skip to main content

Rich specifications for Ethereum smart contract verification

Published:15 October 2021Publication History
Skip Abstract Section

Abstract

Smart contracts are programs that execute in blockchains such as Ethereum to manipulate digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is considerable interest in formally proving their correctness. However, the specification and verification of smart contracts faces challenges that rarely arise in other application domains. Smart contracts frequently interact with unverified, potentially adversarial outside code, which substantially weakens the assumptions that formal analyses can (soundly) make. Moreover, the core functionality of smart contracts is to manipulate and transfer resources; describing this functionality concisely requires dedicated specification support. Current reasoning techniques do not fully address these challenges, being restricted in their scope or expressiveness (in particular, in the presence of re-entrant calls), and offering limited means of expressing the resource transfers a contract performs.

In this paper, we present a novel specification methodology tailored to the domain of smart contracts. Our specifications and associated reasoning technique are the first to enable: (1) sound and precise reasoning in the presence of unverified code and arbitrary re-entrancy, (2) modular reasoning about collaborating smart contracts, and (3) domain-specific specifications for resources and resource transfers, expressing a contract's behaviour in intuitive and concise ways and excluding typical errors by default. We have implemented our approach in 2vyper, an SMT-based automated verification tool for Ethereum smart contracts written in Vyper, and demonstrated its effectiveness for verifying strong correctness guarantees for real-world contracts.

Skip Supplemental Material Section

Supplemental Material

Auxiliary Presentation Video

This is a the presentation of our OOPSLA 2021 paper "Rich Specifications for Ethereum Smart Contract Verification". In this paper, we present a novel specification methodology tailored to the domain of smart contracts. Our specifications and associated reasoning technique are the first to enable: (1) sound and precise reasoning in the presence of unverified code and arbitrary re-entrancy, (2) modular reasoning about collaborating smart contracts, and (3) domain-specific specifications for resources and resource transfers, expressing a contract's behaviour in intuitive and concise ways and excluding typical errors by default. We have implemented our approach in 2vyper, an SMT-based automated verification tool for Ethereum smart contracts written in Vyper, and demonstrated its effectiveness for verifying strong correctness guarantees for real-world contracts.

