Summing Up Smart Transitions

Some of the most significant high-level properties of currencies are the sums of certain account balances. Properties of such sums can ensure the integrity of currencies and transactions. For example, the sum of balances should not be changed by a transfer operation. Currencies manipulated by code present a verification challenge to mathematically prove their integrity by reasoning about computer programs that operate over them, e.g., in Solidity. The ability to reason about sums is essential: even the simplest ERC-20 token standard of the Ethereum community provides a way to access the total supply of balances. Unfortunately, reasoning about code written against this interface is nontrivial: the number of addresses is unbounded, and establishing global invariants like the preservation of the sum of the balances by operations like transfer requires higher-order reasoning. In particular, automated reasoners do not provide ways to specify summations of arbitrary length. In this paper, we present a generalization of first-order logic which can express the unbounded sum of balances. We prove the decidablity of one of our extensions and the undecidability of a slightly richer one. We introduce first-order encodings to automate reasoning over software transitions with summations. We demonstrate the applicability of our results by using SMT solvers and first-order provers for validating the correctness of common transitions in smart contracts.

[1]  Ákos Hajdu,et al.  solc-verify: A Modular Verifier for Solidity Smart Contracts , 2019, VSTTE.

[2]  Marc Denecker,et al.  DPLL(Agg): An efficient SMT module for aggregates , 2010 .

[3]  Simon Cruanes,et al.  The Imandra Automated Reasoning System (System Description) , 2020, IJCAR.

[4]  Matthew N. O. Sadiku,et al.  Smart Contracts : A Primer , 2018 .

[5]  Lauri Hella,et al.  Logics with aggregate operators , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[6]  Colin Stirling,et al.  Modal and temporal logics , 1993, LICS 1993.

[7]  Andrei Voronkov,et al.  Induction with Generalization in Superposition Reasoning , 2020, CICM.

[8]  Christopher L. Conway,et al.  Cvc4 , 2011, CAV.

[9]  Viktor Kuncak,et al.  An Algorithm for Deciding BAPA: Boolean Algebra with Presburger Arithmetic , 2005, CADE.

[10]  Clara Schneidewind,et al.  eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts , 2020, CCS.

[11]  Tobias Nipkow,et al.  Interactive Proof: Introduction to Isabelle/HOL , 2012, Software Safety and Security.

[12]  Yi Zhang,et al.  End-to-End Formal Verification of Ethereum 2.0 Deposit Smart Contract , 2020, CAV.

[13]  Bernhard Gleiss,et al.  Layered Clause Selection for Saturation-Based Theorem Proving , 2020, PAAR+SC²@IJCAI.

[14]  Leonid Libkin,et al.  Logics with counting, auxiliary relations, and lower bounds for invariant queries , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[15]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[16]  Isil Dillig,et al.  SmartPulse: Automated Checking of Temporal Properties in Smart Contracts , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[17]  Kousha Etessami,et al.  Counting quantifiers, successor relations, and logarithmic space , 1995, Proceedings of Structure in Complexity Theory. Tenth Annual IEEE Conference.

[18]  Andrei Voronkov,et al.  First-Order Theorem Proving and Vampire , 2013, CAV.

[19]  Cesare Tinelli,et al.  Extending SMT Solvers to Higher-Order Logic , 2019, CADE.

[20]  Jouko A. Väänänen,et al.  Generalized Quantifiers , 1997, Bull. EATCS.

[21]  Yoichi Hirai,et al.  Defining the Ethereum Virtual Machine for Interactive Theorem Provers , 2017, Financial Cryptography Workshops.

[22]  Isil Dillig,et al.  Formal Verification of Workflow Policies for Smart Contracts in Azure Blockchain , 2019, VSTTE.

[23]  Formal Verification of Financial Algorithms with Imandra , 2018, 2018 Formal Methods in Computer Aided Design (FMCAD).

[24]  Sam Blackshear,et al.  The Move Prover , 2020, CAV.

[25]  Grant Olney Passmore,et al.  Formal Verification of Financial Algorithms , 2017, CADE.

[26]  L. D. Moura,et al.  The YICES SMT Solver , 2006 .

[27]  Sukrit Kalra,et al.  ZEUS: Analyzing Safety of Smart Contracts , 2018, NDSS.