Skip to main content
SpringerLink
Log in
Book cover

International Conference on Runtime Verification

RV 2022: Runtime Verification pp 143–161Cite as

Tainting in Smart Contracts: Combining Static and Runtime Verification

  • Conference paper
  • First Online:

  • 441 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13498))

Abstract

Smart contracts exist immutably on blockchains, making their pre-deployment correctness essential. Moreover, they exist openly on blockchains—open for interaction with any other smart contract and offchain entity. Interaction, for instance with off-chain oracles, can affect the state of the smart contract, and correctness of these smart contracts may depend on the trustworthiness of the data they manipulate or events they generate which, in turn, would depend on which parties or what information contributed to them. In this paper, we develop and present dynamic taint analysis techniques to enable data tainting in smart contracts. We propose an extension of Solidity that enables labelling inputs of interaction endpoints with dynamic data-carrying labels that capture actionable information about the sender. These labels can then be propagated dynamically across transactions to transitively dependent data. Specifications can then refer to such taints, for instance for ensuring that certain data could not have been influenced through interaction by a certain party. We further allow the use of taints as part of the language, affecting the control flow of the smart contract. To manage the overheads of such runtime tainting we develop sound static analysis-based techniques to prune away unnecessary instrumentation. We give a case study as a proof-of-concept, and measure the overheads associated with our additions before and after optimisation.

This research has received funding from the ERC consolidator grant D-SynMA (No. 772459), the University of Malta Research Awards project “Systematising Smart Contracts within Classical Contract Law Theory”, and the European Agricultural Fund for Rural Development project “VinoVeritas: An Authority to Consumer Wine Audit Solution”.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    msg.sender in Solidity refers to the address (a unique identifier) of the function caller.

  2. 2.

    If we do not know the code behind a function call we cannot determine the possible taint of return values.

References

  1. Ahrendt, W., Bubel, R.: Functional verification of smart contracts via strong data integrity. In: Leveraging Applications of Formal Methods, Verification and Validation: Applications - 9th International Symposium on Leveraging Applications of Formal Methods, ISoLA 2020, 20–30 October 2020, Rhodes, Greece, Proceedings, Part III. Lecture Notes in Computer Science, vol. 12478, pp. 9–24. Springer (2020). https://doi.org/10.1007/978-3-030-61467-6_2

  2. Ahrendt, W., Chimento, J.M., Pace, G.J., Schneider, G.: A specification language for static and runtime verification of data and control properties. In: Bjørner, N., de Boer, F. (eds.) FM 2015: Formal Methods, pp. 108–125. Springer International Publishing, Cham (2015). https://doi.org/10.1007/978-3-319-19249-9_8

  3. Azzopardi, S., Colombo, C., Pace, G.: CLARVA: model-based residual verification of java programs. In: Proceedings of the 8th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2020, Valletta, Malta, 25–27 February 2020 (2020). https://doi.org/10.5220/0008966603520359

  4. Azzopardi, S., Colombo, C., Pace, G.J.: Control-flow residual analysis for symbolic automata. In: Proceedings Second International Workshop on Pre- and Post-Deployment Verification Techniques, PrePost@iFM 2017, Torino, Italy, 19 September 2017. EPTCS, vol. 254, pp. 29–43 (2017). https://doi.org/10.4204/EPTCS.254.3

  5. Azzopardi, S., Colombo, C., Pace, G.J.: Model-based static and runtime verification for ethereum smart contracts. In: Model-Driven Engineering and Software Development - 8th International Conference, MODELSWARD 2020, 25–27 February 2020, Valletta, Malta, Revised Selected Papers. Communications in Computer and Information Science, vol. 1361, pp. 323–348. Springer (2020). https://doi.org/10.1007/978-3-030-67445-8_14

  6. Azzopardi, S., Colombo, C., Pace, G.J.: A technique for automata-based verification with residual reasoning. In: Proceedings of the 8th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2020, 25–27 February 2020, Valletta, Malta, pp. 237–248. SCITEPRESS (2020). https://doi.org/10.5220/0008981902370248

  7. Azzopardi, S., Ellul, J., Pace, G.J.: Monitoring smart contracts: Contractlarva and open challenges beyond. In: Runtime Verification - 18th International Conference, RV 2018, 10–13 November 2018, Limassol, Cyprus, Proceedings. Lecture Notes in Computer Science, vol. 11237, pp. 113–137. Springer (2018). https://doi.org/10.1007/978-3-030-03769-7_8

  8. Chimento, J.M., Ahrendt, W., Pace, G.J., Schneider, G.: StaRVOOrS: a tool for combined static and runtime verification of java. In: Runtime Verification, pp. 297–305. Springer International Publishing, Cham (2015). https://doi.org/10.1007/978-3-319-23820-3_21

  9. Ethereum: Solidity. Online Documentation (2016). http://solidity.readthedocs.io/en/develop/introduction-to-smart-contracts.html

  10. Feist, J., Greico, G., Groce, A.: Slither: a static analysis framework for smart contracts. In: Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain, pp. 8–15. WETSEB 2019. IEEE Press (2019). https://doi.org/10.1109/WETSEB.2019.00008

  11. Jakobs, M.C., Mantel, H.: A unifying framework for dynamic monitoring and a taxonomy of optimizations. In: Leveraging Applications of Formal Methods. Verification and Validation: Engineering Principles, pp. 72–92. Springer International Publishing, Cham (2020). https://doi.org/10.1007/978-3-030-61470-6_6

  12. Kim, J., Kim, T., Im, E.G.: Survey of dynamic taint analysis. In: 2014 4th IEEE International Conference on Network Infrastructure and Digital Content, pp. 269–272 (2014). https://doi.org/10.1109/ICNIDC.2014.7000307

  13. Kurniawan, A., Abbas, B.S., Trisetyarso, A., Isa, S.M.: Static taint analysis traversal with object oriented component for web file injection vulnerability pattern detection. Procedia Comput. Sci. 135, 596–605 (2018). https://doi.org/10.1016/j.procs.2018.08.227, the 3rd International Conference on Computer Science and Computational Intelligence (ICCSCI 2018): Empowering Smart Technology in Digital Era for a Better Life

  14. Mumtaz, H., El-Alfy, E.S.M.: Critical review of static taint analysis of android applications for detecting information leakages. In: 2017 8th International Conference on Information Technology (ICIT), pp. 446–454 (2017). https://doi.org/10.1109/ICITECH.2017.8080041

  15. Tolmach, P., Li, Y., Lin, S.W., Liu, Y., Li, Z.: A survey of smart contract formal specification and verification. ACM Comput. Surv. 54(7) (2021). https://doi.org/10.1145/3464421

  16. Tripp, O., Pistoia, M., Fink, S.J., Sridharan, M., Weisman, O.: Taj: effective taint analysis of web applications. In: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 87–97. PLDI 2009. Association for Computing Machinery, New York, NY, USA (2009). https://doi.org/10.1145/1542476.1542486

  17. Xue, Y., Ma, M., Lin, Y., Sui, Y., Ye, J., Peng, T.: Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In: Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, pp. 1029–1040. ASE 2020. Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3324884.3416553, http://doi.org/10.1145/3324884.3416553

Download references

Author information

Authors and Affiliations

  1. University of Malta, Msida, Malta

    Joshua Ellul & Gordon J. Pace

  2. University of Gothenburg, Gothenburg, Sweden

    Shaun Azzopardi

  3. Hash Data, George Town, Cayman Islands

    Ryan Falzon

Authors
  1. Shaun Azzopardi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joshua Ellul
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ryan Falzon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gordon J. Pace
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shaun Azzopardi .

Editor information

Editors and Affiliations

  1. CNRS/Verimag, Saint Martin d’Hères, France

    Thao Dang

  2. Høgskulen på Vestlandet, Bergen, Norway

    Volker Stolz

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Azzopardi, S., Ellul, J., Falzon, R., Pace, G.J. (2022). Tainting in Smart Contracts: Combining Static and Runtime Verification. In: Dang, T., Stolz, V. (eds) Runtime Verification. RV 2022. Lecture Notes in Computer Science, vol 13498. Springer, Cham. https://doi.org/10.1007/978-3-031-17196-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-17196-3_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17195-6

  • Online ISBN: 978-3-031-17196-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation