Oyente: Making Smart Contracts Smarter
|
|
|
- Joel Gibson
- 5 years ago
- Views:
Transcription
1 Oyente: Making Smart Contracts Smarter Loi Luu, Duc-Hiep Chu, Hrishi Olickel Prateek Saxena, Aquinas Hobor National University of Singapore, Yale-NUS College
2 Programming securely is hard Security can be no stronger than its weakest link
3 Programming Secure Smart Contracts is Harder Smart contracts!=normal programs Self-executed One-shot programs Cannot patch New language Solidity!= JavaScript Serpent!= Python
4
5 Questions? Are there other bugs? Apart from call-stack and reentrancy? How many contracts are vulnerable? No. of contracts 千 /8/15 24/12/15 12/3/16 10/7/16
6 Challenges Contracts code are not always available Too many contracts Manual analysis is impossible PUSH 60 PUSH 40 MSTORE PUSH 0 CALLDATALOAD PUSH SWAP1 DIV...
7 Contribution Identify New Smart Contract Bugs Transaction Ordering Dependence (TOD) Timestamp Dependence Oyente: An analyzer for smart contracts Use symbolic execution Detect all popular bugs TOD Timestamp dependence Reentrancy Mishandling exceptions (e.g. send) Flags 8836/ contracts as vulnerable As of May 2016
8 New Smart Contract Bugs Transaction Ordering Dependence
9 Example: Puzzle Solver PuzzleSolver Contract Balance: 100 Anyone can submit a solution to claim the reward Owner can update the reward anytime PuzzleSolver() SetPuzzle reward=100 SubmitSolution(solution) if iscorrect(solution): Send(reward) UpdateReward(newReward) reward=newreward
10 Scenario 1: SubmitSolution is trigerred +100 PuzzleSolver Contract Balance: 100 Solution for Puzzle Random TXs Other TXs Block Random TXs SubmitSolution Other TXs PuzzleSolver() SetDifficulty reward=100 SubmitSolution(solution) if iscorrect(solution): Send(reward) Miners UpdateReward(newReward) reward=newreward
11 Scenario 2: Both SubmitSolution and UpdateReward are triggered +0 PuzzleSolver Contract Balance:100 0 Solution for Puzzle Other TXs Update Reward to $0! Block UpdateReward = 0 SubmitSolution Other TXs PuzzleSolver() SetDifficulty reward=100 SubmitSolution(solution) if iscorrect(solution): Send(reward) Miners UpdateReward(newReward) reward=newreward
12 Transaction Ordering Dependence Observed state!= execution state The expectation of the state of the contract may not be true during execution. Miners decide the order of TXs Can be coincidence Two transactions happen at the same time Solution for Puzzle Update Reward to $0! Other TXs
13 Transaction Ordering Dependence Observed state!= execution state The expectation of the state of the contract may not be true during execution. Miners decide the order of TXs Can be coincidence Two transactions happen at the same time Can be malicious Saw the targeted TX from the victim Submit the second TX to update the reward Both TXs enter the race Solution for Puzzle Other TXs Update Reward to $0!
