Auto-generation of Smart Contracts from a Domain-Specific XML-Based Language

Smart contract, a term which was originally coined to refer to the automation of legal contracts in general, has recently seen much interest due to the advent of blockchain technology. Recently, the term is popularly used to refer to low-level code scripts running on a blockchain platform. Our study focuses exclusively on this subset of smart contracts. Such smart contracts have increasingly been gaining ground, finding numerous important applications (e.g., crowdfunding) in the real world. Despite the increasing popularity, smart contract development still remains somewhat a mystery to many developers largely due to its special design and applications. Are there any differences between smart contract development and traditional software development? What kind of challenges are faced by developers during smart contract development? Questions like these are important but have not been explored by researchers yet. In this paper, we performed an exploratory study to understand the current state and potential challenges developers are facing in developing smart contracts on blockchains, with a focus on Ethereum (the most popular public blockchain platform for smart contracts). Toward this end, we conducted this study in two phases. In the first phase, we conducted semi-structured interviews with 20 developers from GitHub and industry professionals who are working on smart contracts. In the second phase, we performed a survey on 232 practitioners to validate the findings from the interviews. Our interview and survey results revealed several major challenges developers are facing during smart contract development: (1) there is no effective way to guarantee the security of smart contract code; (2) existing tools for development are still very basic; (3) the programming languages and the virtual machines still have a number of limitations; (4) performance problems are hard to handle under resource constrained running environment; and (5) online resources (including advanced/updated documents and community support) are still limited. Our study suggests several directions that researchers and practitioners can work on to help improve developers’ experience on developing high-quality smart contracts.

Smart Contracts have noninheritable huge prominence within the recent years. After the Ethereum came into existence in 2015, the execution of smart contract had a great development in blockchain technology. The smart contracts execution faces number of issues to name few reliability, scalability, security. Development of Smart Contracts are not followed by standard software development life cycle. This causes the applications with smart contract(s) cannot perform exhaustive testing as well as it is expensive. The most prominent fields like smart contract testing and analysis of the code for vulnerability attracts many researchers. Targeted on reviewing the techniques and approaches discussed in various selected related papers from IEEE, science direct etc. For each of the selected research work identified open challenges that require further research. Hence this literature review on smart contract testing and analysis of smart contract code intends to emphasize the merits and demerits in smart contracts development process.

Blockchain technology as a means of sustainable development

Introduction: the paper is devoted to a new phenomenon in business activity in the conditions of IT development that contribute to the creation of secure contractual relations on the Internet on the basis of transactions executed through smart contracts. The author notes that the need for amendments that could fill the loopholes in the current legislation is obvious. And, first of all, it concerns Blockchain technology – the algorithm that mediates the safe development, conclusion and execution of smart contracts. Blockchain technology is considered in the paper as one of the safest means for concluding and executing smart contracts. The author argues that the study of the concept, legal nature and essence of smart contracts is relevant in the light of spreading their share in the total array of transactions in the world economy in conjunction with the changing domestic legislation governing the relevant sphere, as well as the international integration processes affecting the intensification of foreign economic activity of the Russian Federation. The smart contract concepts formulated by the Russian legislator in the process of upgrading the array of statutory regulation under conditions of economy digitalization are studied and compared. The features of conclusion and protection of the smart contract in the civil legislation of the Russian Federation are analyzed. In order to fully articulate the concept of the smart contract, reflecting its essence, functional purpose and legal nature, it is proposed to create a special law that would focus on the conclusion and implementation of “the smart contract” and the specification of the general norms of the civil code. At the same time, the norms of other special laws would supplement and correct the provisions fixed by this act depending on the sphere of managing and the legal regulation branch. The concept of the smart contract is formulated; its value for economic and contractual activity, and also the advantages and disadvantages of its application are established. The possible classifications of smart contracts are given.

Recently, smart contracts are increasingly gaining more attention from academia and industries, due to their potential of increasing efficiency in various application domains. However, building syntactically correct smart contracts is very complex and challenging for non-expert programmers. Besides, as smart contracts are still in the early emerging phase, there is a lack of expertise and tools for supporting practitioners to teach or learn smart contract development. In this paper, we introduce SmartBuilder, a block-based visual programming framework for building smart contracts using extended Google Blockly libraries. It allows Hyperledger Fabric smart contract (also known as Chaincode) development learners or non-expert users to build smart contracts using visual blocks without writing a single code. Moreover, it is a useful and efficient educational tool for teaching or learning how to build smart contracts.

