摘要:A developing field of interest for the distributed systems and applied cryptography communities is that of smart contracts: self-executing financial instruments that synchronize their state, often through a blockchain. One such smart contract system that has seen widespread practical adoption is Ethereum, which has grown to a market capacity of 100 billion USD and clears an excess of 500,000 daily transactions. Unfortunately, the rise of these technologies has been marred by a series of costly bugs and exploits. Increasingly, the Ethereum community has turned to formal methods and rigorous program analysis tools. This trend holds great promise due to the relative simplicity of smart contracts and bounded-time deterministic execution inherent to the Ethereum Virtual Machine (EVM). Here we present KEVM, an executable formal specification of the EVM’s bytecode stack-based language built with the K Framework, designed to serve as a solid foundation for further formal analyses. We empirically evaluate the correctness and performance of KEVM using the official Ethereum test suite [1]. To demonstrate the usability, several extensions of the semantics are presented and two different-language implementations of the ERC20 Standard Token are verified against the ERC20 specification. These results are encouraging for the executable semantics approach to language prototyping and specification.

摘要:Ethereum Virtual Machine (EVM) is the run-time environment for smart contracts and its vulnerabilities may lead to serious problems to the Ethereum ecology. With lots of techniques being continu- ously developed for the validation of smart contracts, the testing of EVM remains challenging because of the special test input format and the absence of oracles. In this paper, we propose EVMFuzzer, the first tool that uses differential fuzzing technique to detect vul- nerabilities of EVM. The core idea is to continuously generate seed contracts and feed them to the target EVM and the benchmark EVMs, so as to find as many inconsistencies among execution re- sults as possible, eventually discover vulnerabilities with output cross-referencing. Given a target EVM and its APIs, EVMFuzzer generates seed contracts via a set of predefined mutators, and then employs dynamic priority scheduling algorithm to guide seed con- tracts selection and maximize the inconsistency. Finally, EVMFuzzer leverages benchmark EVMs as cross-referencing oracles to avoid manual checking. With EVMFuzzer, we have found several previ- ously unknown security bugs in four widely used EVMs, and 5 of which had been included in Common Vulnerabilities and Exposures (CVE) IDs in U.S. National Vulnerability Database. The video is presented at https://youtu.be/9Lejgf2GSOk.

摘要:Attacks on transactions of Ethereum could be dan- gerous because they could lead to a big loss of money. There are many tools detecting vulnerabilities in smart contracts trying to avoid potential attacks. However, we found that there are still many missed vulnerabilities in contracts. Motivated by this, we propose a methodology to reinforce EVM to stop dangerous transactions in real time even when the smart contract contains vulnerabilities. Basically, the methodology consists of three steps: monitoring strategy definition, opcode-structure maintenance and EVM instrumentation. Monitoring strategy definition refers to the specific rule to test whether there is a dangerous operation during transaction execution. Opcode-structure maintenance is to maintain a structure to store the rule related opcodes and analyze it before an operation execution. EVM instrumentation inserts the monitoring strategy, interrupting mechanism and the opcode-structure operations in EVM source code. For evaluation, we implement EVM* on js-evm, a widely-used EVM platform written in javascript. We collect 10 contracts online with known bugs and use each contract to execute a dangerous transaction, all of them have been interrupted by our reinforced EVM*, while the original EVM permits all attack transactions. For the time overhead, the reinforced EVM* is slower than the original one by 20-30%, which is tolerable for the financial critical applications.

摘要:When a Solidity smart contract has a problem in calling a function of another contract, the “fallback function” of the contract is supposed to be executed automatically. However, in many cases, a fallback function is arbitrarily created and called, with their behaviors unknown to developers, so that its execution is vulnerable to exploits by attackers. To reduce these risks, this paper proposes a method that provides developers with new keywords by modifying existing Solidity compiler and Ethereum Virtual Machine (EVM). Developers mark their intention using the newly introduced keywords, and the modified existing Solidity compiler and EVM uses flags and conditional statements to prevent calls of fallback functions to reduce the risk of calls to fallback functions.