References

  1. Pieter Agten, Bart Jacobs, and Frank Piessens. 2015. Sound Modular Verification of C Code Executing in an Unverified Context. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, Mumbai, India, January 15-17, 2015, Sriram K. Rajamani and David Walker (Eds.). ACM, 581–594. https://doi.org/10.1145/2676726.2676972 Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Elvira Albert, Shelly Grossman, Noam Rinetzky, Clara Rodríguez-Núñez, Albert Rubio, and Mooly Sagiv. 2020. Taming callbacks for smart contract modularity. Proc. ACM Program. Lang., 4, OOPSLA (2020), 209:1–209:30. https://doi.org/10.1145/3428277 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Leonardo Alt and Christian Reitwieß ner. 2018. SMT-Based Verification of Solidity Smart Contracts. In Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice - 8th International Symposium, ISoLA 2018, Limassol, Cyprus, November 5-9, 2018, Proceedings, Part IV, Tiziana Margaria and Bernhard Steffen (Eds.) (Lecture Notes in Computer Science, Vol. 11247). Springer, 376–388. https://doi.org/10.1007/978-3-030-03427-6_28 Google ScholarGoogle ScholarCross RefCross Ref
  4. Sivakumar Arumugam. 2019. Serenuscoin contract. https://github.com/serenuscoin/contracts Accessed on 2021-04-16.Google ScholarGoogle Scholar
  5. Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli. 2017. A Survey of Attacks on Ethereum Smart Contracts (SoK). In Principles of Security and Trust - 6th International Conference, POST 2017, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017, Uppsala, Sweden, April 22-29, 2017, Proceedings, Matteo Maffei and Mark Ryan (Eds.) (Lecture Notes in Computer Science, Vol. 10204). Springer, 164–186. isbn:978-3-662-54454-9 https://doi.org/10.1007/978-3-662-54455-6_8 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Michael Barnett, Robert DeLine, Manuel Fähndrich, K. Rustan M. Leino, and Wolfram Schulte. 2004. Verification of Object-Oriented Programs with Invariants. J. Object Technol., 3, 6 (2004), 27–56. https://doi.org/10.5381/jot.2004.3.6.a2 Google ScholarGoogle ScholarCross RefCross Ref
  7. Sam Blackshear, Evan Cheng, David L Dill, Victor Gao, Ben Maurer, Todd Nowacki, Alistair Pott, Shaz Qadeer, Dario Russi Rain, and Stephane Sezer. 2019. Move: A language with programmable resources. https://developers.libra.org/docs/move-paperGoogle ScholarGoogle Scholar
  8. Blockchains LLC. 2016. Decentralized Autonomous Organization (DAO) Framework. https://github.com/blockchainsllc/DAO/blob/6967d70e0e11762c1c34830d7ef2b86e62ff868e/DAO.sol Accessed on 2021-04-16.Google ScholarGoogle Scholar
  9. Christian Bräm, Marco Eilers, Peter Müller, Robin Sierra, and Alexander J. Summers. 2021. Rich Specifications for Ethereum Smart Contract Verification. CoRR, abs/2104.10274 (2021), arxiv:2104.10274. arxiv:2104.10274Google ScholarGoogle Scholar
  10. Christian Bräm, Marco Eilers, Peter Müller, Robin Sierra, and Alexander J. Summers. 2021. Rich Specifications for Ethereum Smart Contract Verification (Artifact). https://doi.org/10.5281/zenodo.5415274 Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Qinxiang Cao and Zhongye Wang. 2020. Reentrancy? Yes. Reentrancy Bug? No. In Dependable Software Engineering. Theories, Tools, and Applications - 6th International Symposium, SETTA 2020, Guangzhou, China, November 24-27, 2020, Proceedings, Jun Pang and Lijun Zhang (Eds.) (Lecture Notes in Computer Science, Vol. 12153). Springer, 17–34. https://doi.org/10.1007/978-3-030-62822-2_2 Google ScholarGoogle ScholarCross RefCross Ref
  12. Michael J. Coblenz. 2017. Obsidian: a safer blockchain programming language. In Proceedings of the 39th International Conference on Software Engineering, ICSE 2017, Buenos Aires, Argentina, May 20-28, 2017 - Companion Volume, Sebastián Uchitel, Alessandro Orso, and Martin P. Robillard (Eds.). IEEE Computer Society, 97–99. isbn:978-1-5386-1589-8 https://doi.org/10.1109/ICSE-C.2017.150 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings, C. R. Ramakrishnan and Jakob Rehof (Eds.) (Lecture Notes in Computer Science, Vol. 4963). Springer, 337–340. https://doi.org/10.1007/978-3-540-78800-3_24 Google ScholarGoogle ScholarCross RefCross Ref