14 New Smart Contract Bugs Timestamp Dependence
15 randomness = F(timestamp) Contract: TheRun
16 Contract: PonziGovernmentMental
17 Timestamp can be manipulated Miners can vary the block timestamp block.timestamp <= now && block.timestamp >= parent.timestamp Bias the output of contract execution to their benefit Timed puzzles, time-based RNGs
18 Oyente: An Analyzer for Smart Contracts
19 Architecture Based on symbolic execution Have separate modules Can add more analysis separately ByteCode CFG BUILDER Visualizer Ethereum State EXPLORER CORE ANALYSIS VALIDATOR Z3 Bit-Vector Solver
20 Symbolic Execution Is there any value of x? C1 C2 C3 ( z = x + 2) F Inputs T F T F T T T x T x C1 :( > 0) C 2 :( z< 15) C3 :( < 8) z z = x + 2; Symbolic Theorem Prover Formula F T F NO YES x =10 Control Flow Graph Execution Trace
21 What Can Oyente Do? Detect Bugs In Existing Smart Contracts Run with 19, 366 contracts 30 mins timeout per contract Test generation 6000 Flagged Buggy Contracts Cover all possible paths of each program F T T T F F F T Callstack TOD Reentrancy Timestamp Total Unique
22 Oyente is Open Source Future work Support more opcodes Handle loops Combine static and dynamic symbolic executions
23 More in the papers Solutions for all bugs Semantic changes Details of Oyente s design Some interesting statistics All smart contracts Evaluation results
24 Thanks! loi_luu
Porosity Decompiling Ethereum Smart-Contracts. Matt Suiche Founder, Comae Technologies
Porosity Decompiling Ethereum Smart-Contracts Matt Suiche (@msuiche) Founder, Comae Technologies m@comae.io Whoami @msuiche Comae Technologies OPCDE - www.opcde.com First time in Vegas since BlackHat 2011
Porosity Decompiling Ethereum Smart-Contracts. Matt Suiche Founder, Comae Technologies
Porosity Decompiling Ethereum Smart-Contracts Matt Suiche (@msuiche) Founder, Comae Technologies m@comae.io Whoami @msuiche Comae Technologies OPCDE - www.opcde.com First time in Vegas since BlackHat 2011
Porosity. Decompiling Ethereum Smart-Contracts. Matt Suiche Founder, Comae Technologies Tel Aviv (BLUEHATIL) 23 January, 2018
Porosity Decompiling Ethereum Smart-Contracts Matt Suiche (@msuiche) Founder, Comae Technologies m@comae.io Tel Aviv (BLUEHATIL) 23 January, 2018 Whoami @msuiche Comae Technologies OPCDE Conference (Dubai,
Smart!= Secure - Breaking Ethereum Smart Contracts. Elliot Ward & Jake Humphries
Smart!= Secure - Breaking Ethereum Smart Contracts Elliot Ward & Jake Humphries Elliot Ward Senior Security Consultant @elliotjward eward@gdssecurity.com Jake Humphries Security Consultant @jake_151 jhumphries@gdssecurity.com
COEN 241 Term Project. A Blockchain-based Cloud Service
COEN 241 Term Project A Blockchain-based Cloud Service Submitted By : Team 2 Xiao Zhu, Yali Zhang Instructor : Prof. Ming Hwa Wang Santa Clara University Preface This project identifies the difficulties
Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode
Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode Matt Suiche Comae Technologies m@comae.io July 7, 2017 Abstract Ethereum is gaining a significant popularity in the blockchain community,
EthIR: A Framework for High-Level Analysis of Ethereum Bytecode
EthIR: A Framework for High-Level Analysis of Ethereum Bytecode Elvira Albert, Pablo Gordillo, Benjamin Livshits, Albert Rubio, and Ilya Sergey Abstract. Analyzing Ethereum bytecode, rather than the source
SmartPool: practical decentralized pool mining. Loi Luu, Yaron Velner, Jason Teutsch, and Prateek Saxena August 18, 2017
SmartPool: practical decentralized pool mining Loi Luu, Yaron Velner, Jason Teutsch, and Prateek Saxena August 18, 2017 Mining pools Miners role in cryptocurrencies Definition: A cryptocurrency is a decentralized
Declarative Static Analysis of Smart Contracts
Declarative Static Analysis of Smart Contracts securify.ch Quentin Hibon Blockchain Security Engineer, ChainSecurity Smart Contract Bugs in the News Low-level Code Solidity High-level languages Vyper compilation
Active Planning Committee John Lindsay, Patent Attorney Tony Schuman, Investment Advisor Todd Russell, Gov t Contract Opportunities
Agenda 11:30-11:45 Check-In, networking 11:45-12:45 12:45 Announcements, Networking Active Planning Committee John Lindsay, Patent Attorney Tony Schuman, Investment Advisor Todd Russell, Gov t Contract
Specifying the Ethereum Virtual Machine for Theorem Provers
1/28 Specifying the Ethereum Virtual Machine for Theorem Provers Yoichi Hirai Ethereum Foundation Cambridge, Sep. 13, 2017 (FC 2017 + some updates) 2/28 Outline Problem Motivation EVM as a Machine Wanted
Bitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
Securify: Practical Security Analysis of Smart Contracts
Securify: Practical Security Analysis of Smart Contracts https://securify.ch Dr. Petar Tsankov Scientific Researcher, ICE center, ETH Zurich Co-founder and Chief Scientist, ChainSecurity AG http://www.ptsankov.com/
Defining the Ethereum Virtual Machine for Interactive Theorem Provers
Defining the Ethereum Virtual Machine for Interactive Theorem Provers Ethereum Foundation Workshop on Trusted Smart Contracts Malta, Apr. 7, 2017 1/32 Outline 1 2 3 Remaining Problems 4 2/32 Outline 1
Formal Verification of Smart Contracts: Short Paper
Formal Verification of Smart Contracts: Short Paper Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi,
ZILLIQA / ZILIKƏ/ NEXT GEN HIGH-THROUGHPUT BLOCKCHAIN PLATFORM DONG XINSHU, CEO JIA YAOQI, BLOCKCHAIN ZILLIQA.
