计算机科学 ›› 2023, Vol. 50 ›› Issue (10): 343-349.doi: 10.11896/jsjkx.220800134
朱健1, 胡凯2,3, 王军1, 李洁2,3,4, 叶亚飞3, 时希言5
ZHU Jian1, HU Kai2,3, WANG Jun1, LI Jie2,3,4, YE Yafei3, SHI Xiyan5
摘要: 智能合约是一种以代码的方式执行合同条款的可计算交易协议,其应用场景与规模日益增长,承载着多达数十亿美元的各类资产。由于其代码缺陷可能会造成严重的经济损失,因此智能合约的可信开发成为技术关键。为此,提出了一种基于集合论语言Event-B的智能合约可信验证与自动生成方法。Event-B方法是一种基于精化的形式化方法,可用于规约、设计和验证软件系统。通过对智能合约的模型验证和可执行代码的自动生成技术,研发了自动转换工具EB2S,打通了形式化模型和智能合约编程语言的语义鸿沟和技术壁垒。最后,选取典型的在线支付智能合约场景,应用基于Event-B的智能合约模型自动生成合约代码,验证了EB2S转换工具的有效性。
中图分类号:
[1]ZHU J,HU K,ZHANG B J.Review on Formal Verification of SmartContract[J].Acta Electronica Sinica,2021,49(4):792-804. [2]ZHANG G Q.Introduction to formalmethods[M].Beijing:Tsing-hua University Press,2015. [3]RYZHYK L,BJØRNER N,CANINI M,et al.Correct by construction networks using stepwise refinement[C]//14th USENIX Conference on Networked Systems Design and Implementation.USA:USENIX Association,2017:683-698. [4]ABRIAL J.Modelling in Event-B:System and Software Engineering[M].UK:Cambridge University Press,2009. [5]SCHNEIDER S.The B-method:An introduction[M].UK:University of Surrey,2001. [6]BUTLER M,YADAV D.An incremental development of the mondex system in event-B[J].Formal Aspects of Computing,2008,20(1):61-77. [7]BACK R J R,KURKI-SUONIO F.Distributed cooperation with action systems[J].ACM Transactions on Programming Languages and Systems,1998,10(4):513-554. [8]BUTLER M.Decomposition structures for Event-B[C]//International Conference on Integrated Formal Methods.Germany:Springer,2009:20-38. [9]BUTERIN V.Critical update re:Dao vulnerability [EB/OL].https://blog.ethereum.org/2016/06/17critical-update-re-dao-vulnerability. [10]The parity wallet hack explained [EB/OL].https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12-e8f7. [11]Batch overflow bug on Ethereum ERC20 token contracts andsafeMath[EB/OL].https://peckshield.medium.com/alert-new-batchoverflow-bug-in-multiple-erc20-smart-contracts-cve-2018-10299-511067db6536. [12]BHARGAVAN K,DELIGNAT-LAVAUD A,FOURNET C,et al.Formal verification of smart contracts:short paper[C]//the 2016 ACM Workshop on Programming Languages and Analysis for Security.USA:ACM,2016:91-96. [13]NIELSEN J B,SPITTERS B.Smart contract interactions in Coq[J].arXiv:1911.04732,2019. [14]ZHU J,HU K,FILALI M,et al.Formal simulation and verification of Solidity contracts in Event-B[C]//2021 IEEE 45th Annual Computers,Software,and Applications Conference(COMPSAC).USA:IEEE,2021:1309-1314 [15]MAVRIDOU A,LASZKA A.Designing secure ethereum smart contracts:A finite state machine-based approach[C]//International Conference on Financial Cryptography and Data Security.Germany:Springer,2018:523-540. [16]CHOUDHURY O,RUDOLPH N,SYLLA I,et al.Auto-Gene-ration of Smart Contracts from Domain-Specific Ontologies and Semantic Rules[C]//2018 IEEE International Conference on Internet of Things(iThings) and IEEE Green Computing and Communications(GreenCom) and IEEE Cyber,Physical and Social Computing(CPSCom) and IEEE Smart Data(SmartData).USA:IEEE,2018:963-970. [17]GAO Y C,ZHAO B,ZHANG Z.Research and implementation of a smart automatic contract generation method for Ethereum[J].Journal of East China Normal University(Natural Science),2020,2020(5):21-32. [18]ZHU Y,QIN B H,CHEN E,et al.An advanced smart contract conversion method and bidding contract design and implementation[J].Chinese Journal of Computers,2021,44(3):652-668. [19]Rodin platform [EB/OL].http://wiki.Event-B.org/index.php/Rodin_Platform. [20]BANACH R.Verification-led smart contracts[C]//Interna-tional Conference on Financial Cryptography and Data Security.Germany:Springer,2019:106-121. [21]Remix [EB/OL].http://remix.hubwiz.com/#optimize=false&version=soljson-v0.4.25-nightly.2018.7.9+commit.c42583d2.js. |
|