoulos, A.M., Wood, G.: Mastering Ethereum: Building Smart Contracts and Dapps. O’Reilly, Sebastopol (2018)
Goodman, L.M.: Tezos whitepaper (2014). https://tezos.com/whitepaper.pdf
Allombert, V., Bourgoin, M., Tesson, J.: Introduction to the Tezos blockchain. In: 2019 International Conference on High Performance Computing and Simulation (HPCS), pp. 1–10 (2019). https://doi.org/10.1109/hpcs48598.2019.9188227
Hyperledger: Hyperledger fabric documentation. https://hyperledger-fabric.readthedocs.io/en/release-2.2/blockchain.html#what-is-hyperledger-fabric. Accessed: 10/2022
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., Muralidharan, S., Murthy, C., Nguyen, B., Sethi, M., Singh, G., Smith, K., Sorniotti, A., Stathakopoulou, C., Vukolić, M., Cocco, S.W., Yellick, J.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference. EuroSys ’18. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3190508.3190538
Tendermint: What is tendermint. https://docs.tendermint.com/v0.33/introduction/what-is-tendermint.html (2020). Accessed: 10/2022
Buchman, E.: Tendermint: Byzantine fault tolerance in the age of blockchains. PhD thesis, University of Guelph (2016)
Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982). https://doi.org/10.1145/357172.357176
Aggarwal, S., Kumar, N.: Introduction to blockchain. In: The Blockchain Technology for Secure and Smart Applications Across Industry Verticals. Advances in Computers, vol. 121, pp. 211–226. Elsevier, Amsterdam (2021)
Marijan, D., Lal, C.: Blockchain verification and validation: techniques, challenges, and research directions. Comput. Sci. Rev. 45, 100492 (2022). https://doi.org/10.1016/j.cosrev.2022.100492
Piscitello, D.M., Chapin, A.L.: Open Systems Networking: TCP/IP and OSI. Addison-Wesley Professional Computing Series. Addison-Wesley Publishing Company, Reading (1993)
Robinson, P.: Survey of crosschain communications protocols. Comput. Netw. 200, 108488 (2021). https://doi.org/10.1016/j.comnet.2021.108488
Hassan, S., De Filippi, P.: Decentralized autonomous organization. Int. Policy Rev. 10(2), 1–10 (2021). https://doi.org/10.14763/2021.2.1556
Min, T., Wang, H., Guo, Y., Cai, W.: Blockchain games: a survey. In: 2019 IEEE Conference on Games (CoG), pp. 1–8 (2019). https://doi.org/10.1109/cig.2019.8848111
Min, T., Cai, W.: A security case study for blockchain games. In: 2019 IEEE Games, Entertainment, Media Conference (GEM), pp. 1–8 (2019). https://doi.org/10.1109/gem.2019.8811555
Fowler, M., Foemmel, M.: Continuous Integration (2006)
Mahdi, H., Miraz, M.A.: Blockchain enabled smart contract based applications: deficiencies with the software development life cycle models. Baltica 33, 101–116 (2020)
Bosu, A., Iqbal, A., Shahriyar, R., Chakraborty, P.: Understanding the motivations, challenges and needs of blockchain software developers: a survey. Empir. Softw. Eng. 24(4), 2636–2673 (2019). https://doi.org/10.1007/s10664-019-09708-7
Olivieri, L., Tagliaferro, F., Arceri, V., Ruaro, M., Negrini, L., Cortesi, A., Ferrara, P., Spoto, F., Talin, E.: Ensuring determinism in blockchain software with GoLiSA: an industrial experience report. In: Proceedings of the 11th ACM SIGPLAN International Workshop on the State of the Art in Program Analysis. SOAP 2022, pp. 23–29. Association for Computing Machinery, New York (2022). https://doi.org/10.1145/3520313.3534658
Olivieri, L., Negrini, L., Arceri, V., Tagliaferro, F., Ferrara, P., Cortesi, A., Spoto, F.: Information flow analysis for detecting non-determinism in blockchain. In: Ali, K., Salvaneschi, G. (eds.) 37th European Conference on Object-Oriented Programming (ECOOP 2023). Leibniz International Proceedings in Informatics (LIPIcs), vol. 263, pp. 1–25. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Dagstuhl (2023). https://doi.org/10.4230/LIPIcs.ECOOP.2023.23
Interchain Foundation: Cosmos network. https://cosmos.network/ (2024). Accessed 04/2024