  14. Sophia Drossopoulou, Adrian Francalanza, Peter Müller, and Alexander J. Summers. 2008. A Unified Framework for Verification Techniques for Object Invariants. In ECOOP 2008 - Object-Oriented Programming, 22nd European Conference, Paphos, Cyprus, July 7-11, 2008, Proceedings, Jan Vitek (Ed.) (Lecture Notes in Computer Science, Vol. 5142). Springer, 412–437. https://doi.org/10.1007/978-3-540-70592-5_18 Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Sophia Drossopoulou, James Noble, Julian Mackay, and Susan Eisenbach. 2020. Holistic Specifications for Robust Programs. In Fundamental Approaches to Software Engineering - 23rd International Conference, FASE 2020, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020, Dublin, Ireland, April 25-30, 2020, Proceedings, Heike Wehrheim and Jordi Cabot (Eds.) (Lecture Notes in Computer Science, Vol. 12076). Springer, 420–440. https://doi.org/10.1007/978-3-030-45234-6_21 Google ScholarGoogle ScholarCross RefCross Ref
  16. William Entriken, Dieter Shirley, Jacob Evans, and Nastassia Sachs. 2018. EIP-721: ERC-721 Non-Fungible Token Standard. Ethereum Improvement Proposals, 721 (2018), https://eips.ethereum.org/EIPS/eip-721Google ScholarGoogle Scholar
  17. Ethereum. 2021. Solidity by example. https://github.com/ethereum/solidity Accessed on 2021-04-16.Google ScholarGoogle Scholar
  18. Ethereum. 2021. Solidity documentation. https://solidity.readthedocs.io/ Accessed on 2020-01-11.Google ScholarGoogle Scholar
  19. Ethereum. 2021. Vyper documentation. https://vyper.readthedocs.io/ Accessed on 2020-01-11.Google ScholarGoogle Scholar
  20. Ethereum. 2021. Vyper example contracts. https://github.com/vyperlang/vyper/tree/master/examples Accessed on 2021-04-16.Google ScholarGoogle Scholar
  21. Josselin Feist, Gustavo Grieco, and Alex Groce. 2019. Slither: a static analysis framework for smart contracts. In Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain, [email protected] 2019, Montreal, QC, Canada, May 27, 2019. IEEE / ACM, 8–15. https://doi.org/10.1109/WETSEB.2019.00008 Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2018. Online detection of effectively callback free objects with applications to smart contracts. PACMPL, 2, POPL (2018), 48:1–48:28. https://doi.org/10.1145/3158136 Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Osman Gazi Güçlütürk. 2018. The DAO Hack Explained: Unfortunate Take-off of Smart Contracts. https://medium.com/@ogucluturk/the-dao-hack-explained-unfortunate-take-off-of-smart-contracts-2bd8c8db3562 Accessed on 2021-03-31.Google ScholarGoogle Scholar
  24. Ákos Hajdu and Dejan Jovanovic. 2019. solc-verify: A Modular Verifier for Solidity Smart Contracts. CoRR, abs/1907.04262 (2019), arxiv:1907.04262. arxiv:1907.04262Google ScholarGoogle Scholar
  25. Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Brandon M. Moore, Daejun Park, Yi Zhang, Andrei Stefanescu, and Grigore Rosu. 2018. KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine. In 31st IEEE Computer Security Foundations Symposium, CSF 2018, Oxford, United Kingdom, July 9-12, 2018. IEEE Computer Society, 204–217. https://doi.org/10.1109/CSF.2018.00022 Google ScholarGoogle ScholarCross RefCross Ref
  26. Yoichi Hirai. 2017. Defining the Ethereum Virtual Machine for Interactive Theorem Provers. In Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Sliema, Malta, April 7, 2017, Revised Selected Papers, Michael Brenner, Kurt Rohloff, Joseph Bonneau, Andrew Miller, Peter Y. A. Ryan, Vanessa Teague, Andrea Bracciali, Massimiliano Sala, Federico Pintore, and Markus Jakobsson (Eds.) (Lecture Notes in Computer Science, Vol. 10323). Springer, 520–535. isbn:978-3-319-70277-3 https://doi.org/10.1007/978-3-319-70278-0_33 Google ScholarGoogle ScholarCross RefCross Ref
  27. Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. ZEUS: Analyzing Safety of Smart Contracts. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Society. http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdfGoogle ScholarGoogle Scholar
