Formal Methods for Smart Contracts
Blockchains are secure distributed databases that enable all types of transactions between two or more parties without the need for intermediaries; Among the best known we find Bitcoin and Ethereum. Smart Contracts are immutable computer programs that are deployed in a Blockchain and automatize such...
- Autores:
-
Bell Llinas, José Vicente
Ramírez Payares, Andrés Felipe
Vergara Arrieta, Juan Camilo
- Tipo de recurso:
- Fecha de publicación:
- 2019
- Institución:
- Universidad del Norte
- Repositorio:
- Repositorio Uninorte
- Idioma:
- spa
- OAI Identifier:
- oai:manglar.uninorte.edu.co:10584/8443
- Acceso en línea:
- http://hdl.handle.net/10584/8443
- Palabra clave:
- Métodos formales
Lenguaje
Seguridad
Privacidad
Criptomonedas
Blockchains
Smart Contracts
Language
Security
Formal methods
Privacy
Cryptocurrencies
Blockchains
- Rights
- License
- Universidad del Norte
| id |
REPOUNORT2_05435f825660d061128bb83ecb356637 |
|---|---|
| oai_identifier_str |
oai:manglar.uninorte.edu.co:10584/8443 |
| network_acronym_str |
REPOUNORT2 |
| network_name_str |
Repositorio Uninorte |
| repository_id_str |
|
| dc.title.en_US.fl_str_mv |
Formal Methods for Smart Contracts |
| dc.title.es_ES.fl_str_mv |
Métodos Formales para Smart Contracts |
| title |
Formal Methods for Smart Contracts |
| spellingShingle |
Formal Methods for Smart Contracts Métodos formales Lenguaje Seguridad Privacidad Criptomonedas Blockchains Smart Contracts Language Security Formal methods Privacy Cryptocurrencies Blockchains |
| title_short |
Formal Methods for Smart Contracts |
| title_full |
Formal Methods for Smart Contracts |
| title_fullStr |
Formal Methods for Smart Contracts |
| title_full_unstemmed |
Formal Methods for Smart Contracts |
| title_sort |
Formal Methods for Smart Contracts |
| dc.creator.fl_str_mv |
Bell Llinas, José Vicente Ramírez Payares, Andrés Felipe Vergara Arrieta, Juan Camilo |
| dc.contributor.advisor.none.fl_str_mv |
Cataño Collazos, Néstor |
| dc.contributor.author.none.fl_str_mv |
Bell Llinas, José Vicente Ramírez Payares, Andrés Felipe Vergara Arrieta, Juan Camilo |
| dc.subject.es_ES.fl_str_mv |
Métodos formales Lenguaje Seguridad Privacidad Criptomonedas Blockchains |
| topic |
Métodos formales Lenguaje Seguridad Privacidad Criptomonedas Blockchains Smart Contracts Language Security Formal methods Privacy Cryptocurrencies Blockchains |
| dc.subject.en_US.fl_str_mv |
Smart Contracts Language Security Formal methods Privacy Cryptocurrencies Blockchains |
| description |
Blockchains are secure distributed databases that enable all types of transactions between two or more parties without the need for intermediaries; Among the best known we find Bitcoin and Ethereum. Smart Contracts are immutable computer programs that are deployed in a Blockchain and automatize such transactions. Blockchains and Smart Contracts are subject to constant attacks, such as the DAO (Decentralized Autonomous Organization) one, in which an attacker took advantage of the security flaws existing in Solidity (main language of Ethereum) written contracts draining millions of dollars. It is necessary to provide alternatives to maintain the integrity of Smart Contracts and prevent cases like the DAO from happening again. We propose the design of a language for the coding of Smart Contracts, without the security flaws introduced by Solidity, whose programs can be formally verified through the translation into the smart contract language PACT. In Smarty, the language we propose, contracts are modeled through entities and events. The entities have names, fields and their respective types. The events are analogous to functions and methods, they can be creational or custom. Smarty dispenses with features such as inheritance and recursion, and possesses invariants, preconditions, and exceptions. We use the ANTLR tool for the definition of Smarty’s grammar, the generation of Parser and Lexer classes; String Template for the construction of the base template for the translation to the PACT language, and finally JAVA to visit the syntactic tree and execute the translation of instructions. We present a tool for the coding of Smart Contracts: -Not susceptible to security problems such as reentrancy, a breach that made possible the DAO case. -Includes formal software design and verification techniques. -Verifiable (via PACT translation). -Moderate coding Complexity, accessible. |