摘要:分析和研究以太坊上的区块、交易、账户和智能合约数据具有巨大价值，但是以太坊数据量大、数据种类多、存储结构 各异，当前数据获取方法的获取速度慢而且获取的数据不全，因此充分利用这些数据非常困难。文中提出了基于区块并行的以 太坊数据快速导出工具Ｇｅｔｈ－ｑｕｅｒｙ，通过分析以太坊内部机制，利用区块世界状态快照消除区块之间的依赖关系，优化本机资 源利用效率并行重放区块，实现了快速而全面地提取以太坊链上数据。实验证明，Ｇｅｔｈ－ｑｕｅｒｙ提取的数据种类丰富，数据导出 速度相比传统方法提升了１０倍左右。为了使用方便，文中同时对导出的数据进行存储优化，并在前端页面进行数据展示，从而 为分析和研究以太坊提供了数据基础。

摘要:With the rapid development of blockchain technology, blockchain becomes a good platform for execution of smart contracts. However, since smart contracts still have a low performance of transaction processing on blockchain. It can’t satisfy real-time requirements in some situations. This paper proposes a parallel smart contract model on blockchain which has a better performance in transaction processing. The challenges with the proposed approach are the implementation of the parallel mode and the solution of synchronization problem of the proposed model. This paper uses multi-thread technology to implement the proposed model where transactions are executed in parallel. Then we propose a transaction splitting algorithm to resolve the synchronization problem. Finally, experimental analysis proves that this parallel model exactly makes a remarkable development of performance in transaction processing.

摘要:Smart contracts have been widely used on Ethereum to enable business services across various application domains. However, they are prone to different forms of security attacks due to the dynamic and non-deterministic blockchain runtime environment. In this work, we highlighted a general miner- side type of exploit, called concurrency exploit, which attacks smart contracts via generating malicious transaction sequences. Moreover, we designed a systematic algorithm to automatically detect such exploits. In our preliminary evaluation, our approach managed to identify real vulnerabilities that cannot be detected by other tools in the literature.

摘要:Business processes are often related to operational processes, contracts, and regulations. Modeling such processes needs to address regulation monitoring and enforcement, and maintain a reliable history of data for evidence. This paper proposes modeling business processes as smart contracts (SCs) on permissioned blockchains (BCs). The challenges with the proposed approach are state synchronizations among distributed nodes (called authnodes), and real-time requirements. This paper separates the executions of SCs from the state managements on multi-BCs, and proposes a pipeline model to verify and create blocks in parallel.

摘要:Smart contract transactions demonstrate issues of performance and correctness that application programmers must work around. Although the blockchain consensus mechanism approaches ACID compliance, use cases that rely on frequent state changes are impractical due to the block publishing inter- val of O(101) seconds. The effective isolation level is READ- COMMITTED, only revealing state transitions at the end of the block interval. Values read may be stale and not match program order, causing many transactions to fail when a block is committed. This paper perceives the blockchain as a transactional data structure, using this analogy in the development of a new algorithm, Hash-Mark-Set (HMS), that improves transaction throughput by providing a READ-UNCOMMITTED view of state variables. HMS creates a directed acyclic graph (DAG) from the pending transaction pool. The transaction order derived from the DAG is used to provide a READ-UNCOMMITTED view of the data for new transactions, which enter the DAG as they are received. An implementation of HMS is provided, interoperable with Ethereum and ready for use in smart contracts. Over a wide range of transaction mixes, HMS is demonstrated to improve throughput. A side product of the implementation is a new technique, Runtime Argument Augmentation (RAA), that allows smart contracts to communicate with external data services before submitting a transaction. RAA has use cases beyond HMS and can serve as a lightweight replacement for blockchain oracles.

