Advertisement

Formal Verification of Smart Contracts from the Perspective of Concurrency

  • Meixun Qu
  • Xin Huang
  • Xu Chen
  • Yi Wang
  • Xiaofeng Ma
  • Dawei Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11373)

Abstract

Blockchain is an emerging technology with broad applications. As an important application of the blockchain, smart contracts can formulate trading rules to manage thousands of virtual currencies. Nowadays, the IoT (Internet of Things) combined with blockchain has become a new trend and smart contract can implement different transaction demands for IoT-blockchain systems. Once there exits vulnerability in the smart contract program, the security of the virtual currency will not be guaranteed. However, ensuring the security of smart contracts is never an easy task. On the one hand, existing smart contracts cannot identify fake users or malicious programs, which is difficult to be regulated at present; on the other hand, smart contracts involving in multiple trading users are very similar to shared-memory concurrent programs. To deal with these problems, this study uses formal verification methods, adopting the Communicating Sequence Processes (CSP) theory to formally model concurrent programs. Then the FDR (Failure Divergence Refinement), a refinement checker or model checker for CSP, is utilized to successfully detect the vulnerability regarding concurrency in one smart contract public in Ethereum. The results show the potential advantage of using CSP and FDR tool to check the vulnerability in smart contracts especially from the perspective of concurrency.

Keywords

Blockchain Smart contracts Concurrency CSP theory FDR 

Notes

Acknowledgment

This work was supported by the XJTLU research development fund projects under Grant RDF140243 and Grant RDF150246, in part by the National Natural Science Foundation of China under Grant No. 61701418, in part by Innovation Projects of The Next Generation Internet Technology under Grant NGII20170301, in part by the Suzhou Science and Technology Development Plan under Grant SYG201516, and in part by the Jiangsu Province National Science Foundation under Grant BK20150376.

References

  1. 1.
    Sergey, I., Hobor, A.: A concurrent perspective on smart contracts. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 478–493. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70278-0_30CrossRefGoogle Scholar
  2. 2.
    Filliâtre, J.-C., Paskevich, A.: Why3—where programs meet provers. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 125–128. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-37036-6_8CrossRefGoogle Scholar
  3. 3.
    Swamy, N., Hriţcu, C., Keller, C., et al.: Dependent types and multi-monadic effects in F. ACM SIGPLAN Notices 51(1), 256–270 (2016)CrossRefGoogle Scholar
  4. 4.
    Luu, L., Chu, D.H., Olickel, H., et al.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269. ACM (2016)Google Scholar
  5. 5.
    Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54455-6_8CrossRefGoogle Scholar
  6. 6.
    Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978)CrossRefGoogle Scholar
  7. 7.
    Roscoe, A.W.: Understanding Concurrent Systems. Springer, London (2010).  https://doi.org/10.1007/978-1-84882-258-0CrossRefzbMATHGoogle Scholar
  8. 8.
    Faber, J., Jacobs, S., Sofronie-Stokkermans, V.: Verifying CSP-OZ-DC specifications with complex data types and timing parameters. In: Davies, J., Gibbons, J. (eds.) IFM 2007. LNCS, vol. 4591, pp. 233–252. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73210-5_13CrossRefGoogle Scholar
  9. 9.
    Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-61042-1_43CrossRefGoogle Scholar
  10. 10.

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Meixun Qu
    • 1
  • Xin Huang
    • 1
  • Xu Chen
    • 2
  • Yi Wang
    • 3
  • Xiaofeng Ma
    • 3
  • Dawei Liu
    • 1
  1. 1.Xi’an Jiaotong-Liverpool UniversitySuzhouChina
  2. 2.Tongji Blockchain Research InstituteSuzhouChina
  3. 3.Tongji UniversityShanghaiChina

Personalised recommendations