Verifying liquidity of recursive Bitcoin contracts

Log. Methods Comput. Sci. Pub Date : 2020-11-28 DOI:10.46298/lmcs-18(1:22)2022

Massimo Bartoletti, Stefano Lande, Maurizio Murgia, R. Zunino

{"title":"Verifying liquidity of recursive Bitcoin contracts","authors":"Massimo Bartoletti, Stefano Lande, Maurizio Murgia, R. Zunino","doi":"10.46298/lmcs-18(1:22)2022","DOIUrl":null,"url":null,"abstract":"Smart contracts - computer protocols that regulate the exchange of\ncrypto-assets in trustless environments - have become popular with the spread\nof blockchain technologies. A landmark security property of smart contracts is\nliquidity: in a non-liquid contract, it may happen that some assets remain\nfrozen, i.e. not redeemable by anyone. The relevance of this issue is witnessed\nby recent liquidity attacks to Ethereum, which have frozen hundreds of USD\nmillions. We address the problem of verifying liquidity on BitML, a DSL for\nsmart contracts with a secure compiler to Bitcoin, featuring primitives for\ncurrency transfers, contract renegotiation and consensual recursion. Our main\nresult is a verification technique for liquidity. We first transform the\ninfinite-state semantics of BitML into a finite-state one, which focusses on\nthe behaviour of a chosen set of contracts, abstracting from the moves of the\ncontext. With respect to the chosen contracts, this abstraction is sound, i.e.\nif the abstracted contract is liquid, then also the concrete one is such. We\nthen verify liquidity by model-checking the finite-state abstraction. We\nimplement a toolchain that automatically verifies liquidity of BitML contracts\nand compiles them to Bitcoin, and we assess it through a benchmark of\nrepresentative contracts.","PeriodicalId":314387,"journal":{"name":"Log. Methods Comput. Sci.","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Log. Methods Comput. Sci.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46298/lmcs-18(1:22)2022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Smart contracts - computer protocols that regulate the exchange of crypto-assets in trustless environments - have become popular with the spread of blockchain technologies. A landmark security property of smart contracts is liquidity: in a non-liquid contract, it may happen that some assets remain frozen, i.e. not redeemable by anyone. The relevance of this issue is witnessed by recent liquidity attacks to Ethereum, which have frozen hundreds of USD millions. We address the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion. Our main result is a verification technique for liquidity. We first transform the infinite-state semantics of BitML into a finite-state one, which focusses on the behaviour of a chosen set of contracts, abstracting from the moves of the context. With respect to the chosen contracts, this abstraction is sound, i.e. if the abstracted contract is liquid, then also the concrete one is such. We then verify liquidity by model-checking the finite-state abstraction. We implement a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin, and we assess it through a benchmark of representative contracts.

查看原文本刊更多论文

验证递归比特币合约的流动性

随着区块链技术的普及，智能合约——在无信任环境中规范加密资产交换的计算机协议——已经变得流行起来。智能合约的一个具有里程碑意义的安全属性是流动性:在非流动性合约中，可能会发生一些资产被冻结的情况，即任何人都无法赎回。最近对以太坊的流动性攻击见证了这个问题的相关性，以太坊已经冻结了数亿美元。我们解决了在BitML上验证流动性的问题，BitML是一种智能合约的DSL，具有比特币的安全编译器，具有货币转移，合同重新谈判和共识递归的原语。我们的主要成果是流动性的验证技术。我们首先将BitML的无限状态语义转换为有限状态语义，该语义侧重于选定的一组契约的行为，从上下文的移动中抽象出来。就所选择的合同而言，这种抽象是合理的，即如果抽象的合同是流动的，那么具体的合同也是流动的。然后通过对有限状态抽象的模型检查来验证流动性。我们实现了一个工具链，自动验证BitML合约的流动性，并将其编译为比特币，我们通过代表性合约的基准来评估它。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Log. Methods Comput. Sci.

自引率

0.00%

发文量