Overview of the Languages for Safe Smart Contract Programming

  title={Overview of the Languages for Safe Smart Contract Programming},
  author={Aleksey Tyurin and I. V. Tyuluandin and V. S. Maltsev and Iakov Kirilenko and Daniil Berezun},
  journal={Proceedings of the Institute for System Programming of the RAS},
Blockchain technologies are gradually being found an application in many areas, especially in FinTech. As a result, a lot of blockchain platforms have emerged with the support of smart contracts that are intended to automate party interactions. However, it has been shown that they are prone to attacks and errors which lead to money loss. To date, there has been a wide range of approaches for making smart contracts safer that included analysis tools, reasoning models, and safer and more rigorous… 

Tables from this paper


Smart contracts vulnerabilities: a call for blockchain software engineering?
A case of study where a bug discovered in a Smart Contract library, and perhaps "unsafe" programming, allowed an attack on Parity, a wallet application, causing the freezing of about 500K Ethers, is analyzed.
Towards Safer Smart Contracts: A Survey of Languages and Verification Methods
This work introduces several smart contract languages focussing on security features, and examines verification tools and methods for smart contract and distributed ledgers.
Vandal: A Scalable Security Analysis Framework for Smart Contracts
Vandal is both fast and robust, successfully analysing over 95% of all 141k unique contracts with an average runtime of 4.15 seconds; outperforming the current state of the art tools---Oyente, EthIR, Mythril, and Rattle---under equivalent conditions.
A Semantic Framework for the Security Analysis of Ethereum smart contracts
The first complete small-step semantics of EVM bytecode is presented, which is formalized in the F* proof assistant, obtaining executable code that is successfully validate against the official Ethereum test suite.
Potential Risks of Hyperledger Fabric Smart Contracts
Go language and tools are investigated, how many risks can be covered by Go tools, and a vulnerability detection tool for chaincodes called Chaincode Scanner is developed to cover risks by static analysis.
Securify: Practical Security Analysis of Smart Contracts
An extensive evaluation of Securify over real-world Ethereum smart contracts is presented and it is demonstrated that it can effectively prove the correctness of smart contracts and discover critical violations.
Formal Verification of Smart Contracts: Short Paper
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification.
SmartCheck: Static Analysis of Ethereum Smart Contracts
The paper provides a comprehensive classification of code issues in Solidity and implements SmartCheck -- an extensible static analysis tool that detects them and reflects the current state of knowledge on Solidity vulnerabilities and shows significant improvements over alternatives.
Making Smart Contracts Smarter
This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
Simplicity: A New Language for Blockchains
Simplicity is a typed, combinator-based, functional language without loops and recursion, designed to be used for crypto-currencies and blockchain applications, and can express any finitary function.