| publishDate |
2019 |
| dc.date.accessioned.none.fl_str_mv |
2019-05-28T23:46:57Z |
| dc.date.available.none.fl_str_mv |
2019-05-28T23:46:57Z |
| dc.date.issued.none.fl_str_mv |
2019-05-20 |
| dc.type.es_ES.fl_str_mv |
article |
| dc.type.coar.fl_str_mv |
http://purl.org/coar/resource_type/c_6501 |
| dc.identifier.uri.none.fl_str_mv |
http://hdl.handle.net/10584/8443 |
| url |
http://hdl.handle.net/10584/8443 |
| dc.language.iso.es_ES.fl_str_mv |
spa |
| language |
spa |
| dc.rights.es_ES.fl_str_mv |
Universidad del Norte |
| dc.rights.coar.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
| rights_invalid_str_mv |
Universidad del Norte http://purl.org/coar/access_right/c_abf2 |
| dc.publisher.es_ES.fl_str_mv |
Barranquilla, Universidad del Norte, 2019 |
| institution |
Universidad del Norte |
| bitstream.url.fl_str_mv |
http://172.16.14.36:8080/bitstream/10584/8443/1/Esquema%20de%20Soluci%c3%b3n.png http://172.16.14.36:8080/bitstream/10584/8443/2/Esquema%20de%20Soluci%c3%b3n.pdf http://172.16.14.36:8080/bitstream/10584/8443/3/Scheme%20Solution.png http://172.16.14.36:8080/bitstream/10584/8443/4/Scheme%20Solution.pdf http://172.16.14.36:8080/bitstream/10584/8443/5/license.txt |
| bitstream.checksum.fl_str_mv |
2107e3ae5d1a09325b109abf1709ee5e 7561aad70db07db72ed5c518b1bd1a0d 2dadfe1bb568f0cc1bcab9566c005708 f81bd4d180e70bde2c4b5e50abfadda7 8a4605be74aa9ea9d79846c1fba20a33 |
| bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 MD5 |
| repository.name.fl_str_mv |
Repositorio Digital de la Universidad del Norte |
| repository.mail.fl_str_mv |
mauribe@uninorte.edu.co |
| _version_ |
1808401285596053504 |
| spelling |
Cataño Collazos, NéstorBell Llinas, José VicenteRamírez Payares, Andrés FelipeVergara Arrieta, Juan Camilo2019-05-28T23:46:57Z2019-05-28T23:46:57Z2019-05-20http://hdl.handle.net/10584/8443Blockchains are secure distributed databases that enable all types of transactions between two or more parties without the need for intermediaries; Among the best known we find Bitcoin and Ethereum. Smart Contracts are immutable computer programs that are deployed in a Blockchain and automatize such transactions. Blockchains and Smart Contracts are subject to constant attacks, such as the DAO (Decentralized Autonomous Organization) one, in which an attacker took advantage of the security flaws existing in Solidity (main language of Ethereum) written contracts draining millions of dollars. It is necessary to provide alternatives to maintain the integrity of Smart Contracts and prevent cases like the DAO from happening again. We propose the design of a language for the coding of Smart Contracts, without the security flaws introduced by Solidity, whose programs can be formally verified through the translation into the smart contract language PACT. In Smarty, the language we propose, contracts are modeled through entities and events. The entities have names, fields and their respective types. The events are analogous to functions and methods, they can be creational or custom. Smarty dispenses with features such as inheritance and recursion, and possesses invariants, preconditions, and exceptions. We use the ANTLR tool for the definition of Smarty’s grammar, the generation of Parser and Lexer classes; String Template for the