5,873 research outputs found
GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts
We present the main concepts, components, and usage of GASOL, a Gas AnalysiS
and Optimization tooL for Ethereum smart contracts. GASOL offers a wide variety
of cost models that allow inferring the gas consumption associated to selected
types of EVM instructions and/or inferring the number of times that such types
of bytecode instructions are executed. Among others, we have cost models to
measure only storage opcodes, to measure a selected family of gas-consumption
opcodes following the Ethereum's classification, to estimate the cost of a
selected program line, etc. After choosing the desired cost model and the
function of interest, GASOL returns to the user an upper bound of the cost for
this function. As the gas consumption is often dominated by the instructions
that access the storage, GASOL uses the gas analysis to detect under-optimized
storage patterns, and includes an (optional) automatic optimization of the
selected function. Our tool can be used within an Eclipse plugin for Solidity
which displays the gas and instructions bounds and, when applicable, the
gas-optimized Solidity function
Harnessing Flexible and Reliable Demand Response Under Customer Uncertainties
Demand response (DR) is a cost-effective and environmentally friendly
approach for mitigating the uncertainties in renewable energy integration by
taking advantage of the flexibility of customers' demands. However, existing DR
programs suffer from either low participation due to strict commitment
requirements or not being reliable in voluntary programs. In addition, the
capacity planning for energy storage/reserves is traditionally done separately
from the demand response program design, which incurs inefficiencies. Moreover,
customers often face high uncertainties in their costs in providing demand
response, which is not well studied in literature.
This paper first models the problem of joint capacity planning and demand
response program design by a stochastic optimization problem, which
incorporates the uncertainties from renewable energy generation, customer power
demands, as well as the customers' costs in providing DR. We propose online DR
control policies based on the optimal structures of the offline solution. A
distributed algorithm is then developed for implementing the control policies
without efficiency loss. We further offer enhanced policy design by allowing
flexibilities into the commitment level. We perform real world trace based
numerical simulations. Results demonstrate that the proposed algorithms can
achieve near optimal social costs, and significant social cost savings compared
to baseline methods
EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts
Recent attacks exploiting errors in smart contract code had devastating
consequences thereby questioning the benefits of this technology. It is
currently highly challenging to fix errors and deploy a patched contract in
time. Instant patching is especially important since smart contracts are always
online due to the distributed nature of blockchain systems. They also manage
considerable amounts of assets, which are at risk and often beyond recovery
after an attack. Existing solutions to upgrade smart contracts depend on manual
and error-prone processes. This paper presents a framework, called EVMPatch, to
instantly and automatically patch faulty smart contracts. EVMPatch features a
bytecode rewriting engine for the popular Ethereum blockchain, and
transparently/automatically rewrites common off-the-shelf contracts to
upgradable contracts. The proof-of-concept implementation of EVMPatch
automatically hardens smart contracts that are vulnerable to integer
over/underflows and access control errors, but can be easily extended to cover
more bug classes. Our extensive evaluation on 14,000 real-world (vulnerable)
contracts demonstrate that our approach successfully blocks attack transactions
launched on these contracts, while keeping the intended functionality of the
contract intact. We perform a study with experienced software developers,
showing that EVMPatch is practical, and reduces the time for converting a given
Solidity smart contract to an upgradable contract by 97.6 %, while ensuring
functional equivalence to the original contract.Comment: A slightly shorter version of this paper will be published at USENIX
Security Symposium 202
- …