Specular: Towards Trust-minimized Blockchain Execution Scalability with EVM-native Fraud Proofs

An optimistic rollup (ORU) enables refereed delegation of computation from a blockchain (L1) to an untrusted remote system (L2), by allowing state updates posted on-chain to be disputed by any party via an interactive fraud proof (IFP) protocol. Existing systems that utilize this technique have demonstrated up to a 20x reduction in transaction fees. The most popular ORUs today, in active development, strive to extend existing Ethereum client software to support IFP construction, aiming to reuse prior L1 engineering efforts and replicate Ethereum Virtual Machine (EVM) semantics at L2. Unfortunately, to do so they tightly couple their on-chain IFP verifier with a specific client program binary--oblivious to its higher-level semantics. We argue that this approach (1) precludes the trust-minimized, permissionless participation of multiple Ethereum client programs, magnifying monoculture failure risk; (2) leads to an unnecessarily large and complex trusted computing base that is difficult to independently audit; and, (3) suffers from a frequently-triggered, yet opaque upgrade process--both further increasing auditing overhead and complicating on-chain access control. In this work, we aim to build a secure, trust-minimized ORU that addresses these problems, while preserving scalability and dispute resolution efficiency. To do so, we design an IFP system native to the EVM, that enforces Ethereum's specified semantics precisely at the level of a single EVM instruction. We present Specular, an ORU which leverages an off-the-shelf Ethereum client--modified minimally to support IFP construction--demonstrating the practicality of our approach

Transactional Scripts in Contract Stacks

Deals accomplished through software persistently residing on computer networks—sometimes called smart contracts, but better termed transactional scripts—embody a potentially revolutionary contracting innovation. Ours is the first precise account in the legal literature of how such scripts are created, and when they produce errors of legal significance.Scripts’ most celebrated use case is for transactions operating exclusively on public, permissionless, blockchains: such exchanges eliminate the need for trusted intermediaries and seem to permit parties to commit ex ante to automated performance. But public transactional scripts are costly both to develop and execute, with significant fees imposed for data storage. Worse, bugs practically can’t be eliminated. The result is that many scripts will terminate in misunderstanding, frustrated intent and failure.When code misdelivers, disappointed parties will seek legal recourse. We argue that jurists should situate scripts within other legally operative statements and disclosures, or contract stacks. Precision about the relationship between script and stack sustains a novel framework, rooted in old doctrines of interpretation, parol evidence and equity, that will help jurists compile answers to the private law problems that digitized exchange entails

Static analysis of concurrrent and distributed systems: concurrent objects and Ethereum Bytecode

Tesis de la Universidad Complutense de Madrid, Facultad de Informática, leída el 23-01-2020Hoy en día la concurrencia y la distribución se han convertido en una parte fundamental del proceso de desarrollo de software. Indiscutiblemente, Internet y el uso cada vez más extendido de los procesadores multicore ha influido en el tipo de aplicaciones que se desarrollan. Esto ha dado lugar a la creación de distintos modelos de concurrencia .En particular, uno de los modelos de concurrencia que está ganando importancia es el modelo de objetos concurrentes basado en actores. En este modelo, los objetos (denominados actores) son las unidades de concurrencia. Cada objeto tiene su propio procesador y un estado local. La comunicación entre los mismos se lleva a cabo mediante el paso de mensajes. Cuando un objeto recibe un mensaje puede: actualizar su estado, mandar mensajes o crear nuevos objetos. Es bien sabido que la creación de programas concurrentes correctos es más compleja que la de programas secuenciales ya que es necesario tener en cuenta distintos aspectos inherentes a la concurrencia como los errores asociados a las carreras de datos o a los interbloqueos. Con el n de asegurar el correcto comportamiento de estos programas concurrentes se han desarrollado distintas técnicas de análisis estático y verificación para los diversos modelos de concurrencia existentes...Nowadays concurrency and distribution have become a fundamental part in the softwaredevelopment process. The Internet and the more extended use of multicore processorshave in uenced the type of the applications which are being developed. This has lead tothe creation of several concurrency models. In particular, a concurrency model that isgaining popularity is the actor model, the basis for concurrent objects. In this model,the objects (actors) are the concurrent units. Each object has its own processor and alocal state, and the communication between them is carried out using message passing.In response to receiving a message, an actor can update its local state, send messages orcreate new objects.Developing correct concurrent programs is known to be harder than writing sequentialones because of inherent aspects of concurrency such as data races or deadlocks. To ensurethe correct behavior of concurrent programs, static analyses and verication techniqueshave been developed for the diverse existent concurrency models...Fac. de InformáticaTRUEunpu

A Survey of Challenges for Runtime Verification from Advanced Application Domains (Beyond Software)

Runtime verification is an area of formal methods that studies the dynamic analysis of execution traces against formal specifications. Typically, the two main activities in runtime verification efforts are the process of creating monitors from specifications, and the algorithms for the evaluation of traces against the generated monitors. Other activities involve the instrumentation of the system to generate the trace and the communication between the system under analysis and the monitor. Most of the applications in runtime verification have been focused on the dynamic analysis of software, even though there are many more potential applications to other computational devices and target systems. In this paper we present a collection of challenges for runtime verification extracted from concrete application domains, focusing on the difficulties that must be overcome to tackle these specific challenges. The computational models that characterize these domains require to devise new techniques beyond the current state of the art in runtime verification