Abstract
Purchases in supply chains involve a network of suppliers, manufacturers, logistics or even customers needed for the procurement of goods or services. These are needed to operate a supply chain efficiently and allow timely deliverables to consumers. In our work, we identify and map a typical business process to demonstrate how we can securely allow participants to interact with smart contracts and discover potential use cases for supply chains.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
BTCBUSD—Binance Spot. https://www.binance.com/en/trade/BTC_BUSD
EIP-1559 - Fee market change for ETH 1.0 chain. https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1559.md
Electronic Code of Federal Regulations (eCFR). https://www.ecfr.gov/cgi-bin/text-idx?SID=6885de90742b035794f3c377745ff932&mc=true&node=pt49.5.375&rgn=div5
fabiojose/ethereum-ex. https://github.com/fabiojose/ethereum-ex
Gas and fees—ethereum.org. https://ethereum.org/en/developers/docs/gas/
IBM Food Trust - Blockchain for the world’s food supply. https://www.ibm.com/blockchain/solutions/food-trust
OpenZeppelin. https://openzeppelin.com
SAP API Business Hub. https://api.sap.com
Security Advisory for SolarWinds. https://www.solarwinds.com/securityadvisory
Smart0tter/tradefinance. https://github.com/Smart0tter/TradeFinance
The Eth2 upgrades—ethereum.org. https://ethereum.org/en/eth2/
Upgrading smart contracts - OpenZeppelin Docs. https://docs.openzeppelin.com/learn/upgrading-smart-contracts
ZK-STARKs - EthHub. https://docs.ethhub.io/ethereum-roadmap/layer-2-scaling/zk-starks/
UNCITRAL Model Law on Electronic Transferable Records—United Nations Commission On International Trade Law (2017). https://uncitral.un.org/en/texts/ecommerce/modellaw/electronic_transferable_records
Incoterms 2020 - ICC - International Chamber of Commerce (2020). https://iccwbo.org/resources-for-business/incoterms-rules/incoterms-2020/
EVMPatch: timely and automated patching of ethereum smart contracts. In: 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Vancouver, B.C., August 2021. https://www.usenix.org/conference/usenixsecurity21/presentation/rodler
Smart contract vulnerabilities: vulnerable does not imply exploited. In: 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, Vancouver, B.C., August 2021. https://www.usenix.org/conference/usenixsecurity21/presentation/perez
Albert, E., Gordillo, P., Livshits, B., Rubio, A., Sergey, I.: EthIR: a framework for high-level analysis of ethereum bytecode. CoRR abs/1805.07208 (2018). http://arxiv.org/abs/1805.07208
Azzi, R., Chamoun, R.K., Sokhn, M.: The power of a blockchain-based supply chain. Comput. Ind. Eng. 135, 582–592 (2019)
Brent, L., et al.: Vandal: a scalable security analysis framework for smart contracts. CoRR abs/1809.03981 (2018). http://arxiv.org/abs/1809.03981
Chen, T., et al.: SODA: a generic online detection framework for smart contracts. In: 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, 23–26 February 2020. The Internet Society (2020). https://www.ndss-symposium.org/ndss-paper/soda-a-generic-online-detection-framework-for-smart-contracts/
CryptoKitties: Cryptokitties—technical details. https://www.cryptokitties.co/technical-details
Frank, J., Aschermann, C., Holz, T.: ETHBMC: a bounded model checker for smart contracts. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2757–2774. USENIX Association, August 2020. https://www.usenix.org/conference/usenixsecurity20/presentation/frank
Goes, C.: The Interblockchain Communication Protocol: An Overview (2020)
Grech, N., Kong, M., Jurisevic, A., Brent, L., Scholz, B., Smaragdakis, Y.: Madmax: surviving out-of-gas conditions in ethereum smart contracts. Proc. ACM Program. Lang. 2(OOPSLA) (2018). https://doi.org/10.1145/3276486
Grossman, S., et al.: Online detection of effectively callback free objects with applications to smart contracts. CoRR abs/1801.04032 (2018). http://arxiv.org/abs/1801.04032