摘要:Blockchain platforms such as Ethereum and several others execute complex transactions in blocks through user- defined scripts known as smart contracts. Normally, a block of the chain consists of multiple transactions of smart contracts which are added by a miner. To append a correct block into the blockchain, miners execute these transactions of smart contracts sequentially. Later the validators serially re-execute the smart contract transactions of the block. If the validators agree with the final state of the block as recorded by the miner, then the block is said to be validated. It is then added to the blockchain using a consensus protocol. In Ethereum and other blockchains that support cryptocurrencies, a miner gets an incentive every time such a valid block successfully added to the blockchain. In most of the current day blockchains the miners and validators execute the smart contract transactions serially. In the current era of multi-core processors, by employing the serial execution of the transactions, the miners and validators fail to utilize the cores properly and as a result, have poor throughput. By adding concurrency to smart contracts execution, we can achieve better efficiency and higher throughput. In this paper, we develop an efficient framework to execute the smart contract transactions concurrently using optimistic Software Transactional Memory systems (STMs). Miners execute smart contract transactions concurrently us- ing multi-threading to generate the final state of blockchain. STM is used to take care of synchronization issues among the transactions and ensure atomicity. Now when the validators also execute the transactions (as a part of validation) concurrently using multi-threading, then the validators may get a different final state depending on the order of execution of conflicting transactions. To avoid this, the miners also generate a block graph of the transactions during the concurrent execution and store it in the block. This graph captures the conflict relations among the transactions and is generated concurrently as the transactions are executed by different threads. The miner proposes a block which consists of set of transac- tions, block graph, hash of the previous block, and final state of each shared data-objects. Later, the validators re-execute the same smart contract transactions concurrently and deterministi- cally with the help of block graph given by the miner to verify the final state. If the validation is successful then proposed block appended into the blockchain and miner gets incentive otherwise discard the proposed block. We execute the smart contract transactions concurrently using Basic Time stamp Ordering (BTO) and Multi-Version Time stamp Ordering (MVTO) protocols as optimistic STMs. BTO and MVTO miner achieves 3.6x and 3.7x average speedups over serial miner respectively. Along with, BTO and MVTO validator outperform average 40.8x and 47.1x than serial validator respec- tively.

摘要:区块链智能合约为不可信的分布式环境提供了去中心化的可信一致存储服 务。但是相比于传统中心化数据库，目前区块链平台的吞吐量的过于低下导致 它在多数应用中无法替代传统数据库。该性能问题部分源于目前的区块链不支 持区块交易的并发执行，因此通过设计并发控制算法来并发执行智能合约可以 提升区块链平台处理能力。在区块链网络中，验证者需要按照生产者采用的交 易顺序确定性地重新执行区块并产生一致的最终状态，因此传统DBMS中的并 发控制算法由于其结果的不确定性而无法直接应用在区块链中。 针对智能合约的确定性并发问题，本文通过引入多版本交易排序（MVTO） 的方法，提出了一个适用于区块链上的智能合约并发执行的并发框架。在该框 架中，矿工使用传统事务并发控制发现某冲突可串行化的调度，在执行中记录 交易写集以及调度的等价串行交易顺序到新区块中。其后，验证节点在执行该 区块前，利用区块中交易的写集和执行顺序为每个冲突的合约状态上预先构建 一个有序的版本链，静态地定义冲突操作之间的优先级关系。最后验证节点在 执行该区块时，基于上述版本链使用MVTO算法来实现以相同的等价串行交易 顺序确定性地并发执行该区块中的交易，从而达成分布式网络中合约状态一致 性的最终目的。 实验结果表明，相比于顺序执行，MVTO可以用3个线程的线程池执行实验 智能合约达到2.5倍左右的提升。