ZILLIQA / ZILIKƏ/ NEXT GEN HIGH-THROUGHPUT BLOCKCHAIN PLATFORM DONG XINSHU, CEO JIA YAOQI, BLOCKCHAIN ARCHITECT SCALABILITY OF PUBLIC BLOCKCHAIN BITCOIN 7 TX/S ETHEREUM 10 TX/S VISA 8000 TX/S SOME EXISTING
The Technology behind Smart Contracts
The Technology behind Smart Contracts Florian Glaser, Chair of E-Finance, Information Systems Department Goethe University 01.09.2016 > Agenda Transactions in detail
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection *#
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection *# Bo Jiang School of Computer Science and Engineering Beihang University Beijing, China jiangbo@buaa.edu.cn Ye Liu School of Computer
Security Audit of FuzeX Smart Contract This report is public. ChainSecurity Ltd. January 11, 2018
Security Audit of FuzeX Smart Contract This report is public. ChainSecurity Ltd. January 11, 2018 1 Contents 1 System Overview 3 1.1 TGE Overview................................. 4 1.2 Token Rewards.................................
A Semantic Framework for the Security Analysis of Ethereum smart contracts
A Semantic Framework for the Security Analysis of Ethereum smart contracts Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind TU Wien {ilya.grishchenko,matteo.maffei,clara.schneidewind}@tuwien.ac.at
A Concurrent Perspective on Smart Contracts. 1st Workshop on Trusted Smart Contracts
A Concurrent Perspective on Smart Contracts Ilya Sergey Aquinas Hobor 1st Workshop on Trusted Smart Contracts 7 April 2017 class ConcurrentQueue { public synchronized void enqueue(e elem) { public
Erays: Reverse Engineering Ethereum s Opaque Smart Contracts
Erays: Reverse Engineering Ethereum s Opaque Smart Contracts Yi Zhou, Deepak Kumar, Surya Bakshi, Joshua Mason, Andrew Miller, Michael Bailey University of Illinois Urbana-Champaign 1 Introduction: Ethereum
Smart Contract Security Tips. Ethereum devcon2 Sep Joseph Chow
Smart Contract Security Tips Ethereum devcon2 Sep 20 2016 - Joseph Chow One line of code spurred a series of momentous events in blockchain history June 12 2016 Community resource: for the community,
Smart Contract Vulnerabilities The most interesting transactions on the Ethereum network
Smart Contract Vulnerabilities The most interesting transactions on the Ethereum network Hi! Hai! I m maurelian ConsenSys Diligence This talk will be: Storytelling meets vulnerability postmortems First,
Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts
Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts Anastasia Mavridou 1 and Aron Laszka 2 1 Vanderbilt University 2 University of Houston Abstract. Blockchain-based distributed computing
Solidity Parsing Using SmaCC: Challenges and Irregularities
Solidity Parsing Using SmaCC: Challenges and Irregularities Henrique Rocha, Stéphane Ducasse, Marcus Denker, Jason Lecerf To cite this version: Henrique Rocha, Stéphane Ducasse, Marcus Denker, Jason Lecerf.
