Yibin Xu, Tijs Slaats, Boris Düdder, Thomas Troels Hildebrandt, Tom Van Cutsem
{"title":"Safe design and evolution of smart contracts using dynamic condition response graphs to model generic role-based behaviors","authors":"Yibin Xu, Tijs Slaats, Boris Düdder, Thomas Troels Hildebrandt, Tom Van Cutsem","doi":"10.1002/smr.2730","DOIUrl":null,"url":null,"abstract":"<p>Smart contracts executed on blockchains are interactive programs where external actors generate events that trigger function invocations. Events can be emitted by participants asynchronously. However, some functionalities should be restricted to participants inhabiting specific roles in the system, which might be dynamically adjusted while the system evolves. We argue that current smart contract languages adopting imperative programming paradigms require additional complicated access control code. Furthermore, smart contracts are often developed and evolved independently and cannot share a joint access control policy. This makes it challenging to ensure the correctness of access control properties and to maintain correctness when the contracts are adapted. We propose using dynamic condition response (DCR) graphs for role-based and declarative access control for smart contracts and techniques for test-driven modelling and refinement of DCR graphs to support the safe design and evolution of smart contracts. We show that they allow for capturing and visualizing a form of dynamic access control where access rights evolve as the contract state progresses. Their use supports the straightforward declaration of access control rights, improved code auditing, test-driven modelling, and safe evolution of smart contracts and improves users' understanding.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7000,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2730","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Software-Evolution and Process","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/smr.2730","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
Smart contracts executed on blockchains are interactive programs where external actors generate events that trigger function invocations. Events can be emitted by participants asynchronously. However, some functionalities should be restricted to participants inhabiting specific roles in the system, which might be dynamically adjusted while the system evolves. We argue that current smart contract languages adopting imperative programming paradigms require additional complicated access control code. Furthermore, smart contracts are often developed and evolved independently and cannot share a joint access control policy. This makes it challenging to ensure the correctness of access control properties and to maintain correctness when the contracts are adapted. We propose using dynamic condition response (DCR) graphs for role-based and declarative access control for smart contracts and techniques for test-driven modelling and refinement of DCR graphs to support the safe design and evolution of smart contracts. We show that they allow for capturing and visualizing a form of dynamic access control where access rights evolve as the contract state progresses. Their use supports the straightforward declaration of access control rights, improved code auditing, test-driven modelling, and safe evolution of smart contracts and improves users' understanding.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
