Abstract
Smart contracts are programs that execute in blockchains such as Ethereum to manipulate digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is considerable interest in formally proving their correctness. However, the specification and verification of smart contracts faces challenges that rarely arise in other application domains. Smart contracts frequently interact with unverified, potentially adversarial outside code, which substantially weakens the assumptions that formal analyses can (soundly) make. Moreover, the core functionality of smart contracts is to manipulate and transfer resources; describing this functionality concisely requires dedicated specification support. Current reasoning techniques do not fully address these challenges, being restricted in their scope or expressiveness (in particular, in the presence of re-entrant calls), and offering limited means of expressing the resource transfers a contract performs.
In this paper, we present a novel specification methodology tailored to the domain of smart contracts. Our specifications and associated reasoning technique are the first to enable: (1) sound and precise reasoning in the presence of unverified code and arbitrary re-entrancy, (2) modular reasoning about collaborating smart contracts, and (3) domain-specific specifications for resources and resource transfers, expressing a contract's behaviour in intuitive and concise ways and excluding typical errors by default. We have implemented our approach in 2vyper, an SMT-based automated verification tool for Ethereum smart contracts written in Vyper, and demonstrated its effectiveness for verifying strong correctness guarantees for real-world contracts.
Supplemental Material
- Pieter Agten, Bart Jacobs, and Frank Piessens. 2015. Sound Modular Verification of C Code Executing in an Unverified Context. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, Mumbai, India, January 15-17, 2015, Sriram K. Rajamani and David Walker (Eds.). ACM, 581–594. https://doi.org/10.1145/2676726.2676972 Google Scholar
Digital Library
- Elvira Albert, Shelly Grossman, Noam Rinetzky, Clara Rodríguez-Núñez, Albert Rubio, and Mooly Sagiv. 2020. Taming callbacks for smart contract modularity. Proc. ACM Program. Lang., 4, OOPSLA (2020), 209:1–209:30. https://doi.org/10.1145/3428277 Google Scholar
Digital Library
- Leonardo Alt and Christian Reitwieß ner. 2018. SMT-Based Verification of Solidity Smart Contracts. In Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice - 8th International Symposium, ISoLA 2018, Limassol, Cyprus, November 5-9, 2018, Proceedings, Part IV, Tiziana Margaria and Bernhard Steffen (Eds.) (Lecture Notes in Computer Science, Vol. 11247). Springer, 376–388. https://doi.org/10.1007/978-3-030-03427-6_28 Google Scholar
Cross Ref
- Sivakumar Arumugam. 2019. Serenuscoin contract. https://github.com/serenuscoin/contracts Accessed on 2021-04-16.Google Scholar
- Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli. 2017. A Survey of Attacks on Ethereum Smart Contracts (SoK). In Principles of Security and Trust - 6th International Conference, POST 2017, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017, Uppsala, Sweden, April 22-29, 2017, Proceedings, Matteo Maffei and Mark Ryan (Eds.) (Lecture Notes in Computer Science, Vol. 10204). Springer, 164–186. isbn:978-3-662-54454-9 https://doi.org/10.1007/978-3-662-54455-6_8 Google Scholar
Digital Library
- Michael Barnett, Robert DeLine, Manuel Fähndrich, K. Rustan M. Leino, and Wolfram Schulte. 2004. Verification of Object-Oriented Programs with Invariants. J. Object Technol., 3, 6 (2004), 27–56. https://doi.org/10.5381/jot.2004.3.6.a2 Google Scholar
