Prisma: A Tierless Language for Enforcing Contract-Client Protocols in Decentralized Applications

Decentralized applications (dApps) consist of smart contracts that run on blockchains and clients that model collaborating parties. dApps are used to model financial and legal business functionality. Today, contracts and clients are written as separate programs – in different programming languages – communicating via send and receive operations. This makes distributed program flow awkward to express and reason about, increasing the potential for mismatches in the client-contract interface, which can be exploited by malicious clients, potentially leading to huge financial losses. In this paper, we present Prisma, a language for tierless decentralized applications, where the contract and its clients are defined in one unit and pairs of send and receive actions that “belong together” are encapsulated into a single direct-style operation, which is executed differently by sending and receiving parties. This enables expressing distributed program flow via standard control flow and renders mismatching communication impossible. We prove formally that our compiler preserves program behavior in presence of an attacker controlling the client code. We systematically compare Prisma with mainstream and advanced programming models for dApps and provide empirical evidence for its expressiveness and performance.

[1]  Michael J. Coblenz,et al.  Psamathe: A DSL with Flows for Safe Blockchain Assets , 2020, ArXiv.

[2]  Bin Hu,et al.  A comprehensive survey on smart contract construction and execution: paradigms, tools, and systems , 2020, Patterns.

[3]  Rui Abreu,et al.  SmartBugs: A Framework to Analyze Solidity Smart Contracts , 2020, 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[4]  S. Giallorenzo,et al.  Choreographies as Objects , 2020, ArXiv.

[5]  Uwe Zdun,et al.  From Domain-Specific Language to Code: Smart Contracts and the Application of Design Patterns , 2020, IEEE Software.

[6]  Murdoch James Gabbay,et al.  UTxO- vs account-based smart contract blockchain programming paradigms , 2020, ISoLA.

[7]  Ahmed E. Hassan,et al.  An exploratory study of smart contracts in the Ethereum blockchain platform , 2020, Empirical Software Engineering.

[8]  Simon J. Thompson,et al.  Marlowe: Implementing and Analysing Financial Contracts on Blockchain , 2020, Financial Cryptography Workshops.

[9]  Gernot Salzer,et al.  Wallet Contracts on Ethereum , 2020, IEEE ICBC.

[10]  Brad A. Myers,et al.  User-Centered Programming Language Design in the Obsidian Smart Contract Language , 2019, ArXiv.

[11]  Rui Abreu,et al.  Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts , 2019, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[12]  Ilya Sergey,et al.  Safer smart contract programming with Scilla , 2019, Proc. ACM Program. Lang..

[13]  Brad A. Myers,et al.  Obsidian: Typestate and Assets for Safer Blockchain Programming , 2019, ACM Trans. Program. Lang. Syst..

[14]  Tiark Rompf,et al.  Compiling with continuations, or without? whatever. , 2019, Proc. ACM Program. Lang..

[15]  Vladimir Ulyantsev,et al.  Smart Contract Design Meets State Machine Synthesis: Case Studies , 2019, ArXiv.

[16]  Stefan Dziembowski,et al.  Multi-party Virtual State Channels , 2019, EUROCRYPT.

[17]  Sophia Drossopoulou,et al.  Flint for Safer Smart Contracts , 2019, ArXiv.

[18]  Gernot Salzer,et al.  A Survey of Tools for Analyzing Ethereum Smart Contracts , 2019, 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON).

[19]  Frank Pfenning,et al.  Resource-Aware Session Types for Digital Contracts , 2019, 2021 IEEE 34th Computer Security Foundations Symposium (CSF).

[20]  Abhishek Dubey,et al.  VeriSolid: Correct-by-Design Smart Contracts for Ethereum , 2019, Financial Cryptography.

[21]  Sam Lindley,et al.  Exceptional asynchronous session types: session types without tiers , 2019, Proc. ACM Program. Lang..

[22]  Simon J. Thompson,et al.  Marlowe: Financial Contracts on Blockchain , 2018, ISoLA.

[23]  Stefan Dziembowski,et al.  General State Channel Networks , 2018, CCS.

[24]  William J. Knottenbelt,et al.  Towards Safer Smart Contracts: A Survey of Languages and Verification Methods , 2018, ArXiv.

[25]  Mirko Köhler,et al.  Distributed system development with ScalaLoci , 2018, Proc. ACM Program. Lang..

