Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities

Since Friedrich Kessler wrote “Contracts of Adhesion-Some Thoughts About Freedom of Contract” in 1943, condemning narrow adherence to the principle of “freedom to contract” in the face of large scale enterprises’ growing preference for standard form contracts, Courts have balanced their desire to uphold contracts while protecting weaker parties from adhesion. Today, they face similar challenges with the rise of code-driven smart contracts and blockchain governance. Similar to Kessler’s world, where standard-form contracts were a tool for “excluding or controlling the ‘irrational factor’ in litigation” such as uncertain outcomes of judicial interpretation, automated smart contracts aim to put themselves outside the control of both contractual parties and the courts, thus removing any ability to breach or tamper with the original terms. Smart contract advocates contend that removing the judiciary as the governing body over contract law and imposing contractual performance via decentralized blockchain governance improves efficiency and certainty.
 But, how much can one really write a contract that completely circumvents the potential for legal intervention or judicial enforcement? Will smart contracts finally achieve the complete separation between private and public law that advocates of “freedom to contract” originally claimed, or does the common law legal system’s deep-rooted belief in the rule of law and due process prevent the judiciary from being excluded from contract enforcement regardless the medium? And is there a risk that, as smart contract sceptics posit, smart contract platforms and blockchain governance create a new feudal order with a “potentially illegitimate exercise of power” and “normatively suspect” wealth distributions?
 The short answer, as this paper will demonstrate, is that as long as smart contracts meet the traditional requirements of a contract, they cannot fall outside the establish legal system’s purview. The only thing a smart contract truly adds to traditional contracts is automated execution that is enforced by the blockchain’s consensus mechanism; this may provide some efficiency to the legal system by streamlining basic performance but it cannot be the only form of governance over smart contracts. While there may be procedural challenges to undoing or enforcing specific performance under smart contracts because of their decentralized features, any substantive problems that could occur within a smart contract are imminently addressable with and must be subjected to the principles and remedies found in traditional contract law. Finally, I will conclude with current developments in smart contracts which point to a potential for them to become an integral part of our legal system going forward. Overall, I will argue that smart contracts, if carefully drafted to consider potential pitfalls and the future needs of contracting parties to amend or enforce, can hold the potential to provide efficiencies and greater legal certainty to contracting parties. This is achieved, not through circumventing the legal system, but by working with it to automate simple performance enforcement and deferring more complex contractual breakdowns to the judiciary.

A smart contract is an agreement between two or more parties, which is executed by the computer code. The code does the execution without giving either party the ability to back out, so it ensures the trustless execution. The smart contract is one of the most important features in blockchain applications, which implements trusted transactions without third parties. However, with the rapid development, blockchain smart contracts have also exposed many security problems, and some attacks caused by contract vulnerabilities have led to terrible losses. In order to better deal with such dilemma, making a comprehensive survey about the security verification of blockchain smart contracts from major scientific databases is quite indispensable. Even though the significance of studying security verification of blockchain smart contracts is evident, it is really fresh yet. The major contributions of our survey work come from three aspects. First, after retrieving all-sided research studies, we select 53 most related papers to show the state-of-the art of this topic, where 20 papers focus on dealing with security assurance of blockchain smart contracts, and 33 papers focus on the correctness verification of blockchain smart contracts. Second, we propose a taxonomy toward the topic of security verification of blockchain smart contracts and discuss the pros and cons of each category of related studies. Third, through in-depth analysis of these studies, we come to know that the correctness verification of smart contracts based on the formal method has already become the more significant and more effective method to validate whether a smart contract is credible and accurate. So, we further present representative studies of formal verification of smart contracts in detail to demonstrate that using a formal method to validate blockchain smart contracts must have a promising and meritorious future.

Solidity smart contract allow developers to formalize financial agreements between users. Due to their monetary nature, smart contracts have been the target of many high-profile attacks. Brute-force verification of smart contracts that maintain data for up to \(2^{160}\) users is intractable. In this paper, we present SmartACE, an automated framework for smart contract verification. To ameliorate the state explosion induced by large numbers of users, SmartACE implements local bundle abstractions that reduce verification from arbitrarily many users to a few representative users. To uncover deep bugs spanning multiple transactions, SmartACE employs a variety of techniques such as model checking, fuzzing, and symbolic execution. To illustrate the effectiveness of SmartACE, we verify several contracts from the popular OpenZeppelin library: an access-control policy and an escrow service. For each contract, we provide specifications in the Scribble language and apply fault injection to validate each specification. We report on our experience integrating Scribble with SmartACE, and describe the performance of SmartACE on each specification.

Blockchain technology has attracted more and more attention from academia and industry recently. Ethereum, which uses blockchain technology, is a distributed computing platform and operating system. Smart contracts are small programs deployed to the Ethereum blockchain for execution. Errors in smart contracts will lead to huge losses. Formal verification can provide a reliable guarantee for the security of blockchain smart contracts. In this paper, the formal method is applied to inspect the security issues of smart contracts. We summarize five kinds of security issues in smart contracts and present formal verification methods for these issues, thus establishing a formal verification framework that can effectively verify the security vulnerabilities of smart contracts. Furthermore, we present a complete formal verification of the Binance Coin (BNB) contract. It shows how to formally verify the above security issues based on the formal verification framework in a specific smart contract. All the proofs are checked formally using the Coq proof assistant in which contract model and specification are formalized. The formal work of this paper has a variety of essential applications, such as the verification of blockchain smart contracts, program verification, and the formal establishment of mathematical and computer theoretical foundations.

Smart contracts on the blockchain – A bibliometric analysis and review

This chapter provides an in-depth engagement with the project of expressing legal propositions in machine-readable language. Smart Contracts use computer technology to automate the performance of aspects of commercial agreements. Yet how can there be confidence that the computer code is faithful to the intentions of the parties? To understand the depth and subtlety of this question requires an exploration of natural and computer languages, of the semantics of expressions in those languages, and of the gap that exists between the disciplines of law and computer science. It builds on the metaphor of a ‘contract stack’ with the idea of a ‘language stack’ and illustrates the various layers of language—both natural and formal—that might exist and interact in any instantiation of a ‘smart legal contract’. It also explains the importance of language design in the development of reliable smart contracts, including the use of domain specific languages and the design of controlled natural languages within the specific methodology of computable contracts. Reflecting the author’s original research in the area, this chapter examines ‘computable contracts’ in particular detail—a sub-type of ‘smart contracts’ in which the top two layers of the language stack (‘natural language’ and ‘specification language’) have been merged. As well as providing an in-depth overview of theory, this chapter provides an up-to-date survey of existing projects and reflections on directions for future research.

There are more than 1 million smart contracts in Ethereum and the number of ethers managed by smart contracts has exceeded 100 million, but the security vulnerabilities in smart contracts seriously jeopardize the financial security of Ethereum users. Existing method for defect detection of smart contract bytecode using symbolic execution does not take care of the accuracy and detection realtime at same time. In this paper a smart contract bytecode defect detection algorithm based on parallel symbolic execution is proposed. We split a smart contract in units of functions by analyzing the smart contract function selection process. A symbolic execution tree is constructed for each function to predict the function execution path. Then we partition the symbolic execution tree into multiple sub-trees evenly. Finally, a process pool is used to perform parallel symbolic execution on those sub-trees to reduce the analysis time of smart contract defect detection. Experimental data shows our method has a significant improvement in detection efficiency compared with existing symbolic execution method. The speedup ratio is up to 3.1x in a 4-core computer. Besides, it does not introduce false positives or false negatives.

Due to the immutable nature of distributed ledger technology such as blockchain, it is of utter importance that a smart contract works as intended before employment outside test network. This is since any bugs or errors will become permanent once published to the live network, and could lead to substantial economic losses; as manifested in the infamous DAO smart contract exploit hack in 2016. In order to avoid this, formal verification methods can be used to ensure that the contract behaves according to given specifications. This paper presents a survey of the state of the art of formal verification of smart contracts. Being a relatively new research area, a standard or best practice for formal verification of smart contracts has not yet been established. Thus, several different methods and approaches have been used to perform the formal verification. The survey presented in this paper shows that some variant of model checking or theorem proving methodology seems to be most successful. However, as of today, formal verification is only successful on simple contracts, and does not support more advanced smart contract syntax.

Smart contracts can automatically perform the contract terms according to the received information, and it is one of the most important research fields in digital society. The core of smart contracts is algorithm contract, that is, the parties reach an agreement on the contents of the contract and perform the contracts according to the behaviors written in certain computer algorithms. It not only needs to make sure about the correctness of smart contracts code, but also should provide a credible contract code execution environment. Blockchain provides a trusted execution and storage environment for smart contracts by the distributed secure storage, consistency verification and encryption technology. Current challenge is how to assure that smart contract can be executed as the parties' willingness. This paper introduces formal modeling and verification in formal methods to make smart contract model and verify the properties of smart contracts. Formal methods combined with smart contracts aim to reduce the potential errors and cost during contract development process. The description of a general and formal smart contract template is provided. The tool of model checking, SPIN, is used to verify the correctness and necessary properties for a smart contract template. The research shows model checking will be useful and necessary for smart contracts.

Defined as an agreement between multiple parties and systematically executed by a computer code, smart contracts enable trust-less execution without a third party. Despite the trusted implementations that smart contracts offer, including those based on standards, different security problems and vulnerabilities arise during their development and execution. To address these issues, multiple studies have proposed potential solutions, focusing particularly on the verification of smart contracts and considering the standard-based ones using formal verification techniques. However, the sheer amount of research makes it difficult to accurately articulate the state-of-the-art. To tackle this challenge, we propose a systematic literature review that deals with formal verification of ERC-based smart contracts. ERC (Ethereum Request for Comments) standards enable a range of functionalities, such as the creation and management of tokens. Thus, our review provides an overview of ERC standards and examines their related potential issues. Furthermore, we investigate existing solutions presented in 19 relevant studies published between 2019 and July 2023. We analyze and classify approaches to formal modeling, properties’ specification and techniques used in the verification of smart contracts. Finally, we discuss the research challenges and suggest some promising future directions to stir research efforts into this area.