Liu, J., Liu, Z.: A survey on security verification of blockchain smart contracts. IEEE Access 7, 77894–77904 (2019). https://doi.org/10.1109/ACCESS.2019.2921624
Zhang, R., Xue, R., Liu, L.: Security and privacy on blockchain. ACM Comput. Surv. 52(3), 1–34 (2019). https://doi.org/10.1145/3316481
Guo, H., Yu, X.: A survey on blockchain technology and its security. Blockchain: Res. Appl. 3(2), 100067 (2022). https://doi.org/10.1016/j.bcra.2022.100067
Julien Bertrane, J., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Rival, X.: Static analysis by abstract interpretation of embedded critical software. SIGSOFT Softw. Eng. Notes 36(1), 1–8 (2011). https://doi.org/10.1145/1921532.1921553
Chakraborty, P., Shahriyar, R., Iqbal, A., Bosu, A.: Understanding the software development practices of blockchain projects: a survey. In: Proceedings of the 12th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement. ESEM ’18. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3239235.3240298
Patrick, C.: Principles of Abstract Interpretation. MIT Press Academic, Cambridge (2021)
Rival, X., Yi, K.: Introduction to Static Analysis: An Abstract Interpretation Perspective. Mit Press, Cambridge (2020)
Clarke, E.M. Jr., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (1999)
Gallier, J.H.: Logic for Computer Science: Foundations of Automatic Theorem Proving. Courier Dover Publications, Mineola (2015)
Hähnle, R., Huisman, M.: Deductive software verification: from pen-and-paper proofs to industrial tools. In: Computing and Software Science: State of the Art and Perspectives, pp. 345–373 (2019). https://doi.org/10.1007/978-3-319-91908-9_18
Murray, Y., Anisi, D.A.: Survey of formal verification methods for smart contracts on blockchain. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6 (2019). https://doi.org/10.1109/NTMS.2019.8763832
Schneidewind, C., Grishchenko, I., Scherer, M., Maffei, M.: eThor: practical and provably sound static analysis of Ethereum smart contracts. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. CCS ’20, pp. 621–640. Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3372297.3417250
Wesley, S., Christakis, M., Navas, J.A., Trefler, R., Wüstholz, V., Gurfinkel, A.: Verifying solidity smart contracts via communication abstraction in smartACE. In: Finkbeiner, B., Wies, T. (eds.) Verification, Model Checking, and Abstract Interpretation, pp. 425–449. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-94583-1_21
Otoni, R., Marescotti, M., Alt, L., Eugster, P., Hyvärinen, A., Sharygina, N.: A solicitous approach to smart contract verification. ACM Trans. Priv. Secur. 26(2), 1–28 (2023). https://doi.org/10.1145/3564699
Hoare, C.A.R.: An axiomatic basis for computer programming. Commun. ACM 12(10), 576–580 (1969). https://doi.org/10.1145/363235.363259
Barrett, C., Tinelli, C.: Satisfiability modulo theories. In: Handbook of Model Checking, pp. 305–343 (2018)
Ferrara, P., Negrini, L., Arceri, V., Cortesi, A.: Static analysis for dummies: experiencing LiSA. In: Proceedings of the 10th ACM SIGPLAN International Workshop on the State of the Art in Program Analysis. Soap 2021, pp. 1–6. Association for Computing Machinery, New York (2021). https://doi.org/10.1145/3460946.3464316
Marchesi, L., Marchesi, M., Tonelli, R.: ABCDE – agile block chain DApp engineering. Blockchain: Res. Appl. 1(1), 100002 (2020). https://doi.org/10.1016/j.bcra.2020.100002
Marchesi, L., Marchesi, M., Pompianu, L., Tonelli, R.: Security checklists for Ethereum smart contract development: patterns and best practices (2020). https://doi.org/10.48550/arXiv.2008.04761
Baralla, G., Pinna, A., Corrias, G.: Ensure traceability in European food supply chain by using a blockchain system. In: 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pp. 40–47 (2019). https://doi.org/10.1109/WETSEB.2019.00012
Mudge, N.: ERC-2535: diamonds, multi-facet proxy. https://eips.ethereum.org/EIPS/eip-2535. Accessed: 06/2023
OpenZeppelin: Proxy upgrade pattern. https://docs.openzeppelin.com/upgrades-plugins/1.x/proxies. Accessed: 06/2023
