research-article

Smarter smart contract development tools

Authors:

Michael Coblenz,

Joshua Sunshine,

Jonathan Aldrich,

Brad A. MyersAuthors Info & Claims

WETSEB '19: Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain

Pages 48 - 51

https://doi.org/10.1109/WETSEB.2019.00013

Published: 27 May 2019 Publication History

Abstract

Much recent work focuses on finding bugs and security vulnerabilities in smart contracts written in existing languages. Although this approach may be helpful, it does not address flaws in the underlying programming language, which can facilitate writing buggy code in the first place. We advocate a re-thinking of the blockchain software engineering tool set, starting with the programming language in which smart contracts are written. In this paper, we propose and justify requirements for a new generation of blockchain software development tools. New tools should (1) consider users' needs as a primary concern; (2) seek to facilitate safe development by detecting relevant classes of serious bugs at compile time; (3) as much as possible, be blockchain-agnostic, given the wide variety of different blockchain platforms available, and leverage the properties that are common among blockchain environments to improve safety and developer effectiveness.

References

[1]

E. Gün Sirer, "Thoughts on the DAO hack," 2016. {Online}. Available: http://hackingdistributed.com/2016/06/17/thoughts-on-the-dao-hack/

[2]

L. Graham. (2017) $32 million worth of digital currency ether stolen by hackers. {online}. Available: https://www.cnbc.com/2017/07/20/32-million-worth-of-digital-currency-ether-stolen-by-hackers.html

[3]

R. M. Parizi and A. Dehghantanha, "Smart Contract Programming Languages on Blockchains: An Empirical Evaluation of Usability and Security," vol. 10974. Springer International Publishing, 2018, pp. 75--91. {Online}. Available: http://link.springer.com/10.1007/978-3-319-94478-4

[4]

K. E. Iverson, "Notation as a tool of thought," Commun. ACM, vol. 23, no. 8, pp. 444--465, Aug. 1980. {Online}. Available

Digital Library

[5]

S. Hanenberg, S. Kleinschmager, R. Robbes, É. Tanter, and A. Stefik, "An empirical study on the impact of static typing on software maintainability," Empirical Software Engineering, vol. 19, no. 5, pp. 1335--1382, oct 2014.

Digital Library

[6]

S. Endrikat, S. Hanenberg, R. Robbes, and A. Stefik, "How do API documentation and static typing affect API usability?" in International Conference on Software Engineering. New York, NY, USA: ACM, 2014, pp. 632--642.

Digital Library

[7]

A. Stefik and S. Hanenberg, "The programming language wars: Questions and responsibilities for the programming language community," ser. Onward! 2014. New York, NY, USA: ACM, 2014, pp. 283--299. {Online}. Available

Digital Library

[8]

M. Coblenz, "Obsidian: a safer blockchain programming language," in Proceedings of the 39th International Conference on Software Engineering Companion. IEEE Press, 2017, pp. 97--99.

Digital Library

[9]

Ethereum Foundation, "Solidity," https://solidity.readthedocs.io/en/develop/. Accessed Jan. 3, 2017.

[10]

Kadena, "Pact," 2019. {Online}. Available: https://pact.kadena.io

[11]

OCamlPRO, "Liquidity, a simple language over Michelson," 2019. {Online}. Available: https://github.com/OCamlPro/liquidity/blob/master/docs/liquidity.md

[12]

S. Bragagnolo, H. Rocha, M. Denker, and S. Ducasse, "Ethereum query language," 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2018.

Digital Library

[13]

F. Schrans, S. Eisenbach, and S. Drossopoulou, "Writing safe smart contracts in Flint," in Conference Companion of the 2Nd International Conference on Art, Science, and Engineering of Programming, ser. Programming'18 Companion. New York, NY, USA: ACM, 2018, pp. 218--219. {Online}. Available

Digital Library

[14]

The Ethereum Foundation, "Vyper," 2019. {Online}. Available: https://github.com/ethereum/vyper

[15]

K. Delmolino, M. Arnett, A. E. Kosba, A. Miller, and E. Shi, "Step by step towards creating a safe smart contract: Lessons and insights from a cryptocurrency lab," IACR Cryptology ePrint Archive, vol. 2015, p. 460, 2015.

[16]

L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, "Making Smart Contracts Smarter," in Proceedings of ACM CCS'16, 2016.

Digital Library

[17]

N. Grech, M. Kong, A. Jurisevic, L. Brent, B. Scholz, and Y. Smaragdakis, "Madmax: Surviving out-of-gas conditions in ethereum smart contracts," OOPSLA, 2018.

Digital Library

[18]

M. Coblenz, J. Aldrich, B. A. Myers, and J. Sunshine, "Interdisciplinary programming language design," in Onward! 2018 Essays, ser. SPLASH '18, 2018.

Digital Library

[19]

B. A. Myers, A. J. Ko, T. D. LaToza, and Y. Yoon, "Programmers are users too: Human-centered methods for improving programming tools," Computer, vol. 49, no. 7, pp. 44--52, July 2016.