Recently, Blockchain technology adoption has expanded to many application areas due to the evolution of smart contracts. However, developing smart contracts is non-trivial and challenging due to the lack of tools and expertise in this field. A promising solution to overcome this issue is to use Model-Driven Engineering (MDE), however, using models still involves a learning curve and might not be suitable for non-technical users. To tackle this challenge, chatbot or conversational interfaces can be used to assess the non-technical users to specify a smart contract in gradual and interactive manner. In this paper, we propose iContractBot, a chatbot for modeling and developing smart contracts. Moreover, we investigate how to integrate iContractBot with iContractML, a domainspecific modeling language for developing smart contracts, and instantiate intention models from the chatbot. The iContractBot framework provides a domain-specific language (DSL) based on the user intention and performs model-to-text transformation to generate the smart contract code. A smart contract use case is presented to demonstrate how iContractBot can be utilized for creating models and generating the deployment artifacts for smart contracts based on a simple conversation.

Blockchain is an emerging technology that underlies creation and exchange of the digital assets, including cryptocurrency such as Bitcoin and Ether, without the need for a central authority. It provides a public ledger for recording sequence of transactions in blocks that are linked as a chain. Smart contracts are computer programs governing participant agreements that are automatically enforced by consensus protocols in the blockchain. Together, blockchain and smart contracts revolutionize efficient transaction stores, services and workflows that work even among distrusting participants and without a trusted authority. Unfortunately, like most software, smart contracts are vulnerable as evidenced by a recent Decentralized Autonomous Organization (DAO) attack that lost cryptocurrency then-valued about $60 million. Correctness of executions alone is not sufficient to guarantee security of smart contracts. This paper addresses how we can apply model checking, a well-established formal verification technique, to help alleviate security issues in smart contract development. Most existing studies have focused on verification of smart contracts on a specific language and specific platform. Smart contracts may have hidden operational side effects that impact software behaviors. Thus, applying model checking to smart contracts is not necessarily straightforward. This paper presents a general technique for building the core functional models applicable for model checking to identify all possible executions that lead to security breaches. It also shows how resulting executions can be systematically analyzed to help identify security issues. The models are language and system independent in that they can represent any smart contract in any language or any platform. We illustrate and evaluate the technique with a widely used example of a smart contract in a financial system along with experimental results using a well-known model checker, NuSMV in various scenarios.

Verification of smart contracts: A survey

A smart contract is a computer protocol intended to digitally facilitate and enforce the negotiation of a contract in undependable environment. However, the number of attacks using the vulnerabilities of the smart contracts is also growing in recent years. Many solutions have been proposed in order to deal with them, such as documenting vulnerabilities or setting the security strategies. Among them, the most influential progress is made by the formal verification method. In this paper, we propose a formal verification method based on Colored Petri Nets (CPN) to verify smart contracts in blockchain system. First, we develop the smart contract models with possible attacker models based on hierarchical CPN modeling, then the smart contract models are executed by step-by-step simulation to validate their functional correctness, and finally we utilize the branch timing logic ASK-CTL based model checking technology in the CPN tools to detect latent vulnerabilities in smart contracts. We demonstrate that our CPN modeling based verification method can not only detect the logical vulnerabilities of the smart contract, but also consider the impacts of users behavior to find out potential non-logical vulnerabilities in the contracts, such as the vulnerabilities caused by the limitations of the Solidity language.

Smart contracts are self-executing programs deployed on blockchain platforms that facilitateautomated and decentralized transactions. However, once deployed, they become immutable, makingthem vulnerable to catastrophic exploits, such as reentrancy, access control misconfiguration, integeroverflow, and front-running. The need for proof and verification is urgent, as evidenced by other highprofile,capital-draining incidents, such as the DAO attack and Parity wallet vulnerabilities. Abstract:We present ContractFuzzer, a systematic fuzzer for detecting vulnerabilities in Ethereum smartcontracts. Existing tools are based on static analysis, symbolic execution, or heuristic detection, andthus typically impose high false positives, low completeness, and limited formal verification. In thispaper, we introduce SmartScan, a formal verification framework that systematically checks smartcontract security by integrating FSM modeling and CTL-based model checking in nuXmv. Ourmethodology performs automatic parsing of Solidity code, automated generation of FSM and BIPmodels, conversion to the SMV format, and verification of CTL security properties. It responds todetected violations with automated counterexample generation to assist in debugging and iterative reverification.For validation, SmartScan will be tested on 10 different types of Solidity contracts thataddress 14 critical vulnerabilities. Our experimental results show 95.4% detection accuracy, 3.2% falsepositive rate, and 2.8% false negative rate, with 100% verification coverage, and average verificationtime of 3–7 seconds for each property, outperforming state-of-the-art tools in both coverage andprecision. SmartScan: SmartScan has a wide-ranging practical utility in discovering and diagnosingvulnerabilities such as reentrancy and access control issues, which it has been applied in, such as in acase study of a DeFi Lending contract. SmartScan provides a scalable, precise, and developer-centricapproach to improve the confidence and reliability of blockchain applications by combining exhaustiveformal verification of smart contracts with automated counterexample generation.