Clockwork Finance: Automated Analysis of Economic Security in Smart Contracts

We introduce the Clockwork Finance Framework (CFF), a general purpose, formal verification framework for mechanized reasoning about the economic security properties of composed decentralized-finance (DeFi) smart contracts.CFF features three key properties. It is contract complete, meaning that it can model any smart contract platform and all its contracts—Turing complete or otherwise. It does so with asymptotically constant model overhead. It is also attack-exhaustive by construction, meaning that it can automatically and mechanically extract all possible economic attacks on users’ cryptocurrency across modeled contracts.Thanks to these properties, CFF can support multiple goals: economic security analysis of contracts by developers, analysis of DeFi trading risks by users, fees UX, and optimization of arbitrage opportunities by bots or miners. Because CFF offers composability, it can support these goals with reasoning over any desired set of potentially interacting smart contract models.We instantiate CFF as an executable model for Ethereum contracts that incorporates a state-of-the-art deductive verifier. Building on previous work, we introduce extractable value (EV), a new formal notion of economic security in composed DeFi contracts that is both a basis for CFF and of general interest.We construct modular, human-readable, composable CFF models of four popular, deployed DeFi protocols in Ethereum: Uniswap, Uniswap V2, Sushiswap, and MakerDAO, representing a combined 24 billion USD in value as of March 2022. We use these models along with some other common models such as flash loans, airdrops and voting to show experimentally that CFF is practical and can drive useful, data-based EV-based insights from real world transaction activity. Without any explicitly programmed attack strategies, CFF uncovers on average an expected $56 million of EV per month in the recent past.

[1]  Sreeram Kannan,et al.  Order-Fair Consensus in the Permissionless Setting , 2022, IACR Cryptol. ePrint Arch..

[2]  Benjamin Livshits,et al.  On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[3]  Arthur Gervais,et al.  Quantifying Blockchain Extractable Value: How dark is the forest? , 2021, 2022 IEEE Symposium on Security and Privacy (SP).

[4]  Klaus Kursawe,et al.  Wendy, the Good Little Fairness Widget: Achieving Order Fairness for Blockchains , 2020, AFT.

[5]  Srinath T. V. Setty,et al.  Byzantine Ordered Consensus without Byzantine Oligarchy , 2020, IACR Cryptol. ePrint Arch..

[6]  Arthur Gervais,et al.  High-Frequency Trading on Decentralized On-Chain Exchanges , 2020, 2021 IEEE Symposium on Security and Privacy (SP).

[7]  Ari Juels,et al.  Order-Fairness for Byzantine Consensus , 2020, IACR Cryptol. ePrint Arch..

[8]  Dorel Lucanu,et al.  Matching logic explained , 2020, J. Log. Algebraic Methods Program..

[9]  Yi Zhang,et al.  End-to-End Formal Verification of Ethereum 2.0 Deposit Smart Contract , 2020, CAV.

[10]  Guillermo Angeris,et al.  Improved Price Oracles: Constant Function Market Makers , 2020, AFT.

[11]  B. Livshits,et al.  Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit , 2020, Financial Cryptography.

[12]  Andrei Arusoaie,et al.  A Formal Semantics of Findel in Coq (Short Paper) , 2019, ArXiv.

[13]  Huashan Chen,et al.  A Survey on Ethereum Systems Security , 2019, ACM Comput. Surv..

[14]  Andrew Miller,et al.  ILC: a calculus for composable, computational cryptography , 2019, IACR Cryptol. ePrint Arch..

[15]  Ari Juels,et al.  Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges , 2019, ArXiv.

[16]  Ron van der Meyden,et al.  On the specification and verification of atomic swap smart contracts , 2018, ArXiv.

[17]  Grigore Rosu,et al.  A Language-Independent Program Verification Framework , 2018, ISoLA.

[18]  Meng Xu,et al.  QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing , 2018, USENIX Security Symposium.

[19]  Ari Juels,et al.  Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts , 2018, IACR Cryptol. ePrint Arch..

[20]  Christian Rossow,et al.  teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts , 2018, USENIX Security Symposium.

[21]  Yi Zhang,et al.  KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[22]  Matteo Maffei,et al.  A Semantic Framework for the Security Analysis of Ethereum smart contracts , 2018, POST.

[23]  Sidney Amani,et al.  Towards verifying ethereum smart contract bytecode in Isabelle/HOL , 2018, CPP.

[24]  Grant Olney Passmore,et al.  Formal Verification of Financial Algorithms , 2017, CADE.

[25]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[26]  Yoichi Hirai,et al.  Defining the Ethereum Virtual Machine for Interactive Theorem Provers , 2017, Financial Cryptography Workshops.

[27]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[28]  Grigore Rosu,et al.  Semantics-based program verifiers for all languages , 2016, OOPSLA.

[29]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[30]  Grigore Rosu,et al.  Maximal sound predictive race detection with control flow abstraction , 2014, PLDI.

[31]  Tyler Moore,et al.  Beware the Middleman: Empirical Analysis of Bitcoin-Exchange Risk , 2013, Financial Cryptography.

[32]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[33]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[34]  Grigore Rosu,et al.  𝕂: A Semantic Framework for Programming Languages and Formal Analysis Tools , 2017, Dependable Software Systems Engineering.

[35]  Gottfried Vossen,et al.  Database Transaction Models , 1995, Computer Science Today.

[36]  B Duci,et al.  A path to independence. , 1984, SCI nursing : a publication of the American Association of Spinal Cord Injury Nurses.