Smart Types for Smart Contracts Validation

Detalhes bibliográficos
Autor(a) principal: Corte, Ronaldo Ludgero Abreu da
Data de Publicação: 2023
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10362/161077
Resumo: The notion of Smart Contracts consist in describing agreements between two or more parties that can be automatically enforced without a trusted intermediary. Smart Con- tracts run on a very specific network of peers called Blockchain, a a digitally distributed, decentralized, public ledger that exists across a network. Potential conflicts are resolved by the network’s consensus protocol. The Blockchain [26] is immutable, this means that once a Smart Contract is deployed on the Blockchain it cannot be amended. This immutability (despite being one important selling point of Smart Contracts) leave no room for mistakes in their implementation. Many contracts are hard to implement correctly and bugs and vulnerabilities can be exploited for erroneous or even fraudulent behaviour. The countless advantages and applications of Smart contracts are constantly increas- ing their popularity. This added to the fact that Smart Contracts manipulate resources with monetary value is bringing a lot of attention to attackers. There are a lot of infamous Smart Contracts attacks, the DAO Attack per example drained millions of dollars in Ether (cryptocurrency of Ethereum). Mainstream tools used to develop distributed Smart Contracts do not address these requirements. Consequently, many vulnerabilities of these contracts are known and can be exploited. In order to help developers to design safer contracts that follow their protocols and specifications we propose a language integrated with assertions and a static behavioural type system able of protecting resources and enforce usage protocols to ensure the safety and soundness in Smart Contracts execution. Since proof assistants are too demanding for most developers, there is a need for automatic tools well integrated with programming languages. Therefore, we joined our language with a model-checker to discharge to it the quantitative assertions during the compilation process. In short, we provided a translation of the types and assertions to an automaton in the format of Cubicle’s (model checker) input language and used this one to conduct Software Verification.
id RCAP_39204905af30887b5fcc678173929d50
oai_identifier_str oai:run.unl.pt:10362/161077
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Smart Types for Smart Contracts ValidationSmart ContractsBlockchainprogramming LanguagessafetySoundnessTypecheckingDomínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e InformáticaThe notion of Smart Contracts consist in describing agreements between two or more parties that can be automatically enforced without a trusted intermediary. Smart Con- tracts run on a very specific network of peers called Blockchain, a a digitally distributed, decentralized, public ledger that exists across a network. Potential conflicts are resolved by the network’s consensus protocol. The Blockchain [26] is immutable, this means that once a Smart Contract is deployed on the Blockchain it cannot be amended. This immutability (despite being one important selling point of Smart Contracts) leave no room for mistakes in their implementation. Many contracts are hard to implement correctly and bugs and vulnerabilities can be exploited for erroneous or even fraudulent behaviour. The countless advantages and applications of Smart contracts are constantly increas- ing their popularity. This added to the fact that Smart Contracts manipulate resources with monetary value is bringing a lot of attention to attackers. There are a lot of infamous Smart Contracts attacks, the DAO Attack per example drained millions of dollars in Ether (cryptocurrency of Ethereum). Mainstream tools used to develop distributed Smart Contracts do not address these requirements. Consequently, many vulnerabilities of these contracts are known and can be exploited. In order to help developers to design safer contracts that follow their protocols and specifications we propose a language integrated with assertions and a static behavioural type system able of protecting resources and enforce usage protocols to ensure the safety and soundness in Smart Contracts execution. Since proof assistants are too demanding for most developers, there is a need for automatic tools well integrated with programming languages. Therefore, we joined our language with a model-checker to discharge to it the quantitative assertions during the compilation process. In short, we provided a translation of the types and assertions to an automaton in the format of Cubicle’s (model checker) input language and used this one to conduct Software Verification.Ravara, AntónioPereira, MárioRUNCorte, Ronaldo Ludgero Abreu da2023-12-11T19:17:20Z2023-012023-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10362/161077enginfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-03-11T05:43:49Zoai:run.unl.pt:10362/161077Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T03:58:19.598514Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Smart Types for Smart Contracts Validation
title Smart Types for Smart Contracts Validation
spellingShingle Smart Types for Smart Contracts Validation
Corte, Ronaldo Ludgero Abreu da
Smart Contracts
Blockchain
programming Languages
safety
Soundness
Typechecking
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
title_short Smart Types for Smart Contracts Validation
title_full Smart Types for Smart Contracts Validation
title_fullStr Smart Types for Smart Contracts Validation
title_full_unstemmed Smart Types for Smart Contracts Validation
title_sort Smart Types for Smart Contracts Validation
author Corte, Ronaldo Ludgero Abreu da
author_facet Corte, Ronaldo Ludgero Abreu da
author_role author
dc.contributor.none.fl_str_mv Ravara, António
Pereira, Mário
RUN
dc.contributor.author.fl_str_mv Corte, Ronaldo Ludgero Abreu da
dc.subject.por.fl_str_mv Smart Contracts
Blockchain
programming Languages
safety
Soundness
Typechecking
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
topic Smart Contracts
Blockchain
programming Languages
safety
Soundness
Typechecking
Domínio/Área Científica::Engenharia e Tecnologia::Engenharia Eletrotécnica, Eletrónica e Informática
description The notion of Smart Contracts consist in describing agreements between two or more parties that can be automatically enforced without a trusted intermediary. Smart Con- tracts run on a very specific network of peers called Blockchain, a a digitally distributed, decentralized, public ledger that exists across a network. Potential conflicts are resolved by the network’s consensus protocol. The Blockchain [26] is immutable, this means that once a Smart Contract is deployed on the Blockchain it cannot be amended. This immutability (despite being one important selling point of Smart Contracts) leave no room for mistakes in their implementation. Many contracts are hard to implement correctly and bugs and vulnerabilities can be exploited for erroneous or even fraudulent behaviour. The countless advantages and applications of Smart contracts are constantly increas- ing their popularity. This added to the fact that Smart Contracts manipulate resources with monetary value is bringing a lot of attention to attackers. There are a lot of infamous Smart Contracts attacks, the DAO Attack per example drained millions of dollars in Ether (cryptocurrency of Ethereum). Mainstream tools used to develop distributed Smart Contracts do not address these requirements. Consequently, many vulnerabilities of these contracts are known and can be exploited. In order to help developers to design safer contracts that follow their protocols and specifications we propose a language integrated with assertions and a static behavioural type system able of protecting resources and enforce usage protocols to ensure the safety and soundness in Smart Contracts execution. Since proof assistants are too demanding for most developers, there is a need for automatic tools well integrated with programming languages. Therefore, we joined our language with a model-checker to discharge to it the quantitative assertions during the compilation process. In short, we provided a translation of the types and assertions to an automaton in the format of Cubicle’s (model checker) input language and used this one to conduct Software Verification.
publishDate 2023
dc.date.none.fl_str_mv 2023-12-11T19:17:20Z
2023-01
2023-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10362/161077
url http://hdl.handle.net/10362/161077
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799138164568227840

Registros relacionados