Access the full text.
Sign up today, get DeepDyve free for 14 days.
[ (2021)
Ethereum: A Secure Decentralised Generalised Transaction Ledger (Petersburg Version 41c1837)Retrieved October 6, 2022 from https://github.com/ethereum/yellowpaper/tree/petersburg., 6
A. Gurfinkel, N. Bjørner (2019)
The Science, Art, and Magic of Constrained Horn Clauses2019 21st International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)
Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. Retrieved
[ (2018)
Kframework/vyper-semanticsRetrieved October 6, 2022 from https://github.com/kframework/vyper-semantics., 6
Kframework/solidity-semantics
Anvesh Komuravelli, N. Bjørner, A. Gurfinkel, K. McMillan (2015)
Compositional verification of procedural programs using horn clauses over integers and arrays2015 Formal Methods in Computer-Aided Design (FMCAD)
[ (2021)
Ethereum/solidityRetrieved October 6, 2022 from https://github.com/ethereum/solidity., 6
[ (2004)
LLVM: A compilation framework for lifelong program analysis and transformationProceedings of the International Symposium on Code Generation and Optimization
Ilya Sergey, V. Nagaraj, Jacob Johannsen, Amrit Kumar, A. Trunov, Ken Hao (2019)
Safer smart contract programming with ScillaProceedings of the ACM on Programming Languages, 3
A. Gurfinkel, Sharon Shoham, Y. Vizel (2018)
Quantifiers on DemandArXiv, abs/2106.00664
Loi Luu, D. Chu, Hrishi Olickel, P. Saxena, Aquinas Hobor (2016)
Making Smart Contracts SmarterProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
Kim Barrett, B. Cassels, Paul Haahr, D. Moon, Keith Playford, P. Withington (1996)
A monotonic superclass linearization for Dylan
A. Blass, Y. Gurevich (1987)
Existential Fixed-Point Logic
Leonardo Alt, Christian Reitwießner (2018)
SMT-Based Verification of Solidity Smart Contracts
Matteo Marescotti, A. Gurfinkel, A. Hyvärinen, N. Sharygina (2017)
Designing parallel PDR2017 Formal Methods in Computer Aided Design (FMCAD)
Sukrit Kalra, Seep Goel, Mohan Dhawan, Subodh Sharma (2018)
ZEUS: Analyzing Safety of Smart Contracts
Aaron Bradley (2011)
SAT-Based Model Checking without Unrolling
Zeinab Nehaï, François Bobot (2019)
Deductive Proof of Industrial Smart Contracts Using Why3
E. Albert, J. Fernández, Pablo Gordillo, G. Román-Díez, A. Rubio (2019)
SAFEVM: a safety verifier for Ethereum smart contractsProceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis
Matteo Marescotti, Rodrigo Otoni, Leonardo Alt, P. Eugster, A. Hyvärinen, N. Sharygina (2020)
Accurate Smart Contract Verification Through Direct Modelling
N. Bjørner, A. Gurfinkel, K. McMillan, A. Rybalchenko (2015)
Horn Clause Solvers for Program Verification
V. Brilliantova, T. Thurner (2019)
Blockchain and the future of energyTechnology in Society
[ (2020)
Ethereum was the most traded cryptocurrency in Q3 2020Hedgeweek. Retrieved October 6, 2022 fromhttps://www.hedgeweek.com/2020/11/11/292088/ethereum-was-most-traded-cryptocurrency-q3-2020-11m-average-daily-transactions., 6
[ (2021)
ConsenSys/MythrilRetrieved October 6, 2022 from https://github.com/ConsenSys/mythril., 6
Temesghen Kahsai, Philipp Rümmer, H. Sánchez, Martin Schäf (2016)
JayHorn: A Framework for Verifying Java programs
(2021)
Etherscan-The Ethereum Blockchain Explorer
Benjamin Egelund-Müller, M. Elsman, F. Henglein, Omri Ross (2017)
Automated Execution of Financial Contracts on BlockchainsBusiness & Information Systems Engineering, 59
[ (2021)
CHC Comp: Report on the 2021 EditionRetrieved October 6, 2022 from https://chc-comp.github.io/2021/presentation.pdf., 6
Anvesh Komuravelli, A. Gurfinkel, S. Chaki (2014)
SMT-based model checking for recursive programsFormal Methods in System Design, 48
A. Rius, Eamonn Gashier (2020)
Smart Derivatives: On-Chain Forwards for Digital AssetsERN: Other Econometric Modeling: Derivatives (Topic)
Á. Hajdu, Dejan Jovanovic (2020)
SMT-Friendly Formalization of the Solidity Memory ModelProgramming Languages and Systems, 12075
A. Gurfinkel, Temesghen Kahsai, Anvesh Komuravelli, J. Navas (2015)
The SeaHorn Verification Framework
Tony Hoare, Jonathan DiLorenzo (1969)
