BitML: A Calculus for Bitcoin Smart Contracts

@article{Bartoletti2018BitMLAC,
  title={BitML: A Calculus for Bitcoin Smart Contracts},
  author={Massimo Bartoletti and Roberto Zunino},
  journal={Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
  year={2018}
}
  • Massimo Bartoletti, R. Zunino
  • Published 8 October 2018
  • Computer Science, Mathematics
  • Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
We introduce BitML, a domain-specific language for specifying contracts that regulate transfers of bitcoins among participants, without relying on trusted intermediaries. [] Key Method A compiler is provided to translate contracts into standard Bitcoin transactions. Participants can execute a contract by appending these transactions on the Bitcoin blockchain, according to their strategies. We prove the correctness of our compiler, showing that computational attacks on compiled contracts are also observable…

Figures and Tables from this paper

Developing secure bitcoin contracts with BitML
TLDR
The toolchain is based on BitML, a recent domain-specific language for smart contracts with a computationally sound embedding into Bitcoin, and automatically verifies relevant properties of contracts, ensuring that funds do not remain frozen within a contract forever.
Formal Models of Bitcoin Contracts: A Survey
TLDR
This paper surveys the formal models proposed in the scientific literature on how to exploit Bitcoin to execute smart contracts, comparing their expressiveness and applicability in the wild.
Renegotiation and Recursion in Bitcoin Contracts
TLDR
This paper extends BitML with a new primitive for contract renegotiation, and this primitive can be used to write recursive contracts, which was not possible in the original BitML.
Verification of recursive Bitcoin contracts
TLDR
This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.
Verification of Bitcoin's Smart Contracts in Agda using Weakest Preconditions for Access Control
TLDR
An operational semantics of the script commands used in P2PKH and P2MS is introduced, and a syntax for equational reasoning with Hoare Triples is defined in order to formalise those approaches in Agda.
Bitcoin Trace-Net: Formal Contract Verification at Signing Time
  • J. Chiang
  • Computer Science, Mathematics
    Cryptoeconomic Systems
  • 2021
TLDR
Bitcoin Trace-Net is proposed, a contract verification framework which generates an executable symbolic model from the underlying contract implementation which is sufficiently expressive to accurately model blockchain semantics such as the delay between a transaction broadcast and its subsequent confirmation, as well as adversarial blockchain reorganizations of finite depths.
Verifying liquidity of recursive Bitcoin contracts
TLDR
This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.
The Extended UTXO Model
TLDR
This research investigates whether it is possible to have expressive smart contracts, while keeping the semantic simplicity of the UTXO model, in a complex concurrent and distributed computing environment.
Verification of Bitcoin Script in Agda Using Weakest Preconditions for Access Control
TLDR
An operational semantics of the script commands used in P2PKH and P2MS is formalised in the Agda proof assistant and a syntax for equational reasoning with Hoare Triples is introduced in order to formalise those approaches in Agda.
Protocol-based Smart Contract Generation
TLDR
SmartScribble is proposed, a protocol language to describe valid patterns of interaction between users and endpoints that not only ensures correct interactive behaviour but also simplifies smart contract coding.
...
...

References

SHOWING 1-10 OF 70 REFERENCES
A formal model of Bitcoin transactions
We propose a formal model of Bitcoin transactions, which is sufficiently abstract to enable formal reasoning, and at the same time is concrete enough to serve as an alternative documentation to
SoK: unraveling Bitcoin smart contracts
TLDR
This paper presents a comprehensive survey of smart contracts on Bitcoin, in a uniform framework based on a new formal specification language for smart contracts, which also helps to highlight some subtleties in existing informal descriptions, making a step towards automatic verification.
Enhancing Bitcoin Transactions with Covenants
TLDR
This paper shows that covenants can be implemented with a new CHECKSIGFROMSTACK operation that verifies a signature for a message passed as an argument that allows one to programmatically query the transaction.
Simplicity: A New Language for Blockchains
TLDR
Simplicity is a typed, combinator-based, functional language without loops and recursion, designed to be used for crypto-currencies and blockchain applications, and can express any finitary function.
Making Smart Contracts Smarter
TLDR
This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
A Semantic Framework for the Security Analysis of Ethereum smart contracts
TLDR
The first complete small-step semantics of EVM bytecode is presented, which is formalized in the F* proof assistant, obtaining executable code that is successfully validate against the official Ethereum test suite.
Formal Verification of Smart Contracts: Short Paper
TLDR
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification.
: Formal Verification of Smart Contracts
TLDR
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Solidity contracts in F, a functional programming language aimed at program verification.
Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts
TLDR
Although smart contracts are believed to have a huge potential, for the moment they are not widely used in practice, because most of Bitcoin miners allow only to post standard transactions on the blockchain, it is currently very hard to create non-trivial smart contracts in Bitcoin.
Bitcoin Covenants
TLDR
It is shown how covenants enable vaults, which disincentivize key theft by preventing an attacker from gaining full access to stolen funds, and how Bitcoin-NG can be implemented progressively as an overlay on top of the Bitcoin blockchain.
...
...