[26]  Sophia Drossopoulou,et al.  Writing safe smart contracts in Flint , 2018, Programming.

[27]  Prateek Saxena,et al.  Finding The Greedy, Prodigal, and Suicidal Contracts at Scale , 2018, ACSAC.

[28]  Aron Laszka,et al.  Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach , 2017, Financial Cryptography.

[29]  Simon L. Peyton Jones,et al.  Compiling without continuations , 2017, PLDI.

[30]  Michael J. Coblenz Obsidian: A Safer Blockchain Programming Language , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[31]  Massimo Bartoletti,et al.  Financial Cryptography and Data Security , 2017, Lecture Notes in Computer Science.

[32]  Iddo Bentov,et al.  Sprites and State Channels: Payment Networks that Go Faster Than Lightning , 2017, Financial Cryptography.

[33]  Jérôme Vouillon,et al.  Eliom: A Core ML Language for Tierless Web Programming , 2016, APLAS.

[34]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[35]  Manuel Serrano,et al.  A glimpse of Hopjs , 2016, ICFP.

[36]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[37]  Don Syme,et al.  The F# Computation Expression Zoo , 2014, PADL.

[38]  Adams-Agnes Booth Actors , 2012, The Classical Review.

[39]  WadlerPhilip,et al.  Propositions as sessions , 2012 .

[40]  Tamara Rezk,et al.  Mashic Compiler: Mashup Sandboxing Based on Inter-frame Communication , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[41]  Claudio V. Russo,et al.  Pause 'n' Play: Formalizing Asynchronous C# , 2012, ECOOP.

[42]  Gary Brown,et al.  Scribbling Interactions with a Formal Foundation , 2011, ICDCIT.

[43]  Jonathan Edwards,et al.  Coherent reaction , 2009, OOPSLA Companion.

[44]  Mihai Budiu,et al.  Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[45]  Mariangiola Dezani-Ciancaglini,et al.  Sessions and Session Types: An Overview , 2009, WS-FM.

[46]  Xin Zheng,et al.  Secure web applications via automatic partitioning , 2007, SOSP.

[47]  Andrew Kennedy,et al.  Compiling with continuations, continued , 2007, ICFP '07.

[48]  Philip Wadler,et al.  Links: Web Programming Without Tiers , 2006, FMCO.

[49]  Andrew M. Pitts,et al.  Operational Semantics and Program Equivalence , 2000, APPSEM.

[50]  Christian Queinnec,et al.  The influence of browsers on evaluators or, continuations to program web servers , 2000, ICFP '00.

[51]  Amr Sabry,et al.  The essence of compiling with continuations , 1993, PLDI '93.

[52]  Robert Hieb,et al.  The Revised Report on the Syntactic Theories of Sequential Control and State , 1992, Theor. Comput. Sci..

[53]  A. Appel,et al.  Compiling with Continuations , 1991 .

[54]  John C. Reynolds,et al.  Definitional Interpreters for Higher-Order Programming Languages , 1972, ACM '72.

[55]  Sebastian Faust,et al.  Prisma: A Tierless Language for Enforcing Contract-Client Protocols in Decentralized Applications (Extended Abstract) , 2022, ECOOP.

[56]  Fabrizio Montesi,et al.  Multiparty Languages: The Choreographic and Multitier Cases (Pearl) , 2021, ECOOP.

[57]  Aggelos Kiayias,et al.  Hydra: Fast Isomorphic State Channels , 2020, IACR Cryptol. ePrint Arch..

[58]  Alexander Alexandrov Scala , 2020, Encyclopedia of Big Data Technologies.

[59]  Byeong-Mo Chang,et al.  A theory of RPC calculi for client–server model , 2019, Journal of Functional Programming.

[60]  Gianluigi Zavattaro,et al.  Service-Oriented Programming with Jolie , 2014, Web Services Foundations.

[61]  Daniel Davis Wood ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[62]  Simon Marlow,et al.  Haskell 2010 Language Report , 2010 .

[63]  M. Serrano,et al.  Hop: a language for programming the web 2.0 , 2006, OOPSLA Companion.

[64]  Gul A. Agha,et al.  ACTORS - a model of concurrent computation in distributed systems , 1985, MIT Press series in artificial intelligence.

[65]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.