Cross Ref
- Sam Blackshear, Evan Cheng, David L Dill, Victor Gao, Ben Maurer, Todd Nowacki, Alistair Pott, Shaz Qadeer, Dario Russi Rain, and Stephane Sezer. 2019. Move: A language with programmable resources. https://developers.libra.org/docs/move-paperGoogle Scholar
- Blockchains LLC. 2016. Decentralized Autonomous Organization (DAO) Framework. https://github.com/blockchainsllc/DAO/blob/6967d70e0e11762c1c34830d7ef2b86e62ff868e/DAO.sol Accessed on 2021-04-16.Google Scholar
- Christian Bräm, Marco Eilers, Peter Müller, Robin Sierra, and Alexander J. Summers. 2021. Rich Specifications for Ethereum Smart Contract Verification. CoRR, abs/2104.10274 (2021), arxiv:2104.10274. arxiv:2104.10274Google Scholar
- Christian Bräm, Marco Eilers, Peter Müller, Robin Sierra, and Alexander J. Summers. 2021. Rich Specifications for Ethereum Smart Contract Verification (Artifact). https://doi.org/10.5281/zenodo.5415274 Google Scholar
Digital Library
- Qinxiang Cao and Zhongye Wang. 2020. Reentrancy? Yes. Reentrancy Bug? No. In Dependable Software Engineering. Theories, Tools, and Applications - 6th International Symposium, SETTA 2020, Guangzhou, China, November 24-27, 2020, Proceedings, Jun Pang and Lijun Zhang (Eds.) (Lecture Notes in Computer Science, Vol. 12153). Springer, 17–34. https://doi.org/10.1007/978-3-030-62822-2_2 Google Scholar
Cross Ref
- Michael J. Coblenz. 2017. Obsidian: a safer blockchain programming language. In Proceedings of the 39th International Conference on Software Engineering, ICSE 2017, Buenos Aires, Argentina, May 20-28, 2017 - Companion Volume, Sebastián Uchitel, Alessandro Orso, and Martin P. Robillard (Eds.). IEEE Computer Society, 97–99. isbn:978-1-5386-1589-8 https://doi.org/10.1109/ICSE-C.2017.150 Google Scholar
Digital Library
- Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings, C. R. Ramakrishnan and Jakob Rehof (Eds.) (Lecture Notes in Computer Science, Vol. 4963). Springer, 337–340. https://doi.org/10.1007/978-3-540-78800-3_24 Google Scholar
Cross Ref
- Sophia Drossopoulou, Adrian Francalanza, Peter Müller, and Alexander J. Summers. 2008. A Unified Framework for Verification Techniques for Object Invariants. In ECOOP 2008 - Object-Oriented Programming, 22nd European Conference, Paphos, Cyprus, July 7-11, 2008, Proceedings, Jan Vitek (Ed.) (Lecture Notes in Computer Science, Vol. 5142). Springer, 412–437. https://doi.org/10.1007/978-3-540-70592-5_18 Google Scholar
Digital Library
- Sophia Drossopoulou, James Noble, Julian Mackay, and Susan Eisenbach. 2020. Holistic Specifications for Robust Programs. In Fundamental Approaches to Software Engineering - 23rd International Conference, FASE 2020, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020, Dublin, Ireland, April 25-30, 2020, Proceedings, Heike Wehrheim and Jordi Cabot (Eds.) (Lecture Notes in Computer Science, Vol. 12076). Springer, 420–440. https://doi.org/10.1007/978-3-030-45234-6_21 Google Scholar
Cross Ref
- William Entriken, Dieter Shirley, Jacob Evans, and Nastassia Sachs. 2018. EIP-721: ERC-721 Non-Fungible Token Standard. Ethereum Improvement Proposals, 721 (2018), https://eips.ethereum.org/EIPS/eip-721Google Scholar
- Ethereum. 2021. Solidity by example. https://github.com/ethereum/solidity Accessed on 2021-04-16.Google Scholar
- Ethereum. 2021. Solidity documentation. https://solidity.readthedocs.io/ Accessed on 2020-01-11.Google Scholar
- Ethereum. 2021. Vyper documentation. https://vyper.readthedocs.io/ Accessed on 2020-01-11.Google Scholar
- Ethereum. 2021. Vyper example contracts. https://github.com/vyperlang/vyper/tree/master/examples Accessed on 2021-04-16.Google Scholar
