Capturing Smart Contract Design with DCR Graphs
Authors: 
Mojtaba Eshghie, Wolfgang Ahrendt, Cyrille Artho, Thomas Troels Hildebrandt, Gerardo SchneiderAuthors Info & Claims
Pages 106 - 125
Abstract
Smart contracts manage blockchain assets and embody business processes. However, mainstream smart contract programming languages such as Solidity lack explicit notions of roles, action dependencies, and time. Instead, these concepts are implemented in program code. This makes it very hard to design and analyze smart contracts.
We argue that DCR graphs are a suitable formalization tool for smart contracts because they explicitly and visually capture the mentioned features. We utilize this expressiveness to show that many common high-level design patterns representing the underlying business processes in smart-contract applications can be naturally modeled this way. Applying these patterns shows that DCR graphs facilitate the development and analysis of correct and reliable smart contracts by providing a clear and easy-to-understand specification.
References
[1]
A decentralized escape hatch for DAOs. https://hackingdistributed.com/2016/07/11/decentralized-escape-hatches-for-smart-contracts/. Accessed 29 Aug 2023
[2]
Implement escape hatch mechanism contracts Issue #1 OpenZeppelin/openzeppelin-contracts. https://github.com/OpenZeppelin/openzeppelin-contracts/issues/1. Accessed 29 Aug 2023
[3]
The Maker Protocol White Paper — Feb (2020). https://makerdao.com/en. Accessed 29 Aug 2023
[4]
SWC-105 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-105/. Accessed 01 Sept 2023
[5]
SWC-106 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-106/. Accessed 01 Sept 2023
[6]
SWC-114 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-114/. Accessed 01 Sept 2023
[7]
SWC-116 - Smart Contract Weakness Classification (SWC). https://swcregistry.io/docs/SWC-116/#time_locksol. Accessed 01 Sept 2023
[8]
Synthetixio/synthetix: Synthetix Solidity smart contracts. https://github.com/Synthetixio/synthetix. Accessed 29 Aug 2023
[9]
Timestamp Dependence - Ethereum Smart Contract Best Practices. https://consensys.github.io/smart-contract-best-practices/development-recommendations/solidity-specific/timestamp-dependence/#avoid-using-blocknumber-as-a-timestamp. Accessed 01 Sept 2023
[10]
Aragon OSx Protocol (2023). https://github.com/aragon/osx. Accessed 29 Aug 2023
[11]
Aragon/aragon-court: Aragon (2023). Accessed 29 Aug 2023
[12]
Augur (2023). https://github.com/AugurProject/augur. Accessed 29 Aug 2023
[13]
Chainbridge-solidity (2023). https://github.com/ChainSafe/chainbridge-solidity. Accessed 29 Aug 2023
[14]
Compound Protocol: Compound (2023). Accessed 29 Aug 2023
[15]
Ethereum development documentation (2023). https://ethereum.org/en/developers/docs/. Accessed 29 Aug 2023
[16]
Smartcontractkit/chainlink (2023). https://github.com/smartcontractkit/chainlink. Accessed 29 Aug 2023
[17]
Solidity documentation (2023). https://docs.soliditylang.org/en/latest/. Accessed 29 Aug 2023
[18]
Bansal, K., Koskinen, E., Tripp, O.: Automatic generation of precise and useful commutativity conditions. In: Beyer, D., Huisman, M. (eds.) Tools and Algorithms for the Construction and Analysis of Systems, pp. 115–132. Lecture Notes in Computer Science, Springer International Publishing, Cham (2018).
[19]
Bartoletti M, Pompianu L, et al. Brenner M et al. An empirical analysis of smart contracts: platforms, applications, and design patterns Financial Cryptography and Data Security 2017 Cham Springer 494-509
[20]
Chen T et al. Understanding Ethereum via graph analysis ACM TOIT 2020 20 2 1-32
[21]
Compound: Compound v2 Governance. https://docs.compound.finance/v2/governance/. Accessed 29 Aug 2023
[22]
Consensys: ethereum smart contract best practices (2023). https://consensys.github.io/smart-contract-best-practices/development-recommendations/precautions/. Accessed 29 Aug 2023
[23]
Dickerson, T., Gazzillo, P., Herlihy, M., Koskinen, E.: Adding concurrency to smart contracts. In: PODC, pp. 303–312. ACM (2017)
[24]
Ellul, J., Pace, G.J.: Runtime verification of ethereum smart contracts. In: 2018 14th European Dependable Computing Conference (EDCC). IEEE (2018).
[25]
Eshghie, M.: A comprehensive collection of DCR graph model of business process-level (contract-level) design patterns in smart contracts (Aug 2023). https://github.com/mojtaba-eshghie/SmartContractDesignPatternsInDCRGraphs. Accessed 29 Aug 2023
[26]
Eshghie, M.: mojtaba-eshghie/CLawK (2023). https://github.com/mojtaba-eshghie/CLawK/blob/925bf9c9afe344c763963e0e40098c66420d1d6a/server/monitor/contracts/source/Casino.sol. Accessed 29 Aug 2023
[27]
Eshghie, M., Ahrendt, W., Artho, C., Hildebrandt, T.T., Schneider, G.: CLawK: Monitoring Business Processes in Smart Contracts (2023). Accessed 29 Aug 2023
[28]
Eshghie, M., Artho, C., Gurov, D.: Dynamic vulnerability detection on smart contracts using machine learning. In: EASE 2021, pp. 305–312. ACM (2021)
[29]
etherscan.io: HOLDIT — Etherscan. http://etherscan.io/address/0x24021d38DB53A938446eCB0a31B1267764d9d63D. Accessed 29 Aug 2023
[30]
Fravoll: Solidity Patterns (2023). https://fravoll.github.io/solidity-patterns/. Accessed 29 Aug 2023
[31]
Gamma, E., Helm, R., Johnson, R., Johnson, R.E., Vlissides, J.: Design patterns: elements of reusable object-oriented software. Pearson Deutschland GmbH (1995)
[32]
Gao, J., Liu, H., Liu, C., Li, Q., Guan, Z., Chen, Z.: EASYFLOW: keep ethereum away from overflow. In: 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), pp. 23–26 (2019)., ISSN: 2574-1934
[33]
giveth.io: common-contract-deps (2021). https://github.com/Giveth/common-contract-deps/blob/094d36028eab30444314395016817735e57e9d77/contracts/Escapable.sol. Accessed 29 Aug 2023
[34]
Grossman, S., Abraham, I., Golan-Gueta, G., Michalevsky, Y., Rinetzky, N., Sagiv, M., Zohar, Y.: Online detection of effectively callback free objects with applications to smart contracts (2018).
