skip to main content
research-article

A Solicitous Approach to Smart Contract Verification

Published:13 March 2023Publication History
Skip Abstract Section

Abstract

Smart contracts are tempting targets of attacks, as they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general programming languages. A common feature of existing works in this area is the attempt to reuse off-the-shelf verification tools designed for general programming languages. This reuse can lead to inefficiency and potentially unsound results, as domain translation is required. In this article, we describe a carefully crafted approach that directly models the central aspects of smart contracts natively, going from the contract to its logical representation without intermediary steps. We use the expressive and highly automatable logic of constrained Horn clauses for modeling and instantiate our approach to the Solidity language. A tool implementing our approach, called Solicitous, was developed and integrated into the SMTChecker module of the Solidity compiler solc. We evaluated our approach on an extensive benchmark set containing 22,446 real-world smart contracts deployed on the Ethereum blockchain over a 27-month period. The results show that our approach is able to establish safety of significantly more contracts than comparable, publicly available verification tools, with an order of magnitude increase in the percentage of formally verified contracts.

REFERENCES

  1. [1] Albert Elvira, Correas Jesús, Gordillo Pablo, Román-Díez Guillermo, and Rubio Albert. 2019. SAFEVM: A safety verifier for Ethereum smart contracts. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. 386389.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. [2] Alt Leonardo and Reitwiessner Christian. 2018. SMT-based verification of Solidity smart contracts. In Proceedings of the 8th International Symposium on Leveraging Applications of Formal Methods. 376388.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. [3] Andoni Merlinda, Robu Valentin, Flynn David, Abram Simone, Geach Dale, Jenkins David, McCallum Peter, and Peacock Andrew. 2019. Blockchain technology in the energy sector: A systematic review of challenges and opportunities. Renewable and Sustainable Energy Reviews 100 (2019), 143174.Google ScholarGoogle ScholarCross RefCross Ref
  4. [4] Androulaki Elli, Barger Artem, Bortnikov Vita, Cachin Christian, Christidis Konstantinos, Caro Angelo De, Enyeart David, et al. 2018. Hyperledger fabric: A distributed operating system for permissioned blockchains. In Proceedings of the 13th EuroSys Conference. Article 30, 15 pages.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. [5] Atzei Nicola, Bartoletti Massimo, and Cimoli Tiziana. 2017. A survey of attacks on Ethereum smart contracts SoK. In Proceedings of the 6th International Conference on Principles of Security and Trust. 164186.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. [6] Barrett Kim, Cassels Bob, Haahr Paul, Moon David A., Playford Keith, and Withington P. Tucker. 1996. A monotonic superclass linearization for Dylan. In Proceedings of the 11th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications. 6982.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. [7] Bhargavan Karthikeyan, Delignat-Lavaud Antoine, Fournet Cédric, Gollamudi Anitha, Gonthier Georges, Kobeissi Nadim, Kulatova Natalia, et al. 2016. Formal verification of smart contracts. In Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security. 9196.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. [8] Bjørner Nikolaj, Gurfinkel Arie, McMillan Ken, and Rybalchenko Andrey. 2015. Horn clause solvers for program verification. In Fields of Logic and Computation II. Lecture Notes in Computer Science, Vol. 9300. Springer, 2451.Google ScholarGoogle Scholar
  9. [9] Blass Andreas and Gurevich Yuri. 1987. Existential fixed-point logic. In Computation Theory and Logic. Springer, 20–36.Google ScholarGoogle Scholar
  10. [10] Blicha Martin, Hyvärinen Antti E. J., Marescotti Matteo, and Sharygina Natasha. 2020. A cooperative parallelization approach for property-directed k-induction. In Proceedings of the 21st International Conference on Verification, Model Checking, and Abstract Interpretation. 270292.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. [11] Bradley Aaron R.. 2011. SAT-based model checking without unrolling. In Proceedings of the 12th International Conference on Verification, Model Checking, and Abstract Interpretation. 7087.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. [12] Brent Lexi, Grech Neville, Lagouvardos Sifis, Scholz Bernhard, and Smaragdakis Yannis. 2020. Ethainter: A smart contract security analyzer for composite vulnerabilities. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 454469.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. [13] Brilliantova Vlada and Thurner Thomas Wolfgang. 2019. Blockchain and the future of energy. Technology in Society 57 (2019), 3845.Google ScholarGoogle ScholarCross RefCross Ref
