Making Smart Contracts Smarter

  title={Making Smart Contracts Smarter},
  author={Loi Luu and Duc-Hiep Chu and Hrishi Olickel and P. Saxena and Aquinas Hobor},
  journal={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security},
  • Loi Luu, D. Chu, Aquinas Hobor
  • Published 24 October 2016
  • Computer Science
  • Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions… 

A Semantic Framework for the Security Analysis of Ethereum smart contracts

The first complete small-step semantics of EVM bytecode is presented, which is formalized in the F* proof assistant, obtaining executable code that is successfully validate against the official Ethereum test suite.

Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach

FSolidM, a framework rooted in rigorous semantics for designing con- tracts as Finite State Machines (FSM), is introduced and a tool for creating FSM on an easy-to-use graphical interface and for automatically generating Ethereum contracts is presented.

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

This work presents eThor, the first sound and automated static analyzer for EVM bytecode, which is based on an abstraction of the EVMbytecode semantics based on Horn clauses, and demonstrates that eThor is practical and outperforms the state-of-the-art static analyzers.

: Formal Verification of Smart Contracts

This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Solidity contracts in F, a functional programming language aimed at program verification.

Formal Verification of Smart Contracts: Short Paper

This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification.

Securing Smart Contracts in Blockchain

A general technique for building the core functional models applicable for model checking to identify all possible executions that lead to security breaches is presented and it is shown how resulting executions can be systematically analyzed to help identify security issues.

Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts

The capability of executing so-called smart contracts in a decentralised manner is one of the compelling features of modern blockchains. Smart contracts are fully fledged programs which cannot be

Foundations and Tools for the Static Analysis of Ethereum Smart Contracts

This work will overview the state-of-the-art in smart contract verification, covering formal semantics, security definitions, and verification tools, and focus on EtherTrust, a framework for the static analysis of Ethereum smart contracts which includes the first complete small-step semantics of EVM bytecode.

Fuzzing Ethereum Smart Contracts ( research statement )

The goal is to provide a tool that uses fuzzing or attack injection to search for vulnerabilities in smart contracts by doing input injection, and introduces a tool to detect vulnerabilities encoded in smart contract developed for Ethereum.

Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidity

This work develops a formal semantics for Solidity which provides a formal specification of smart contracts to define semantic-level security properties for the high-level verification and defines correct and secure high- level execution behaviours ofSmart contracts to reason about compiler bugs and assist developers in writing secure smart contracts.



Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts

Hawk is a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the public's view, and is the first to formalize the blockchain model of cryptography.

Demystifying Incentives in the Consensus Computer

This work calls the framework of computation through a scriptable cryptocurrency a consensus computer and develops a model that captures incentives for verifying computation in it and proposes a resolution to the verifier's dilemma which incentivizes correct execution of certain applications, including outsourced computation, where scripts require minimal time to verify.

Town Crier: An Authenticated Data Feed for Smart Contracts

An authenticated data feed system called Town Crier is presented, which acts as a bridge between smart contracts and existing web sites, which are already commonly trusted for non-blockchain applications and defines and proves its basic security properties in the Universal Composibility (UC) framework.


The blockchain paradigm when coupled with cryptographically-secured transactions has demonstrated its utility through a number of projects, with Bitcoin being one of the most notable ones, and Ethereum implements this paradigm in a generalised manner.

Bitcoin: A Peer-to-Peer Electronic Cash System

This work proposes a solution to the double-spending problem using a peer-to-peer network, where the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof- of-work.

Permacoin: Repurposing Bitcoin Work for Data Preservation

This work proposes a modification to Bit coin that repurposes its mining resources to achieve a more broadly useful goal: distributed storage of archival data and presents an alternative scratch-off puzzle for Bit coin based on Proofs-of-Retrievability (PORs).

Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab

We document our experiences in teaching smart contract programming to undergraduate students at the University of Maryland, the first pedagogical attempt of its kind. Since smart contracts deal

On Bitcoin as a public randomness source

This work formalizes the use of Bitcoin as a source of publiclyverifiable randomness and shows that any attack on this beacon would form an attack on Bitcoin itself and hence have a monetary cost that can be bound, unlike any other construction for a public randomness beacon in the literature.

Virtual Time and Global States of Distributed Systems

This work argues that a linearly ordered structure of time is not (always) adequate for distributed systems and proposes a generalized non-standard model of time which consists of vectors of clocks which are partially ordered and form a lattice.

Concurrency Control in Distributed Database Systems

This paper describes a decomposition of the concurrency control problem into two major subproblems: read-write and write-write synchronization, and describes a series of synchromzation techniques for solving each subproblem and how to combine these techniques into algorithms for solving the entire conccurrency control problem.