automated formal verification of smart contracts
play

Automated Formal Verification of Smart Contracts Florian Hubert - PowerPoint PPT Presentation

Oct 16, 2022 •20 likes •180 views

Automated Formal Verification of Smart Contracts Florian Hubert Dana Drachsler- Andrei Arthur Quentin Petar Martin Buenzli Ritzdorf Cohen Dan Gervais Hibon Tsankov Vechev Growth of the Ethereum Ecosystem $27B Billions of USD are

  1. Automated Formal Verification of Smart Contracts Florian Hubert Dana Drachsler- Andrei Arthur Quentin Petar Martin Buenzli Ritzdorf Cohen Dan Gervais Hibon Tsankov Vechev

  2. Growth of the Ethereum Ecosystem $27B Billions of USD are traded by Ethereum smart contracts $1B $50M Jul Aug Oct 2015 2016 2017 Emerging businesses are built on top of Ethereum smart contracts

  3. Smart Contract Secu curi rity ty Bugs in the News

  4. What are Ethereum Smart Contracts? contract Wallet { uint balance = 10; Transfer $$$ function withdraw(){ to the caller if(balance > 0) msg.sender.call.value(balance)(); balance = 0; } } § Small programs that handle money (ether) § Executed on the Ethereum blockchain § Written in high-level languages ( e.g. , Solidity) § No patching after release What can go wrong when programs handle billions of USD?

  5. Security Bugs in Ethereum Smart Contracts

  6. Security Bug #1: Reentrancy User Contract Wallet Contract function moveBalance() { uint balance = 10; wallet.withdraw(); withdraw() } function withdraw() { ... if(balance > 0) 10 ether function () payable { msg.sender.call.value(balance)(); balance = 0; wallet.withdraw(); withdraw() } } balance is set to 0 calls withdraw() 10 ether after ether transfer before balance is set to 0 ... An attacker used this bug to steal 3.6M ether (equivalent of $1B today )

  7. Security Bug #2: Un Unpriv rivile ileged wr write e to storage Wallet Contract address owner = ...; Any user may change the function initWallet(address _owner) { wallet’s owner owner = _owner; } function withdraw(uint amount) { if (msg.sender == owner) { owner.send(amount); Only owner can } send ether } An attacker used a similar bug to steal $32M few weeks ago

  8. More Security Bugs… Unexpected ether flows Insecure coding, such as unprivileged writes (e.g., Multisig Parity bug) Use of unsafe inputs (e.g., reflection, hashing, …) Reentrant method calls (e.g., DAO bug) Transaction reordering

  9. Au Automated Security An Analysis

  10. Automated Security Analysis: Existing Solutions All possible contract Security behaviors Bugs Problem : Cannot enumerate all possible contract behaviors…

  11. Automated Security Analysis: Existing Solutions § Static analysis § Testing § Dynamic analysis § Formal verification § Symbolic execution Very limited guarantees Better than testing, but Strong guarantees can still miss vulnerabilities

  12. Automated Security Analysis: Existing Solutions Existing Solutions Strong Guarantees Automated Oyente ITP-based § Static analysis § Testing § Dynamic analysis § Formal verification § Symbolic execution Very limited guarantees Better than testing, but Strong guarantees can still miss vulnerabilities

  13. The first fully automated , one-click, formal verification system for Ethereum smart contracts Provides trust towards both contract users and developers www.securify.ch

  14. Demo

  15. www.securify.ch Released last month, so far: 95% positive feedback >1K uploaded smart contracts >150 users signed up for updates Interesting discussions on Reddit

  16. Join us! ChainSecur Cha curity ty Enabling Trust in Blockchains Cutting-edge research in the area of: § Program analysis and synthesis § Machine learning § Blockchain / network security Join our team of security / blockchain / program analysis experts http://jsnice.org http://apk-deguard.com contact@chainsecurity.com http://securify.ch @chain_security http://psisolver.org http://eventracer.org http://www.srl.inf.ethz.ch

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Verification of blockchains and smart contracts Formal Methods Update, 2018 BITS Pilani Goa

Verification of blockchains and smart contracts Formal Methods Update, 2018 BITS Pilani Goa

Verification of blockchains and smart contracts Formal Methods Update, 2018 BITS Pilani Goa Madhavan Mukund Chennai Mathematical Institute http:/ /www.cmi.ac.in/~madhavan Outline Introduction to blockchains Smart contracts

859 views • 37 slides
Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Presented at FMBC 2020 Formal Formal Specif Specification ication and Verific and Verification ation of Solid of Solidity ity Contracts Contracts with E with Events vents kos Hajdu 1 , Dejan Jovanovi 2 , Gabriela Ciocarlie 2 1

298 views • 14 slides
Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford . Smart Contract Security - The Prongs Formal Verification (+Specification)

960 views • 28 slides
Formal Technical Process Specification and Verification for Automated Production Systems Georg

Formal Technical Process Specification and Verification for Automated Production Systems Georg

Formal Technical Process Specification and Verification for Automated Production Systems Georg Hackenberg, Alarico Campetelli, Christoph Legat, Jakob Mund, Sabine Teufl and Birgit Vogel-Heuser Motivation Automated Production Systems (Google)

301 views • 26 slides
A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena

A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena

A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena Philip Daian Grigore Rosu Nov 7, 2018 @ FSE18 Smart contracts Programs that run on blockchain Usually written in a high-level

537 views • 28 slides
Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all

Writing Smart Contracts Dionysis Zindros Smart Contracts Day Athens, March 2017 We talked all about what smart contracts are... ...but what does a real smart contract look like? Lets talk about writing actual Smart Contracts with code

809 views • 50 slides
Eliminating bugs in BPF JITs using automated formal verification Luke Nelson with Jacob van Ge

