FEther: An Extensible Definitional Interpreter for Smart-Contract Verifications in Coq

Yang, Zheng; Lei, Hang

doi:10.1109/access.2019.2905428

Cited by 29 publications

(28 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There have been notably a few works on the source code level, for example Bhargavan et al . (2016), Yang and Lei (2019). However, they require the analysts to learn another language to reinterpret the applications; and the learning curve of these languages is steep.…”

Section: Discussionmentioning

confidence: 99%

“…In addition, the formal verification in this work only focuses on the application design; the implementation may introduce vulnerabilities; therefore, formal verification on the implementation is needed. There have been notably a few works on the source code level, for example Bhargavan et al (2016), Yang and Lei (2019). However, they require the analysts to learn another language to reinterpret the applications; and the learning curve of these languages is steep.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

A blockchain-based decentralized booking system

Dong

Bai

Huang

et al. 2020

The Knowledge Engineering Review

View full text Add to dashboard Cite

Blockchain technology has rapidly emerged as a decentralized trusted network to replace the traditional centralized intermediator. Especially, the smart contracts that are based on blockchain allow users to define the agreed behaviour among them, the execution of which will be enforced by the smart contracts. Based on this, we propose a decentralized booking system that uses the blockchain as the intermediator between hoteliers and travellers. The system enjoys the trustworthiness of blockchain, improves efficiency and reduces the cost of the traditional booking agencies. The design of the system has been formally modelled using the CSP# language and verified using the model checker Process Analysis Toolkit. We have implemented a prototype decentralized booking system based on the Ethereum ecosystem.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

A blockchain-based decentralized booking system

Dong

Bai

Huang

et al. 2020

The Knowledge Engineering Review

View full text Add to dashboard Cite

show abstract

“…Thus, compared with other static analysis tools that must assume the correctness of the TCB, the smart contract verifications that take the proposed FSPVM-E as the TCB must only trust the TCOC. The corresponding verification details are given elsewhere [11,31,32]. At present, the core functions of FSPVM-E, which includes 74 theorems and 183 lemmas in Coq, have been completely verified.…”

Section: A Minimum Trusted Computational Basementioning

confidence: 99%

“…In response to this issue, we optimized FEther [32] by applying three proposed optimization schemes, including redefining semantics, deeply embedding, and multiple pumps. This optimized version of FEther is that employed for the proposed FSPVM-E discussed in the present report.…”

Section: High Evaluation Efficiencymentioning

confidence: 99%

A Hybrid Formal Verification System in Coq for Ensuring the Reliability and Security of Ethereum-Based Service Smart Contracts

Yang¹,

Lei²,

Qian³

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

This paper reports a formal symbolic process virtual machine (FSPVM) denoted as FSPVM-E for verifying the reliability and security of Ethereum-based services at the source code level of smart contracts. A Coq proof assistant is employed for programming the system and for proving its correctness. The current version of FSPVM-E adopts execution-verification isomorphism, which is an application extension of Curry-Howard isomorphism, as its fundamental theoretical framework to combine symbolic execution and higher-order logic theorem proving. The four primary components of FSPVM-E include a general, extensible, and reusable formal memory framework, an extensible and universal formal intermediate programming language denoted as Lolisa, which is a large subset of the Solidity programming language using generalized algebraic datatypes, the corresponding formally verified interpreter of Lolisa, denoted as FEther, and assistant tools and libraries. The self-correctness of all components is certified in Coq. FSPVM-E supports the ERC20 token standard, and can automatically and symbolically execute Ethereum-based smart contracts, scan their standard vulnerabilities, and verify their reliability and security properties with Hoare-style logic in Coq. INDEX TERMS Blockchain, theorem proving, distributed systems, security, verificationZheng Yang is a Ph.D. student in

show abstract

“…The SECBIT group completed the formal verification of the ERC20 contract framework in [30]. Yang and Lei [31] developed a definitional interpreter FEther, which supports hybrid symbolic executions of Ethereum smart-contract formal verifications in Coq.…”

Section: Related Workmentioning

confidence: 99%

A Formal Verification Framework for Security Issues of Blockchain Smart Contracts

Sun

2020

Electronics

View full text Add to dashboard Cite

Blockchain technology has attracted more and more attention from academia and industry recently. Ethereum, which uses blockchain technology, is a distributed computing platform and operating system. Smart contracts are small programs deployed to the Ethereum blockchain for execution. Errors in smart contracts will lead to huge losses. Formal verification can provide a reliable guarantee for the security of blockchain smart contracts. In this paper, the formal method is applied to inspect the security issues of smart contracts. We summarize five kinds of security issues in smart contracts and present formal verification methods for these issues, thus establishing a formal verification framework that can effectively verify the security vulnerabilities of smart contracts. Furthermore, we present a complete formal verification of the Binance Coin (BNB) contract. It shows how to formally verify the above security issues based on the formal verification framework in a specific smart contract. All the proofs are checked formally using the Coq proof assistant in which contract model and specification are formalized. The formal work of this paper has a variety of essential applications, such as the verification of blockchain smart contracts, program verification, and the formal establishment of mathematical and computer theoretical foundations.

show abstract

FEther: An Extensible Definitional Interpreter for Smart-Contract Verifications in Coq

Cited by 29 publications

References 25 publications

A blockchain-based decentralized booking system

A blockchain-based decentralized booking system

A Hybrid Formal Verification System in Coq for Ensuring the Reliability and Security of Ethereum-Based Service Smart Contracts

A Formal Verification Framework for Security Issues of Blockchain Smart Contracts

Contact Info

Product

Resources

About