Contracts over Smart Contracts: Recovering from Violations Dynamically

Smart contracts which enforce behaviour between parties have been hailed as a new way of regulating business, particularly on public distributed ledger technologies which ensure the immutability of smart contracts, and can do away with points of trust. Many such platforms, including Ethereum, come with a virtual machine on which smart contracts are executed, described in an imperative manner. Given the critical nature of typical smart contract applications, their bugs and vulnerabilities have proved to be particularly costly. In this paper we argue how dynamic analysis can be used not only to identify errors in the contracts, but also to support recovery from such errors. Furthermore, contract immutability means that code cannot be easily fixed upon discovering a problem. To address this issue, we also present a specification-driven approach, allowing developers to promise behavioural properties via smart contracts, but still allowing them to update the code which implements the specification in a safe manner.

[1]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[2]  Gordon J. Pace,et al.  Safer asynchronous runtime monitoring using compensations , 2012, Formal Methods Syst. Des..

[3]  Nick Szabo,et al.  Smart Contracts: Building Blocks for Digital Markets , 2018 .

[4]  Rainer Böhme,et al.  In Code We Trust? - Measuring the Control Flow Immutability of All Smart Contracts Deployed on Ethereum , 2017, DPM/CBT@ESORICS.

[5]  Gordon J. Pace,et al.  LARVA --- Safer Monitoring of Real-Time Java Programs (Tool Paper) , 2009, 2009 Seventh IEEE International Conference on Software Engineering and Formal Methods.

[6]  Elaine Shi,et al.  Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab , 2016, Financial Cryptography Workshops.

[7]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[8]  Ilya Sergey,et al.  A Concurrent Perspective on Smart Contracts , 2017, Financial Cryptography Workshops.

[9]  Yi Zhang,et al.  KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[10]  K. Bhargavan,et al.  : Formal Verification of Smart Contracts , 2016 .

[11]  Gordon J. Pace,et al.  Recovery within long-running transactions , 2013, CSUR.

[12]  Hector Garcia-Molina,et al.  Modeling long-running activities as nested sagas , 1991 .

[13]  Cliff B. Jones,et al.  Specifications are not (necessarily) executable , 1989 .

[14]  Grigore Rosu,et al.  Towards Monitoring-Oriented Programming: A Paradigm Combining Specification and Implementation , 2003, RV@CAV.

[15]  Vaughan R. Pratt Anatomy of the Pentium Bug , 1995, TAPSOFT.

[16]  Nishant Rodrigues,et al.  KEVM: A Complete Semantics of the Ethereum Virtual Machine , 2017 .

[17]  Leonardo Mariani,et al.  Runtime Failure Prevention and Reaction , 2018, Lectures on Runtime Verification.

[18]  Grigore Rosu,et al.  Java-MOP: A Monitoring Oriented Programming Environment for Java , 2005, TACAS.

[19]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[20]  Gary T. Leavens,et al.  Behavioral interface specification languages , 2012, CSUR.

[21]  Nikhil Swamy,et al.  Formal Verification of Smart Contracts: Short Paper , 2016, PLAS@CCS.

[22]  Gordon J. Pace,et al.  Comprehensive Monitor-Oriented Compensation Programming , 2014, FESCA.

[23]  Bertrand Meyer Design By Contract. The Eiffel Method , 1998, Proceedings. Technology of Object-Oriented Languages. TOOLS 26 (Cat. No.98EX176).

[24]  Matteo Maffei,et al.  A Semantic Framework for the Security Analysis of Ethereum smart contracts , 2018, POST.

[25]  Brian Randell,et al.  Reliability Issues in Computing System Design , 1978, CSUR.

[26]  Norbert E. Fuchs Specifications are (preferably) executable , 1992, Softw. Eng. J..

[27]  Gordon J. Pace,et al.  Runtime Verification of Ethereum Smart Contracts , 2018, 2018 14th European Dependable Computing Conference (EDCC).

[28]  Guido Governatori,et al.  Evaluation of Logic-Based Smart Contracts for Blockchain Systems , 2016, RuleML.