[35]
Guth, F., Wüstholz, V., Christakis, M., Müller, P.: Specification mining for smart contracts with automatic abstraction tuning. arXiv:1807.07822 (2018)
[36]
Explained: The Akutars NFT Incident (2022) - Halborn Blockchain Security Firm: Ethical Hackers, Infosec & Pen Tests. https://halborn.com/blog/post/explained-the-akutars-nft-incident-april-2022. Accessed 29 Aug 2023
[37]
Hildebrandt, T.T., Mukkamala, R.R.: Declarative event-based workflow as distributed dynamic condition response graphs. In: Honda, K., Mycroft, A. (eds.) Proceedings Third Workshop on Programming Language Approaches to Concurrency and communication-cEntric Software, PLACES 2010, Paphos, Cyprus, 21st March 2010. EPTCS, vol. 69, pp. 59–73 (2010).
[38]
Hildebrandt TT, Normann H, Marquard M, Debois S, and Slaats T Marrella A and Weber B Decision modelling in timed dynamic condition response graphs with data Business Process Management Workshops 2022 Cham Springer 362-374
[39]
Liu, Y., Li, Y., Lin, S.W., Artho, C.: Finding permission bugs in smart contracts with role mining. In: SIGSOFT ISSTA 2022, pp. 716–727. ACM (2022)
[40]
Liu, Y., Lu, Q., Zhu, L., Paik, H.Y., Staples, M.: A systematic literature review on blockchain governance. J. Syst. Softw. 197 (2023)
[41]
Ma, F., Fu, Y., Ren, M., Wang, M., Jiang, Y., Zhang, K., Li, H., Shi, X.: EVM: from offline detection to online reinforcement for ethereum virtual machine. In: 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 554–558 (2019)., ISSN: 1534-5351
[42]
Marchesi, L., Marchesi, M., Destefanis, G., Barabino, G., Tigano, D.: Design patterns for gas optimization in Ethereum. In: IEEE IWBOSE, pp. 9–15 (2020)
[43]
Normann H, Debois S, Slaats T, and Hildebrandt TT Polyvyanyy A, Wynn MT, Van Looy A, and Reichert M Zoom and Enhance: action refinement via subprocesses in timed declarative processes Business Process Management 2021 Cham Springer 161-178
[44]
Nute, D.: Handbook of logic in artificial intelligence and logic programming, vol. 3, chap. Defeasible Logic. Clarendon Press, Oxford University Press (1994)
[45]
OpenZeppelin: OpenZeppelin Contracts. https://github.com/OpenZeppelin/openzeppelin-contracts. Accessed 29 Aug 2023
[46]
Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)
[47]
Sergey, I., Hobor, A.: A concurrent perspective on smart contracts (2017). http://arxiv.org/abs/1702.05511
[48]
Solidstate: SolidState Solidity (2023). https://github.com/solidstate-network/solidstate-solidity/blob/de7c9545ac015f42a03aa3a678000ec1ec4c14a4/contracts/access/access_control/AccessControl.sol. Accessed 29 Aug 2023
[49]
Wang H et al. Oracle-supported dynamic exploit generation for smart contracts IEEE Trans. Dependable Secure Comput. 2022 19 03 1795-1809
[50]
Wohrer, M., Zdun, U.: Smart contracts: security patterns in the Ethereum ecosystem and solidity. In: IEEE IWBOSE, pp. 2–8 (2018)
[51]
Wood G Ethereum: a secure decentralised generalised transaction ledger Ethereum Project Yellow Paper 2014 151 1-32
[52]
Wöhrer, M., Zdun, U.: Design patterns for smart contracts in the Ethereum ecosystem. In: iThings/GreenCom/CPSCom/SmartData, pp. 1513–1520 (2018)
Recommendations
Smart Contract and Blockchain Based Contract Management System
ECBS 2021: 7th Conference on the Engineering of Computer Based SystemsThis paper presents theoretical and practical research on the possibilities of applying smart contracts in the field of law and a contract management system which allows users to conclude contracts based on blockchain technology. The transition from ...
Smart Payment Contract Mechanism Based on Blockchain Smart Contract Mechanism
In recent years, blockchain technology has become a hot topic in various industries. With the development and maturity of blockchain technology, it has been applied to finance, law, etc., with its advantages of decentralization, openness, information ...
Smart Contract Locator (SCL) and Smart Contract Description Language (SCDL)
Service-Oriented Computing – ICSOC 2019 WorkshopsAbstractToday’s blockchain technologies focus mostly on isolated, proprietary technologies, yet there are application scenarios that ask for interoperability, e.g., among blockchains themselves or with external applications. This paper proposes the Smart ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Nov 2023
385 pages
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 06 November 2023
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 18 Dec 2024