Abstract
In this paper we consider the software architecture of InnoChain, a distributed ledger system (DLS) with 5 levels of formal verification, including a formally-verified underlying operating system (OS). The objective of this architecture is to achieve a higher level of DLS dependability compared to more traditional software architectures and quality assurance (QA) methods. The architecture of InnoChain includes (1) a programming language for smart contracts which is a domain-specific language with formal semantics embedded into CakeML, which is a functional language of the ML family; this allows us to carry out formal verification of smart contracts’ correctness properties using higher-order logic systems, such as HOL4; (2) trusted compilation of smart contracts into the machine code using the verified compiler available for CakeML, rather than relying on a virtual machine for execution of smart contracts; (3) using CakeML for implementation of InnoChain node functionality which allows for formal verification of code correctness and trusted compilation into the machine code; (4) formal verification of the consensus protocol used InnoChain, namely Chained HotStuff; (5) using seL4, a formally-verified microkernel, as the underlying OS for InnoChain instead of more traditional general-purpose OSes such as Linux. The proposed verified architecture will allow InnoChain to be used in mission-critical applications, such as the decentralized Aircraft Fuelling Control System which is currently under development for JSC Aeroflot, the Russian national air carrier.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that the class of DLS includes the more narrow class of blockchain systems. The terms “DLS” and “blockchain” are used nearly interchangeably, but in fact the former term refers to high-level functional and architectural properties of such systems, whereas the latter one is connected to lower-level implementation details. In most cases, DLS are indeed implemented as blockchains, but not always.
References
Abrahamsson, O.: Proof-producing synthesis of CakeML from monadic HOL functions. J. Autom. Reason. (JAR) 64, 1287–1306 (2020). https://doi.org/10.1007/s10817-020-09559-8. https://rdcu.be/b4FrU
Appel, A.W.: Verified software toolchain. In: Barthe, G. (ed.) Programming Languages and Systems, pp. 1–17. Springer, Heidelberg (2011)
Barrett, C., Sebastiani, R., Seshia, S., Tinelli, C.: Satisfiability modulo theories. In: Handbook of Satisfiability, Frontiers in Artificial Intelligence and Applications, vol. 185, pp. 825–885. IOS Press (2009)
Burns, A., Wellings, A.: Concurrent and Real-Time Programming in Ada 2005. Cambridge University Press, Cambridge (2007)
Burns, A., Wellings, A.: Real-Time Systems and Programming Languages. Addison-Wesley, Boston (2009)
CakeML: A verified implementation of ML (2020). https://cakeml.org
Introduction to CAmkES. https://docs.sel4.systems/Tutorials/hello-camkes-0.html
Chlipala, A.: Certified Programming with Dependent Types: A Pragmatic Introduction to the Coq Proof Assistant. MIT Press, Cambridge (2013)
Gauthier, T., Kaliszyk, C., Urban, J.: TacticToe: learning to reason with HOL4 tactics. In: LPAR. EPiC Series in Computing, vol. 46, pp. 125–143. EasyChair (2017)
seL4 deployment using Genode. https://genode.org/documentation/articles/sel4_part_1
Gu, R., et al.: CertiKOS: an extensible architecture for building certified concurrent OS kernels. In: Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI’16). USENIX (2016). https://www.usenix.org/conference/osdi16/technical-sessions/presentation/gu
Heiser, G.: The seL4 microkernel: an introduction (2020). https://sel4.systems/About/seL4-whitepaper.pdf
Hupel, L., Nipkow, T.: A verified compiler from Isabelle/HOL to CakeML. In: Ahmed, A. (ed.) European Symposium on Programming (ESOP). Lecture Notes in Computer Science, vol. 10801, pp. 999–1026. Springer (2018). https://doi.org/10.1007/978-3-319-89884-1_35. https://lars.hupel.info/pub/isabelle-cakeml.pdf
INRIA: CompCert project. https://compcert.org
Klein, G., Elphinstone, K., Heiser, G., Andronick, J.: seL4: formal verification of an OS kernel. In: ACM Symposium on Operating Systems Principles, pp. 207–220 (2009). https://ts.data61.csiro.au/publications/nicta_full_text/1852.pdf
Klein, G., Elphinstone, K., Murray, T., Sewell, T., Kolanski, R., Gernot, H.: Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst. 32(1), 1–70 (2014). https://ts.data61.csiro.au/publications/nictafulltext/7371.pdf
Kukharenko, V., Ziborov, K., Sadykov, R., Naumchev, R., R., R., Merkin, L.: InnoChain: a distributed ledger for industrial applications with formal verification at all implementation levels (2020). https://persons.iis.nsk.su/en/pssv2020. PSSV 2020 : XI Workshop Program Semantics, Specification and Verification: Theory and Applications
Lamport, L.: Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers. Addison-Wesley, Boston (2003)
Libra by Facebook. https://github.com/libra/libra
Verification center of the operating system Linux. http://linuxtesting.org/publications
Myreen, M.O., Owens, S.: Proof-producing translation of higher-order logic into pure and stateful ML. J. Funct. Program. 24(2–3), 284–315 (2014). https://doi.org/10.1017/S0956796813000282
O’Hearn, P.: Separation logic. Commun. ACM 62(2), 86–95 (2019). https://doi.org/10.1145/3211968
Owens, S., Myreen, M.O., Kumar, R., Tan, Y.K.: Functional big-step semantics. In: Thiemann, P. (ed.) Programming Languages and Systems: 25th European Symposium on Programming, ESOP 2016. Lecture Notes in Computer Science, vol. 9632, pp. 589–615. Springer (2016). https://doi.org/10.1007/978-3-662-49498-1_23
Paulson, L.C.: Isabelle - a generic theorem prover (with a contribution by T. Nipkow). Lecture Notes in Computer Science, vol. 828. Springer (1994)
Implementation of the network layer for seL4. https://github.com/SEL4PROJ/picotcp
Ă…man Pohjola, J., Rostedt, H., Myreen, M.O.: Characteristic formulae for liveness properties of non-terminating CakeML programs. In: Interactive Theorem Proving (ITP). LIPICS (2019, to appear). https://cakeml.org/itp19.pdf
Rognier, B.: Smart contracts under control (2020). https://archetype-lang.org
Vessenes, P.: More ethereum attacks: race-to-empty is the real deal (2016). https://vessenes.com/more-ethereum-attacks-race-to-empty-is-the-real-deal
Yin, M., Malkhi, D., Reiter, M.K., Golan-Gueta, G., Abraham, I.: HotStuff: BFT consensus with linearity and responsiveness. In: PODC, pp. 347–356. ACM (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Merkin, L., Rezin, R., Vasilyev, N. (2021). Architecture of InnoChain, a Formally-Verified Distributed Ledger System. In: Silhavy, R. (eds) Informatics and Cybernetics in Intelligent Systems. CSOC 2021. Lecture Notes in Networks and Systems, vol 228. Springer, Cham. https://doi.org/10.1007/978-3-030-77448-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-77448-6_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-77447-9
Online ISBN: 978-3-030-77448-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)