Fabric, H.: Upgrade a chaincode. https://hyperledger-fabric.readthedocs.io/en/release-2.5/chaincode_lifecycle.html#upgrade-a-chaincode (2023). Accessed 02/2024
Olivieri, L., Spoto, F., Tagliaferro, F.: On-chain smart contract verification over tendermint. In: 5th Wokshop on Trusted Smart Contracts (WTSC’21). Lecture Notes in Computer Science, vol. 12676, pp. 333–347. Springer, Berlin (2021). https://doi.org/10.1007/978-3-662-63958-0_28
Arceri, V., Dolcetti, G., Zaffanella, E.: Speeding up static analysis with the split operator. In: Proceedings of the 12th ACM SIGPLAN International Workshop on the State of the Art in Program Analysis. SOAP 2023, pp. 14–19. Association for Computing Machinery, New York (2023). https://doi.org/10.1145/3589250.3596141
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) Principles of Security and Trust, pp. 164–186. Springer, Berlin (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Yamashita, K., Nomura, Y., Zhou, E., Pi, B., Jun, S.: Potential risks of hyperledger fabric smart contracts. In: 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE), pp. 1–10 (2019). https://doi.org/10.1109/iwbose.2019.8666486
Barboni, M., Morichetta, A., Polini, A.: Smart contract testing: challenges and opportunities. In: Proceedings of the 5th International Workshop on Emerging Trends in Software Engineering for Blockchain. WETSEB ’22, pp. 21–24. Association for Computing Machinery, New York (2023). https://doi.org/10.1145/3528226.3528370
Olivieri, L., Jensen, T., Negrini, L., Spoto, F.: MichelsonLiSA: a static analyzer for Tezos. In: 2023 IEEE International Conference on Pervasive Computing and Communications Workshops and Other Affiliated Events (PerCom Workshops), pp. 80–85 (2023). https://doi.org/10.1109/PerComWorkshops56833.2023.10150247
Olivieri, L., Negrini, L., Arceri, V., Jensen, T., Spoto, F.: Design and implementation of static analyses for Tezos smart contracts. Distrib. Ledger Technol. (2024). Just Accepted. https://doi.org/10.1145/3643567
MITRE: CVE-2010-5139. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5139 (2010). Accessed: 06/2023
MITRE: CVE-2018-11687. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11687 (2018). Accessed: 06/2023
MITRE: CVE-2018-10299. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10299 (2018). Accessed: 06/2023
Lv, Z., Wu, D., Yang, W., Duan, L.: Attack and protection schemes on fabric isomorphic crosschain systems. Int. J. Distrib. Sens. Netw. 18(1), 15501477211059945 (2022)
Negrini, L., Ferrara, P., Arceri, V., Cortesi, A.: Lisa: a generic framework for multilanguage static analysis. In: Proceedings of 1st Challenges of Software Verification (2023). https://doi.org/10.1007/978-981-19-9601-6_2
Buro, S., Crole, R., Mastroeni, I.: On multi-language abstraction: towards a static analysis of multi-language programs. Form. Methods Syst. Des., 1–35 (2023). https://doi.org/10.1007/s10703-022-00405-8
Ferrara, P., Negrini, L.: Sarl: OO framework specification for static analysis. In: Software Verification, pp. 3–20. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-63618-0_1
Bartoletti, M., Benetollo, L., Bugliesi, M., Crafa, S., Sasso, G.D., Pettinau, R., Pinna, A., Piras, M., Rossi, S., Salis, S., et al.: Smart contract languages: a comparative analysis (2024). arXiv preprint arXiv:2404.04129. https://doi.org/10.48550/arXiv.2404.04129
IOTA: EVM smart contracts. https://wiki.iota.org/isc/getting-started/languages-and-vms/#evm-smart-contracts (2024). Accessed 02/2024
Alshaikhli, M., Elfouly, T., Elharrouss, O., Mohamed, A., Ottakath, N.: Evolution of Internet of Things from blockchain to IOTA: a survey. IEEE Access 10, 844–866 (2021). https://doi.org/10.1109/ACCESS.2021.3138353
ArcheType. https://archetype-lang.org/ (2024). Accessed 04/2024
LIGO: LIGO documentation. https://ligolang.org/ (2024). Accessed 04/2024
SmartPy. https://smartpy.io/docs/ (2024). Accessed 04/2024
