Litcius/Paper detail

Securing smart contract with runtime validation

Ao Li, Jemin Andrew Choi, Fan Long

202059 citationsDOIOpen Access PDF

Abstract

We present Solythesis, a source to source Solidity compiler which takes a smart contract code and a user specified invariant as the input and produces an instrumented contract that rejects all transactions that violate the invariant. The design of Solythesis is driven by our observation that the consensus protocol and the storage layer are the primary and the secondary performance bottlenecks of Ethereum, respectively. Solythesis operates with our novel delta update and delta check techniques to minimize the overhead caused by the instrumented storage access statements. Our experimental results validate our hypothesis that the overhead of runtime validation, which is often too expensive for other domains, is in fact negligible for smart contracts. The CPU overhead of Solythesis is only 0.1% on average for our 23 benchmark contracts.

Topics & Concepts

Computer scienceOverhead (engineering)Source codeCompilerSolidityEmbedded systemBenchmark (surveying)Protocol (science)Code (set theory)Spec#Operating systemCompile timeDatabaseData accessData integrityRuntime verificationSmart contractDistributed computingStatic analysisInstrumentation (computer programming)CorrectnessReal-time computingDoorsSecurity and Verification in ComputingBlockchain Technology Applications and SecurityAdvanced Malware Detection Techniques