  14. [14] Buterin Vitalik. 2013. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. Retrieved October 6, 2022 from https://ethereum.org/en/whitepaper.Google ScholarGoogle Scholar
  15. [15] Carter Montgomery, He Shaobo, Whitaker Jonathan, Rakamarić Zvonimir, and Emmi Michael. 2016. SMACK software verification toolchain. In Proceedings of the 38th IEEE/ACM International Conference on Software Engineering. 589592.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. [16] Competition CHC. 2021. CHC Comp: Report on the 2021 Edition. Retrieved October 6, 2022 from https://chc-comp.github.io/2021/presentation.pdf.Google ScholarGoogle Scholar
  17. [17] GitHub. 2021. ConsenSys/Mythril. Retrieved October 6, 2022 from https://github.com/ConsenSys/mythril.Google ScholarGoogle Scholar
  18. [18] Moura Leonardo De and Bjørner Nikolaj. 2008. Z3: An efficient SMT solver. In Proceedings of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 337340.Google ScholarGoogle ScholarCross RefCross Ref
  19. [19] Egelund-Müller Benjamin, Elsman Martin, Henglein Fritz, and Ross Omri. 2017. Automated execution of financial contracts on blockchains. Business & Information Systems Engineering 59, 6 (2017), 457467.Google ScholarGoogle ScholarCross RefCross Ref
  20. [20] Etherscan. 2021. Etherscan—The Ethereum Blockchain Explorer. Retrieved October 6, 2022 from https://etherscan.io/.Google ScholarGoogle Scholar
  21. [21] Feist Josselin, Grieco Gustavo, and Groce Alex. 2019. Slither: A static analysis framework for smart contracts. In Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain. 815.Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. [22] GitHub. 2021. Ethereum/solidity. Retrieved October 6, 2022 from https://github.com/ethereum/solidity.Google ScholarGoogle Scholar
  23. [23] Foundation Ethereum. 2021. Retrieved October 6, 2022 from https://solidity.readthedocs.io.Google ScholarGoogle Scholar
  24. [24] GitHub. 2018. Kframework/vyper-semantics. Retrieved October 6, 2022 from https://github.com/kframework/vyper-semantics.Google ScholarGoogle Scholar
  25. [25] GitHub. 2019. Kframework/solidity-semantics. Retrieved October 6, 2022 from https://github.com/kframework/solidity-semantics.Google ScholarGoogle Scholar
  26. [26] Frank Joel, Aschermann Cornelius, and Holz Thorsten. 2020. ETHBMC: A bounded model checker for smart contracts. In Proceedings of the 29th USENIX Security Symposium. 27572774.Google ScholarGoogle Scholar
  27. [27] Gordon William J. and Catalini Christian. 2018. Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability. Computational and Structural Biotechnology Journal 16 (2018), 224230.Google ScholarGoogle ScholarCross RefCross Ref
  28. [28] Gurfinkel Arie and Bjørner Nikolaj. 2019. The science, art, and magic of constrained horn clauses. In Proceedings of the 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. 610.Google ScholarGoogle ScholarCross RefCross Ref
  29. [29] Gurfinkel Arie, Kahsai Temesghen, Komuravelli Anvesh, and Navas Jorge A.. 2015. The SeaHorn verification framework. In Proceedings of the 27th International Conference on Computer Aided Verification. 343361.Google ScholarGoogle ScholarCross RefCross Ref
  30. [30] Gurfinkel Arie, Shoham Sharon, and Vizel Yakir. 2018. Quantifiers on demand. In Proceedings of the 16th International Symposium on Automated Technology for Verification and Analysis. 248266.Google ScholarGoogle ScholarCross RefCross Ref
  31. [31] Hajdu Ákos and Jovanovic Dejan. 2020. SMT-friendly formalization of the solidity memory model. In Proceedings of the 29th European Symposium on Programming. 224250.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. [32] Hajdu Ákos and Jovanovic Dejan. 2020. Solc-verify: A modular verifier for solidity smart contracts. In Proceedings of the 11th International Conference on Verified Software: Theories, Tools, and Experiments. 161179.Google ScholarGoogle ScholarCross RefCross Ref
  33. [33] Hedgeweek. 2020. Ethereum was the most traded cryptocurrency in Q3 2020. Hedgeweek. Retrieved October 6, 2022 from https://www.hedgeweek.com/2020/11/11/292088/ethereum-was-most-traded-cryptocurrency-q3-2020-11m-average-daily-transactions.Google ScholarGoogle Scholar
  34. [34] Hildenbrandt Everett, Saxena Manasvi, Zhu Xiaoran, Rodrigues Nishant, Daian Philip, Guth Dwight, Moore Brandon, et al. 2018. KEVM: A complete semantics of the Ethereum virtual machine. In Proceedings of the 31st IEEE Computer Security Foundations Symposium. 204217.Google ScholarGoogle ScholarCross RefCross Ref