Nomadic Labs: Michelson: the language of smart contracts in Tezos. https://tezos.gitlab.io/active/michelson.html#michelson-the-language-of-smart-contracts-in-tezos (2023). Accessed 04/2023
World Wide Web Consortium: WebAssembly overview. https://webassembly.org (2024). Accessed 04/2024
CosmWasm: CosmWasm book. https://book.cosmwasm.com/ (2024). Accessed 04/2024
Parity Technologies: Ink! documentation. https://paritytech.github.io/ink-docs/why-rust-for-smart-contracts (2024). Accessed 04/2024
Web3 Foundation: Polkadot network. https://polkadot.network/ (2024). Accessed 04/2024
IOTA: Wasm VM for ISC. https://wiki.iota.org/isc/getting-started/languages-and-vms/#wasm-vm-for-isc (2024). Accessed 02/2024
Genet, T., Jensen, T., Sauvage, J.: Termination of Ethereum’s smart contracts. In: Proceedings of the 17th International Joint Conference on e-Business and Telecommunications – SECRYPT, pp. 39–51. SciTePress, Setúbal (2020). INSTICC. https://doi.org/10.5220/0009564100390051
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 151(2014), 1–32 (2014)
Kiayias, A., Miller, A., Zindros, D.: Non-interactive proofs of proof-of-work. In: Financial Cryptography and Data Security: 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10–14, 2020. Revised Selected Papers, vol. 24, pp. 505–522. Springer, Berlin (2020). https://doi.org/10.1007/978-3-030-51280-4_27
Maung Maung Thin, W.Y., Dong, N., Bai, G., Dong, J.S.: Formal analysis of a proof-of-stake blockchain. In: 2018 23rd International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 197–200 (2018). https://doi.org/10.1109/ICECCS2018.2018.00031
Yoo, J., Jung, Y., Shin, D., Bae, M., Jee, E.: Formal modeling and verification of a federated Byzantine agreement algorithm for blockchain platforms. In: 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE), pp. 11–21 (2019). https://doi.org/10.1109/IWBOSE.2019.8666514
Foundation, S.D.: Intro to stellar. https://stellar.org/learn/intro-to-stellar. Accessed 05/2024
Kawahara, R.: Verification of customizable blockchain consensus rule using a formal method. In: 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp. 1–3 (2020). https://doi.org/10.1109/ICBC48266.2020.9169472
European Parliament and the Council: Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (Data Act). Document 32023R2854. PE/49/2023/REV/1 OJ L, 2023/2854, 22.12.2023, ELI: http://data.europa.eu/eli/reg/2023/2854/oj (2023)
European Parliament and the Council: Consolidated text: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance). Document 02016R0679-20160504. ELI: http://data.europa.eu/eli/reg/2016/679/2016-05-04 (2016)
Olivieri, L., Pasetto, L.: Towards compliance of smart contracts with the European Union data act. In: 5th Workshop on Artificial Intelligence and Formal Verification, Logic, Automata, and Synthesis (OVERLAY 2023). CEUR Workshop Proceedings, vol. 3629, pp. 61–66 (2024). https://ceur-ws.org/Vol-3629/paper10.pdf
Haque, A.B., Islam, A.K.M.N., Hyrynsalmi, S., Naqvi, B., Smolander, K.: GDPR compliant blockchains–a systematic literature review. IEEE Access 9, 50593–50606 (2021). https://doi.org/10.1109/ACCESS.2021.3069877
Molina, F., Betarte, G., Luna, C.: Design principles for constructing GDPR-compliant blockchain solutions. In: 2021 IEEE/ACM 4th International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pp. 1–8 (2021). https://doi.org/10.1109/WETSEB52558.2021.00008
Tauqeer, A., Kurteva, A., Chhetri, T.R., Ahmeti, A., Fensel, A.: Automated GDPR contract compliance verification using knowledge graphs. Information 13(10), 447 (2022). https://doi.org/10.3390/info13100447
Chhetri, T.R., Kurteva, A., DeLong, R.J., Hilscher, R., Korte, K., Fensel, A.: Data protection by design tool for automated GDPR compliance verification based on semantically modeled informed consent. Sensors 22(7), 2763 (2022). https://doi.org/10.3390/s22072763
Ferrara, P., Spoto, F.: Static analysis for GDPR compliance. In: CEUR Workshop Proceedings – Proceedings of ITASEC ’18, vol. 2058, pp. 1–10 (2018). https://ceur-ws.org/Vol-2058/paper-10.pdf
