Public Blockchains (BC) in support of Smart Contracts (SC), e.g., Ethereum, enable everyone to coordinate in a decentralized model to manage scarce and valuable resources,e.g., cryptocurrencies. Such BCs allow for the building of SCs that own resources and manage a set of permissions describing who is allowed to interact with these resources and what actions they can apply to them. However, Programming Languages (PL) and run-time systems used in current BCs lack a secure, flexible, and straightforward way to implement permissions within their SCs, leading to erroneous implementations that allow unauthorized access. The best-known incident related to a permission problem was the "Parity Hack", which led to the "loss" of tokens, valued at approximately 31 M USD.A better and secure SC access control concept provides an improved path to managing permissions. Thus, this paper presents a novel concept for handling permissions compatible with functional SC languages leveraging opaque and substructural data types to provide capability-based permission management. The opaque data types enforce that only designated functions can create permission carrying capabilities. Substructural data types prevent an unpermitted duplication of capabilities.
[1]
Mark S. Miller,et al.
Capability Myths Demolished
,
2003
.
[2]
Nick Szabo,et al.
Formalizing and Securing Relationships on Public Networks
,
1997,
First Monday.
[3]
Markus Knecht,et al.
Mandala: A Smart Contract Programming Language
,
2019,
ArXiv.
[4]
Vitalik Buterin.
A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM
,
2015
.
[5]
Jerome H. Saltzer,et al.
The protection of information in computer systems
,
1975,
Proc. IEEE.
[6]
Satoshi Nakamoto.
Bitcoin : A Peer-to-Peer Electronic Cash System
,
2009
.
[7]
Daniel Davis Wood,et al.
ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER
,
2014
.
[8]
Markus Knecht,et al.
SATOS: Storage Agnostic Tokens over Opaque and Substructural Types
,
2019,
2019 Crypto Valley Conference on Blockchain Technology (CVCBT).
[9]
Norman Hardy,et al.
The Confused Deputy: (or why capabilities might have been invented)
,
1988,
OPSR.