SMT-Based Verification of Solidity Smart Contracts

Alt, Leonardo; Reitwießner, Christian

doi:10.1007/978-3-030-03427-6_28

Cited by 55 publications

(63 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Every pointer to a storage T entity can be identified by a path in this tree: by fixing the index to each state variable, member, and array index, as seen in brackets in Figure 6b, such paths can be encoded as an array of integers. For example, the state variable t1 can be represented as array [0], the member s1.t as array [1,0], and ss [8].ts [5] as [2,8,1,5].…”

Section: Examplementioning

confidence: 99%

“…Given an expression (such as ss [8].ts [5]), pack(.) uses the storage tree for the type of the expression and encodes it to an array (e.g., [2,8,1,5]) by fitting the expression into the tree. Pseudocode for pack(.)…”

Section: Examplementioning

confidence: 99%

“…is introduced later in this section. Figure 6a pack(ss [8].ts [5]) produces [2,8,1,5]: the base expressions are ss, ss [8], ss [8].ts and ss [8].ts [5] in this order. First, 2 is added as ss is the state variable with index 2.…”

Section: Examplementioning

confidence: 99%

“…Otherwise, if ptr[0] = 1 then s1 has to be taken, where two leaves are possible: if ptr[1] = 0 then the result is s1.t otherwise it is s1.ts[ptr [2]], and so on. If ptr is [2,8,1,5] then the conditional evaluates exactly to ss [8].ts [5] from which ptr was packed.…”

Section: Examplementioning

confidence: 99%

See 3 more Smart Citations

SMT-Friendly Formalization of the Solidity Memory Model

Hajdu

Jovanović

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Solidity is the dominant programming language for Ethereum smart contracts. This paper presents a high-level formalization of the Solidity language with a focus on the memory model. The presented formalization covers all features of the language related to managing state and memory. In addition, the formalization we provide is effective: all but few features can be encoded in the quantifier-free fragment of standard SMT theories. This enables precise and efficient reasoning about the state of smart contracts written in Solidity. The formalization is implemented in the solc-verify verifier and we provide an extensive set of tests that covers the breadth of the required semantics. We also provide an evaluation on the test set that validates the semantics and shows the novelty of the approach compared to other Solidity-level contract analysis tools. IntroductionEthereum [30] is a public blockchain platform that provides a novel computing paradigm for developing decentralized applications. Ethereum allows the deployment of arbitrary programs (termed smart contracts [29]) that operate over the blockchain state, and allows the public to interact with the contracts. It is currently the most popular public blockchain with smart contract functionality. While the nodes participating in the Ethereum network operate a low-level, stack-based virtual machine (EVM) that executes the compiled smart contracts, the contracts themselves are mostly written in a high-level, contract-oriented programming language called Solidity [28].Even though smart contracts are generally short, they are no less prone to errors than software in general. In the Ethereum context, any flaws in the contract code come with potentially devastating financial consequences (such as the infamous DAO exploit [18]). This has inspired a great interest in applying formal verification techniques to Ethereum smart contracts (see e.g., [4] or [14] for surveys). In order to apply formal verification of any kind, be it static analysis or model checking, the first step is to formalize the semantics of the programming language that the smart contracts are written in. Such semantics should not ⋆ The author was also affiliated with SRI International as an intern during this project.

show abstract

Section: Examplementioning

confidence: 99%

Section: Examplementioning

confidence: 99%

Section: Examplementioning

confidence: 99%

Section: Examplementioning

confidence: 99%

See 2 more Smart Citations

SMT-Friendly Formalization of the Solidity Memory Model

Hajdu

Jovanović

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…There has been a great interest in applying formal methods to verify smart contracts [4,25,35]. While there are ongoing projects based on identifying specific vulnerability patterns [9,24,45,31,38,14,44], theorem provers [26,27,41,8], finite automata [33,1] or SMT [2,28,29], they all have limitations in terms of scalability, precision, expressiveness and ease of use.…”

Section: Introductionmentioning

confidence: 99%

solc-verify: A Modular Verifier for Solidity Smart Contracts

Hajdu

Jovanović

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We present solc-verify, a source-level verification tool for Ethereum smart contracts. solc-verify takes smart contracts written in Solidity and discharges verification conditions using modular program analysis and SMT solvers. Built on top of the Solidity compiler, solcverify reasons at the level of the contract source code, as opposed to the more common approaches that operate at the level of Ethereum bytecode. This enables solc-verify to effectively reason about highlevel contract properties while modeling low-level language semantics precisely. The properties, such as contract invariants, loop invariants, and function pre-and post-conditions, can be provided as annotations in the code by the developer. This enables automated, yet user-friendly formal verification for smart contracts. We demonstrate solc-verify by examining real-world examples where our tool can effectively find bugs and prove correctness of non-trivial properties with minimal user effort.

show abstract

Detecting functional and security‐related issues in smart contracts: A systematic literature review

et al. 2022

View full text Add to dashboard Cite

Blockchain is a platform of distributed elaboration, which allows users to provide software for a huge range of next-generation decentralized applications without involving reliable third parties. Smart contracts (SCs) are an important component in blockchain applications: they are programmatic agreements among two or more parties that cannot be rescinded. Furthermore, SCs have an important characteristic: they allow users to implement reliable transactions without involving third parties. However, the advantages of SCs have a price. Like any program, SCs can contain bugs, some of which may also constitute security threats. Writing correct and secure SCs can be extremely difficult because, once deployed, they cannot be modified. Although SCs have been recently introduced, a large number of approaches have been proposed to find bugs and vulnerabilities in SCs. In this article, we present a systematic literature review on the approaches for the automated detection of bugs and vulnerabilities in SCs. We survey 68 papers published between 2015 and 2020, and we annotate each paper according to our classification framework to provide quantitative results and find possible areas not explored yet. Finally, we identify the open problems in this research field to provide possible directions to future researchers.

show abstract

SMT-Based Verification of Solidity Smart Contracts

Cited by 55 publications

References 11 publications

SMT-Friendly Formalization of the Solidity Memory Model

SMT-Friendly Formalization of the Solidity Memory Model

solc-verify: A Modular Verifier for Solidity Smart Contracts

Detecting functional and security‐related issues in smart contracts: A systematic literature review

Contact Info

Product

Resources

About