  28. Ioannis T. Kassios. 2006. Dynamic Frames: Support for Framing, Dependencies and Sharing Without Restrictions. In FM 2006: Formal Methods, 14th International Symposium on Formal Methods, Hamilton, Canada, August 21-27, 2006, Proceedings, Jayadev Misra, Tobias Nipkow, and Emil Sekerinski (Eds.) (Lecture Notes in Computer Science, Vol. 4085). Springer, 268–283. https://doi.org/10.1007/11813040_19 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Enmei Lai and Wenjun Luo. 2020. Static Analysis of Integer Overflow of Smart Contracts in Ethereum. In ICCSP 2020: 4th International Conference on Cryptography, Security and Privacy, Nanjing, China, January 10-12, 2020. ACM, 110–115. https://doi.org/10.1145/3377644.3377650 Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Gary T. Leavens, Erik Poll, Curtis Clifton, Yoonsik Cheon, Clyde Ruby, David Cok, Peter Müller, Joseph Kiniry, Patrice Chalin, and Daniel M. Zimmerman. 2008. JML reference manual.Google ScholarGoogle Scholar
  31. K. Rustan M. Leino and Peter Müller. 2004. Object Invariants in Dynamic Contexts. In ECOOP 2004 - Object-Oriented Programming, 18th European Conference, Oslo, Norway, June 14-18, 2004, Proceedings, Martin Odersky (Ed.) (Lecture Notes in Computer Science, Vol. 3086). Springer, 491–516. https://doi.org/10.1007/978-3-540-24851-4_22 Google ScholarGoogle ScholarCross RefCross Ref
  32. Barbara Liskov and Jeannette M. Wing. 1993. Specifications and Their Use in Defining Subtypes. In Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), Eighth Annual Conference, Washington, DC, USA, September 26 - October 1, 1993, Proceedings, Timlynn Babitsky and Jim Salmons (Eds.). ACM, 16–28. https://doi.org/10.1145/165854.165863 Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making Smart Contracts Smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi (Eds.). ACM, 254–269. isbn:978-1-4503-4139-4 https://doi.org/10.1145/2976749.2978309 Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Anastasia Mavridou, Aron Laszka, Emmanouela Stachtiari, and Abhishek Dubey. 2019. VeriSolid: Correct-by-Design Smart Contracts for Ethereum. In Financial Cryptography and Data Security - 23rd International Conference, FC 2019, Frigate Bay, St. Kitts and Nevis, February 18-22, 2019, Revised Selected Papers, Ian Goldberg and Tyler Moore (Eds.) (Lecture Notes in Computer Science, Vol. 11598). Springer, 446–465. https://doi.org/10.1007/978-3-030-32101-7_27 Google ScholarGoogle ScholarCross RefCross Ref
  35. John McCall, Doug Gregor, Konrad Malawski, and Chris Lattner. 2021. SE-0306: Actors. https://github.com/apple/swift-evolution/blob/main/proposals/0306-actors.md Accessed on 2021-08-07.Google ScholarGoogle Scholar
  36. Mark S. Miller. 2006. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. Ph.D. Dissertation. Johns Hopkins University.Google ScholarGoogle Scholar
  37. Mark S. Miller, Chip Morningstar, and Bill Frantz. 2000. Capability-Based Financial Instruments. In Financial Cryptography, 4th International Conference, FC 2000 Anguilla, British West Indies, February 20-24, 2000, Proceedings, Yair Frankel (Ed.) (Lecture Notes in Computer Science, Vol. 1962). Springer, 349–378. https://doi.org/10.1007/3-540-45472-1_24 Google ScholarGoogle ScholarCross RefCross Ref
  38. Vittorio Minacori. 2020. EIP-1363: ERC-1363 Payable Token. Ethereum Improvement Proposals, 1363 (2020), https://eips.ethereum.org/EIPS/eip-1363Google ScholarGoogle Scholar
  39. Vittorio Minacori. 2021. ERC-1363 Payable Token. https://github.com/vittominacori/erc1363-payable-token Accessed on 2021-04-16.Google ScholarGoogle Scholar
  40. Mark Mossberg, Felipe Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, and Artem Dinaburg. 2019. Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts. CoRR, abs/1907.03890 (2019), arxiv:1907.03890. arxiv:1907.03890Google ScholarGoogle Scholar
  41. Peter Müller. 2002. Modular Specification and Verification of Object-Oriented Programs (Lecture Notes in Computer Science, Vol. 2262). Springer. isbn:3-540-43167-5 https://doi.org/10.1007/3-540-45651-1 Google ScholarGoogle Scholar