  35. [35] Hoare C. A. R.. 1969. An axiomatic basis for computer programming. Communications of the ACM 12, 10 (1969), 576580.Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. [36] Hoder Kryštof and Bjørner Nikolaj. 2012. Generalized property directed reachability. In Proceedings of the 15th International Conference on Theory and Applications of Satisfiability Testing. 157171.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. [37] Kahsai Temesghen, Rümmer Philipp, Sanchez Huascar, and Schäf Martin. 2016. JayHorn: A framework for verifying Java programs. In Proceedings of the 28th International Conference on Computer Aided Verification. 352358.Google ScholarGoogle ScholarCross RefCross Ref
  38. [38] Kalra Sukrit, Goel Seep, Dhawan Mohan, and Sharma Subodh. 2018. ZEUS: Analyzing safety of smart contracts. In Proceedings of the 25th Annual Network and Distributed System Security Symposium. 15.Google ScholarGoogle ScholarCross RefCross Ref
  39. [39] Komuravelli Anvesh, Bjørner Nikolaj, Gurfinkel Arie, and McMillan Kenneth L.. 2015. Compositional verification of procedural programs using Horn clauses over integers and arrays. In Proceedings of the 15th Conference on Formal Methods in Computer-Aided Design. 8996.Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. [40] Komuravelli Anvesh, Gurfinkel Arie, and Chaki Sagar. 2016. SMT-based model checking for recursive programs. Formal Methods in System Design 48, 3 (2016), 175205.Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. [41] Lattner Chris and Adve Vikram. 2004. LLVM: A compilation framework for lifelong program analysis and transformation. In Proceedings of the International Symposium on Code Generation and Optimization. 12.Google ScholarGoogle ScholarCross RefCross Ref
  42. [42] Luu Loi, Chu Duc-Hiep, Olickel Hrishi, Saxena Prateek, and Hobor Aquinas. 2016. Making smart contracts smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 254269.Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. [43] Marescotti Matteo, Blicha Martin, Hyvärinen Antti E. J., Asadi Sepideh, and Sharygina Natasha. 2018. Computing exact worst-case gas consumption for smart contracts. In Proceedings of the 8th International Symposium on Leveraging Applications of Formal Methods. 450465.Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. [44] Marescotti Matteo, Gurfinkel Arie, Hyvärinen Antti E. J., and Sharygina Natasha. 2017. Designing parallel PDR. In Proceedings of the 17th Conference on Formal Methods in Computer-Aided Design. 156163.Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. [45] Marescotti Matteo, Otoni Rodrigo, Alt Leonardo, Eugster Patrick, Hyvärinen Antti E. J., and Sharygina Natasha. 2020. Accurate smart contract verification through direct modelling. In Proceedings of the 9th International Symposium on Leveraging Applications of Formal Methods. 178194.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. [46] Min Tian, Wang Hanyi, Guo Yaoze, and Cai Wei. 2019. Blockchain games: A survey. In Proceedings of the 2019 IEEE Conference on Games. 18.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. [47] Mossberg Mark, Manzano Felipe, Hennenfent Eric, Groce Alex, Grieco Gustavo, Feist Josselin, Brunson Trent, and Dinaburg Artem. 2019. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering. 11861189.Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. [48] Nakamoto Satoshi. 2009. Bitcoin: A Peer-to-Peer Electronic Cash System. Retrieved October 6, 2022 from http://bitcoin.org/bitcoin.pdf.Google ScholarGoogle Scholar
  49. [49] Nehaï Zeinab and Bobot François. 2020. Deductive proof of industrial smart contracts using Why3. In Proceedings of the Formal Methods 2019 International Workshops. 299311.Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. [50] Nikolić Ivica, Kolluri Aashish, Sergey Ilya, Saxena Prateek, and Hobor Aquinas. 2018. Finding the greedy, prodigal, and suicidal contracts at scale. In Proceedings of the 34th Annual Computer Security Applications Conference. 653663.Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. [51] Otoni Rodrigo, Blicha Martin, Eugster Patrick, Hyvärinen Antti E. J., and Sharygina Natasha. 2021. Theory-specific proof steps witnessing correctness of SMT executions. In Proceedings of the 58th ACM/IEEE Design Automation Conference. 541546.Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. [52] Permenev Anton, Dimitrov Dimitar, Tsankov Petar, Drachsler-Cohen Dana, and Vechev Martin. 2020. VerX: Safety verification of smart contracts. In Proceedings of the 2020 IEEE Symposium on Security and Privacy. 16611677.Google ScholarGoogle ScholarCross RefCross Ref
  53. [53] Reynolds John C.. 1974. Towards a theory of type structure. In Programming Symposium, Proceedings Colloque Sur La Programmation. 408423.Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. [54] Rius Alfonso D. D. M. and Gashier Eamonn. 2020. Smart derivatives: On-chain forwards for digital assets. In Proceedings of the 9th International Symposium on Leveraging Applications of Formal Methods. 195211.Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. [55] Roşu Grigore and Şerbănuţă Traian Florin. 2010. An overview of the k semantic framework. Journal of Logic and Algebraic Programming 79, 6 (2010), 397434.Google ScholarGoogle ScholarCross RefCross Ref