Digital Library

[20]

K. Bhargavan, N. Swamy, S. Zanella-Béguelin, A. Delignat-Lavaud, C. Fournet, A. Gollamudi, G. Gonthier, N. Kobeissi, N. Kulatova, A. Rastogi, and T. Sibut-Pinote, "Formal Verification of Smart Contracts," in Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, New York, New York, USA, 2016.

Digital Library

[21]

IBM. Blockchain for supply chain. {Online}. Available: https://www.ibm.com/blockchain/supply-chain/

[22]

O. López-Pintado, L. García-Bañuelos, M. Dumas, and I. Weber, "Caterpillar: A blockchain-based business process management system," in BPM 2017, Barcelona, Spain, 2017.

[23]

A. Tran, Q. Lu, and I. Weber, "Lorikeet: A model-driven engineering tool for blockchain-based business process execution and asset management," Demo Track at BPM, vol. 2018, pp. 56--60, 2018.

[24]

M. Resnick, J. Maloney, A. Monroy-Hernández, N. Rusk, E. Eastmond, K. Brennan, A. Millner, E. Rosenbaum, J. Silver, B. Silverman et al., "Scratch: Programming for all." Commun. Acm, vol. 52, no. 11, pp. 60--67, 2009.

Digital Library

[25]

M. Yusuf, "A comprehensive list of blockchain platforms," 2018. {Online}. Available: https://www.technoduet.com/a-comprehensive-list-of-blockchain-platforms/

[26]

N. Atzei, M. Bartoletti, and T. Cimoli, "A survey of attacks on ethereum smart contracts," Cryptology ePrint Archive: Report 2016/1007, https://eprint.iacr.org/2016/1007, Tech. Rep., 2016.

[27]

J. Sunshine, J. D. Herbsleb, and J. Aldrich, "Structuring documentation to support state search: A laboratory experiment about protocol programming," in European Conference on Object-Oriented Programming (ECOOP), 2014.

Digital Library

[28]

C. Barnaby, M. Coblenz, T. Etzel, E. Kanal, J. Sunshine, B. Myers, and J. Aldrich, "A user study to inform the design of the obsidian blockchain dsl," in PLATEAU '17 Workshop on Evaluation and Usability of Programming Languages and Tools, 2017.

Cited By

Sharma TZhou ZMiller AWang YCalandrino JTroncoso C(2023)A mixed-methods study of security practices of smart contract developersProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620380(2545-2562)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620380
Coblenz MKambhatla GKoronkevich PWise JBarnaby CSunshine JAldrich JMyers B(2021)PLIERSACM Transactions on Computer-Human Interaction10.1145/345237928:4(1-53)Online publication date: 23-Jul-2021
https://dl.acm.org/doi/10.1145/3452379
Coblenz MAldrich JMyers BSunshine J(2020)Can advanced type systems be usable? An empirical study of ownership, assets, and typestate in ObsidianProceedings of the ACM on Programming Languages10.1145/34282004:OOPSLA(1-28)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428200
Show More Cited By

Recommendations

Making Smart Contracts Smarter
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has ...
How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection
ISSTA 2020: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis

Security attacks targeting smart contracts have been on the rise, which have led to financial loss and erosion of trust. Therefore, it is important to enable developers to discover security vulnerabilities in smart contracts before deployment. A number ...
Security Vulnerabilities in Ethereum Smart Contracts
iiWAS2018: Proceedings of the 20th International Conference on Information Integration and Web-based Applications & Services

Smart contracts (SC) are one of the most appealing features of blockchain technologies facilitating, executing, and enforcing predefined terms of coded contracts without intermediaries. The steady adoption of smart contracts on the Ethereum blockchain ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WETSEB '19: Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain

May 2019

63 pages

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS: Computer Society

Publisher

IEEE Press

Publication History

Published: 27 May 2019

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICSE '19

Sponsor:

SIGSOFT
IEEE-CS

ICSE '19: 41st International Conference on Software Engineering

May 27, 2019

Quebec, Montreal, Canada

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
191
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sharma TZhou ZMiller AWang YCalandrino JTroncoso C(2023)A mixed-methods study of security practices of smart contract developersProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620380(2545-2562)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620380
Coblenz MKambhatla GKoronkevich PWise JBarnaby CSunshine JAldrich JMyers B(2021)PLIERSACM Transactions on Computer-Human Interaction10.1145/345237928:4(1-53)Online publication date: 23-Jul-2021
https://dl.acm.org/doi/10.1145/3452379
Coblenz MAldrich JMyers BSunshine J(2020)Can advanced type systems be usable? An empirical study of ownership, assets, and typestate in ObsidianProceedings of the ACM on Programming Languages10.1145/34282004:OOPSLA(1-28)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428200
Coblenz MOei REtzel TKoronkevich PBaker MBloem YMyers BSunshine JAldrich J(2020)ObsidianACM Transactions on Programming Languages and Systems10.1145/341751642:3(1-82)Online publication date: 25-Nov-2020
https://dl.acm.org/doi/10.1145/3417516

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents