Formal Methods for Secure Bitcoin Smart Contracts

The notion of smart contracts was introduced in 1997 by Nick Szabo, to describe agreements among mutually distrusting parties that can be automatically enforced without resorting to a trusted intermediary. Then, the idea was mostly forgotten due to the technical impossibility to implement it. The advent of distributed ledger technologies, pioneered by Bitcoin, provided a technical foundation to reshape and develop smart contracts. Since smart contracts handle the ownership of valuable assets, attackers may be tempted to exploit vulnerabilities in their implementation to steal or tamper with these assets. For instance, a series of vulnerabilities in Ethereum contracts have been exploited, causing money losses in the order of hundreds of millions of dollars. Over the last years, a variety of smart contracts for Bitcoin have been proposed, both by the academic community and by that of developers. However, the heterogeneity in their treatment, the informal (often incomplete or imprecise) descriptions, and the use of poorly documented Bitcoin features, poses obstacles to the development of secure smart contracts. Using formal models and domain-specific languages to describe the behaviour of the underlying platform, and to model contracts, could help to overcome these security issues, by reducing the distance between the intended behaviour of a contract and the implementation. In this thesis, we propose a formal model of Bitcoin transactions, which is the foundation for a new process algebra for defining Bitcoin smart contracts. Furthermore, we present a toolchain for developing smart contracts in BitML, a domain-specific language based on the contributions of this thesis. Moreover, we propose a new extension to Bitcoin, called neighbourhood covenants, which extends its expressiveness as a smart contract platform. We then exploit neighbourhood covenants to implement fungible tokens on Bitcoin

Formal Models of Bitcoin Contracts: A Survey

Although Bitcoin is mostly used as a decentralized application to transfer cryptocurrency, over the last 10 years there have been several studies on how to exploit Bitcoin to execute smart contracts. These are computer protocols which allow users to exchange bitcoins according to complex pre-agreed rules. Some of these studies introduce formal models of Bitcoin contracts, which specify their behavior in non-ambiguous terms, in some cases providing tools to automatically verify relevant contract properties. In this paper, we survey the formal models proposed in the scientific literature, comparing their expressiveness and applicability in the wild

Verifying liquidity of recursive Bitcoin contracts

Smart contracts - computer protocols that regulate the exchange of crypto-assets in trustless environments - have become popular with the spread of blockchain technologies. A landmark security property of smart contracts is liquidity: in a non-liquid contract, it may happen that some assets remain frozen, i.e. not redeemable by anyone. The relevance of this issue is witnessed by recent liquidity attacks to Ethereum, which have frozen hundreds of USD millions. We address the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion. Our main result is a verification technique for liquidity. We first transform the infinite-state semantics of BitML into a finite-state one, which focusses on the behaviour of a chosen set of contracts, abstracting from the moves of the context. With respect to the chosen contracts, this abstraction is sound, i.e. if the abstracted contract is liquid, then also the concrete one is such. We then verify liquidity by model-checking the finite-state abstraction. We implement a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin, and we assess it through a benchmark of representative contracts.Comment: arXiv admin note: text overlap with arXiv:2003.0029

Principles of Security and Trust

This open access book constitutes the proceedings of the 8th International Conference on Principles of Security and Trust, POST 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 10 papers presented in this volume were carefully reviewed and selected from 27 submissions. They deal with theoretical and foundational aspects of security and trust, including on new theoretical results, practical applications of existing foundational ideas, and innovative approaches stimulated by pressing practical problems

Dissecting Smart Contract Languages: A Survey

Blockchain is a distributed ledger technology that gained popularity for enabling the transformation of cryptocurrency among peers without mediation by a centralized third-party authority. Smart contracts expand the applications of blockchain technology and have played a role in its widespread adoption. Smart contracts are immutable digital programs that are deployed on blockchains to codify agreements between parties. Existing smart contract implementations have faced challenges, including security vulnerabilities, leading to significant losses and concerns. This has stimulated a wave of attempts to improve Smart Contract Languages (SCLs) to overcome implementation challenges and ensure code quality, producing many languages with diverse features. Scholars have made some attempts to classify SCLs and clarify the process of selecting an SCL, but to the best of our knowledge, no comprehensive survey of existing SCLs has been published. Our work surpasses earlier efforts by evaluating a significantly larger set of SCLs, in greater depth, to ease the process of SCL selection for blockchain research and implementation. In this paper, we (1) propose a robust framework for comparing existing SCLs, (2) analyze and discuss 36 SCLs, addressing issues beyond those used to construct the comparison framework, and (3) define new parameters for future research and development of SCLs. The survey provides a guide for those who intend to select or use an SCL to implement smart contracts, develop new SCLs, or add new extensions to the existing SCLs

Principles of Security and Trust

This open access book constitutes the proceedings of the 8th International Conference on Principles of Security and Trust, POST 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 10 papers presented in this volume were carefully reviewed and selected from 27 submissions. They deal with theoretical and foundational aspects of security and trust, including on new theoretical results, practical applications of existing foundational ideas, and innovative approaches stimulated by pressing practical problems

A Service-Oriented Perspective on Blockchain Smart Contracts

Smart contracts turn blockchains into distributed computing platforms. This article studies whether smart contracts as implemented by state-of-the-art blockchain technology may serve as component technology for a computing paradigm like service-oriented computing (SOC) in the blockchain, in order to foster reuse and increase cost-effectiveness