VerX: Safety verification of smart contracts

Anton Permenev; Dimitar Dimitrov; Petar Tsankov; Dana Drachsler-Cohen; Martin Vechev

doi:10.1109/SP40000.2020.00024

VerX: Safety verification of smart contracts

Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, Martin Vechev

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We present VerX, the first automated verifier able to prove functional properties of Ethereum smart contracts. VerX addresses an important problem as all real-world contracts must satisfy custom functional specifications.VerX is based on a careful combination of three techniques, enabling it to automatically verify temporal properties of infinite- state smart contracts: (i) reduction of temporal property verification to reachability checking, (ii) a new symbolic execution engine for the Ethereum Virtual Machine that is precise and efficient for a practical fragment of Ethereum contracts, and (iii) delayed predicate abstraction which uses symbolic execution during transactions and abstraction at transaction boundaries.Our extensive experimental evaluation on 83 temporal properties and 12 real-world projects, including popular crowdsales and libraries, demonstrates that VerX is practically effective.

Original language	English
Title of host publication	Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020
Pages	1661-1677
Number of pages	17
ISBN (Electronic)	9781728134970
DOIs	https://doi.org/10.1109/SP40000.2020.00024
State	Published - May 2020
Externally published	Yes
Event	41st IEEE Symposium on Security and Privacy, SP 2020 - San Francisco, United States Duration: 18 May 2020 → 21 May 2020

Publication series

Name	Proceedings - IEEE Symposium on Security and Privacy
Volume	2020-May

Conference

Conference	41st IEEE Symposium on Security and Privacy, SP 2020
Country/Territory	United States
City	San Francisco
Period	18/05/20 → 21/05/20

Keywords

Automated verification
Smart contracts
Temporal specification

All Science Journal Classification (ASJC) codes

Safety, Risk, Reliability and Quality
Software
Computer Networks and Communications

Access to Document

10.1109/SP40000.2020.00024

Cite this

@inproceedings{8cdbd34cd2e94653924d432057a507f4,

title = "VerX: Safety verification of smart contracts",

abstract = "We present VerX, the first automated verifier able to prove functional properties of Ethereum smart contracts. VerX addresses an important problem as all real-world contracts must satisfy custom functional specifications.VerX is based on a careful combination of three techniques, enabling it to automatically verify temporal properties of infinite- state smart contracts: (i) reduction of temporal property verification to reachability checking, (ii) a new symbolic execution engine for the Ethereum Virtual Machine that is precise and efficient for a practical fragment of Ethereum contracts, and (iii) delayed predicate abstraction which uses symbolic execution during transactions and abstraction at transaction boundaries.Our extensive experimental evaluation on 83 temporal properties and 12 real-world projects, including popular crowdsales and libraries, demonstrates that VerX is practically effective.",

keywords = "Automated verification, Smart contracts, Temporal specification",

author = "Anton Permenev and Dimitar Dimitrov and Petar Tsankov and Dana Drachsler-Cohen and Martin Vechev",

note = "Publisher Copyright: {\textcopyright} 2020 IEEE.; 41st IEEE Symposium on Security and Privacy, SP 2020 ; Conference date: 18-05-2020 Through 21-05-2020",

year = "2020",

month = may,

doi = "10.1109/SP40000.2020.00024",

language = "الإنجليزيّة",

series = "Proceedings - IEEE Symposium on Security and Privacy",

pages = "1661--1677",

booktitle = "Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020",

}

Permenev, A, Dimitrov, D, Tsankov, P, Drachsler-Cohen, D & Vechev, M 2020, VerX: Safety verification of smart contracts. in Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020., 9152791, Proceedings - IEEE Symposium on Security and Privacy, vol. 2020-May, pp. 1661-1677, 41st IEEE Symposium on Security and Privacy, SP 2020, San Francisco, United States, 18/05/20. https://doi.org/10.1109/SP40000.2020.00024

VerX: Safety verification of smart contracts. / Permenev, Anton; Dimitrov, Dimitar; Tsankov, Petar et al.
Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020. 2020. p. 1661-1677 9152791 (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2020-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - VerX

T2 - 41st IEEE Symposium on Security and Privacy, SP 2020

AU - Permenev, Anton

AU - Dimitrov, Dimitar

AU - Tsankov, Petar

AU - Drachsler-Cohen, Dana

AU - Vechev, Martin

PY - 2020/5

Y1 - 2020/5

N2 - We present VerX, the first automated verifier able to prove functional properties of Ethereum smart contracts. VerX addresses an important problem as all real-world contracts must satisfy custom functional specifications.VerX is based on a careful combination of three techniques, enabling it to automatically verify temporal properties of infinite- state smart contracts: (i) reduction of temporal property verification to reachability checking, (ii) a new symbolic execution engine for the Ethereum Virtual Machine that is precise and efficient for a practical fragment of Ethereum contracts, and (iii) delayed predicate abstraction which uses symbolic execution during transactions and abstraction at transaction boundaries.Our extensive experimental evaluation on 83 temporal properties and 12 real-world projects, including popular crowdsales and libraries, demonstrates that VerX is practically effective.

AB - We present VerX, the first automated verifier able to prove functional properties of Ethereum smart contracts. VerX addresses an important problem as all real-world contracts must satisfy custom functional specifications.VerX is based on a careful combination of three techniques, enabling it to automatically verify temporal properties of infinite- state smart contracts: (i) reduction of temporal property verification to reachability checking, (ii) a new symbolic execution engine for the Ethereum Virtual Machine that is precise and efficient for a practical fragment of Ethereum contracts, and (iii) delayed predicate abstraction which uses symbolic execution during transactions and abstraction at transaction boundaries.Our extensive experimental evaluation on 83 temporal properties and 12 real-world projects, including popular crowdsales and libraries, demonstrates that VerX is practically effective.

KW - Automated verification

KW - Smart contracts

KW - Temporal specification

UR - http://www.scopus.com/inward/record.url?scp=85089718869&partnerID=8YFLogxK

U2 - 10.1109/SP40000.2020.00024

DO - 10.1109/SP40000.2020.00024

M3 - منشور من مؤتمر

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 1661

EP - 1677

BT - Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020

Y2 - 18 May 2020 through 21 May 2020

ER -

VerX: Safety verification of smart contracts

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this