Advertisement

Verification of Smart Contract Business Logic

Exploiting a Java Source Code Verifier
  • Wolfgang AhrendtEmail author
  • Richard Bubel
  • Joshua Ellul
  • Gordon J. Pace
  • Raúl Pardo
  • Vincent Rebiscoul
  • Gerardo Schneider
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11761)

Abstract

Smart contracts have been argued to be a means of building trust between parties by providing a self-executing equivalent of legal contracts. And yet, code does not always perform what it was originally intended to do, which resulted in losses of millions of dollars. Static verification of smart contracts is thus a pressing need. This paper presents an approach to verifying smart contracts written in Solidity by automatically translating Solidity into Java and using KeY, a deductive Java verification tool. In particular, we solve the problem of rolling back the effects of aborted transactions by exploiting KeY’s native support of JavaCard transactions. We apply our approach to a smart contract which automates a casino system, and discuss how the approach addresses a number of known shortcomings of smart contract development in Solidity.

References

  1. 1.
    Abdellatif, T., Brousmiche, K.: Formal verification of smart contracts based on users and blockchain behaviors models. In: NTMS 2018, pp. 1–5 (2018)Google Scholar
  2. 2.
    Ahrendt, W., Beckert, B., Bubel, R., Hähnle, R., Schmitt, P.H., Ulbrich, M. (eds.): Deductive Software Verification - The KeY Book. LNCS, vol. 10001. Springer, New York (2016).  https://doi.org/10.1007/978-3-319-49812-6CrossRefGoogle Scholar
  3. 3.
    Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54455-6_8CrossRefGoogle Scholar
  4. 4.
    Bai, X., Cheng, Z., Duan, Z., Hu, K.: Formal modeling and verification of smart contracts. In: ICSCA 2018, pp. 322–326 (2018)Google Scholar
  5. 5.
    Bhargavan, K., et al.: Formal verification of smart contracts: Short paper. In: PLAS 2016, ACM (2016)Google Scholar
  6. 6.
    Delmolino, K., Arnett, M., Kosba, A., Miller, A., Shi, E.: Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 79–94. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53357-4_6CrossRefGoogle Scholar
  7. 7.
    Everts, M., Muller, F.: Will that smart contract really do what you expect it to do? White paper (2018)Google Scholar
  8. 8.
    Fröwis, M., Böhme, R.: In code we trust? – measuring the control flow immutability of all smart contracts deployed on Ethereum. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds.) ESORICS/DPM/CBT 2017. LNCS, vol. 10436, pp. 357–372. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-67816-0_20CrossRefGoogle Scholar
  9. 9.
    Grishchenko, I., Maffei, M., Schneidewind, C.: A semantic framework for the security analysis of Ethereum smart contracts. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 243–269. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89722-6_10CrossRefGoogle Scholar
  10. 10.
    Hildenbrandt, E., et al.: KEVM: a complete semantics of the Ethereum virtual machine. White paper (2017)Google Scholar
  11. 11.
    Hirai, Y.: Defining the Ethereum virtual machine for interactive theorem provers. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 520–535. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70278-0_33CrossRefGoogle Scholar
  12. 12.
    Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: a behavioral interface specification language for Java. ACM SIGSOFT Softw. Eng. Notes 31(3), 1–38 (2006)CrossRefGoogle Scholar
  13. 13.
    Luu, L., Chu, D., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: CCS 2016, pp. 254–269 (2016)Google Scholar
  14. 14.
    Mueller, B.: Smashing Ethereum smart contracts for fun and real profit. In: HITB SECCONF Amsterdam (2018)Google Scholar
  15. 15.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. White Paper (2009). https://bitcoin.org/bitcoin.pdf
  16. 16.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151, pp. 1–32 (2014)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  • Wolfgang Ahrendt
    • 1
    Email author
  • Richard Bubel
    • 2
  • Joshua Ellul
    • 3
  • Gordon J. Pace
    • 3
  • Raúl Pardo
    • 4
  • Vincent Rebiscoul
    • 5
  • Gerardo Schneider
    • 6
  1. 1.Chalmers University of TechnologyGothenburgSweden
  2. 2.Technische Universität DarmstadtDarmstadtGermany
  3. 3.University of MaltaMsidaMalta
  4. 4.InriaLyonFrance
  5. 5.Ècole Normale Supèrieure de LyonLyonFrance
  6. 6.University of GothenburgGothenburgSweden

Personalised recommendations