Ferrara, P., Olivieri, L., Spoto, F.: Tailoring taint analysis to GDPR. In: Medina, M., Mitrakas, A., Rannenberg, K., Schweighofer, E., Tsouroulas, N. (eds.) Privacy Technologies and Policy, pp. 63–76. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02547-2_4
Ferrara, P., Olivieri, L., Spoto, F.: Static privacy analysis by flow reconstruction of tainted data. Int. J. Softw. Eng. Knowl. Eng. 31(7), 973–1016 (2021). https://doi.org/10.1142/S0218194021500303
Hewa, T., Ylianttila, M., Liyanage, M.: Survey on blockchain based smart contracts: applications, opportunities and challenges. J. Netw. Comput. Appl. 177, 102857 (2021). https://doi.org/10.1016/j.jnca.2020.102857
Zheng, Z., Xie, S., Dai, H.-N., Chen, W., Chen, X., Weng, J., Imran, M.: An overview on smart contracts: challenges, advances and platforms. Future Gener. Comput. Syst. 105, 475–491 (2020). https://doi.org/10.1016/j.future.2019.12.019
Khan, S.N., Loukil, F., Ghedira-Guegan, C., Benkhelifa, E., Bani-Hani, A.: Blockchain smart contracts: applications, challenges, and future trends. Peer-to-Peer Netw. Appl. 14, 2901–2925 (2021). https://doi.org/10.1007/s12083-021-01127-0
Fotiou, N., Polyzos, G.C.: Smart contracts for the Internet of Things: opportunities and challenges. In: 2018 European Conference on Networks and Communications (EuCNC), pp. 256–260 (2018). https://doi.org/10.1109/EuCNC.2018.8443212
Zou, W., Lo, D., Kochhar, P.S., Le, X.-B.D., Xia, X., Feng, Y., Chen, Z., Xu, B.: Smart contract development: challenges and opportunities. IEEE Trans. Softw. Eng. 47(10), 2084–2106 (2021). https://doi.org/10.1109/TSE.2019.2942301
Bosu, A., Iqbal, A., Shahriyar, R., Chakraborty, P.: Understanding the motivations, challenges and needs of blockchain software developers: a survey. Empir. Softw. Eng. 24(4), 2636–2673 (2019). https://doi.org/10.1007/s10664-019-09708-7
Singh, A., Parizi, R.M., Zhang, Q., Choo, K.-K.R., Dehghantanha, A.: Blockchain smart contracts formalization: approaches and challenges to address vulnerabilities. Comput. Secur. 88, 101654 (2020). https://doi.org/10.1016/j.cose.2019.101654
Krichen, M., Lahami, M., Al–Haija, Q.A.: Formal methods for the verification of smart contracts: a review. In: 2022 15th International Conference on Security of Information and Networks (SIN), pp. 01–08 (2022). https://doi.org/10.1109/SIN56466.2022.9970534
Marijan, D., Lal, C.: Blockchain verification and validation: techniques, challenges, and research directions. Comput. Sci. Rev. 45, 100492 (2022). https://doi.org/10.1016/j.cosrev.2022.100492
Lin, I.-C., Liao, T.-C.: A survey of blockchain security issues and challenges. Int. J. Netw. Secur. 19(5), 653–659 (2017)
Islam, M.R., Rahman, M.M., Mahmud, M., Rahman, M.A., Mohamad, M.H.S., Embong, A.H.: A review on blockchain security issues and challenges. In: 2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC), pp. 227–232 (2021). https://doi.org/10.1109/ICSGRC53186.2021.9515276
Magazzeni, D., McBurney, P., Nash, W.: Validation and verification of smart contracts: a research agenda. Computer 50(9), 50–57 (2017). https://doi.org/10.1109/MC.2017.3571045
Koul, R.: Blockchain oriented software testing – challenges and approaches. In: 2018 3rd International Conference for Convergence in Technology (I2CT), pp. 1–6 (2018). https://doi.org/10.1109/I2CT.2018.8529728
Funding
Open access funding provided by Università degli Studi di Verona within the CRUI-CARE Agreement. Work partially supported by SERICS (PE00000014 – CUP H73C2200089001) and iNEST (ECS00000043 – CUP H43C22000540006) funded by PNRR Next Generation EU.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Olivieri, L., Spoto, F. Software verification challenges in the blockchain ecosystem. Int J Softw Tools Technol Transfer (2024). https://doi.org/10.1007/s10009-024-00758-x
Accepted:
Published:
DOI: https://doi.org/10.1007/s10009-024-00758-x