Skip to main content

Capturing Smart Contract Design with DCR Graphs

  • Conference paper
  • First Online:
Software Engineering and Formal Methods (SEFM 2023)

Abstract

Smart contracts manage blockchain assets and embody business processes. However, mainstream smart contract programming languages such as Solidity lack explicit notions of roles, action dependencies, and time. Instead, these concepts are implemented in program code. This makes it very hard to design and analyze smart contracts.

We argue that DCR graphs are a suitable formalization tool for smart contracts because they explicitly and visually capture the mentioned features. We utilize this expressiveness to show that many common high-level design patterns representing the underlying business processes in smart-contract applications can be naturally modeled this way. Applying these patterns shows that DCR graphs facilitate the development and analysis of correct and reliable smart contracts by providing a clear and easy-to-understand specification.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Available for free for academic use at dcrsolutions.net.

  2. 2.

    The ISO 8601 standard (www.iso.org/iso-8601-date-and-time-format.html) is used in the design tool, allowing the use of years, months, days, and seconds.

  3. 3.

    https://github.com/mojtaba-eshghie/SmartContractDesignPatternsInDCRGraphs.

  4. 4.

    The scenario was originally provided by Gordon Pace.

References

  1. A decentralized escape hatch for DAOs. https://hackingdistributed.com/2016/07/11/decentralized-escape-hatches-for-smart-contracts/. Accessed 29 Aug 2023

  2. Implement escape hatch mechanism contracts \(\cdot \) Issue #1 \(\cdot \) OpenZeppelin/openzeppelin-contracts. https://github.com/OpenZeppelin/openzeppelin-contracts/issues/1. Accessed 29 Aug 2023

  3. The Maker Protocol White Paper — Feb (2020). https://makerdao.com/en. Accessed 29 Aug 2023

  4. SWC-105 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-105/. Accessed 01 Sept 2023

  5. SWC-106 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-106/. Accessed 01 Sept 2023

  6. SWC-114 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-114/. Accessed 01 Sept 2023

  7. SWC-116 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-116/#time_locksol. Accessed 01 Sept 2023

  8. Synthetixio/synthetix: Synthetix Solidity smart contracts. https://github.com/Synthetixio/synthetix. Accessed 29 Aug 2023

  9. Timestamp Dependence - Ethereum Smart Contract Best Practices. https://consensys.github.io/smart-contract-best-practices/development-recommendations/solidity-specific/timestamp-dependence/#avoid-using-blocknumber-as-a-timestamp. Accessed 01 Sept 2023

  10. Aragon OSx Protocol (2023). https://github.com/aragon/osx. Accessed 29 Aug 2023

  11. Aragon/aragon-court: Aragon (2023). Accessed 29 Aug 2023

    Google Scholar 

  12. Augur (2023). https://github.com/AugurProject/augur. Accessed 29 Aug 2023

  13. Chainbridge-solidity (2023). https://github.com/ChainSafe/chainbridge-solidity. Accessed 29 Aug 2023

  14. Compound Protocol: Compound (2023). Accessed 29 Aug 2023

    Google Scholar 

  15. Ethereum development documentation (2023). https://ethereum.org/en/developers/docs/. Accessed 29 Aug 2023

  16. Smartcontractkit/chainlink (2023). https://github.com/smartcontractkit/chainlink. Accessed 29 Aug 2023

  17. Solidity documentation (2023). https://docs.soliditylang.org/en/latest/. Accessed 29 Aug 2023

  18. Bansal, K., Koskinen, E., Tripp, O.: Automatic generation of precise and useful commutativity conditions. In: Beyer, D., Huisman, M. (eds.) Tools and Algorithms for the Construction and Analysis of Systems, pp. 115–132. Lecture Notes in Computer Science, Springer International Publishing, Cham (2018). https://doi.org/10.1007/978-3-319-89960-2_7

  19. Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 494–509. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_31