In smart contract development, practitioners frequently reuse code to reduce development effort and avoid reinventing the wheel. This reused code, whether identical or similar to its original source, is referred to as a code clone. Unintentional code cloning can propagate flaws and vulnerabilities, potentially undermining the reliability and maintainability of software systems. Previous studies have identified a significant prevalence of code clones in Solidity smart contracts on the Ethereum blockchain. To mitigate the risks posed by code clones, clone detection has emerged as an active field of research and practice in software engineering. Recent studies have extended existing techniques or proposed novel techniques tailored to the unique syntactic and semantic features of Solidity. Nonetheless, the evaluations of existing techniques, whether conducted by their original authors or independent researchers, involve codebases in various programming languages and utilize different versions of the corresponding tools. The resulting inconsistency makes direct comparisons of the evaluation results impractical, and hinders the ability to derive meaningful conclusions across the evaluations. There remains a lack of clarity regarding the effectiveness of these techniques in detecting smart contract clones, and whether it is feasible to combine different techniques to achieve scalable yet accurate detection of code clones in smart contracts. To address this gap, we conduct a comprehensive empirical study that evaluates the effectiveness and scalability of five representative clone detection techniques on 33,073 verified Solidity smart contracts, along with a benchmark we curate, in which we manually label 72,010 pairs of Solidity smart contracts with clone tags. Moreover, we explore the potential of combining different techniques to achieve optimal performance of code clone detection for smart contracts, and propose SourceREClone, a framework designed for the refined integration of different techniques, which achieves a 36.9% improvement in F1 score compared to a straightforward combination of the state of the art. Based on our findings, we discuss implications, provide recommendations for practitioners, and outline directions for future research.

Blockchain smart contracts can support the decentralisation of business processes, but due to smart contracts’ specifics, their development is a complicated process. Introducing model-driven development principles in smart contract development can facilitate requirement specification, design, and implementation activities. This paper presents a model-driven development method MDAsmartCD (Model-Driven Architecture-based Smart Contract Development) to alleviate smart contract development by supporting the complete MDA life cycle, covering the definition of Computation-Independent Model, Platform-Independent Model, and two instances of Platform-Specific Models. In MDAsmartCD, model transformations (model-to-model and model-to-text) are used to produce smart contract code in the Hyperledger Fabric platform Go and the Ethereum platform Solidity programming languages. The method application was demonstrated by implementing the smart contract for the hackathon solution and executing the generated Solidity and Go smart contracts in the workflow of issuing certificates for hackathon participants. During the execution of the workflow, both deployed smart contracts behaved identically and recorded analogous results in respective blockchain data storages. This demonstrated that the MDAsmartCD method enables the generation of compilable and executable smart contract code, ready for deployment on a blockchain platform.

In this computer world, digital transformation is a thoughtful and unavoidable one. The impact of this digital transformation is reflected both in government and private sectors. Amongst these, financial and business sectors must face a lot of challenges to undergo this transformation. In financial sector, transaction between two parties has become a part of their life. A transaction normally happens with the help of few centralized authorities. In the centralized system, all the transaction needs to be verified and signed by a centralized authority. But there are many issues exist in executing this methodology. Among them two important issues concerned with financial sector are, large storage space required for processing and cost of committing a transaction. Blockchain, a blooming technology has overcome this drawback by changing the execution model. Blockchain makes use of distributed ledger and crypto currencies, thus converting the centralized processing into a distributed processing system. Here, all the ledgers needed for the transaction are maintained as distributed database. Block chain also minimizes the process by executing all the rules with the help of software. The software that acts as the execution unit of the blockchain is known as smart contract. Smart contracts facilitate the implementation of user-defined operations of uninformed complexity which are not probably plain cryptocurrency protocols. It facilitates user to realize the constraints, instructions, and policies of the domain applications. To explore the feature of the smart contracts, it should be properly designed and coded. Smart contracts work in the application layer of the blockchain. All the rules for the applications can be realized using smart contract. Data for the verification can also be obtained from external sources. i.e., usually, the data for the contract execution is supplied through the transactions. But it can also be obtained from external sources. Each smart contract in the blockchain is assigned a unique address of size 20 bytes. To run a contract, the transaction must be sent to the contract's address. The smart contract performs the necessary operation and when all the protocols are satisfied, the smart contract by itself executes the transaction. This transaction will be run by different miners whose output will be validated and the block of the miner who wins it will be added to the chain. Smart contracts run on Ethereum virtual machine and solidity is the programming language used for writing smart contracts. Ethereum smart contracts need gas to run. When the required gas is not found, then the requested transactions cannot be executed. In this chapter, the detailed explanation of the smart contract along with its architecture is discussed. Also, designing of the smart contract using the programming language solidity is discussed.

As its name implies, this chapter focuses on one of the most vulnerable components of blockchain technology, namely, smart contracts. The chapter discusses a total of nine smart contract-related attacks by taking a look at the root causes of such security breaches. These include reentrancy, access control, arithmetic, unchecked return value, DoS, bad randomness, race conditions, short addresses and timestamp dependency attacks. In addition to coding errors and attack discussions, this chapter also discusses seven different smart contract audit methodologies. While – depending on the anticipated use case – not all seven audit methodologies need to be used in the course of smart contracts development, auditors need to have a basic understanding of these audit approaches to be able to recommend a proper mix of smart contract testing and evaluation before the launch of smart contracts. As mentioned, in Chapters 2 and 9, extreme caution must be exercised during the coding and testing of a smart contract, as smart contract development is akin to firmware development, in the sense that once deployed, a defective smart contract can no longer be fixed by applying a software patch to it. As such, the only workable solution is to kill the smart contract – assuming that such kill switch has been added to its design – and to replace the problematic smart contract with a fully functioning one. Information systems auditors will also find the smart contract audit template a useful tool in planning and conducting smart contract audits.

