A Hybrid Formal Verification System in Coq for Ensuring the Reliability and Security of Ethereum-Based Service Smart Contracts
@article{Yang2020AHF, title={A Hybrid Formal Verification System in Coq for Ensuring the Reliability and Security of Ethereum-Based Service Smart Contracts}, author={Zheng Yang and Hang Lei and Weizhong Qian}, journal={IEEE Access}, year={2020}, volume={8}, pages={21411-21436} }
This paper reports a formal symbolic process virtual machine (FSPVM) denoted as FSPVM-E for verifying the reliability and security of Ethereum-based services at the source code level of smart contracts. [] Key Method The four primary components of FSPVM-E include a general, extensible, and reusable formal memory framework, an extensible and universal formal intermediate programming language denoted as Lolisa, which is a large subset of the Solidity programming language using generalized algebraic datatypes…
Figures and Tables from this paper
11 Citations
A General Formal Memory Framework for Smart Contracts Verification based on Higher-Order Logic Theorem Proving
- Computer ScienceInternational Journal of Performability Engineering
- 2019
A formal specification framework of memory architecture as the basis for the symbolic execution and theorem proving combination of smart contracts, independent and customizable, and verified in Coq.
A Survey of Smart Contract Formal Specification and Verification
- Computer ScienceACM Comput. Surv.
- 2020
This survey investigates formal models and specifications of smart contracts presented in the literature and presents a systematic overview in order to understand the common trends and identify gaps.
Security Analysis Methods on Ethereum Smart Contract Vulnerabilities: A Survey
- Computer ScienceArXiv
- 2019
This survey aims to identify the key vulnerabilities in smart contracts on Ethereum in the perspectives of their internal mechanisms and software security vulnerabilities by correlating 16 Ethereum vulnerabilities and 19 software security issues.
Are Smart Contracts and Blockchains Suitable for Decentralized Railway Control?
- Computer ScienceLedger
- 2020
The findings are presented of a first-of-its-kind blockchain-based prototype implementation for railway control, based on decentralization but also ensuring that the overall system state remains conflict-free and safe.
On the suitability of blockchain platforms for IoT applications: Architectures, security, privacy, and performance
- Computer ScienceComput. Networks
- 2021
A Formal Process Virtual Machine for EOS-Based Smart Contract Security Verification
- Computer Science
- 2021
Analysis of Blockchain Smart Contracts: Techniques and Insights
- Computer Science2020 IEEE Secure Development (SecDev)
- 2020
This paper presents the first comprehensive survey over smart contract analysis by collecting 391 papers, extracting 67 analysis-related ones, and classifying them into three dominant topics: staticAnalysis for vulnerability detection, static analysis for program correctness, and dynamic analysis.
References
SHOWING 1-10 OF 57 REFERENCES
Formal Process Virtual Machine for Smart Contracts Verification
- Computer ScienceArXiv
- 2018
A novel formal symbolic process virtual machine (FSPVM) for verifying the reliability and security of Ethereum smart contracts, denoted as FSPVM-E, completely in Coq proof assistant, contributes to solving the problems of automation, inconsistency and reusability in higher-order logic theorem proving.
Optimization of Executable Formal Interpreters Developed in Higher-Order Logic Theorem Proving Systems
- Computer ScienceIEEE Access
- 2018
This paper identifies three root causes of the low execution efficiency of formal interpreters, builds abstract models of these causes, and presents respective optimization schemes for rectifying the identified conditions and applies these optimization schemes to FEther, demonstrating that its execution efficiency has been improved significantly.
A general formal memory framework in Coq for verifying the properties of programs based on higher-order logic theorem proving with increased automation, consistency, and reusability
- Computer ScienceArXiv
- 2018
The present work proposes a GERM framework, which simulates physical memory hardware structure, including a low-level formal memory space, and provides a set of simple, nonintrusive application programming interfaces and assistant tools using Coq that can support different formal verification specifications simultaneously.
FEther: An Extensible Definitional Interpreter for Smart-Contract Verifications in Coq
- Computer ScienceIEEE Access
- 2019
FEther is the first definitional interpreter of the solidity language in Coq, combining symbolic execution with higher order logic theorem-proving, and the execution efficiency of FEther has far exceeded that of the interpreters that are developed in CoQ in accordance with the standard tutorial.
Verified Software Toolchain
- Computer ScienceNASA Formal Methods
- 2012
The Verified Software Toolchain verifies with machine-checked proofs that the assertions claimed at the top of the toolchain really hold in the machine-language program, running in the operating-system context, on a weakly-consistent-shared-memory machine.
Formal Verification of Smart Contracts: Short Paper
- Computer SciencePLAS@CCS
- 2016
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification.
A Semantic Framework for the Security Analysis of Ethereum smart contracts
- Computer SciencePOST
- 2018
The first complete small-step semantics of EVM bytecode is presented, which is formalized in the F* proof assistant, obtaining executable code that is successfully validate against the official Ethereum test suite.
seL4: formal verification of an OS kernel
- Computer ScienceSOSP '09
- 2009
To the knowledge, this is the first formal proof of functional correctness of a complete, general-purpose operating-system kernel.
Scilla: a Smart Contract Intermediate-Level LAnguage
- Computer ScienceArXiv
- 2018
The automata-based model of Scilla is described, its programming component is presented and it is shown how contract definitions in terms of automata streamline the process of mechanised verification of their safety and temporal properties.
Towards verifying ethereum smart contract bytecode in Isabelle/HOL
- Computer ScienceCPP
- 2018
This paper extends an existing EVM formalisation in Isabelle/HOL by a sound program logic at the level of bytecode that structure bytecode sequences into blocks of straight-line code and create a program logic to reason about these.