61,514 research outputs found

    Contracts for Interacting Two-Party Systems

    Full text link
    This article deals with the interrelation of deontic operators in contracts -- an aspect often neglected when considering only one of the involved parties. On top of an automata-based semantics we formalise the onuses that obligations, permissions and prohibitions on one party impose on the other. Such formalisation allows for a clean notion of contract strictness and a derived notion of contract conflict that is enriched with issues arising from party interdependence.Comment: In Proceedings FLACOS 2012, arXiv:1209.169

    Dealing with the hypothetical in contracts

    Get PDF
    The notion of a contract as an agreement regulating the behaviour of two (or more) parties has long been studied, with most work focusing on the interaction between the contract and the parties. This view limits the analysis of contracts as first-class entities — which can be studied independently of the parties they regulate. Deontic logic [1] has long sought to take a contract-centric view, but has been marred with problems arising from paradoxes and practical oddities [2]. Within the field of computer science, the holy grail of contracts is that of a deontic logic sufficiently expressive to enable reasoning about real-life contracts but sufficiently restricted to avoid paradoxes and to be computationally tractable. Contract automata [3–5] have been proposed as a way of expressing the expected behaviour of interacting systems, encompassing the deontic notions of obligation, prohibition and permission. For instance, the contract automaton shown in Fig. 1 expresses the contract which states that ‘the client is permitted to initialise a service, after which, he or she is obliged to submit valid user credentials and the provider is prohibited from increasing the price of the service.’ Note that the states are tagged with the deontic information, explicitly stating what actions are obliged (O), permitted (P) and forbidden (F) by which party (given in the subscript). The transitions are tagged with actions which when taken by the parties induce a change of state, with ∗ being used as shorthand to denote anything-else.peer-reviewe

    A Concurrent Perspective on Smart Contracts

    Get PDF
    In this paper, we explore remarkable similarities between multi-transactional behaviors of smart contracts in cryptocurrencies such as Ethereum and classical problems of shared-memory concurrency. We examine two real-world examples from the Ethereum blockchain and analyzing how they are vulnerable to bugs that are closely reminiscent to those that often occur in traditional concurrent programs. We then elaborate on the relation between observable contract behaviors and well-studied concurrency topics, such as atomicity, interference, synchronization, and resource ownership. The described contracts-as-concurrent-objects analogy provides deeper understanding of potential threats for smart contracts, indicate better engineering practices, and enable applications of existing state-of-the-art formal verification techniques.Comment: 15 page

    Retractable Contracts

    Get PDF
    In calculi for modelling communication protocols, internal and external choices play dual roles. Two external choices can be viewed naturally as dual too, as they represent an agreement between the communicating parties. If the interaction fails, the past agreements are good candidates as points where to roll back, in order to take a different agreement. We propose a variant of contracts with synchronous rollbacks to agreement points in case of deadlock. The new calculus is equipped with a compliance relation which is shown to be decidable.Comment: In Proceedings PLACES 2015, arXiv:1602.0325

    Obligations of trust for privacy and confidentiality in distributed transactions

    Get PDF
    Purpose – This paper aims to describe a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. The authors introduce the concept of the obligation of trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which the authors term a notification of obligation (NoB), as well as their commitments to fulfilling each other's requirements, which the authors term signed acceptance of obligations (SAO). The authors seek to describe some applicability of these concepts and to show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control. Design/methodology/approach – Existing access control and privacy protection systems are typically unilateral and provider-centric, in that the enterprise service provider assigns the access rights, makes the access control decisions, and determines the privacy policy. There is no negotiation between the client and the service provider about which access control or privacy policy to use. The authors adopt a symmetric, more user-centric approach to privacy protection and authorization, which treats the client and service provider as peers, in which both can stipulate their requirements and capabilities, and hence negotiate terms which are equally acceptable to both parties. Findings – The authors demonstrate how the obligation of trust protocol can be used in a number of different scenarios to improve upon the mechanisms that are currently available today. Practical implications – This approach will serve to increase trust in distributed transactions since each communicating party receives a difficult to repudiate digitally signed acceptance of obligations, in a standard language (XACML), which can be automatically enforced by their respective computing machinery. Originality/value – The paper adds to current research in trust negotiation, privacy protection and authorization by combining all three together into one set of standardized protocols. Furthermore, by providing hard to repudiate signed acceptance of obligations messages, this strengthens the legal case of the injured party should a dispute arise
    • 

    corecore