    Chapter  Google Scholar 

  20. Chen, T., et al.: Understanding Ethereum via graph analysis. ACM TOIT 20(2), 1–32 (2020)

    Article  Google Scholar 

  21. Compound: Compound v2 Governance. https://docs.compound.finance/v2/governance/. Accessed 29 Aug 2023

  22. Consensys: ethereum smart contract best practices (2023). https://consensys.github.io/smart-contract-best-practices/development-recommendations/precautions/. Accessed 29 Aug 2023

  23. Dickerson, T., Gazzillo, P., Herlihy, M., Koskinen, E.: Adding concurrency to smart contracts. In: PODC, pp. 303–312. ACM (2017)

    Google Scholar 

  24. Ellul, J., Pace, G.J.: Runtime verification of ethereum smart contracts. In: 2018 14th European Dependable Computing Conference (EDCC). IEEE (2018). https://doi.org/10.1109/EDCC.2018.00036

  25. Eshghie, M.: A comprehensive collection of DCR graph model of business process-level (contract-level) design patterns in smart contracts (Aug 2023). https://github.com/mojtaba-eshghie/SmartContractDesignPatternsInDCRGraphs. Accessed 29 Aug 2023

  26. Eshghie, M.: mojtaba-eshghie/CLawK (2023). https://github.com/mojtaba-eshghie/CLawK/blob/925bf9c9afe344c763963e0e40098c66420d1d6a/server/monitor/contracts/source/Casino.sol. Accessed 29 Aug 2023

  27. Eshghie, M., Ahrendt, W., Artho, C., Hildebrandt, T.T., Schneider, G.: CLawK: Monitoring Business Processes in Smart Contracts (2023). https://doi.org/10.48550/arXiv.2305.08254. Accessed 29 Aug 2023

  28. Eshghie, M., Artho, C., Gurov, D.: Dynamic vulnerability detection on smart contracts using machine learning. In: EASE 2021, pp. 305–312. ACM (2021)

    Google Scholar 

  29. etherscan.io: HOLDIT — Etherscan. http://etherscan.io/address/0x24021d38DB53A938446eCB0a31B1267764d9d63D. Accessed 29 Aug 2023

  30. Fravoll: Solidity Patterns (2023). https://fravoll.github.io/solidity-patterns/. Accessed 29 Aug 2023

  31. Gamma, E., Helm, R., Johnson, R., Johnson, R.E., Vlissides, J.: Design patterns: elements of reusable object-oriented software. Pearson Deutschland GmbH (1995)

    Google Scholar 

  32. Gao, J., Liu, H., Liu, C., Li, Q., Guan, Z., Chen, Z.: EASYFLOW: keep ethereum away from overflow. In: 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), pp. 23–26 (2019). https://doi.org/10.1109/ICSE-Companion.2019.00029, ISSN: 2574-1934

  33. giveth.io: common-contract-deps (2021). https://github.com/Giveth/common-contract-deps/blob/094d36028eab30444314395016817735e57e9d77/contracts/Escapable.sol. Accessed 29 Aug 2023

  34. Grossman, S., Abraham, I., Golan-Gueta, G., Michalevsky, Y., Rinetzky, N., Sagiv, M., Zohar, Y.: Online detection of effectively callback free objects with applications to smart contracts (2018). https://doi.org/10.48550/arXiv.1801.04032

  35. Guth, F., Wüstholz, V., Christakis, M., Müller, P.: Specification mining for smart contracts with automatic abstraction tuning. arXiv:1807.07822 (2018)

  36. Explained: The Akutars NFT Incident (2022) - Halborn Blockchain Security Firm: Ethical Hackers, Infosec & Pen Tests. https://halborn.com/blog/post/explained-the-akutars-nft-incident-april-2022. Accessed 29 Aug 2023

  37. Hildebrandt, T.T., Mukkamala, R.R.: Declarative event-based workflow as distributed dynamic condition response graphs. In: Honda, K., Mycroft, A. (eds.) Proceedings Third Workshop on Programming Language Approaches to Concurrency and communication-cEntric Software, PLACES 2010, Paphos, Cyprus, 21st March 2010. EPTCS, vol. 69, pp. 59–73 (2010). https://doi.org/10.4204/EPTCS.69.5