  56. [56] Rouhani S. and Deters R.. 2019. Security, performance, and applications of smart contracts: A systematic survey. IEEE Access 7 (2019), 5075950779.Google ScholarGoogle ScholarCross RefCross Ref
  57. [57] Schneidewind Clara, Grishchenko Ilya, Scherer Markus, and Maffei Matteo. 2020. EThor: Practical and provably sound static analysis of Ethereum smart contracts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 621640.Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. [58] Sergey Ilya, Nagaraj Vaivaswatha, Johannsen Jacob, Kumar Amrit, Trunov Anton, and Hao Ken Chan Guan. 2019. Safer smart contract programming with Scilla. Proceedings of the ACM on Programming Languages 3, OOPSLA (2019), Article 185, 30 pages.Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. [59] Stephens Jon, Ferles Kostas, Mariano Benjamin, Lahiri Shuvendu, and Dillig Isil. 2021. SmartPulse: Automated checking of temporal properties in smart contracts. In Proceedings of the 2021 IEEE Symposium on Security and Privacy. 555571.Google ScholarGoogle ScholarCross RefCross Ref
  60. [60] Swamy Nikhil, Hriţcu Cătălin, Keller Chantal, Rastogi Aseem, Delignat-Lavaud Antoine, Forest Simon, Bhargavan Karthikeyan, et al. 2016. Dependent types and multi-monadic effects in F*. In Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 256270.Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. [61] Tange Ole. 2011. GNU parallel—The command-line power tool. ;login: The USENIX Magazine 36, 1 (2011), 4247.Google ScholarGoogle Scholar
  62. [62] Team Vyper. 2021. Vyper. Retrieved October 6, 2022 from https://vyper.readthedocs.io.Google ScholarGoogle Scholar
  63. [63] Team Zilliqa. 2017. The Zilliqa Technical Whitepaper. Retrieved October 6, 2022 from https://docs.zilliqa.com/whitepaper.pdf.Google ScholarGoogle Scholar
  64. [64] Tsankov Petar, Dan Andrei, Drachsler-Cohen Dana, Gervais Arthur, Bünzli Florian, and Vechev Martin. 2018. Securify: Practical security analysis of smart contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 6782.Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. [65] Wang Xiaonan, Yang Wentao, Noor Sana, Chen Chang, Guo Miao, and Dam Koen H. van. 2019. Blockchain-based smart contract for energy demand management. Energy Procedia 158 (2019), 27192724.Google ScholarGoogle ScholarCross RefCross Ref
  66. [66] Wang Yuepeng, Lahiri Shuvendu K., Chen Shuo, Pan Rong, Dillig Isil, Born Cody, Naseer Immad, and Ferles Kostas. 2020. Formal verification of workflow policies for smart contracts in Azure blockchain. In Proceedings of the 11th International Conference on Verified Software: Theories, Tools, and Experiments. 87106.Google ScholarGoogle ScholarCross RefCross Ref
  67. [67] Wetzler Nathan, Heule Marijn J. H., and Hunt Warren A.. 2014. DRAT-trim: Efficient checking and trimming using expressive clausal proofs. In Proceedings of the 17th International Conference on Theory and Applications of Satisfiability Testing. 422429.Google ScholarGoogle ScholarCross RefCross Ref
  68. [68] Wood Gavin. 2021. Ethereum: A Secure Decentralised Generalised Transaction Ledger (Petersburg Version 41c1837). Retrieved October 6, 2022 from https://github.com/ethereum/yellowpaper/tree/petersburg.Google ScholarGoogle Scholar
  69. [69] Zhang Peng, White Jules, Schmidt Douglas C., Lenz Gunther, and Rosenbloom S. Trent. 2018. FHIRChain: Applying blockchain to securely and scalably share clinical data. Computational and Structural Biotechnology Journal 16 (2018), 267278.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. A Solicitous Approach to Smart Contract Verification

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Privacy and Security
        ACM Transactions on Privacy and Security  Volume 26, Issue 2
        May 2023
        335 pages
        ISSN:2471-2566
        EISSN:2471-2574
        DOI:10.1145/3572849
        Issue’s Table of Contents

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 13 March 2023
        • Online AM: 28 September 2022
        • Accepted: 12 September 2022
        • Revised: 15 April 2022
        • Received: 28 September 2021
        Published in tops Volume 26, Issue 2

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
      • Article Metrics

        • Downloads (Last 12 months)317
        • Downloads (Last 6 weeks)25

        Other Metrics

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Full Text

      View this article in Full Text.

      View Full Text

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!