Eliminating bugs in BPF JITs using automated formal verification Luke Nelson with Jacob van Ge

Eliminating bugs in BPF JITs using automated formal verification Luke Nelson with Jacob van Ge ff en, Emina Torlak, and Xi Wang BPF is used throughout the kernel Many uses for BPF: tracing, networking, security, etc. In-kernel JIT

849 views • 48 slides
Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug

Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug

Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug Emina Michael Arvind Zachary Weitz Woos Torlak D. Ernst Krishnamurthy Tatlock The Border Gateway Protocol The Border Gateway Protocol AS AS

645 views • 29 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Quantitative Analysis of Smart Contracts Krishnendu Chatterjee 1 Amir Goharshady 1 Yaron Velner 2 1

Quantitative Analysis of Smart Contracts Krishnendu Chatterjee 1 Amir Goharshady 1 Yaron Velner 2 1

Quantitative Analysis of Smart Contracts Krishnendu Chatterjee 1 Amir Goharshady 1 Yaron Velner 2 1 IST Austria 2 Hebrew University of Jerusalem ESOP 2018 Outline Smart Contracts Bugs in Smart Contracts Language Design Games and Abstraction

1.06k views • 73 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Smart Contracts Jrgen Modin The two building blocks of smart contracts Digital signatures

Smart Contracts Jrgen Modin The two building blocks of smart contracts Digital signatures

Smart Contracts Jrgen Modin The two building blocks of smart contracts Digital signatures The blockchain What does the blockchain do? One timestamp, and one context for each signature You can detect if someone is promising

289 views • 7 slides
Automated Verification of Automated Verification of asynchronous CIRCUITS USING CIRCUIT

Automated Verification of Automated Verification of asynchronous CIRCUITS USING CIRCUIT

ASYNC08 Automated Verification of Automated Verification of asynchronous CIRCUITS USING CIRCUIT asynchronous CIRCUITS USING CIRCUIT Petri nets Petri nets Iva n Polia kov, Andre y Mokhov, Da nil Sokolov, Ashur Ra fie v, Ale x Ya kovle v

474 views • 25 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
3-509

3-509

3-509 liuzhen@sjtu.edu.cn 1 1. Wallet How to store and spend your bitcoins? Each coin is a (address, value) pair on the (public) blockchain Store

604 views • 16 slides
Securify: Practical Security Analysis of Smart Contracts https://securify.ch Dr. Petar Tsankov

Securify: Practical Security Analysis of Smart Contracts https://securify.ch Dr. Petar Tsankov

Securify: Practical Security Analysis of Smart Contracts https://securify.ch Dr. Petar Tsankov Scientific Researcher, ICE center, ETH Zurich Co-founder and Chief Scientist, ChainSecurity AG http://www.ptsankov.com/ @ptsankov

407 views • 39 slides
A full node for every Alice By Nicolas Dorier Main maintainer of NBitcoin and BTCPay .NET

A full node for every Alice By Nicolas Dorier Main maintainer of NBitcoin and BTCPay .NET

A full node for every Alice By Nicolas Dorier Main maintainer of NBitcoin and BTCPay .NET fanboy Foreword No ICO Not a company No funding Need Open Source developers, not money BTCPay is started as a reaction to

469 views • 36 slides
SWEN 262 Engineering of Software Subsystems Design Principles Object Oriented Principles

SWEN 262 Engineering of Software Subsystems Design Principles Object Oriented Principles

SWEN 262 Engineering of Software Subsystems Design Principles Object Oriented Principles (Review) Classes A class is a blueprint that defines the state (data) and behavior (methods) that belong to some class of thing. It is like a

363 views • 10 slides
One Armed Bandit source: http://dogbeforewicket.blogspot.ca EECS 1030 moodle.yorku.ca One Armed

One Armed Bandit source: http://dogbeforewicket.blogspot.ca EECS 1030 moodle.yorku.ca One Armed

One Armed Bandit source: http://dogbeforewicket.blogspot.ca EECS 1030 moodle.yorku.ca One Armed Bandit Utility /** * Returns the winnings from one pull of the one armed * bandit. * * @param coin the coin deposited in the one armed bandit.

623 views • 58 slides
Do Investors Care About Corporate Externalities? Experimental Evidence Jean-Franois Bonnefon

Do Investors Care About Corporate Externalities? Experimental Evidence Jean-Franois Bonnefon

Do Investors Care About Corporate Externalities? Experimental Evidence Jean-Franois Bonnefon Augustin Landier TSE & IAST HEC Pari Sastry David Thesmar MIT MIT, NBER, CEPR October 17, 2020 1/21 The Question Calls for firms to

1.19k views • 31 slides
V ERI S OLID : Correct-by-Design Smart Contracts for Ethereum Anastasia Mavridou 1 , Aron

V ERI S OLID : Correct-by-Design Smart Contracts for Ethereum Anastasia Mavridou 1 , Aron

V ERI S OLID : Correct-by-Design Smart Contracts for Ethereum Anastasia Mavridou 1 , Aron Laszka 2 , Emmanouela Stachtiari 3 , Abhishek Dubey 4 1 NASA Ames 2 University of Houston 3 Aristotle University of Thessaloniki 4 Vanderbilt University

555 views • 18 slides
Lecture 1.3: Groups in science, art, and mathematics Matthew Macauley Department of Mathematical

Lecture 1.3: Groups in science, art, and mathematics Matthew Macauley Department of Mathematical

Lecture 1.3: Groups in science, art, and mathematics Matthew Macauley Department of Mathematical Sciences Clemson University http://www.math.clemson.edu/~macaule/ Math 4120, Modern Algebra M. Macauley (Clemson) Lecture 1.3: Groups in science,

470 views • 14 slides

More recommend