  42. Peter Müller, Malte Schwerhoff, and Alexander J. Summers. 2016. Viper: A Verification Infrastructure for Permission-Based Reasoning. In Verification, Model Checking, and Abstract Interpretation - 17th International Conference, VMCAI 2016, St. Petersburg, FL, USA, January 17-19, 2016. Proceedings, Barbara Jobstmann and K. Rustan M. Leino (Eds.) (Lecture Notes in Computer Science, Vol. 9583). Springer, 41–62. isbn:978-3-662-49121-8 https://doi.org/10.1007/978-3-662-49122-5_2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Keerthi Nelaturu, Anastasia Mavridou, Andreas G. Veneris, and Aron Laszka. 2020. Verified Development and Deployment of Multiple Interacting Smart Contracts with VeriSolid. In IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2020, Toronto, ON, Canada, May 2-6, 2020. IEEE, 1–9. https://doi.org/10.1109/ICBC48266.2020.9169428 Google ScholarGoogle ScholarCross RefCross Ref
  44. Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor. 2018. Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018. ACM, 653–663. https://doi.org/10.1145/3274694.3274743 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin Vechev. 2019. VerX smart contract verification benchmarks. https://github.com/eth-sri/verx-benchmarks Accessed on 2021-04-16.Google ScholarGoogle Scholar
  46. Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin T. Vechev. 2020. VerX: Safety Verification of Smart Contracts. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020. IEEE, 1661–1677. https://doi.org/10.1109/SP40000.2020.00024 Google ScholarGoogle ScholarCross RefCross Ref
  47. John C. Reynolds. 2002. Separation Logic: A Logic for Shared Mutable Data Structures. In 17th IEEE Symposium on Logic in Computer Science (LICS 2002), 22-25 July 2002, Copenhagen, Denmark, Proceedings. IEEE Computer Society, 55–74. https://doi.org/10.1109/LICS.2002.1029817 Google ScholarGoogle ScholarCross RefCross Ref
  48. Ilya Sergey, Vaivaswatha Nagaraj, Jacob Johannsen, Amrit Kumar, Anton Trunov, and Ken Chan Guan Hao. 2019. Safer smart contract programming with Scilla. PACMPL, 3, OOPSLA (2019), 185:1–185:30. https://doi.org/10.1145/3360611 Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, and Yaroslav Alexandrov. 2018. SmartCheck: Static Analysis of Ethereum Smart Contracts. In 1st IEEE/ACM International Workshop on Emerging Trends in Software Engineering for Blockchain, [email protected] 2018, Gothenburg, Sweden, May 27 - June 3, 2018. ACM, 9–16. http://ieeexplore.ieee.org/document/8445052Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Petar Tsankov, Andrei Marian Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin T. Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018. 67–82. https://doi.org/10.1145/3243734.3243780 Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Uniswap. 2019. Uniswap version 1. https://github.com/Uniswap/uniswap-v1 Accessed on 2021-04-16.Google ScholarGoogle Scholar
  52. Fabian Vogelsteller and Vitalik Buterin. 2015. EIP-20: ERC-20 Token Standard. Ethereum Improvement Proposals, 20 (2015), https://eips.ethereum.org/EIPS/eip-20Google ScholarGoogle Scholar
  53. Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151, 2014 (2014), 1–32.Google ScholarGoogle Scholar
  54. Jingyi Emma Zhong, Kevin Cheang, Shaz Qadeer, Wolfgang Grieskamp, Sam Blackshear, Junkil Park, Yoni Zohar, Clark W. Barrett, and David L. Dill. 2020. The Move Prover. In Computer Aided Verification - 32nd International Conference, CAV 2020, Los Angeles, CA, USA, July 21-24, 2020, Proceedings, Part I, Shuvendu K. Lahiri and Chao Wang (Eds.) (Lecture Notes in Computer Science, Vol. 12224). Springer, 137–150. https://doi.org/10.1007/978-3-030-53288-8_7 Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Rich specifications for Ethereum smart contract verification

                Recommendations

                Comments

                Login options

                Check if you have access through your login credentials or your institution to get full access on this article.

                Sign in

                Full Access

                PDF Format

                View or Download as a PDF file.

                PDF

                eReader

                View online with eReader.

                eReader
                About Cookies On This Site

                We use cookies to ensure that we give you the best experience on our website.

                Learn more

                Got it!