A Semantic Framework for the Security Analysis of Ethereum smart contracts
Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs...
Gespeichert in:
Veröffentlicht in: | arXiv.org 2018-04 |
---|---|
Hauptverfasser: | , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | |
---|---|
container_issue | |
container_start_page | |
container_title | arXiv.org |
container_volume | |
creator | Grishchenko, Ilya Maffei, Matteo Schneidewind, Clara |
description | Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed. In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques. |
doi_str_mv | 10.48550/arxiv.1802.08660 |
format | Article |
fullrecord | <record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_1802_08660</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2072069698</sourcerecordid><originalsourceid>FETCH-LOGICAL-a528-47ae82c6e09d0073ca63c1e7eddb4503e825cb029ea7e91df3467f43acf54e73</originalsourceid><addsrcrecordid>eNotj01Lw0AURQdBsNT-AFcOuE58me8sQ2m1UnBR92E6ecHUJqkzEzX_3ti6uotzudxDyF0GqTBSwqP1P81XmhlgKRil4IrMGOdZYgRjN2QRwgEAmNJMSj4jLwXdYWu72Di69rbF795_0Lr3NL7jhNzgmzjSorPHMTSB9jVdTcTj0NLQWh-p67vorYvhllzX9hhw8Z9zsluv3pbPyfb1abMstomVzCRCWzTMKYS8AtDcWcVdhhqrai8k8AlKtweWo9WYZ1XNhdK14NbVUqDmc3J_WT17liffTC_G8s-3PPtOjYdL4-T7zwFDLA_94CeBUDLQDFSucsN_AZddWHs</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2072069698</pqid></control><display><type>article</type><title>A Semantic Framework for the Security Analysis of Ethereum smart contracts</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Grishchenko, Ilya ; Maffei, Matteo ; Schneidewind, Clara</creator><creatorcontrib>Grishchenko, Ilya ; Maffei, Matteo ; Schneidewind, Clara</creatorcontrib><description>Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed. In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.1802.08660</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Computer Science - Cryptography and Security ; Contracts ; Cryptography ; Properties (attributes) ; Security ; Semantics ; Software testing ; Trusted third parties</subject><ispartof>arXiv.org, 2018-04</ispartof><rights>2018. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,784,885,27925</link.rule.ids><backlink>$$Uhttps://doi.org/10.1007/978-3-319-89722-6_10$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.48550/arXiv.1802.08660$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Grishchenko, Ilya</creatorcontrib><creatorcontrib>Maffei, Matteo</creatorcontrib><creatorcontrib>Schneidewind, Clara</creatorcontrib><title>A Semantic Framework for the Security Analysis of Ethereum smart contracts</title><title>arXiv.org</title><description>Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed. In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.</description><subject>Computer Science - Cryptography and Security</subject><subject>Contracts</subject><subject>Cryptography</subject><subject>Properties (attributes)</subject><subject>Security</subject><subject>Semantics</subject><subject>Software testing</subject><subject>Trusted third parties</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GOX</sourceid><recordid>eNotj01Lw0AURQdBsNT-AFcOuE58me8sQ2m1UnBR92E6ecHUJqkzEzX_3ti6uotzudxDyF0GqTBSwqP1P81XmhlgKRil4IrMGOdZYgRjN2QRwgEAmNJMSj4jLwXdYWu72Di69rbF795_0Lr3NL7jhNzgmzjSorPHMTSB9jVdTcTj0NLQWh-p67vorYvhllzX9hhw8Z9zsluv3pbPyfb1abMstomVzCRCWzTMKYS8AtDcWcVdhhqrai8k8AlKtweWo9WYZ1XNhdK14NbVUqDmc3J_WT17liffTC_G8s-3PPtOjYdL4-T7zwFDLA_94CeBUDLQDFSucsN_AZddWHs</recordid><startdate>20180423</startdate><enddate>20180423</enddate><creator>Grishchenko, Ilya</creator><creator>Maffei, Matteo</creator><creator>Schneidewind, Clara</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20180423</creationdate><title>A Semantic Framework for the Security Analysis of Ethereum smart contracts</title><author>Grishchenko, Ilya ; Maffei, Matteo ; Schneidewind, Clara</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a528-47ae82c6e09d0073ca63c1e7eddb4503e825cb029ea7e91df3467f43acf54e73</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Computer Science - Cryptography and Security</topic><topic>Contracts</topic><topic>Cryptography</topic><topic>Properties (attributes)</topic><topic>Security</topic><topic>Semantics</topic><topic>Software testing</topic><topic>Trusted third parties</topic><toplevel>online_resources</toplevel><creatorcontrib>Grishchenko, Ilya</creatorcontrib><creatorcontrib>Maffei, Matteo</creatorcontrib><creatorcontrib>Schneidewind, Clara</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Grishchenko, Ilya</au><au>Maffei, Matteo</au><au>Schneidewind, Clara</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Semantic Framework for the Security Analysis of Ethereum smart contracts</atitle><jtitle>arXiv.org</jtitle><date>2018-04-23</date><risdate>2018</risdate><eissn>2331-8422</eissn><abstract>Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed. In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.1802.08660</doi><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | EISSN: 2331-8422 |
ispartof | arXiv.org, 2018-04 |
issn | 2331-8422 |
language | eng |
recordid | cdi_arxiv_primary_1802_08660 |
source | arXiv.org; Free E- Journals |
subjects | Computer Science - Cryptography and Security Contracts Cryptography Properties (attributes) Security Semantics Software testing Trusted third parties |
title | A Semantic Framework for the Security Analysis of Ethereum smart contracts |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T07%3A04%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Semantic%20Framework%20for%20the%20Security%20Analysis%20of%20Ethereum%20smart%20contracts&rft.jtitle=arXiv.org&rft.au=Grishchenko,%20Ilya&rft.date=2018-04-23&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.1802.08660&rft_dat=%3Cproquest_arxiv%3E2072069698%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2072069698&rft_id=info:pmid/&rfr_iscdi=true |