Skip to main content
SpringerLink
Log in
Book cover

Working Conference on Verified Software: Theories, Tools, and Experiments

VSTTE 2019: Verified Software. Theories, Tools, and Experiments pp 161–179Cite as

solc-verify: A Modular Verifier for Solidity Smart Contracts

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12031))

Abstract

We present solc-verify, a source-level verification tool for Ethereum smart contracts. solc-verify takes smart contracts written in Solidity and discharges verification conditions using modular program analysis and SMT solvers. Built on top of the Solidity compiler, solc-verify reasons at the level of the contract source code, as opposed to the more common approaches that operate at the level of Ethereum bytecode. This enables solc-verify to effectively reason about high-level contract properties while modeling low-level language semantics precisely. The properties, such as contract invariants, loop invariants, and function pre- and post-conditions, can be provided as annotations in the code by the developer. This enables automated, yet user-friendly formal verification for smart contracts. We demonstrate solc-verify by examining real-world examples where our tool can effectively find bugs and prove correctness of non-trivial properties with minimal user effort.

Á. Hajdu—The author was also affiliated with SRI International as an intern during this project.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://github.com/SRI-CSL/solidity.

  2. 2.

    Due to the usage of gas, total and partial correctness are equivalent. Furthermore, currently we do not model gas: running out of gas does not affect correctness as the transaction is reverted. However, we might model it in the future in order to verify liveness properties or to be able to specify an upper bound.

  3. 3.

    The paper and the experiments are based on compiler version v0.4.25, but we keep solc-verify up to date with the latest development branch.

  4. 4.

    We might model events in the future to be able to specify that an event is expected to be triggered.

  5. 5.

    Gas costs of certain write operations were about to change with Constantinople, allowing a reentrancy attack, but it was reverted with the St. Petersburg upgrade [19].

  6. 6.

    Contract invariants are also checked before external calls as they can perform a callback to the contract.

  7. 7.

    http://csl.sri.com/users/dejan/contracts.tar.gz.

  8. 8.

    For discussion, see https://github.com/OpenZeppelin/openzeppelin-solidity/issues/1120.

  9. 9.

    With bit-size of 16 bits, z3 can discharge the VCs in 2295 s while other solvers do not terminate.

  10. 10.

    We could only obtain a spreadsheet of results from the authors.

  11. 11.

    For an example of the difficulties in manually analyzing even trivial issues, see https://runtimeverification.com/blog/erc-20-verification/.

References

  1. Abdellatif, T., Brousmiche, K.: Formal verification of smart contracts based on users and blockchain behaviors models. In: 9th IFIP International Conference on New Technologies, Mobility and Security, pp. 1–5. IEEE (2018)

    Google Scholar 

  2. Alt, L., Reitwiessner, C.: SMT-based verification of solidity smart contracts. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11247, pp. 376–388. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03427-6_28

    Chapter  Google Scholar 

  3. Antonopoulos, A., Wood, G.: Mastering Ethereum: Building Smart Contracts and DApps. O’Reilly Media, Inc., Sebastopol (2018)

    Google Scholar 

  4. Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_8

    Chapter  Google Scholar 

  5. Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. J. Object Technol. 3(6), 27–56 (2004)

    Article  Google Scholar 

  6. Barrett, C., et al.: CVC4. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 171–177. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_14

    Chapter  Google Scholar 

  7. Barrett, C., Tinelli, C.: Satisfiability modulo theories. In: Clarke, E., Henzinger, T., Veith, H., Bloem, R. (eds.) Handbook of Model Checking, pp. 305–343. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-10575-8_11

    Chapter  Google Scholar 

  8. Bhargavan, K., et al.: Formal verification of smart contracts: short paper. In: ACM Workshop on Programming Languages and Analysis for Security, pp. 91–96. ACM (2016)

    Google Scholar 

  9. Bornat, R.: Proving pointer programs in hoare logic. In: Backhouse, R., Oliveira, J.N. (eds.) MPC 2000. LNCS, vol. 1837, pp. 102–126. Springer, Heidelberg (2000). https://doi.org/10.1007/10722010_8

    Chapter  Google Scholar 

  10. Chatterjee, S., Lahiri, S.K., Qadeer, S., Rakamarić, Z.: A reachability predicate for analyzing low-level software. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 19–33. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71209-1_4

    Chapter  MATH  Google Scholar 

  11. Cohen, E., et al.: VCC: a practical system for verifying concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03359-9_2

    Chapter  Google Scholar 

  12. ConsenSys: Ethereum smart contract security best practices (2018). https://consensys.github.io/smart-contract-best-practices/

  13. ConsenSys: Mythril classic: security analysis tool for Ethereum smart contracts (2019). https://github.com/ConsenSys/mythril-classic

  14. De Moura, L., Bjørner, N.: Generalized, efficient array decision procedures. In: Formal Methods in Computer-Aided Design, pp. 45–52. IEEE (2009)