construction of the base template for the translation to the PACT language, and finally JAVA to visit the syntactic tree and execute the translation of instructions. We present a tool for the coding of Smart Contracts: -Not susceptible to security problems such as reentrancy, a breach that made possible the DAO case. -Includes formal software design and verification techniques. -Verifiable (via PACT translation). -Moderate coding Complexity, accessible.Las Blockchains son bases de datos distribuidas y seguras que permiten todo tipo de transacciones entre dos o más partes sin necesidad de intermediarios; entre las más conocidas se encuentran Bitcoin y Ethereum. Los Smart Contracts son programas de computador inmutables que se despliegan en una Blockchain y automatizan tales transacciones. Blockchains y Smart Contracts son objeto de constantes ataques, como el de la DAO (Decentralized Autonomous Organization), en el cual un atacante tomó provecho de los defectos de seguridad de contratos escritos en Solidity (principal lenguaje de Ethereum) drenando millones de dólares. Se hace necesario brindar alternativas para mantener la integridad de Smart Contracts y evitar que casos como el de la DAO se repitan. Proponemos el diseño de un lenguaje para la codificación de Smart Contracts, sin las falencias de seguridad que introducía Solidity, cuyos programas pueden ser verificados formalmente a través de la traducción al lenguaje de Smart Contracts PACT. En Smarty, el lenguaje que proponemos, se modelan los contratos a través de entidades y eventos. Las entidades poseen nombres, campos y sus respectivos tipos. Los eventos son análogos a las funciones y métodos, pueden ser creacionales o personalizados. Smarty prescinde de características como herencia y recursividad, y cuenta con invariantes, precondiciones y excepciones. Empleamos la herramienta ANTLR para la definición de la gramática de Smarty, generación de clases Parser y Lexer; String Template para la construcción de la plantilla base para la traducción al lenguaje PACT, y finalmente JAVA para visitar el árbol sintáctico y ejecutar la traducción de instrucciones. Presentamos una herramienta para la codificación de Smart Contracts: -No susceptible a problemas de seguridad como la reentrancia, brecha que posibilitó el caso de la DAO -Incluye técnicas formales de diseño y verificación de software -Verificable (vía traducción a PACT) -Complejidad de codificación moderada.spaBarranquilla, Universidad del Norte, 2019Universidad del Nortehttp://purl.org/coar/access_right/c_abf2Métodos formalesLenguajeSeguridadPrivacidadCriptomonedasBlockchainsSmart ContractsLanguageSecurityFormal methodsPrivacyCryptocurrenciesBlockchainsFormal Methods for Smart ContractsMétodos Formales para Smart Contractsarticlehttp://purl.org/coar/resource_type/c_6501ORIGINALEsquema de Solución.pngEsquema de Solución.pngEsquema de solución -pngimage/png387693http://172.16.14.36:8080/bitstream/10584/8443/1/Esquema%20de%20Soluci%c3%b3n.png2107e3ae5d1a09325b109abf1709ee5eMD51Esquema de Solución.pdfEsquema de Solución.pdfEsquema de solución -pdfapplication/pdf173899http://172.16.14.36:8080/bitstream/10584/8443/2/Esquema%20de%20Soluci%c3%b3n.pdf7561aad70db07db72ed5c518b1bd1a0dMD52Scheme Solution.pngScheme Solution.pngScheme -pngimage/png384981http://172.16.14.36:8080/bitstream/10584/8443/3/Scheme%20Solution.png2dadfe1bb568f0cc1bcab9566c005708MD53Scheme Solution.pdfScheme Solution.pdfScheme -pdfapplication/pdf173858http://172.16.14.36:8080/bitstream/10584/8443/4/Scheme%20Solution.pdff81bd4d180e70bde2c4b5e50abfadda7MD54LICENSElicense.txtlicense.txttext/plain; charset=utf-81748http://172.16.14.36:8080/bitstream/10584/8443/5/license.txt8a4605be74aa9ea9d79846c1fba20a33MD5510584/8443oai:172.16.14.36:10584/84432019-05-28 18:46:57.255Repositorio Digital de la Universidad del Nortemauribe@uninorte.edu.co |