research-article

Open access

Taming callbacks for smart contract modularity

Authors:

Elvira Albert,

Shelly Grossman,

Noam Rinetzky,

Clara Rodríguez-Núñez,

Albert Rubio,

Mooly SagivAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 4, Issue OOPSLA

Article No.: 209, Pages 1 - 30

https://doi.org/10.1145/3428277

Published: 13 November 2020 Publication History

PDF eReader

Abstract

Callbacks are an effective programming discipline for implementing event-driven programming, especially in environments like Ethereum which forbid shared global state and concurrency. Callbacks allow a callee to delegate the execution back to the caller. Though effective, they can lead to subtle mistakes principally in open environments where callbacks can be added in a new code. Indeed, several high profile bugs in smart contracts exploit callbacks.

We present the first static technique ensuring modularity in the presence of callbacks and apply it to verify prominent smart contracts. Modularity ensures that external calls to other contracts cannot affect the behavior of the contract. Importantly, modularity is guaranteed without restricting programming.

In general, checking modularity is undecidable—even for programs without loops. This paper describes an effective technique for soundly ensuring modularity harnessing SMT solvers. The main idea is to define a constructive version of modularity using commutativity and projection operations on program segments. We believe that this approach is also accessible to programmers, since counterexamples to modularity can be generated automatically by the SMT solvers, allowing programmers to understand and fix the error.

We implemented our approach in order to demonstrate the precision of the modularity analysis and applied it to real smart contracts, including a subset of the 150 most active contracts in Ethereum. Our implementation decompiles bytecode programs into an intermediate representation and then implements the modularity checking using SMT queries. Overall, we argue that our experimental results indicate that the method can be applied to many realistic contracts, and that it is able to prove modularity where other methods fail.

Supplementary Material

Auxiliary Presentation Video (oopsla20main-p401-p-video.mp4)

This is a video presenting our OOPSLA 2020 paper "Taming Callbacks for Smart Contract Modularity". It discusses the motivation for reasoning about callbacks in smart contracts and the concept of "Effective Callback Freedom" (ECF), and a gentle overview to our sound technique for checking ECF.

Download
92.73 MB

References

[1]

Elvira Albert, Miguel Gómez-Zamalloa, Miguel Isabel, and Albert Rubio. 2018. Constrained Dynamic Partial Order Reduction. In Computer Aided Verification-30th International Conference, CAV 2018, Held as Part of the Federated Logic Conference, FloC 2018, Oxford, UK, July 14-17, 2018, Proceedings, Part II. 392-410.

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

On-Chain Smart Contract Verification over Tendermint

The treewidth of smart contracts

Formal Modeling and Verification of Smart Contracts

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations