Abstract
Smart contracts are tempting targets of attacks, as they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general programming languages. A common feature of existing works in this area is the attempt to reuse off-the-shelf verification tools designed for general programming languages. This reuse can lead to inefficiency and potentially unsound results, as domain translation is required. In this article, we describe a carefully crafted approach that directly models the central aspects of smart contracts natively, going from the contract to its logical representation without intermediary steps. We use the expressive and highly automatable logic of constrained Horn clauses for modeling and instantiate our approach to the Solidity language. A tool implementing our approach, called Solicitous, was developed and integrated into the SMTChecker module of the Solidity compiler solc. We evaluated our approach on an extensive benchmark set containing 22,446 real-world smart contracts deployed on the Ethereum blockchain over a 27-month period. The results show that our approach is able to establish safety of significantly more contracts than comparable, publicly available verification tools, with an order of magnitude increase in the percentage of formally verified contracts.
- [1] . 2019. SAFEVM: A safety verifier for Ethereum smart contracts. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. 386–389.Google Scholar
Digital Library
- [2] . 2018. SMT-based verification of Solidity smart contracts. In Proceedings of the 8th International Symposium on Leveraging Applications of Formal Methods. 376–388.Google Scholar
Digital Library
- [3] . 2019. Blockchain technology in the energy sector: A systematic review of challenges and opportunities. Renewable and Sustainable Energy Reviews 100 (2019), 143–174.Google Scholar
Cross Ref
- [4] . 2018. Hyperledger fabric: A distributed operating system for permissioned blockchains. In Proceedings of the 13th EuroSys Conference. Article
30 , 15 pages.Google ScholarDigital Library
- [5] . 2017. A survey of attacks on Ethereum smart contracts SoK. In Proceedings of the 6th International Conference on Principles of Security and Trust. 164–186.Google Scholar
Digital Library
- [6] . 1996. A monotonic superclass linearization for Dylan. In Proceedings of the 11th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications. 69–82.Google Scholar
Digital Library
- [7] . 2016. Formal verification of smart contracts. In Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security. 91–96.Google Scholar
Digital Library
- [8] . 2015. Horn clause solvers for program verification. In Fields of Logic and Computation II. Lecture Notes in Computer Science, Vol. 9300. Springer, 24–51.Google Scholar
- [9] . 1987. Existential fixed-point logic. In Computation Theory and Logic. Springer, 20–36.Google Scholar
- [10] . 2020. A cooperative parallelization approach for property-directed k-induction. In Proceedings of the 21st International Conference on Verification, Model Checking, and Abstract Interpretation. 270–292.Google Scholar
Digital Library
- [11] . 2011. SAT-based model checking without unrolling. In Proceedings of the 12th International Conference on Verification, Model Checking, and Abstract Interpretation. 70–87.Google Scholar
Digital Library
- [12] . 2020. Ethainter: A smart contract security analyzer for composite vulnerabilities. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 454–469.Google Scholar
Digital Library
- [13] . 2019. Blockchain and the future of energy. Technology in Society 57 (2019), 38–45.Google Scholar
Cross Ref
- [14] . 2013. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. Retrieved October 6, 2022 from https://ethereum.org/en/whitepaper.Google Scholar
- [15] . 2016. SMACK software verification toolchain. In Proceedings of the 38th IEEE/ACM International Conference on Software Engineering. 589–592.Google Scholar
Digital Library
- [16] . 2021. CHC Comp: Report on the 2021 Edition. Retrieved October 6, 2022 from https://chc-comp.github.io/2021/presentation.pdf.Google Scholar
- [17] . 2021. ConsenSys/Mythril. Retrieved October 6, 2022 from https://github.com/ConsenSys/mythril.Google Scholar
- [18] . 2008. Z3: An efficient SMT solver. In Proceedings of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 337–340.Google Scholar
Cross Ref
- [19] . 2017. Automated execution of financial contracts on blockchains. Business & Information Systems Engineering 59, 6 (2017), 457–467.Google Scholar
Cross Ref
- [20] . 2021. Etherscan—The Ethereum Blockchain Explorer. Retrieved October 6, 2022 from https://etherscan.io/.Google Scholar