Immerman, N.: Descriptive Complexity. Springer, Heidelberg (1999). https://doi.org/10.1007/978-1-4612-0539-5
International Cargo Express: Bill Of Lading Explained: The Complete Beginner’s Guide (2019). https://www.icecargo.com.au/bill-of-lading
Jiang, B., Liu, Y., Chan, W.K.: ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. ASE 2018, pp. 259–269. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3238147.3238177
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18–21 February 2018. The Internet Society (2018). http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdf
Krupp, J., Rossow, C.: Teether: gnawing at ethereum to automatically exploit smart contracts. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1317–1333. USENIX Association, Baltimore, MD, August 2018. https://www.usenix.org/conference/usenixsecurity18/presentation/krupp
Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. CCS 2016, pp. 254–269. Association for Computing Machinery, New York (2016). https://doi.org/10.1145/2976749.2978309
Misiorek, G.: SAP Hyperledger Retirement - SAP Q&A (2021). https://answers.sap.com/questions/13220261/sap-hyperledger-retirement.html
Mueller, B.: b-mueller/smashing-smart-contracts: Write-ups on security analysis of Ethereum smart contracts using symbolic execution and constraint solving (2018). https://github.com/b-mueller/smashing-smart-contracts
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Technical report, Manubot (2019). https://git.dhimmel.com/bitcoin-whitepaper
NCC Group: Decentralized Application Security Project (DASP) - Top 10 (2018). https://dasp.co/
Nikolic, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. CoRR abs/1802.06038 (2018). http://arxiv.org/abs/1802.06038
Palladino, S.: The Parity Wallet Hack Explained - OpenZeppelin blog (2017). https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7/
Reyna, A., Martín, C., Chen, J., Soler, E., Díaz, M.: On blockchain and its integration with IoT. Challenges and opportunities. Future Gener. Comput. Syst. 88, 173–190 (2018). https://doi.org/10.1016/j.future.2018.05.046, https://www.sciencedirect.com/science/article/pii/S0167739X17329205
Rodler, M., Li, W., Karame, G.O., Davi, L.: Sereum: protecting existing smart contracts against re-entrancy attacks (2018). http://arxiv.org/abs/1812.05934
Stortz, R.: crytic/rattle: evm binary static analysis. https://github.com/crytic/rattle
Szabo, N.: Smart contracts: building blocks for digital markets. https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html
Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Bünzli, F., Vechev, M.: Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. CCS 2018, pp. 67–82. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3243734.3243780
Vessenes, P.: Deconstructing the DAO attack: A brief code tour (2016). https://vessenes.com/deconstructing-thedao-attack-a-brief-code-tour/
Entriken, W., Shirley, D., Evans, J., Sachs, N.: EIP-721: ERC-721 Non-Fungible Token Standard. https://eips.ethereum.org/EIPS/eip-721
YCharts: Ethereum Average Gas Price. https://ycharts.com/indicators/ethereum_average_gas_price
Zhang, M., Zhang, X., Zhang, Y., Lin, Z.: TXSPECTOR: uncovering attacks in ethereum from transactions. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2775–2792. USENIX Association, August 2020. https://www.usenix.org/conference/usenixsecurity20/presentation/zhang-mengya
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Lim, Y.Z., Zhou, J., Saerbeck, M. (2021). Shaping Blockchain Technology for Securing Supply Chains. In: Zhou, J., et al. Applied Cryptography and Network Security Workshops. ACNS 2021. Lecture Notes in Computer Science(), vol 12809. Springer, Cham. https://doi.org/10.1007/978-3-030-81645-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-81645-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-81644-5
Online ISBN: 978-3-030-81645-2
eBook Packages: Computer ScienceComputer Science (R0)