- Josselin Feist, Gustavo Grieco, and Alex Groce. 2019. Slither: a static analysis framework for smart contracts. In Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain, [email protected] 2019, Montreal, QC, Canada, May 27, 2019. IEEE / ACM, 8–15. https://doi.org/10.1109/WETSEB.2019.00008 Google Scholar
Digital Library
- Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2018. Online detection of effectively callback free objects with applications to smart contracts. PACMPL, 2, POPL (2018), 48:1–48:28. https://doi.org/10.1145/3158136 Google Scholar
Digital Library
- Osman Gazi Güçlütürk. 2018. The DAO Hack Explained: Unfortunate Take-off of Smart Contracts. https://medium.com/@ogucluturk/the-dao-hack-explained-unfortunate-take-off-of-smart-contracts-2bd8c8db3562 Accessed on 2021-03-31.Google Scholar
- Ákos Hajdu and Dejan Jovanovic. 2019. solc-verify: A Modular Verifier for Solidity Smart Contracts. CoRR, abs/1907.04262 (2019), arxiv:1907.04262. arxiv:1907.04262Google Scholar
- Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Brandon M. Moore, Daejun Park, Yi Zhang, Andrei Stefanescu, and Grigore Rosu. 2018. KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine. In 31st IEEE Computer Security Foundations Symposium, CSF 2018, Oxford, United Kingdom, July 9-12, 2018. IEEE Computer Society, 204–217. https://doi.org/10.1109/CSF.2018.00022 Google Scholar
Cross Ref
- Yoichi Hirai. 2017. Defining the Ethereum Virtual Machine for Interactive Theorem Provers. In Financial Cryptography and Data Security - FC 2017 International Workshops, WAHC, BITCOIN, VOTING, WTSC, and TA, Sliema, Malta, April 7, 2017, Revised Selected Papers, Michael Brenner, Kurt Rohloff, Joseph Bonneau, Andrew Miller, Peter Y. A. Ryan, Vanessa Teague, Andrea Bracciali, Massimiliano Sala, Federico Pintore, and Markus Jakobsson (Eds.) (Lecture Notes in Computer Science, Vol. 10323). Springer, 520–535. isbn:978-3-319-70277-3 https://doi.org/10.1007/978-3-319-70278-0_33 Google Scholar
Cross Ref
- Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. ZEUS: Analyzing Safety of Smart Contracts. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Society. http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdfGoogle Scholar
- Ioannis T. Kassios. 2006. Dynamic Frames: Support for Framing, Dependencies and Sharing Without Restrictions. In FM 2006: Formal Methods, 14th International Symposium on Formal Methods, Hamilton, Canada, August 21-27, 2006, Proceedings, Jayadev Misra, Tobias Nipkow, and Emil Sekerinski (Eds.) (Lecture Notes in Computer Science, Vol. 4085). Springer, 268–283. https://doi.org/10.1007/11813040_19 Google Scholar
Digital Library
- Enmei Lai and Wenjun Luo. 2020. Static Analysis of Integer Overflow of Smart Contracts in Ethereum. In ICCSP 2020: 4th International Conference on Cryptography, Security and Privacy, Nanjing, China, January 10-12, 2020. ACM, 110–115. https://doi.org/10.1145/3377644.3377650 Google Scholar
Digital Library
- Gary T. Leavens, Erik Poll, Curtis Clifton, Yoonsik Cheon, Clyde Ruby, David Cok, Peter Müller, Joseph Kiniry, Patrice Chalin, and Daniel M. Zimmerman. 2008. JML reference manual.Google Scholar
- K. Rustan M. Leino and Peter Müller. 2004. Object Invariants in Dynamic Contexts. In ECOOP 2004 - Object-Oriented Programming, 18th European Conference, Oslo, Norway, June 14-18, 2004, Proceedings, Martin Odersky (Ed.) (Lecture Notes in Computer Science, Vol. 3086). Springer, 491–516. https://doi.org/10.1007/978-3-540-24851-4_22 Google Scholar
Cross Ref