    Google Scholar 

  15. DeLine, R., Leino, K.R.M.: BoogiePL: a typed procedural language for checking object-oriented programs. Technical report MSR-TR-2005-70, Microsoft Research (2005)

    Google Scholar 

  16. Dhillon, V., Metcalf, D., Hooper, M.: The DAO hacked. In: Dhillon, V., Metcalf, D., Hooper, M. (eds.) Blockchain Enabled Applications, pp. 67–78. Apress, Berkeley (2017). https://doi.org/10.1007/978-1-4842-3081-7_6

    Chapter  Google Scholar 

  17. Dourlens, J.: Safemath to protect from overflows (2017). https://ethereumdev.io/safemath-protect-overflows/

  18. Dutertre, B.: Yices 2.2. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 737–744. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08867-9_49

    Chapter  Google Scholar 

  19. Ethereum Constantinople/St. Petersburg upgrade announcement (2019). https://blog.ethereum.org/2019/02/22/ethereum-constantinople-st-petersburg-upgrade-announcement/

  20. Feist, J., Greico, G., Groce, A.: Slither: a static analysis framework for smart contracts. In: Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain, pp. 8–15. IEEE (2019)

    Google Scholar 

  21. Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: ACM SIGPLAN 2002 conference on Programming Language Design and Implementation, pp. 234–245. ACM (2002)

    Google Scholar 

  22. Grishchenko, I., Maffei, M., Schneidewind, C.: A semantic framework for the security analysis of Ethereum smart contracts. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 243–269. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_10

    Chapter  Google Scholar 

  23. Harz, D., Knottenbelt, W.: Towards safer smart contracts: a survey of languages and verification methods (2018). http://arxiv.org/abs/1809.09805

  24. Hildenbrandt, E., Saxena, M., Zhu, X., Rodrigues, N., Daian, P., Guth, D., Rosu, G.: KEVM: a complete semantics of the Ethereum virtual machine. Technical report, IDEALS (2017)

    Google Scholar 

  25. Hirai, Y.: Defining the Ethereum virtual machine for interactive theorem provers. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 520–535. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_33

    Chapter  Google Scholar 

  26. Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts. In: Network and Distributed Systems Security Symposium (2018)

    Google Scholar 

  27. Lahiri, S.K., Chen, S., Wang, Y., Dillig, I.: Formal specification and verification of smart contracts for Azure blockchain (2018). http://arxiv.org/abs/1812.08829

  28. Leino, K.R.M.: This is Boogie 2 (2008)

    Google Scholar 

  29. Luu, L., Chu, D.H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269. ACM (2016)

    Google Scholar 

  30. Mavridou, A., Laszka, A.: Tool demonstration: FSolidM for designing secure Ethereum smart contracts. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 270–277. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_11

    Chapter  Google Scholar 

  31. McCarthy, J.: Towards a mathematical science of computation. In: IFIP Congress, pp. 21–28 (1962)

    Google Scholar 

  32. Miller, A., Cai, Z., Jha, S.: Smart contracts and opportunities for formal methods. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11247, pp. 280–299. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03427-6_22

    Chapter  Google Scholar 

  33. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  34. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://www.bitcoin.org/bitcoin.pdf

  35. Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 653–663. ACM (2018)

    Google Scholar 

  36. NIST National Vulnerability Database: CVE-2018-10299: Beauty Ecosystem Coin (BEC) issue (2018). https://nvd.nist.gov/vuln/detail/CVE-2018-10299

  37. Sergey, I., Kumar, A., Hobor, A.: Scilla: a smart contract intermediate-level language (2018). http://arxiv.org/abs/1801.00687

  38. Solidity documentation (2018). https://solidity.readthedocs.io/en/v0.4.25/

  39. Szabo, N.: Smart contracts (1994)

    Google Scholar 

  40. Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Bünzli, F., Vechev, M.: Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 67–82. ACM (2018)

    Google Scholar 

  41. Wood, G.: Ethereum: a secure decentralised generalised transaction ledger (2017). https://ethereum.github.io/yellowpaper/paper.pdf

Download references

Author information

Authors and Affiliations

  1. Budapest University of Technology and Economics, Budapest, Hungary

    Ákos Hajdu

  2. SRI International, New York City, USA

    Dejan Jovanović

Authors
  1. Ákos Hajdu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dejan Jovanović
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ákos Hajdu .

Editor information

Editors and Affiliations

  1. Indian Institute of Technology Bombay, Mumbai, India

    Supratik Chakraborty

  2. SRI International, Menlo Park, CA, USA

    Jorge A. Navas

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hajdu, Á., Jovanović, D. (2020). solc-verify: A Modular Verifier for Solidity Smart Contracts. In: Chakraborty, S., Navas, J. (eds) Verified Software. Theories, Tools, and Experiments. VSTTE 2019. Lecture Notes in Computer Science(), vol 12031. Springer, Cham. https://doi.org/10.1007/978-3-030-41600-3_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-41600-3_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-41599-0

  • Online ISBN: 978-3-030-41600-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation