contract and protocol validation verification
play

Contract and Protocol Validation/Verification September 25, 2019 - PowerPoint PPT Presentation

Feb 02, 2024 •133 likes •439 views

Contract and Protocol Validation/Verification September 25, 2019 guha.jayachandran@sjsu.edu Announcements Only submit a question/takeaway slip at the start of class Homework due next Wednesday: Submit hard copy unless otherwise

  1. Contract and Protocol Validation/Verification September 25, 2019 guha.jayachandran@sjsu.edu

  2. Announcements • Only submit a question/takeaway slip at the start of class • Homework due next Wednesday: • Submit hard copy unless otherwise arranged, 1 copy • Monday before/during class is your final chance to ask questions—no email after class Monday • Final project information on last slide

  3. Monday, we talked about there being many buggy smart contracts. Even protocol code and protocol designs have had many flaws!

  4. BTC Block 74638

  5. • 2010 • Bitcoin had already been 4 major bugs discovered and fixed • This was an inflation bug: the creation of coins out of thin air • 184 billion new BTC • Exploitation of the bug was noticed within 90 minutes • Satoshi and Gavin Andresen fixed it within 2 hours • Why was speed important?

  8. We still have vulnerabilities today

  9. Lightning

  10. Lightning

  11. ZCoin Bug (2017) Source: https://zcoin.io/zcoins-zerocoin-bug-explained-in-detail/

  12. ZCoin Bug (2019) Source: https://zcoin.io/update-on-zerocoin-spends/

  13. ZCash Bug • Originated in fundamental 2013 cryptography paper • Discovered by an engineer working for the company that developed ZCash • Allowed infinite creation of coins • People think it wasn’t exploited, but we don’t know • Kept quiet, fix developed over many months, pushed, and then announced

  14. V&V • Validation: Are our specifications correct? Are we making the right thing? • Verification: Did we faithfully implement the specification? Which of the previous examples were which?

  15. Back to Lightning… Paper released in past week:

  16. “Our analysis is based on the formal specification, not an implementation. As a result, our work does not rule out bugs in the various implementations, only in the specification… Ideally, formal verification of the code, which would prove that it matches the specification, would increase our trust to the system. But before that, a machine-readable version of the specification would be needed.” -Orfeas Litos

  17. How to Judge Specification? • Security analysis • Game theory • Simulation • …

  18. Test Cases • Given an implementation, traditional testing with test cases is good • But how do you know you’re testing everything you need to test? How confident can you really be that the implementation conforms to the specification?

  19. Formal Verification • Proving the correctness of a system with respect to its formal specifications or properties, using formal methods of mathematics • Used for hardware or software • More for hardware. Why? • Need a mathematical model of system that can then construct proofs within; several options

  20. It’s di ffi cult

  22. Recall: For any Turing complete language, finding all possible runtime errors in an arbitrary program is undecidable Does this make us think di ff erently about Turing complete smart contract languages?

  23. TLA+ • Created by Leslie Lamport • A formal specification language for modeling programs and systems • Especially suited for modeling concurrent and distributed systems • Used by Amazon for AWS

  24. Source: https://learntla.com/introduction/

  25. Deductive Verification • Interactive proof assistants • HOL, Coq, Isabelle, etc. • Can often export to another language • SMT (Satisfiability modulo theories) solvers • Constraint satisfaction • See Z3

  26. Dependent Types • What if a type's definition is dependent on a value? • Example: A type not just for integers, but for integers less than 3 • What does this allow you to do at compile time? • Languages: Agda, Coq, F*, Idris, and more • It’s not surprising if you haven’t heard of any of these • Curry-Howard Correspondence

  27. Dependent Types • What if a type's definition is dependent on a value? • Example: A type not just for integers, but for integers less than 3 • What does this allow you to do at compile time? • Languages: Agda, Coq, F*, Idris, and more • It’s not surprising if you haven’t heard of any of these • Curry-Howard Correspondence

  28. Other Worthwhile Mentions • Penetration testing • Audits • Many eyes

  30. Final Projects • Poster session and brief report • Work alone or group of up to 3 • All members of a group get the same grade • Choose something you find interesting • But ask for help if you struggle getting an idea • You have many options • Implement a system, for example an interesting smart contract, a protocol, a game, a key management system, etc. • Conduct research, for example design an algorithm, design a protocol, benchmark existing systems, perform cryptographic analysis, write a specification, formally verify some open source code, etc. • Survey some area of technology • Check your project ahead of time in o ffi ce hours to verify appropriateness of scope

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Steven Zeil February 13, 2013 Verification and Validation

Verification and Validation Verification and Validation Steven Zeil February 13, 2013 Verification and Validation Outline The Process 1 Non-Testing V&V 2 Code Review Mathematically-based verification Static analysis tools

790 views • 55 slides
Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and

Verification & Validation Verification is getting the system right : Verification and Validation Does the program you built do what you designed it to do? Dr. James A. Bednar Validation is getting the right system : jbednar@inf.ed.ac.uk

331 views • 8 slides
Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural Abstraction Tolerant Architectural Abstraction Fault Patrick H. S. Brito - Unicamp, Brazil Rogrio de Lemos - University of Kent, UK Eliane

381 views • 21 slides
Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview

Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview

C2 C2 Verification Verification and and Validation Validation 1 /41 1 /41 C2 C2 Overview Overview It is very simple to create a simulation ! It is very difficult difficult to model something to model something accurately .

736 views • 41 slides
Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification

Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification

Verification and Validation for Safety in Robots Kerstin Eder Design Automation and Verification Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory Verification and Validation for Safety

1.29k views • 72 slides
Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav

Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav

Validation and Verification Using Spatial Logic Framework for Building Layouts By Abhinav Fatehpuria Vineet Gupta 12/ 6/ 2005 ENPM 643 System Validation & Verification 1 Agenda Background Project Description Floor Plan

340 views • 32 slides
INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification &

INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification &

INDEPENDENT VERIFICATION AND VALIDATION OBJECTIVES To Define Independent Verification & Validation (IV&V) and its Benefits To Understand the Federal Requirements for IV&V To Provide the Federal Perspective on IV&V

489 views • 38 slides
Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions

Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions

Geant4 Physics Validation and Geant4 Physics Validation and Verification Verification Ions Ions Koi, Tatsumi SLAC/SCCS Koi, Tatsumi SLAC/SCCS Neutron & Ion Models High Precision neutron down to thermal energy Inventory Elastic

416 views • 31 slides
Resolve-impossibility for a contract signing protocol Aybek Mukhamedov and Mark Ryan July 6,

Resolve-impossibility for a contract signing protocol Aybek Mukhamedov and Mark Ryan July 6,

Resolve-impossibility for a contract signing protocol Aybek Mukhamedov and Mark Ryan July 6, 2006 Outline Multi-party contract signing 1 A protocol by Garay and MacKenzie 2 A revised protocol by Chadha, Kremer and Scedrov 3 A flaw in the

409 views • 25 slides
The purpose of the Presentation is to introduce the Verification Validation Reporting

The purpose of the Presentation is to introduce the Verification Validation Reporting

The purpose of the Presentation is to introduce the Verification Validation Reporting and Tracking System (VVRTS) with a sample video demonstration. 1.1 System Overview The purpose of the Verification and Validation Reporting and

78 views • 3 slides
INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and

INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and

INDEPENDENT INTEGRATED VERIFICATION AND VALIDATION (I 2 V 2 ) INDEPENDENT VERIFICATION and VALIDATION (IV&V) System System Validation Requirements Test Verification Software Software Validation Test Requirements Verification

443 views • 25 slides
Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification

Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification

EMA Expert Workshop on Validation of Manufacturing for Biological Medicinal Products Tuesday 9 th April 2013 Process Validation-Enhanced Approach Continuous Process Verification Brendan Hughes Agenda Definition and purpose of validation

730 views • 18 slides
Data Mining II Model Validation Heiko Paulheim Why Model Validation? We have seen so far

Data Mining II Model Validation Heiko Paulheim Why Model Validation? We have seen so far

Data Mining II Model Validation Heiko Paulheim Why Model Validation? We have seen so far Various metrics (e.g., accuracy, F-measure, RMSE, ) Evaluation protocol setups Split Validation Cross Validation Special

1.04k views • 55 slides
Network Protocol Design and Evaluation 05 - Validation, Part III Stefan Rhrup University of

Network Protocol Design and Evaluation 05 - Validation, Part III Stefan Rhrup University of

