Abstract
Callbacks in Smart Contracts on blockchain-based distributed ledgers are a potential source of security vulnerabilities: callbacks may lead to reentrancy, which has been previously exploited to steal large sums of money. Unfortunately, analysis tools for Smart Contracts either fail to support callbacks or simply detect and disallow patterns of callbacks that may lead to reentrancy. As a result, many authors of Smart Contracts avoid callbacks altogether, and some Smart Contract programming languages, including Solidity, recommend using primitives that avoid callbacks. Nevertheless, reentrancy remains a threat, due to the utility of and frequent reliance on callbacks in Smart Contracts.
In this paper, we propose the use of type invariants, a feature of some languages supporting formal verification, to enable proof of correctness for Smart Contracts, including Smart Contracts that permit or rely on callbacks. Our result improves upon existing research because it neither forbids reentrancy nor relies on informal, meta-arguments to prove correctness of reentrant Smart Contracts. We demonstrate our approach using the SPARK programming language, which supports type invariants and moreover can be compiled to relevant blockchains.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The compiler can also be configured to compile the application with ghost code enabled, which can be useful for dynamic checking of properties e.g. during unit testing.
- 2.
We can’t really express anything useful in the postcondition here. Any public function of the Token contract might be called via reentrancy, updating the state in a consistent but unknown way.
References
Barnes, J.: Ada 2012 rationale (2012). https://www.adacore.com/papers/ada-2012-rationale/
Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. J. Object Technol. 3, 2004 (2004)
Bhargavan, K., et al.: Formal verification of smart contracts: short paper. In: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, PLAS 2016, pp. 91–96. ACM, New York (2016)
Charlet, A.: Adacore techdays - GNAT pro update (2018). https://www.adacore.com/uploads/page_content/presentations/TechDaysParis2018-2-GNAT-Pro-Update-Tech-Days-2018-Paris.pptx
Daian, P.: Analysis of the DAO exploit (2016). http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/
Filliâtre, J.-C., Paskevich, A.: Why3 — where programs meet provers. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 125–128. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37036-6_8
Foundation, E.: Solidity (2019). https://solidity.readthedocs.io/en/develop/
Gamma, E., Helm, R., Johnson, R., Vlissides, J.M.: Design Patterns: Elements of Reusable Object-Oriented Software, 1st edn. Addison-Wesley Professional, Boston (1994)
Grossman, S., et al.: Online detection of effectively callback free objects with applications to smart contracts. Proc. ACM Program. Lang. 2(POPL), 48:1–48:28 (2017)
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, 18–21 February 2018. The Internet Society (2018). http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_09-1_Kalra_paper.pdf
Kothapalli, A.: Solidify, an LLVM pass to compile LLVM IR into solidity, version 00, July 2017. https://www.osti.gov//servlets/purl/1369636
Leavens, G.T.: JML reference manual (2019). http://www.eecs.ucf.edu/~leavens/JML/jmlrefman/jmlrefman_toc.html
Leino, K.R.M., Müller, P.: Modular verification of static class invariants. In: Fitzgerald, J., Hayes, I.J., Tarlecki, A. (eds.) FM 2005. LNCS, vol. 3582, pp. 26–42. Springer, Heidelberg (2005). https://doi.org/10.1007/11526841_4
Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, Edmund M., Voronkov, Andrei (eds.) LPAR 2010. LNCS (LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17511-4_20. https://www.microsoft.com/en-us/research/publication/dafny-automatic-program-verifier-functional-correctness-2/
McCormick, J.W., Chapin, P.C.: Building High Integrity Applications with SPARK. Cambridge University Press, Cambridge (2015)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf
Nehai, Z., Bobot, F.: Deductive Proof of Ethereum Smart Contracts Using Why3. Research report, CEA DILS, April 2019. https://hal.archives-ouvertes.fr/hal-02108987
Szabo, N.: Formalizing and securing relationships on public networks. First Monday 2(9) (1997)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Aiello, M.A., Kanig, J., Kurita, T. (2020). Call Me Back, I Have a Type Invariant. In: Sekerinski, E., et al. Formal Methods. FM 2019 International Workshops. FM 2019. Lecture Notes in Computer Science(), vol 12232. Springer, Cham. https://doi.org/10.1007/978-3-030-54994-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-54994-7_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-54993-0
Online ISBN: 978-3-030-54994-7
eBook Packages: Computer ScienceComputer Science (R0)