Computing Exact Worst-Case Gas Consumption for Smart Contracts
The Ethereum platform is a public, distributed, blockchain-based database that is maintained by independent parties. A user interacts with Ethereum by writing programs and having miners execute them for a fee charged on-the-fly based on the complexity of the execution. The exact fee, measured in gas consumption, in general depends on the unknown Ethereum state, and predicting even its worst case is in principle undecidable. Uncertainty in gas consumption may result in inefficiency, loss of money, and, in extreme cases, in funds being locked for an indeterminate duration. This feasibility study presents two methods for determining the exact worst-case gas consumption of a bounded Ethereum execution using methods influenced by symbolic model checking. We give several concrete cases where gas consumption estimation is needed, and provide two approaches for determining gas consumption, one based on symbolically enumerating execution paths, and the other based on computing paths modularly based on the program structure.
This work has been supported by the SNSF project 166288. The authors would like to thank Leonardo Alt for the useful discussions about Solidity language and compiler, and Michael Huth for his insights into distributed ledger systems.
- 1.GovernMental’s 1100 ETH jackpot payout is stuck because it uses too much gas (2017). https://www.reddit.com/r/ethereum/comments/4ghzhv/governmentals_1100_eth_jackpot_payout_is_stuck/
- 4.Buterin, V., et al.: A next-generation smart contract and decentralized application platform. White paper (2014). https://github.com/ethereum/wiki/wiki/White-Paper
- 5.Chen, T., Li, X., Luo, X., Zhang, X.: Under-optimized smart contracts devour your money. In: IEEE 24th International Conference on Software Analysis, Evolution and Reengineering, SANER 2017, Klagenfurt, Austria, pp. 442–446 (2017)Google Scholar
- 8.Fedyukovich, G., D’Iddio, A.C., Hyvärinen, A.E.J., Sharygina, N.: Symbolic detection of assertion dependencies for bounded model checking. In: Egyed, A., Schaefer, I. (eds.) FASE 2015. LNCS, vol. 9033, pp. 186–201. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46675-9_13CrossRefGoogle Scholar
- 11.Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: NDSS (2018)Google Scholar
- 12.Lundbæk, L.N., Beutel, D.J., Huth, M., Kirk, L.: Practical proof of kernel work & distributed adaptiveness (2017). https://www.xain.io/pdf/XAIN_Yellow_Paper.pdf
- 13.Lundbæk, L.-N., Callia D’Iddio, A., Huth, M.: Centrally governed blockchains: optimizing security, cost, and availability. In: Aceto, L., Bacci, G., Bacci, G., Ingólfsdóttir, A., Legay, A., Mardare, R. (eds.) Models, Algorithms, Logics and Tools. LNCS, vol. 10460, pp. 578–599. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63121-9_29CrossRefGoogle Scholar
- 14.Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269. ACM (2016)Google Scholar
- 17.Szabo, N.: Smart contracts (1994). http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart.contracts.html
- 18.Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Paper 151, 1–32 (2014)Google Scholar