摘要:A Hyperledger Fabric is a popular permissioned blockchain platform and has great com- mercial application prospects. However, the limited transaction throughput of Hyperledger Fabric hampers its performance, especially when transactions with concurrency conflicts are initiated. In this paper, we focus on transactions with concurrency conflicts and propose solutions to optimize the performance of Hyperledger Fabric. Firstly, we propose a novel method LMLS to improve the Write-Write Conflict. This method introduces a lock mech- anism in the transaction flow to enable some conflicting transactions to be marked at the beginning of the transaction process. And indexes are added to conflicting transactions to optimize the storage of the ledger. Secondly, we propose a cache-based method to improve the Read-Write Conflict. The cache is used to speed up reading data, and a cache log is added to Hyperledger Fabric to ensure the data consistency. Extensive experiments demon- strate that the proposed novel methods can significantly increase transaction throughput in the case of concurrency conflicts, and maintain high efficiency in transactions without concurrency conflicts.

摘要:Popular blockchains such as Bitcoin or Ethereum provide a transaction isolation level of READ-COMMITTED. This provides difficulties when state changes many times per block interval. Hash-Mark-Set (HMS) alleviates this problem by enabling READ-UNCOMMITTED transactions for state variables. However, the current HMS implementation relies on a sequen- tial algorithm and is susceptible to redundant calculations. As modern processors rely more heavily on parallel algorithms to leverage multiple cores for speedup, sequential algorithms see less benefit from hardware improvements. This paper proposes a lock-free HMS to make use of thread-safe techniques and other optimizations to improve the performance of the HMS algorithm and reduce the latency of read-uncommitted state variable accesses. In our experiments, the proposed algorithm experiences an average 6.4x increase in performance up to 128 go-routines, and a maximum 11.1x increase.

摘要:Blockchain has attracted a broad range of interests from start-ups, enterprises and governments to build next generation applications in a decentralized manner. Similar to cloud platforms, a single blockchain-based system may need to serve multiple tenants simultaneously. However, design of multi-tenant blockchain-based systems is challenging to architects in terms of data and performance isolation, as well as scalability. First, tenants must not be able to read other tenants’ data and tenants with potentially higher workload should not affect read/write performance of other tenants. Second, multi-tenant blockchainbased systems usually require both scalability for each individual tenant and scalability with number of tenants. Therefore, in this paper, we propose a scalable platform architecture for multitenant blockchain-based systems to ensure data integrity while maintaining data privacy and performance isolation. In the proposed architecture, each tenant has an individual permissioned blockchain to maintain their own data and smart contracts. All tenant chains are anchored into a main chain, in a way that minimizes cost and load overheads. The proposed architecture has been implemented in a proof-of-concept prototype with our industry partner, Laava ID Pty Ltd (Laava). We evaluate our proposal in a three-fold way: fulfilment of the identified requirements, qualitative comparison with design alternatives, and quantitative analysis. The evaluation results show that the proposed architecture can achieve data integrity, performance isolation, data privacy, configuration flexibility, availability, cost efficiency and scalability.

摘要:Blockchain, or distributed ledger, provides a way to build various decentralized systems without relying on any single trusted party. This is especially attractive for smart contracts, that different parties do not need to trust each other to have a contract, and the distributed ledger can guarantee correct execution of the contract. Most existing distributed ledger based smart contract systems process smart contracts in a serial manner, i.e., all users have to run a contract before its result can be accepted by the system. Although this approach is easy to implement and manage, it is not scalable and greatly limits the system’s capability of handling a large number of smart contracts. In order to address this problem, we propose a scalable smart contract execution scheme that can run multiple smart contract in parallel to improve throughput of the system. Our scheme relies on two key techniques: a fair contract partition algorithm leveraging integer linear programming to partition a set of smart contracts into multiple subsets, and a random assignment protocol assigning subsets randomly to a subgroup of users. We prove that, our scheme is secure as long as more than 50% of the computational power is possessed by honest nodes. We then conduct experiments with data from existing smart contract system to evaluate the efficiency of our scheme. The results demonstrate that our approach is scalable and much more efficient than the existing smart contract platform.