An axiomatic basis for computer programmingCommun. ACM, 12
W. Gordon, Christian Catalini (2018)
Blockchain Technology for Healthcare: Facilitating the Transition to Patient-Driven InteroperabilityComputational and Structural Biotechnology Journal, 16
The Zilliqa Technical Whitepaper
Á. Hajdu, Dejan Jovanovic (2019)
solc-verify: A Modular Verifier for Solidity Smart Contracts
Martin Blicha, A. Hyvärinen, Matteo Marescotti, N. Sharygina (2020)
A Cooperative Parallelization Approach for Property-Directed k-Induction
L. Moura, N. Bjørner (2008)
Z3: An Efficient SMT Solver
Rodrigo Otoni, Martin Blicha, P. Eugster, A. Hyvärinen, N. Sharygina (2021)
Theory-Specific Proof Steps Witnessing Correctness of SMT Executions2021 58th ACM/IEEE Design Automation Conference (DAC)
[ (2015)
Compositional verification of procedural programs using Horn clauses over integers and arraysProceedings of the 15th Conference on Formal Methods in Computer-Aided Design
Mark Mossberg, F. Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, Artem Dinaburg (2019)
Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)
K. Bhargavan, Antoine Delignat-Lavaud, C. Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Aseem Rastogi, Thomas Sibut-Pinote, N. Swamy, Santiago Zanella-Béguelin (2016)
: Formal Verification of Smart Contracts
Sara Rouhani, R. Deters (2019)
Security, Performance, and Applications of Smart Contracts: A Systematic SurveyIEEE Access, 7
I. Nikolic, Aashish Kolluri, Ilya Sergey, P. Saxena, Aquinas Hobor (2018)
Finding The Greedy, Prodigal, and Suicidal Contracts at ScaleProceedings of the 34th Annual Computer Security Applications Conference
Nathan Wetzler, Marijn Heule, W. Hunt (2014)
DRAT-trim: Efficient Checking and Trimming Using Expressive Clausal Proofs
M. Andoni, V. Robu, D. Flynn, S. Abram, D. Geach, D. Jenkins, P. McCallum, A. Peacock (2019)
Blockchain technology in the energy sector: A systematic review of challenges and opportunitiesRenewable and Sustainable Energy Reviews
Matteo Marescotti, Martin Blicha, A. Hyvärinen, Sepideh Asadi, N. Sharygina (2018)
Computing Exact Worst-Case Gas Consumption for Smart Contracts
J. Frank, Cornelius Aschermann, Thorsten Holz (2020)
ETHBMC: A Bounded Model Checker for Smart Contracts
J. Reynolds (1974)
Towards a theory of type structure
Lauretta Osho, F. Ogwueleka, Oluwafemi Osho (2013)
Axiomatic Basis for Computer Programming, 1
[ (2013)
Ethereum: A Next-Generation Smart Contract and Decentralized Application PlatformRetrieved October 6, 2022 from https://ethereum.org/en/whitepaper., 6
Grigore Roşu, Traian-Florin Serbanuta (2010)
An overview of the K semantic frameworkJ. Log. Algebraic Methods Program., 79
Hercules Team (2018)
Hercules WhitepaperCybersecurity
Montgomery Carter, Shaobo He, Jonathan Whitaker, Zvonimir Rakamaric, M. Emmi (2016)
SMACK Software Verification Toolchain2016 IEEE/ACM 38th International Conference on Software Engineering Companion (ICSE-C)
S. Nakamoto (2008)
Bitcoin: A Peer-to-Peer Electronic Cash System
Daniel Wood (2014)
ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER
[ (2021)
VyperRetrieved October 6, 2022 from https://vyper.readthedocs.io., 6
J. Stephens, Kostas Ferles, Benjamin Mariano, Shuvendu Lahiri, Işıl Dillig (2021)
SmartPulse: Automated Checking of Temporal Properties in Smart Contracts2021 IEEE Symposium on Security and Privacy (SP)
Petar Tsankov, A. Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Buenzli, Martin Vechev (2018)
Securify: Practical Security Analysis of Smart ContractsProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Everett Hildenbrandt, M. Saxena, Xiaoran Zhu, Nishant Rodrigues, Philip Daian, Dwight Guth, Grigore Roşu (2017)
KEVM: A Complete Semantics of the Ethereum Virtual Machine
Tian Min, Hanyi Wang, Yandong Guo, Wei Cai (2019)
Blockchain Games: A Survey2019 IEEE Conference on Games (CoG)
Ole Tange (2011)
GNU Parallel: The Command-Line Power Toollogin Usenix Mag., 36
[ (2021)
Retrieved October 6, 2022 from https://solidityRetrieved October 6, 2022 from https://solidity.readthedocs.io.
(2016)
Prateek Saxena, and Aquinas Hobor
[ (2020)
SMT-friendly formalization of the solidity memory modelProceedings of the 29th European Symposium on Programming
[ (2011)
GNU parallel—The command-line power tool;login: The USENIX Magazine, 36
Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, Martin Vechev (2020)
VerX: Safety Verification of Smart Contracts2020 IEEE Symposium on Security and Privacy (SP)
Chris Lattner, Vikram Adve (2004)
LLVM: a compilation framework for lifelong program analysis & transformationInternational Symposium on Code Generation and Optimization, 2004. CGO 2004.
[ (2010)
An overview of the k semantic frameworkJournal of Logic and Algebraic Programming, 79
Clara Schneidewind, Ilya Grishchenko, Markus Scherer, Matteo Maffei (2020)
eThor: Practical and Provably Sound Static Analysis of Ethereum Smart ContractsProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Josselin Feist, Gustavo Grieco, Alex Groce (2019)
Slither: A Static Analysis Framework for Smart Contracts2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)
Elli Androulaki, Artem Barger, V. Bortnikov, C. Cachin, K. Christidis, Angelo Caro, David Enyeart, Christopher Ferris, Gennady Laventman, Yacov Manevich, S. Muralidharan, Chet Murthy, Binh Nguyen, Manish Sethi, Gari Singh, Keith Smith, A. Sorniotti, C. Stathakopoulou, M. Vukolic, S. Cocco, Jason Yellick (2018)
Hyperledger fabric: a distributed operating system for permissioned blockchainsProceedings of the Thirteenth EuroSys Conference
Yuepeng Wang, Shuvendu Lahiri, Shuo Chen, Rong Pan, Işıl Dillig, Cody Born, Immad Naseer, Kostas Ferles (2019)
Formal Verification of Workflow Policies for Smart Contracts in Azure Blockchain
Nicola Atzei, Massimo Bartoletti, Tiziana Cimoli (2017)
A Survey of Attacks on Ethereum Smart Contracts (SoK)
Krystof Hoder, N. Bjørner (2012)
Generalized Property Directed Reachability
Xiaonan Wang, Wentao Yang, Sana Noor, Chang Chen, M. Guo, K. Dam (2019)
Blockchain-based smart contract for energy demand managementEnergy Procedia
Peng Zhang, Jules White, D. Schmidt, G. Lenz, S. Rosenbloom (2018)
FHIRChain: Applying Blockchain to Securely and Scalably Share Clinical DataComputational and Structural Biotechnology Journal, 16
[ (2017)
Designing parallel PDRProceedings of the 17th Conference on Formal Methods in Computer-Aided Design
Lexi Brent, Neville Grech, Sifis Lagouvardos, Bernhard Scholz, Y. Smaragdakis (2020)
Ethainter: a smart contract security analyzer for composite vulnerabilitiesProceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation
N. Swamy, Catalin Hritcu, C. Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, K. Bhargavan, C. Fournet, Pierre-Yves Strub, Markulf Kohlweiss, J. Zinzindohoué, Santiago Zanella-Béguelin (2016)
Dependent types and multi-monadic effects in F*Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Smart contracts are tempting targets of attacks, as they often hold and manipulate significant financial assets, are immutable after deployment, and have publicly available source code, with assets estimated in the order of millions of dollars being lost in the past due to vulnerabilities. Formal verification is thus a necessity, but smart contracts challenge the existing highly efficient techniques routinely applied in the symbolic verification of software, due to specificities not present in general programming languages. A common feature of existing works in this area is the attempt to reuse off-the-shelf verification tools designed for general programming languages. This reuse can lead to inefficiency and potentially unsound results, as domain translation is required. In this article, we describe a carefully crafted approach that directly models the central aspects of smart contracts natively, going from the contract to its logical representation without intermediary steps. We use the expressive and highly automatable logic of constrained Horn clauses for modeling and instantiate our approach to the Solidity language. A tool implementing our approach, called Solicitous, was developed and integrated into the SMTChecker module of the Solidity compiler solc. We evaluated our approach on an extensive benchmark set containing 22,446 real-world smart contracts deployed on the Ethereum blockchain over a 27-month period. The results show that our approach is able to establish safety of significantly more contracts than comparable, publicly available verification tools, with an order of magnitude increase in the percentage of formally verified contracts.
ACM Transactions on Privacy and Security (TOPS) – Association for Computing Machinery
Published: Mar 13, 2023
Keywords: Smart contracts
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.