iContractML 2.0: A domain-specific language for modeling and deploying smart contracts onto multiple blockchain platforms

The post-deployment challenges in developing and upgrading blockchain smart contracts necessitate a high level of accuracy in their development and business logic. However, current methodologies for verifying the business logic of smart contracts frequently fail to address their alignment with end-user business requirements. This paper introduces a two-step language transformation process to bridge this gap. Initially, we establish a transformation rule from the Business Process Model and Notation (BPMN) to Prolog, enabling the translation of business processes into a Prolog representation. This step not only validates the business process logic but also ensures it meets user specifications. Subsequently, we introduce a transformation rule from the BPMN to Go, which facilitates the transformation of the BPMN model, once validated, into a Go language smart contract. To enhance usability, we have engineered a dedicated tool that streamlines this transformation process. We present a case study involving a banking loan process to exemplify the utility of our tool in creating BPMN diagrams, conducting requirement and syntax validations, and effecting the transformation to Go smart contracts. The case study and empirical results suggest that our methodology and the accompanying tool mitigate the complexities inherent in smart contract development. They also ensure the fidelity of business logic to user demands, thereby promoting the broader adoption of blockchain smart contract technology.

This chapter provides an in-depth engagement with the project of expressing legal propositions in machine-readable language. Smart Contracts use computer technology to automate the performance of aspects of commercial agreements. Yet how can there be confidence that the computer code is faithful to the intentions of the parties? To understand the depth and subtlety of this question requires an exploration of natural and computer languages, of the semantics of expressions in those languages, and of the gap that exists between the disciplines of law and computer science. It builds on the metaphor of a ‘contract stack’ with the idea of a ‘language stack’ and illustrates the various layers of language—both natural and formal—that might exist and interact in any instantiation of a ‘smart legal contract’. It also explains the importance of language design in the development of reliable smart contracts, including the use of domain specific languages and the design of controlled natural languages within the specific methodology of computable contracts. Reflecting the author’s original research in the area, this chapter examines ‘computable contracts’ in particular detail—a sub-type of ‘smart contracts’ in which the top two layers of the language stack (‘natural language’ and ‘specification language’) have been merged. As well as providing an in-depth overview of theory, this chapter provides an up-to-date survey of existing projects and reflections on directions for future research.

Blockchain technology has the ability to significantly lower transaction costs while also enabling faster and more secure operations. The financial industry has been influenced by the rapid growth of blockchain technology and cryptocurrencies. Finance is just one field where blockchain technology used for the first time. There are many other Health care, Agriculture, Food industries and many more industries where blockchain technology is being used. The only reason for the for rapid development and trust is decentralization and consensus protocols.With the advent of Blockchain technology, smart contracts came into being and are very popular today, but the question is what and what problems do they have. In this paper the details of the conversation will be done the same. The term smart contract was first used by Nick Szabo in 1997.Smart contract concept, to use a distributed ledger of the Blockchain platform to store contracts. Now smart contracts on Blockchain are like contracts in the real world. The only difference between a traditional contract and a Blockchain-based contract, is that they are completely digital. In fact a smart contract is actually a small computer program stored within a blockchain.Smart contract is a Self-executing and Self verifying block of code(agreements) which is useful for applications involving third party, that can operate independently. This chapter presents the study of smart contracts, how is i evolved. Chapter also discuss about how smart contract is different from the traditional contract from the technical point of view. Development platform are very important to understand to go into depth of the technicality related to Smart contract. paper also explores various Applications and platforms for Smart Contract.

Blockchain-based distributed computing platforms enable the trusted execution of computation—defined in the form of smart contracts—without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely error prone. In practice, contracts are riddled with security vulnerabilities comprising a critical issue since bugs are by design non-fixable and contracts may handle financial assets of significant value. To facilitate the development of secure smart contracts, we have created the FSolidM framework, which allows developers to define contracts as finite state machines (FSMs) with rigorous and clear semantics. FSolidM provides an easy-to-use graphical editor for specifying FSMs, a code generator for creating Ethereum smart contracts, and a set of plugins that developers may add to their FSMs to enhance security and functionality.

Ethereum is blockchain-based platform which enables the development and deployment of smart contracts. Smart contracts are computer programs that provide automation for the governance of decentralized autonomous organizations (DAO). However, while the Blockchain technology is secure, smart contracts are only as secure as the programmers has designed it to be. Therefore, smart contract exposes vulnerabilities that can be exploited by attackers and threaten the viability of the DAOs. This study presents a case study which investigated how security programming patterns and practices from other programming languages can be applied in Solidity – Ethereum programming language. We have characterized the cost of introducing these patterns and practices. We identified 30 security programming patterns and practices from C++, JAVA which can be applicable to Solidity and implemented ten in a representative smart contract. The results show that the application of the ten security patterns and practices identified and implemented increases the cost of the smart contract (when compared to the baseline). Furthermore, we argue that this difference is not significant and should not deter any programmers into introducing the security patterns and practices into their smart contracts.