Network Protocol Design and Evaluation 05 - Validation, Part III Stefan Rhrup University of Freiburg Computer Networks and Telematics Summer 2009 Overview In the first parts of this chapter: Validation models in Promela

688 views • 65 slides
SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods

SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods

SOFTWARE VERIFICATION AND VALIDATION BY: MITCHELL LANE TOPICS T erms and Methods Historic Failures Licenses and certifjcation Warranties Ethical Evaluations Software Validation- Does the model accurately represent the

442 views • 17 slides
Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol

Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol

Chapter 10 Verification and Validation of Simulation Models Banks, Carson, Nelson & Nicol Discrete-Event System Simulation Purpose & Overview The goal of the validation process is: To produce a model that represents true

518 views • 28 slides
Relational Data Model Hacettepe University Computer Engineering Department Outline 1. Relational

Relational Data Model Hacettepe University Computer Engineering Department Outline 1. Relational

Relational Data Model Hacettepe University Computer Engineering Department Outline 1. Relational Data Model 2. From ER Diagrams to Relational Schema 3. Relational Operations Hacettepe University Computer Engineering Department 2 Relational

705 views • 43 slides
UML Essentials Static Modeling Excerpts from: Object Oriented Software Engineering by

UML Essentials Static Modeling Excerpts from: Object Oriented Software Engineering by

UML Essentials Static Modeling Excerpts from: Object Oriented Software Engineering by Lethbridge/Laganire and Applying UML and Patterns by Larman, C. Class model (diagram) elements Classes represent the types of data themselves

435 views • 12 slides
How to use rules? } to classify samples } to predict outcomes } to prescribe physical (or

How to use rules? } to classify samples } to predict outcomes } to prescribe physical (or

3. Learning Rules Rule: cond concl where } cond is a conjunction of predicates (that themselves can be either simple or complex) and } concl is an action (or action sequence) like adding particular knowledge to the knowledge base or

580 views • 39 slides
Future Research Issues: Recommending Tasks to Search Engine Users Salvatore Orlando + , Raffaele

Future Research Issues: Recommending Tasks to Search Engine Users Salvatore Orlando + , Raffaele

Future Research Issues: Recommending Tasks to Search Engine Users Salvatore Orlando + , Raffaele Perego * , Fabrizio Silvestri * * ISTI - CNR, Pisa, Italy + Universit Ca Foscari Venezia, Italy Claudio Lucchese, Salvatore Orlando, Raffaele

511 views • 16 slides
Towards an Independent Semantics and Veri fi cation Technology for the HLPSL Speci fi cation

Towards an Independent Semantics and Veri fi cation Technology for the HLPSL Speci fi cation

Towards an Independent Semantics and Veri fi cation Technology for the HLPSL Speci fi cation Language ARSPA05 Workshop, Lisbon, 16 July 2005 Alexey Gotsman joint work with Fabio Massacci and Marco Pistore University of Trento (Italy)

430 views • 27 slides
Toward certified quantum programming Christophe Chareton S ebastien Bardin, Franc ois

Toward certified quantum programming Christophe Chareton S ebastien Bardin, Franc ois

GT IQ November 28-29th 2019 Toward certified quantum programming Christophe Chareton S ebastien Bardin, Franc ois Bobot, Valentin Perrelle (CEA) and Beno t Valiron (LRI) Take away Quantum computers (are going to / will . . . ) arrive

596 views • 31 slides
Spectral analysis of ranking algorithms Social and Technological Networks Rik Sarkar University

Spectral analysis of ranking algorithms Social and Technological Networks Rik Sarkar University

Spectral analysis of ranking algorithms Social and Technological Networks Rik Sarkar University of Edinburgh, 2018. Recap: HITS algorithm Evaluate hub and authority scores Apply Authority update to all nodes: auth(p) = sum of all

217 views • 19 slides
RENORMALIZATION GROUP APPROACH IN SPECTRAL ANALYSIS AND PROBLEM OF RADIATION I.M. Sigal

RENORMALIZATION GROUP APPROACH IN SPECTRAL ANALYSIS AND PROBLEM OF RADIATION I.M. Sigal

RENORMALIZATION GROUP APPROACH IN SPECTRAL ANALYSIS AND PROBLEM OF RADIATION I.M. Sigal (Toronto) The text below contains the slides of the talk I have given at CRM on November 10, 2000. A related talk I gave at the Fields Institute on November

213 views • 17 slides

More recommend