A Concurrent Perspective on Smart Contracts

In this paper, we explore remarkable similarities between multi-transactional behaviors of smart contracts in cryptocurrencies such as Ethereum and classical problems of shared-memory concurrency. We examine two real-world examples from the Ethereum blockchain and analyzing how they are vulnerable to bugs that are closely reminiscent to those that often occur in traditional concurrent programs. We then elaborate on the relation between observable contract behaviors and well-studied concurrency topics, such as atomicity, interference, synchronization, and resource ownership. The described contracts-as-concurrent-objects analogy provides deeper understanding of potential threats for smart contracts, indicate better engineering practices, and enable applications of existing state-of-the-art formal verification techniques.Comment: 15 page

Targeted Greybox Fuzzing with Static Lookahead Analysis

Automatic test generation typically aims to generate inputs that explore new paths in the program under test in order to find bugs. Existing work has, therefore, focused on guiding the exploration toward program parts that are more likely to contain bugs by using an offline static analysis. In this paper, we introduce a novel technique for targeted greybox fuzzing using an online static analysis that guides the fuzzer toward a set of target locations, for instance, located in recently modified parts of the program. This is achieved by first semantically analyzing each program path that is explored by an input in the fuzzer's test suite. The results of this analysis are then used to control the fuzzer's specialized power schedule, which determines how often to fuzz inputs from the test suite. We implemented our technique by extending a state-of-the-art, industrial fuzzer for Ethereum smart contracts and evaluate its effectiveness on 27 real-world benchmarks. Using an online analysis is particularly suitable for the domain of smart contracts since it does not require any code instrumentation---instrumentation to contracts changes their semantics. Our experiments show that targeted fuzzing significantly outperforms standard greybox fuzzing for reaching 83% of the challenging target locations (up to 14x of median speed-up)

ConCert: A Smart Contract Certification Framework in Coq

We present a new way of embedding functional languages into the Coq proof assistant by using meta-programming. This allows us to develop the meta-theory of the language using the deep embedding and provides a convenient way for reasoning about concrete programs using the shallow embedding. We connect the deep and the shallow embeddings by a soundness theorem. As an instance of our approach, we develop an embedding of a core smart contract language into Coq and verify several important properties of a crowdfunding contract based on a previous formalisation of smart contract execution in blockchains.Comment: Extended the related work section. Significantly extended sections on translation and semantics. Added more examples and details about the formalisation. Commented of unquote and the trusted computing base. Commented on adequac

Detecting vulnerabilities in smart contract within blockchain: a review and comparative analysis of key approaches

Blockchain technology was created with security in mind. However, in recent years, there has been various confirmed cases of breach, worth billions of dollars loss in Blockchain associated to smart contracts. In order to address this growing concern, it is crucial to investigate detection and mitigation of vulnerabilities in smart contract, and this paper critically reviews and analyses key approaches for detecting vulnerabilities in smart contract within Blockchain. In order to achieve the purpose of this paper, five key approaches, notably the application of OWASP Top 10, SCSVS, vulnerability detection tools, fuzz testing and the AI-driven approaches are critically reviewed and compared. As part of the comparison performed, a penetration testing quality model was applied to study six quality metrics, notably extensibility, maintainability, domain coverage, usability, availability and reliability. Results revealed limitations of the studied vulnerability detection approaches and findings are expected to help in decision making especially when selecting approaches to be used during security analysis and pen-testing