11 research outputs found
ConCert: A Smart Contract Certification Framework in Coq
We present a new way of embedding functional languages into the Coq proof
assistant by using meta-programming. This allows us to develop the meta-theory
of the language using the deep embedding and provides a convenient way for
reasoning about concrete programs using the shallow embedding. We connect the
deep and the shallow embeddings by a soundness theorem. As an instance of our
approach, we develop an embedding of a core smart contract language into Coq
and verify several important properties of a crowdfunding contract based on a
previous formalisation of smart contract execution in blockchains.Comment: Extended the related work section. Significantly extended sections on
translation and semantics. Added more examples and details about the
formalisation. Commented of unquote and the trusted computing base. Commented
on adequac
Inter-Blockchain Protocols with the Isabelle Infrastructure Framework
The main incentives of blockchain technology are distribution and distributed change, consistency, and consensus. Beyond just being a distributed ledger for digital currency, smart contracts add transaction protocols to blockchains to execute terms of a contract in a blockchain network. Inter-blockchain (IBC) protocols define and control exchanges between different blockchains.
The Isabelle Infrastructure framework {has been designed to} serve security and privacy for IoT architectures by formal specification and stepwise attack analysis and refinement. A major case study of this framework is a distributed health care scenario for data consistency for GDPR compliance. This application led to the development of an abstract system specification of blockchains for IoT infrastructures.
In this paper, we first give a summary of the concept of IBC. We then introduce an instantiation of the Isabelle Infrastructure framework to model blockchains. Based on this we extend this model to instantiate different blockchains and formalize IBC protocols. We prove the concept by defining the generic property of global consistency and prove it in Isabelle
Inter-blockchain protocols with the Isabelle Infrastructure framework
The main incentives of blockchain technology are distribution and distributed change, consistency, and consensus. Beyond just being a distributed ledger for digital currency, smart contracts add transaction protocols to blockchains to execute terms of a contract in a blockchain network. Inter-blockchain (IBC) protocols define and control exchanges between different blockchains.
The Isabelle Infrastructure framework has been designed to serve security and privacy for IoT architectures by formal specification and stepwise attack analysis and refinement. A major case study of this framework is a distributed health care scenario for data consistency for GDPR compliance. This application led to the development of an abstract system specification of blockchains for IoT infrastructures.
In this paper, we first give a summary of the concept of IBC. We then introduce an instantiation of the Isabelle Infrastructure framework to model blockchains. Based on this we extend this model to instantiate different blockchains and formalize IBC protocols. We prove the concept by defining the generic property of global consistency and prove it in Isabelle
Multi: a Formal Playground for Multi-Smart Contract Interaction
Blockchains are maintained by a network of participants that run algorithms
designed to maintain collectively a distributed machine tolerant to Byzantine
attacks. From the point of view of users, blockchains provide the illusion of
centralized computers that perform trustable verifiable computations, where all
computations are deterministic and the results cannot be manipulated or undone.
Smart-contracts are written in a special-purpose programming language with
deterministic semantics. Each transaction begins with an invocation from an
external user to a smart contract. Contracts have local storage and can call
other contracts, and more importantly, they store, send and receive
cryptocurrency. It is very important to guarantee that contracts are correct
before deployment since their code cannot be modified afterward deployment.
However, the resulting ecosystem makes it very difficult to reason about
program correctness, since contracts can be executed by malicious users or
malicious contracts can be designed to exploit other contracts that call them.
Many attacks and bugs are caused by unexpected interactions between multiple
contracts, the attacked contract and unknown code that performs the exploit.
Moreover, there is a very aggressive competition between different blockchains
to expand their user base. Ideas are implemented fast and blockchains compete
to offer and adopt new features quickly. In this paper, we propose a formal
extensible playground that allows reasoning about multi-contract interactions
to ultimately prove properties before features are incorporated into the real
blockchain. We implemented a model of computation that models the execution
platform, abstracts the internal code of each individual contract and focuses
on contract interactions. Moreover, we show how many features, existing or
proposed, can be used to reason about multi-contract interactions
Multi: A Formal Playground for Multi-Smart Contract Interaction
Blockchains are maintained by a network of participants, miner nodes, that run algorithms designed to maintain collectively a distributed machine tolerant to Byzantine attacks. From the point of view of users, blockchains provide the illusion of centralized computers that perform trustable verifiable computations, where all computations are deterministic and the results cannot be manipulated or undone.
Every blockchain is equipped with a crypto-currency. Programs running on blockchains are called smart-contracts and are written in a special-purpose programming language with deterministic semantics. Each transaction begins with an invocation from an external user to a smart contract. Smart contracts have local storage and can call other contracts, and more importantly, they store, send and receive cryptocurrency.
Once installed in a blockchain, the code of the smart-contract cannot be modified. Therefore, it is very important to guarantee that contracts are correct before deployment. However, the resulting ecosystem makes it very difficult to reason about program correctness, since smart-contracts can be executed by malicious users or malicious smart-contracts can be designed to exploit other contracts that call them. Many attacks and bugs are caused by unexpected interactions between multiple contracts, the attacked contract and unknown code that performs the exploit.
Moreover, there is a very aggressive competition between different blockchains to expand their user base. Ideas are implemented fast and blockchains compete to offer and adopt new features quickly.
In this paper, we propose a formal playground that allows reasoning about multi-contract interactions and is extensible to incorporate new features, study their behaviour and ultimately prove properties before features are incorporated into the real blockchain. We implemented a model of computation that models the execution platform, abstracts the internal code of each individual contract and focuses on contract interactions. Even though our Coq implementation is still a work in progress, we show how many features, existing or proposed, can be used to reason about multi-contract interactions