Advertisement

Smart Contract Programming Languages on Blockchains: An Empirical Evaluation of Usability and Security

  • Reza M. PariziEmail author
  • Amritraj
  • Ali Dehghantanha
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10974)

Abstract

Blockchain is a promising infrastructural technology that is finding its way into a growing number of domains like big data, finance, and medical. While blockchain has come to be thought of primarily as the foundation for Bitcoin, it has evolved far beyond underpinning the virtual currency. As it becomes progressively popular, the need for effective programming means would be more demanding. Blockchain programming as a core means provides accounts of the ‘code is law’ that specifies agreements between parties and allows its stakeholders to still trust the platform to execute the agreed-upon contract (known as smart contract) as expected. Although it seems straightforward in theory, it is hardly the case when it comes to real-life situations. There have been several instances that show smart contracts are riddled with issues and vulnerabilities in code, causing damages. What’s for sure is lacking is that the existing languages are not living up to the point to be able to unleash the full potential of the blockchain, as often have resulted in buggy code with a steep learning curve for developers. This denotes that the current research on contract development is not sufficient and is still in a stage of infancy. In order to advance the state of the research in this area, an evaluation of the current state-of-the-art practices in a thorough and experimental manner is required. Thus, the objective of this paper is to give a comprehensive analysis of such domain-specific programming practices from critical points of usability and security to provide a working guideline for newcomers and researchers.

Keywords

Blockchain Blockchain coding Smart contract platforms Smart contract programming Decentralized computing and development 

References

  1. 1.
    Peck, M.E.: Blockchains: how they work and why they’ll change the world. IEEE spectrum (2017)Google Scholar
  2. 2.
    Cuccuru, P.: Beyond bitcoin: An early overview on smart contracts. Int. J. Law Inf. Technol. 25, 179–195 (2017)Google Scholar
  3. 3.
  4. 4.
  5. 5.
    Hern, A.: “$300 M in Cryptocurrency” Accidentally Lost Forever Due To Bug. https://www.theguardian.com/technology/2017/nov/08/cryptocurrency-300m-dollars-stolen-bug-ether
  6. 6.
    Ethereum Project. https://www.ethereum.org/
  7. 7.
  8. 8.
    Popejoy, S.: The pact smart-contract language (v1.5), pp. 1–15 (2017)Google Scholar
  9. 9.
  10. 10.
    Liquidity, a simple language over Michelson. https://github.com/OCamlPro/liquidity/blob/master/docs/liquidity.md
  11. 11.
  12. 12.
    OCaml Documentation. https://ocaml.org/docs/
  13. 13.
    Ii, S.: Michelson : the language of Smart Contracts in I - SemanticsGoogle Scholar
  14. 14.
    Liquidity Online Editor. http://www.liquidity-lang.org/edit/
  15. 15.
    Kitchenham, B.A., Pfleeger, S.L., Pickard, L.M., Jones, P.W., Hoaglin, D.C., El Emam, K., Rosenberg, J.: Preliminary guidelines for empirical research in software engineering. IEEE Trans. Softw. Eng. 28, 721–734 (2002)Google Scholar
  16. 16.
    Guimaraes, G.: Reentrancy attack on smart contracts: how to identify the exploitable and an example of an attack contract. https://medium.com/@gus_tavo_guim/reentrancy-attack-on-smart-contracts-how-to-identify-the-exploitable-and-an-example-of-an-attack-4470a2d8dfe4
  17. 17.
    Martinsson, F.: Smart contract programming on Ethereum - solidity beginners tutorial part 2. https://www.youtube.com/watch?v=F4XQFEievJI
  18. 18.
    Konstantopoulos, G.: How to secure your smart contracts: 6 solidity vulnerabilities and how to avoid them (Part 2). https://medium.com/loom-network/how-to-secure-your-smart-contracts-6-solidity-vulnerabilities-and-how-to-avoid-them-part-2-730db0aa4834
  19. 19.
  20. 20.
    Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security – CCS 2016, pp. 254–269 (2016)Google Scholar
  21. 21.
  22. 22.
  23. 23.
  24. 24.
    Omohundro, S.: Cryptocurrencies, smart contracts, and artificial intelligence. AI Matters 1, 19–21 (2014)Google Scholar
  25. 25.
    Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts (SoK), pp. 1–24 (2017)Google Scholar
  26. 26.
    Macdonald, M., Liu-Thorrold, L., Julien, R.: The blockchain: a comparison of platforms and their uses beyond bitcoin. Work. Pap., pp. 1–18 (2017)Google Scholar
  27. 27.
  28. 28.
    Intel: Intel: Sawtooth Lake. https://intelledger.github.io/
  29. 29.
    BlockStream Sidechain Elements. https://blockstream.com/technology/
  30. 30.
    Documentation for Eris. https://abal.moe/Eris/docs
  31. 31.
    Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns (2017)Google Scholar
  32. 32.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system, p. 9 (2008). www.Bitcoin.Org
  33. 33.
    Buterin, V.: A next-generation smart contract and decentralized application platform. http://buyxpr.com/build/pdfs/EthereumWhitePaper.pdf
  34. 34.
    Counterparty: Protocol Specification. https://counterparty.io/docs/protocol_specification/
  35. 35.
  36. 36.
  37. 37.
  38. 38.
    Anderson, L., Holz, R., Ponomarev, A., Rimba, P., Weber, I.: New kids on the block: an analysis of modern blockchains (2016)Google Scholar
  39. 39.
    Seijas, P.L., Thompson, S., McAdams, D.: Scripting smart contracts for distributed ledger technology. Cryptology ePrint Archive, Report 2016/1156 (2016). http://eprint.iacr.org/2016/1156
  40. 40.
    Bhargavan, K., Swamy, N., Zanella-Béguelin, S., Delignat-Lavaud, A., Fournet, C., Gollamudi, A., Gonthier, G., Kobeissi, N., Kulatova, N., Rastogi, A., Sibut-Pinote, T.: Formal verification of smart contracts. In: Proceedings of 2016 ACM Workshop on Programming Languages and Analysis for Security – PLAS 2016, pp. 91–96 (2016)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Software Engineering and Game DevelopmentKennesaw State UniversityKennesawUSA
  2. 2.Department of Computer ScienceUniversity of SheffieldSheffieldUK

Personalised recommendations