- Barbara Liskov and Jeannette M. Wing. 1993. Specifications and Their Use in Defining Subtypes. In Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), Eighth Annual Conference, Washington, DC, USA, September 26 - October 1, 1993, Proceedings, Timlynn Babitsky and Jim Salmons (Eds.). ACM, 16–28. https://doi.org/10.1145/165854.165863 Google Scholar
Digital Library
- Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making Smart Contracts Smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi (Eds.). ACM, 254–269. isbn:978-1-4503-4139-4 https://doi.org/10.1145/2976749.2978309 Google Scholar
Digital Library
- Anastasia Mavridou, Aron Laszka, Emmanouela Stachtiari, and Abhishek Dubey. 2019. VeriSolid: Correct-by-Design Smart Contracts for Ethereum. In Financial Cryptography and Data Security - 23rd International Conference, FC 2019, Frigate Bay, St. Kitts and Nevis, February 18-22, 2019, Revised Selected Papers, Ian Goldberg and Tyler Moore (Eds.) (Lecture Notes in Computer Science, Vol. 11598). Springer, 446–465. https://doi.org/10.1007/978-3-030-32101-7_27 Google Scholar
Cross Ref
- John McCall, Doug Gregor, Konrad Malawski, and Chris Lattner. 2021. SE-0306: Actors. https://github.com/apple/swift-evolution/blob/main/proposals/0306-actors.md Accessed on 2021-08-07.Google Scholar
- Mark S. Miller. 2006. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. Ph.D. Dissertation. Johns Hopkins University.Google Scholar
- Mark S. Miller, Chip Morningstar, and Bill Frantz. 2000. Capability-Based Financial Instruments. In Financial Cryptography, 4th International Conference, FC 2000 Anguilla, British West Indies, February 20-24, 2000, Proceedings, Yair Frankel (Ed.) (Lecture Notes in Computer Science, Vol. 1962). Springer, 349–378. https://doi.org/10.1007/3-540-45472-1_24 Google Scholar
Cross Ref
- Vittorio Minacori. 2020. EIP-1363: ERC-1363 Payable Token. Ethereum Improvement Proposals, 1363 (2020), https://eips.ethereum.org/EIPS/eip-1363Google Scholar
- Vittorio Minacori. 2021. ERC-1363 Payable Token. https://github.com/vittominacori/erc1363-payable-token Accessed on 2021-04-16.Google Scholar
- Mark Mossberg, Felipe Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, and Artem Dinaburg. 2019. Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts. CoRR, abs/1907.03890 (2019), arxiv:1907.03890. arxiv:1907.03890Google Scholar
- Peter Müller. 2002. Modular Specification and Verification of Object-Oriented Programs (Lecture Notes in Computer Science, Vol. 2262). Springer. isbn:3-540-43167-5 https://doi.org/10.1007/3-540-45651-1 Google Scholar
- Peter Müller, Malte Schwerhoff, and Alexander J. Summers. 2016. Viper: A Verification Infrastructure for Permission-Based Reasoning. In Verification, Model Checking, and Abstract Interpretation - 17th International Conference, VMCAI 2016, St. Petersburg, FL, USA, January 17-19, 2016. Proceedings, Barbara Jobstmann and K. Rustan M. Leino (Eds.) (Lecture Notes in Computer Science, Vol. 9583). Springer, 41–62. isbn:978-3-662-49121-8 https://doi.org/10.1007/978-3-662-49122-5_2 Google Scholar
Digital Library
- Keerthi Nelaturu, Anastasia Mavridou, Andreas G. Veneris, and Aron Laszka. 2020. Verified Development and Deployment of Multiple Interacting Smart Contracts with VeriSolid. In IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2020, Toronto, ON, Canada, May 2-6, 2020. IEEE, 1–9. https://doi.org/10.1109/ICBC48266.2020.9169428 Google Scholar
Cross Ref
- Ivica Nikolic, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor. 2018. Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018. ACM, 653–663. https://doi.org/10.1145/3274694.3274743 Google Scholar
Digital Library
- Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin Vechev. 2019. VerX smart contract verification benchmarks. https://github.com/eth-sri/verx-benchmarks Accessed on 2021-04-16.Google Scholar
- Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin T. Vechev. 2020. VerX: Safety Verification of Smart Contracts. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020. IEEE, 1661–1677. https://doi.org/10.1109/SP40000.2020.00024 Google Scholar
Cross Ref
- John C. Reynolds. 2002. Separation Logic: A Logic for Shared Mutable Data Structures. In 17th IEEE Symposium on Logic in Computer Science (LICS 2002), 22-25 July 2002, Copenhagen, Denmark, Proceedings. IEEE Computer Society, 55–74. https://doi.org/10.1109/LICS.2002.1029817 Google Scholar
Cross Ref
- Ilya Sergey, Vaivaswatha Nagaraj, Jacob Johannsen, Amrit Kumar, Anton Trunov, and Ken Chan Guan Hao. 2019. Safer smart contract programming with Scilla. PACMPL, 3, OOPSLA (2019), 185:1–185:30. https://doi.org/10.1145/3360611 Google Scholar
Digital Library
- Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, and Yaroslav Alexandrov. 2018. SmartCheck: Static Analysis of Ethereum Smart Contracts. In 1st IEEE/ACM International Workshop on Emerging Trends in Software Engineering for Blockchain, [email protected] 2018, Gothenburg, Sweden, May 27 - June 3, 2018. ACM, 9–16. http://ieeexplore.ieee.org/document/8445052Google Scholar
Digital Library
- Petar Tsankov, Andrei Marian Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin T. Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018. 67–82. https://doi.org/10.1145/3243734.3243780 Google Scholar
Digital Library
- Uniswap. 2019. Uniswap version 1. https://github.com/Uniswap/uniswap-v1 Accessed on 2021-04-16.Google Scholar
- Fabian Vogelsteller and Vitalik Buterin. 2015. EIP-20: ERC-20 Token Standard. Ethereum Improvement Proposals, 20 (2015), https://eips.ethereum.org/EIPS/eip-20Google Scholar
- Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151, 2014 (2014), 1–32.Google Scholar
- Jingyi Emma Zhong, Kevin Cheang, Shaz Qadeer, Wolfgang Grieskamp, Sam Blackshear, Junkil Park, Yoni Zohar, Clark W. Barrett, and David L. Dill. 2020. The Move Prover. In Computer Aided Verification - 32nd International Conference, CAV 2020, Los Angeles, CA, USA, July 21-24, 2020, Proceedings, Part I, Shuvendu K. Lahiri and Chao Wang (Eds.) (Lecture Notes in Computer Science, Vol. 12224). Springer, 137–150. https://doi.org/10.1007/978-3-030-53288-8_7 Google Scholar
Cross Ref
Index Terms
Rich specifications for Ethereum smart contract verification
Recommendations
EthVer: Formal Verification of Randomized Ethereum Smart Contracts
Financial Cryptography and Data Security. FC 2021 International WorkshopsAbstractDespite the great potential capabilities and the mature technological solutions, the smart contracts have never been used at a large scale, one of the reasons being the lack of good methods to verify the correctness and security of the contracts—...
Towards verifying ethereum smart contract bytecode in Isabelle/HOL
CPP 2018: Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and ProofsBlockchain technology has increasing attention in research and across many industries. The Ethereum blockchain offers smart contracts, which are small programs defined, executed, and recorded as transactions in the blockchain transaction history. These ...
Towards Verification of Ethereum Smart Contracts: A Formalization of Core of Solidity
Verified Software. Theories, Tools, and ExperimentsAbstractSolidity is the most popular programming language for writing smart contracts on the Ethereum platform. Given that smart contracts often manage large amounts of valuable digital assets, considerable interest has arisen in formal verification of ...






Comments