  38. Hildebrandt, T.T., Normann, H., Marquard, M., Debois, S., Slaats, T.: Decision modelling in timed dynamic condition response graphs with data. In: Marrella, A., Weber, B. (eds.) BPM 2021. LNBIP, vol. 436, pp. 362–374. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-94343-1_28

    Chapter  Google Scholar 

  39. Liu, Y., Li, Y., Lin, S.W., Artho, C.: Finding permission bugs in smart contracts with role mining. In: SIGSOFT ISSTA 2022, pp. 716–727. ACM (2022)

    Google Scholar 

  40. Liu, Y., Lu, Q., Zhu, L., Paik, H.Y., Staples, M.: A systematic literature review on blockchain governance. J. Syst. Softw. 197 (2023)

    Google Scholar 

  41. Ma, F., Fu, Y., Ren, M., Wang, M., Jiang, Y., Zhang, K., Li, H., Shi, X.: EVM: from offline detection to online reinforcement for ethereum virtual machine. In: 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 554–558 (2019). https://doi.org/10.1109/SANER.2019.8668038, ISSN: 1534-5351

  42. Marchesi, L., Marchesi, M., Destefanis, G., Barabino, G., Tigano, D.: Design patterns for gas optimization in Ethereum. In: IEEE IWBOSE, pp. 9–15 (2020)

    Google Scholar 

  43. Normann, H., Debois, S., Slaats, T., Hildebrandt, T.T.: Zoom and Enhance: action refinement via subprocesses in timed declarative processes. In: Polyvyanyy, A., Wynn, M.T., Van Looy, A., Reichert, M. (eds.) BPM 2021. LNCS, vol. 12875, pp. 161–178. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85469-0_12

    Chapter  Google Scholar 

  44. Nute, D.: Handbook of logic in artificial intelligence and logic programming, vol. 3, chap. Defeasible Logic. Clarendon Press, Oxford University Press (1994)

    Google Scholar 

  45. OpenZeppelin: OpenZeppelin Contracts. https://github.com/OpenZeppelin/openzeppelin-contracts. Accessed 29 Aug 2023

  46. Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)

    Google Scholar 

  47. Sergey, I., Hobor, A.: A concurrent perspective on smart contracts (2017). http://arxiv.org/abs/1702.05511

  48. Solidstate: SolidState Solidity (2023). https://github.com/solidstate-network/solidstate-solidity/blob/de7c9545ac015f42a03aa3a678000ec1ec4c14a4/contracts/access/access_control/AccessControl.sol. Accessed 29 Aug 2023

  49. Wang, H., et al.: Oracle-supported dynamic exploit generation for smart contracts. IEEE Trans. Dependable Secure Comput. 19(03), 1795–1809 (2022)

    Article  Google Scholar 

  50. Wohrer, M., Zdun, U.: Smart contracts: security patterns in the Ethereum ecosystem and solidity. In: IEEE IWBOSE, pp. 2–8 (2018)

    Google Scholar 

  51. Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151, 1–32 (2014)

    Google Scholar 

  52. Wöhrer, M., Zdun, U.: Design patterns for smart contracts in the Ethereum ecosystem. In: iThings/GreenCom/CPSCom/SmartData, pp. 1513–1520 (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Mojtaba Eshghie .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Eshghie, M., Ahrendt, W., Artho, C., Hildebrandt, T.T., Schneider, G. (2023). Capturing Smart Contract Design with DCR Graphs. In: Ferreira, C., Willemse, T.A.C. (eds) Software Engineering and Formal Methods. SEFM 2023. Lecture Notes in Computer Science, vol 14323. Springer, Cham. https://doi.org/10.1007/978-3-031-47115-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-47115-5_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-47114-8

  • Online ISBN: 978-3-031-47115-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics