Ethereum smart contracts verification : a survey and a prototype tool

Mostrar todas las versiones(3)

Smart contracts are programs that can be consistently executed by a network of mutually distrusting nodes, without the arbitration of a trusted authority. Because of their resistance to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money t...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autor principal: Bogdanich Espina, Vera
Formato: Tesis de Grado
Lenguaje:Inglés
Publicado: 2019
Materias:
ETHEREUM
SOFTWARE VERIFICATION
SURVEY
SOLIDITY
TEMPORAL LOGIC
MONITORING
Acceso en línea:https://hdl.handle.net/20.500.12110/seminario_nCOM000440_Bogdanich
Aporte de:
Biblioteca Digital - Facultad de Ciencias Exactas y Naturales (UBA) de Universidad de Buenos Aires
Descripción
Sumario:Smart contracts are programs that can be consistently executed by a network of mutually distrusting nodes, without the arbitration of a trusted authority. Because of their resistance to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect of certain agreed rules. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: the rich applications and semantics of decentralized applications inevitably introduce many security vulnerabilities. Therefore, methods and tools have emerged to support the development of secure smart contracts. Assessing the quality of such tools turns out to be difficult. This thesis is meant as a guide for those who intend to analyze smart contracts, either deployed ones or during development. In particular, for OpenZeppelin auditors, who showed interest in automated analysis and want to apply it in their day to day work. Besides doing this survey on automatic analysis techniques for smart contracts, we also developed a prototype tool that combines two existing approaches, and adds a specification language to create a monitor for safety checks. This monitor was implemented as an instrumentation of the provided contract, so it can be fed to any analysis program to take advantage of its capabilities while also expressing contract invariants in a language inspired in temporal logics.

Ejemplares similares