- [21] . 2019. Slither: A static analysis framework for smart contracts. In Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain. 8–15.Google Scholar
Digital Library
- [22] . 2021. Ethereum/solidity. Retrieved October 6, 2022 from https://github.com/ethereum/solidity.Google Scholar
- [23] . 2021. Retrieved October 6, 2022 from https://solidity.readthedocs.io.Google Scholar
- [24] . 2018. Kframework/vyper-semantics. Retrieved October 6, 2022 from https://github.com/kframework/vyper-semantics.Google Scholar
- [25] . 2019. Kframework/solidity-semantics. Retrieved October 6, 2022 from https://github.com/kframework/solidity-semantics.Google Scholar
- [26] . 2020. ETHBMC: A bounded model checker for smart contracts. In Proceedings of the 29th USENIX Security Symposium. 2757–2774.Google Scholar
- [27] . 2018. Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability. Computational and Structural Biotechnology Journal 16 (2018), 224–230.Google Scholar
Cross Ref
- [28] . 2019. The science, art, and magic of constrained horn clauses. In Proceedings of the 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. 6–10.Google Scholar
Cross Ref
- [29] . 2015. The SeaHorn verification framework. In Proceedings of the 27th International Conference on Computer Aided Verification. 343–361.Google Scholar
Cross Ref
- [30] . 2018. Quantifiers on demand. In Proceedings of the 16th International Symposium on Automated Technology for Verification and Analysis. 248–266.Google Scholar
Cross Ref
- [31] . 2020. SMT-friendly formalization of the solidity memory model. In Proceedings of the 29th European Symposium on Programming. 224–250.Google Scholar
Digital Library
- [32] . 2020. Solc-verify: A modular verifier for solidity smart contracts. In Proceedings of the 11th International Conference on Verified Software: Theories, Tools, and Experiments. 161–179.Google Scholar
Cross Ref
- [33] . 2020. Ethereum was the most traded cryptocurrency in Q3 2020. Hedgeweek. Retrieved October 6, 2022 from https://www.hedgeweek.com/2020/11/11/292088/ethereum-was-most-traded-cryptocurrency-q3-2020-11m-average-daily-transactions.Google Scholar
- [34] . 2018. KEVM: A complete semantics of the Ethereum virtual machine. In Proceedings of the 31st IEEE Computer Security Foundations Symposium. 204–217.Google Scholar
Cross Ref
- [35] . 1969. An axiomatic basis for computer programming. Communications of the ACM 12, 10 (1969), 576–580.Google Scholar
Digital Library
- [36] . 2012. Generalized property directed reachability. In Proceedings of the 15th International Conference on Theory and Applications of Satisfiability Testing. 157–171.Google Scholar
Digital Library
- [37] . 2016. JayHorn: A framework for verifying Java programs. In Proceedings of the 28th International Conference on Computer Aided Verification. 352–358.Google Scholar
Cross Ref
- [38] . 2018. ZEUS: Analyzing safety of smart contracts. In Proceedings of the 25th Annual Network and Distributed System Security Symposium. 15.Google Scholar
Cross Ref
- [39] . 2015. Compositional verification of procedural programs using Horn clauses over integers and arrays. In Proceedings of the 15th Conference on Formal Methods in Computer-Aided Design. 89–96.Google Scholar
Digital Library
- [40] . 2016. SMT-based model checking for recursive programs. Formal Methods in System Design 48, 3 (2016), 175–205.Google Scholar
Digital Library
- [41] . 2004. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the International Symposium on Code Generation and Optimization. 12.Google Scholar
Cross Ref
- [42] . 2016. Making smart contracts smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 254–269.Google Scholar
Digital Library
- [43] . 2018. Computing exact worst-case gas consumption for smart contracts. In Proceedings of the 8th International Symposium on Leveraging Applications of Formal Methods. 450–465.Google Scholar
Digital Library
- [44] . 2017. Designing parallel PDR. In Proceedings of the 17th Conference on Formal Methods in Computer-Aided Design. 156–163.Google Scholar
Digital Library
- [45] . 2020. Accurate smart contract verification through direct modelling. In Proceedings of the 9th International Symposium on Leveraging Applications of Formal Methods. 178–194.Google Scholar
Digital Library
- [46] . 2019. Blockchain games: A survey. In Proceedings of the 2019 IEEE Conference on Games. 1–8.Google Scholar
Digital Library
- [47] . 2019. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering. 1186–1189.Google Scholar
Digital Library
- [48] . 2009. Bitcoin: A Peer-to-Peer Electronic Cash System. Retrieved October 6, 2022 from http://bitcoin.org/bitcoin.pdf.Google Scholar
- [49] . 2020. Deductive proof of industrial smart contracts using Why3. In Proceedings of the Formal Methods 2019 International Workshops. 299–311.Google Scholar
Digital Library
- [50] . 2018. Finding the greedy, prodigal, and suicidal contracts at scale. In Proceedings of the 34th Annual Computer Security Applications Conference. 653–663.Google Scholar
Digital Library
- [51] . 2021. Theory-specific proof steps witnessing correctness of SMT executions. In Proceedings of the 58th ACM/IEEE Design Automation Conference. 541–546.Google Scholar
Digital Library
- [52] . 2020. VerX: Safety verification of smart contracts. In Proceedings of the 2020 IEEE Symposium on Security and Privacy. 1661–1677.Google Scholar
Cross Ref
- [53] . 1974. Towards a theory of type structure. In Programming Symposium, Proceedings Colloque Sur La Programmation. 408–423.Google Scholar
Digital Library
- [54] . 2020. Smart derivatives: On-chain forwards for digital assets. In Proceedings of the 9th International Symposium on Leveraging Applications of Formal Methods. 195–211.Google Scholar
Digital Library
- [55] . 2010. An overview of the k semantic framework. Journal of Logic and Algebraic Programming 79, 6 (2010), 397–434.Google Scholar
Cross Ref
- [56] . 2019. Security, performance, and applications of smart contracts: A systematic survey. IEEE Access 7 (2019), 50759–50779.Google Scholar
Cross Ref
- [57] . 2020. EThor: Practical and provably sound static analysis of Ethereum smart contracts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 621–640.Google Scholar
Digital Library
- [58] . 2019. Safer smart contract programming with Scilla. Proceedings of the ACM on Programming Languages 3, OOPSLA (2019), Article 185, 30 pages.Google Scholar
Digital Library
- [59] . 2021. SmartPulse: Automated checking of temporal properties in smart contracts. In Proceedings of the 2021 IEEE Symposium on Security and Privacy. 555–571.Google Scholar
Cross Ref
- [60] . 2016. Dependent types and multi-monadic effects in F*. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 256–270.Google Scholar
Digital Library
- [61] . 2011. GNU parallel—The command-line power tool. ;login: The USENIX Magazine 36, 1 (2011), 42–47.Google Scholar
- [62] . 2021. Vyper. Retrieved October 6, 2022 from https://vyper.readthedocs.io.Google Scholar
- [63] . 2017. The Zilliqa Technical Whitepaper. Retrieved October 6, 2022 from https://docs.zilliqa.com/whitepaper.pdf.Google Scholar
- [64] . 2018. Securify: Practical security analysis of smart contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 67–82.Google Scholar
Digital Library
- [65] . 2019. Blockchain-based smart contract for energy demand management. Energy Procedia 158 (2019), 2719–2724.Google Scholar
Cross Ref
- [66] . 2020. Formal verification of workflow policies for smart contracts in Azure blockchain. In Proceedings of the 11th International Conference on Verified Software: Theories, Tools, and Experiments. 87–106.Google Scholar
Cross Ref
- [67] . 2014. DRAT-trim: Efficient checking and trimming using expressive clausal proofs. In Proceedings of the 17th International Conference on Theory and Applications of Satisfiability Testing. 422–429.Google Scholar
Cross Ref
- [68] . 2021. Ethereum: A Secure Decentralised Generalised Transaction Ledger (Petersburg Version 41c1837). Retrieved October 6, 2022 from https://github.com/ethereum/yellowpaper/tree/petersburg.Google Scholar
- [69] . 2018. FHIRChain: Applying blockchain to securely and scalably share clinical data. Computational and Structural Biotechnology Journal 16 (2018), 267–278.Google Scholar
Cross Ref
Index Terms
A Solicitous Approach to Smart Contract Verification
Recommendations
Rich specifications for Ethereum smart contract verification
Smart contracts are programs that execute in blockchains such as Ethereum to manipulate digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is considerable interest in formally proving their correctness. However,...
Formal Modeling and Verification of Smart Contracts
ICSCA '18: Proceedings of the 2018 7th International Conference on Software and Computer ApplicationsSmart contracts can automatically perform the contract terms according to the received information, and it is one of the most important research fields in digital society. The core of smart contracts is algorithm contract, that is, the parties reach an ...
On the Verification of Smart Contracts: A Systematic Review
Blockchain – ICBC 2020AbstractEnsuring the correctness of smart contracts is of paramount importance to achieve trust and continuity in the Blockchain-based business process execution. Due to the immutable nature of distributed ledger technology on the blockchain, a smart ...






Comments