A Formal Verification Framework for Security Issues of Blockchain Smart Contracts

Sun, Tianyu

doi:10.3390/electronics9020255

Cited by 55 publications

(34 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Theorem proving is a formal verification technique that encodes a target system and its properties into a mathematical logic and derives a formal proof of satisfaction of the properties by axioms and proof rules. The theorem proving technique has been employed to verify the correctness of blockchain smart contracts [33]- [36]. In [34], Amani et al extend an existing EVM (Ethereum Virtual Machine) formalization in Isabelle/HOL by a sound program logic.…”

Section: Related Workmentioning

confidence: 99%

Formal Verification of Blockchain Smart Contracts via ATL Model Checking

Nam

Kil

2022

IEEE Access

View full text Add to dashboard Cite

A blockchain is a list of data blocks as a publicly distributed ledger, which are linked together using cryptography. By allowing Turing-complete programming languages to implement smart contracts, recent blockchains such as Ethereum can reduce needs in trusted intermediators, arbitrations and enforcement costs. However, subtle errors in smart contracts have induced an enormous financial loss-for examples, the DAO attack, Parity multisignature wallet attacks, and integer underflow/overflow attacks. To identify such errors in smart contracts, various researches are performed, which are based on static analysis and theorem proving. However, they only support checking for pre-defined error patterns, or they cannot explore the whole searching space exhaustively or be fully automatic. Hence, in this paper, we propose a novel formal verification technique to analyze blockchain smart contracts by using ATL model checking.In our methodology, we represent the interaction between users and smart contracts into a two-player game and verify properties we want to check using MCMAS that is an efficient ATL model checker for multiagent systems. To the best of our knowledge, there is no work to apply ATL model checking for analysis of blockchain smart contracts. Moreover, we present three case studies to demonstrate that our proposal can successfully identify subtle flaws in real world smart contracts.INDEX TERMS Blockchain, Ethereum, Smart contracts, Formal verification, Alternating-time temporal logic (ATL), ATL model checking.

show abstract

Section: Related Workmentioning

confidence: 99%

Formal Verification of Blockchain Smart Contracts via ATL Model Checking

Nam

Kil

2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Nowadays there are many tools for the analysis of vulnerabilities in smart contracts and new ones appearing all the time. We have focused in this work on analyzing vulnerabilities in the source code of smart contracts, although there are other works that focus on vulnerabilities in consensus protocols, such as [19,20] or formal verification tools like [21].…”

Section: Background and Related Workmentioning

confidence: 99%

A security framework for Ethereum smart contracts

Vivar

Orozco

Villalba

2021

Computer Communications

View full text Add to dashboard Cite

“…Ethereum [47] and Hyperledger Fabric [48] are the two most popular blockchain application development platforms. Their underlying technologies are the same.…”

Section: Blockchainmentioning

confidence: 99%

Intrusion Detection System for the Internet of Things Based on Blockchain and Multi-Agent Systems

et al. 2020

View full text Add to dashboard Cite

With the popularity of Internet of Things (IoT) technology, the security of the IoT network has become an important issue. Traditional intrusion detection systems have their limitations when applied to the IoT network due to resource constraints and the complexity. This research focusses on the design, implementation and testing of an intrusion detection system which uses a hybrid placement strategy based on a multi-agent system, blockchain and deep learning algorithms. The system consists of the following modules: data collection, data management, analysis, and response. The National security lab–knowledge discovery and data mining NSL-KDD dataset is used to test the system. The results demonstrate the efficiency of deep learning algorithms when detecting attacks from the transport layer. The experiment indicates that deep learning algorithms are suitable for intrusion detection in IoT network environment.

show abstract

A Formal Verification Framework for Security Issues of Blockchain Smart Contracts

Cited by 55 publications

References 19 publications

Formal Verification of Blockchain Smart Contracts via ATL Model Checking

Formal Verification of Blockchain Smart Contracts via ATL Model Checking

A security framework for Ethereum smart contracts

Intrusion Detection System for the Internet of Things Based on Blockchain and Multi-Agent Systems

Contact Info

Product

Resources

About