SAMOS: a Smart Contract Access Management over Opaque and Substructural Types

Public Blockchains (BC) in support of Smart Contracts (SC), e.g., Ethereum, enable everyone to coordinate in a decentralized model to manage scarce and valuable resources,e.g., cryptocurrencies. Such BCs allow for the building of SCs that own resources and manage a set of permissions describing who is allowed to interact with these resources and what actions they can apply to them. However, Programming Languages (PL) and run-time systems used in current BCs lack a secure, flexible, and straightforward way to implement permissions within their SCs, leading to erroneous implementations that allow unauthorized access. The best-known incident related to a permission problem was the "Parity Hack", which led to the "loss" of tokens, valued at approximately 31 M USD.A better and secure SC access control concept provides an improved path to managing permissions. Thus, this paper presents a novel concept for handling permissions compatible with functional SC languages leveraging opaque and substructural data types to provide capability-based permission management. The opaque data types enforce that only designated functions can create permission carrying capabilities. Substructural data types prevent an unpermitted duplication of capabilities.