Abstract
The lack of systematic and, particularly, mechanised support to ensure a safe creation and upgrade of smart contracts has led to the deployment of instances with flaws that have been thoroughly exploited, putting digital assets at risk. Formal verification can potentially help to eliminate these high impact flaws, particularly by allowing one to check whether smart contracts obey some desired properties. We have already proposed the concept of a trusted deployer to address these issues. In this work we present the detailed design of a public, open-source, and off-chain tool that supports the creation and upgrade of smart contracts, ensuring that they meet corresponding formal specifications. We detail the tool’s overall architecture, its usage, and its applicability to real-world smart contracts.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ethereum White Paper. https://github.com/ethereum/wiki/wiki/White-Paper
Antonino, P., Ferreira, J., Sampaio, A., Roscoe, A.W., Arruda, F.: A refinement-based approach to safe smart contract deployment and evolution. In: Software and Systems Modeling, pp. 657–693. Springer, Cham (2024). https://doi.org/10.1007/s10270-023-01143-z
Arruda, F., Antonino, P., Sampaio, A., Roscoe, A.W.: Solver-aided inference of abstraction invariant for the safe evolution of smart contracts. Technical report (2022)
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (sok). In: POST 2017, pp. 164–186. Springer (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Binance. Binance smart chain - a parallel blockchain to binance chain (2020). https://www.binance.org/en/smartChain
Thomas, D., Gazzillo, P., Herlihy, M., Saraph, V., Koskinen, E.: Proof-carrying smart contracts. In: Financial Cryptography Workshops (2018)
Celo Foundation. Celo - a mobile-first blockchain platform for global payments (2020). https://celo.org/
Fantom Foundation. Fantom - high-performance, scalable, and secure smart contract platform (2018). https://fantom.foundation/
Hajdu, Á., Jovanović, D.: solc-verify: a modular verifier for solidity smart contracts. In: Chakraborty, S., Navas, J.A. (eds.) VSTTE 2019. LNCS, vol. 12031, pp. 161–179. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41600-3_11
Jackson, D.: Alloy: a lightweight object modelling notation. ACM Trans. Softw. Eng. Methodol. (TOSEM) 11(2), 256–290 (2002)
Nomic Labs. Hardhat - ethereum development environment for professionals (2020). https://hardhat.org/
Meyer, B.: Applying ‘design by contract’. Computer 25(10), 40–51 (1992)
Misson, H.A.: Applying formal verification techniques to embedded software in UAV design (2019)
Mudge, N.: EIP-2535: Diamonds, Multi-Facet Proxy. https://eips.ethereum.org/EIPS/eip-2535
OpenZeppelin. Proxy Upgrade Pattern (2021). https://docs.openzeppelin.com/upgrades-plugins/1.x/proxies
Permenev, A., Dimitrov, D., Tsankov, P., Drachsler-Cohen, D., Vechev, M.: Verx: safety verification of smart contracts. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1661–1677 (2020)
Rodler, M., Li, W., Karame, G.O., Davi, L.: EVMPatch: timely and automated patching of ethereum smart contracts. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 1289–1306. USENIX Association (2021)
Siegel, D.: Understanding the dao attack. https://www.coindesk.com/understanding-dao-hack-journalists. Accessed 25 Sep 2023
Stephens, J., Ferles, K., Mariano, B., Lahiri, S., Dillig, I.: Smartpulse: automated checking of temporal properties in smart contracts. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 555–571 (2021)
Suite, T.: Truffle - a development framework for ethereum (2015). https://trufflesuite.com/
Wang, Y., et al.: Formal verification of workflow policies for smart contracts in azure blockchain. In: VSTTE, pp. 87–106 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ferreira, J., Antonino, P., Sampaio, A., Roscoe, A.W., Arruda, F. (2025). Trusted Deployer: A Tool for Safe Creation and Upgrade of Ethereum Smart Contracts. In: C. Nogueira, S., Teodorov, C. (eds) Formal Methods: Foundations and Applications. SBMF 2024. Lecture Notes in Computer Science, vol 15403. Springer, Cham. https://doi.org/10.1007/978-3-031-78116-2_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-78116-2_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-78115-5
Online ISBN: 978-3-031-78116-2
eBook Packages: Computer ScienceComputer Science (R0)