Implementing and Mechanically Verifying Smart Contracts
Implementing and Mechanically Verifying Smart Contracts Ilya Sergey ilyasergey.net Smart Contracts Stateful mutable objects replicated via a (Byzantine) consensus protocol State typically involves a stored
SECURITY AUDIT REPORT
PUBLIC REPORT SECURITY AUDIT REPORT of Smart Contracts December 27, 2017 Produced by for Table of Contents Foreword... 1 Introduction... 2 TGE overview... 2 Token distribution... 3 Extra features... 3
Ethereum. Campbell R. Harvey* Duke University and NBER. Ashwin Ramachandran Duke University. Brent Xu ConsenSys. Innovation and Cryptoventures
Innovation and Cryptoventures Ethereum Campbell R. Harvey* Duke University and NBER Ashwin Ramachandran Duke University Brent Xu ConsenSys February 12, 2018 1 2 Overview Ethereum Basics Under the hood
Safe Smart Contract Programming with Scilla
Safe Smart Contract Programming with Scilla Ilya Sergey Associate Professor, Yale-NUS College Lead Language Designer, Zilliqa http://ilyasergey.net Smart Contracts Stateful mutable objects replicated via
scompile: Critical Path Identification and Analysis for Smart Contracts
scompile: Critical Path Identification and Analysis for Smart Contracts Jialiang Chang, Bo Gao, Hao Xiao, Jun Sun and Zijiang Yang Department of Computer Science Western Michigan University, Kalamazoo,
Interactive theorem proving in the Ethereum project
1/48 Interactive theorem proving in the Ethereum project Yoichi Hirai Ethereum Foundation Munich, May 31, 2017 2/48 Outline Problem Motivation EVM as a Machine Wanted Properties Current Efforts Tools Results
Lecture 10. A2 - will post tonight - due in two weeks
Lecture 10 A2 - will post tonight - due in two weeks The DAO - $72M USD in Ether Decentralized Dragon's Den or Shark's Tank A pot of money that you could contribute to and receive voting shares for You
SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains
SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains Loi Luu, Viswesh Narayanan, Kunal Baweja, Chaodong Zheng, Seth Gilbert, Prateek Saxena National University of Singapore Bitcoin
On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining
215 IEEE 28th Computer Security Foundations Symposium On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena, Aquinas
CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University April 9 2018 Schedule HW 4 Due on Thu 04/12 Programming project 3 Due
DIGITAL ASSET RESEARCH
Our Digital Assets Primer is a more in-depth look at the underlying technology behind digital assets, using two of the largest cryptocurrencies, in terms of network values, Bitcoin and Ethereum, as examples.
Christian Rossow CISPA, Saarland University, Saarland Informatics Campus. Johannes Krupp CISPA, Saarland University, Saarland Informatics Campus
TEETHER: Gnawing at Ethereum to Automatically Exploit Smart Contracts Johannes Krupp CISPA, Saarland University, Saarland Informatics Campus Christian Rossow CISPA, Saarland University, Saarland Informatics
An Analysis of Atomic Swaps on and between Ethereum Blockchains Research Project I
An Analysis of Atomic Swaps on and between Ethereum Blockchains Research Project I Master of System and Network Engineering Informatics Institute, University of Amsterdam Peter Bennink Lennart van Gijtenbeek
hard to perform, easy to verify
Proof of Stake The Role of PoW Bitcoin, Ethereum and similar systems are open, permissionless networks Anyone can participate The system must agree on some canonical order of transactions Think of this
Gnosis Safe Documentation. Gnosis
Gnosis Aug 14, 2018 Content 1 Learn more about Gnosis Safe 3 1.1 Smart Contract Overview........................................ 3 1.2 Services Overview............................................ 10
OptiCode: Machine Code Deobfuscation for Malware Analysis
OptiCode: Machine Code Deobfuscation for Malware Analysis NGUYEN Anh Quynh, COSEINC CONFidence, Krakow - Poland 2013, May 28th 1 / 47 Agenda 1 Obfuscation problem in malware analysis
Who wants to be a millionaire? A class in creating your own cryptocurrency
DEVNET-3626 Who wants to be a millionaire? A class in creating your own cryptocurrency Tom Davies, Sr. Manager, DevNet Sandbox Vallard Benincosa, Software Engineer Cisco Spark How Questions? Use Cisco
UNCLASSIFIED//FOR OFFICIAL USE ONLY INDUSTRIAL CONTROL SYSTEMS CYBER EMERGENCY RESPONSE TEAM
ADVISORY ICSA-10-019-01 ZIGBEE PSEUDORANDOM NUMBER GENERATOR VULNERABILITY January 19, 2010 OVERVIEW On January 09, 2010, a security researcher published an attack on a ChipCon (CC) implementation of ZigBee
Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach
Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach Anastasia Mavridou 1 and Aron Laszka 2 1 Vanderbilt University 2 University of Houston Abstract. The adoption of blockchain-based
Assertions. Assertions - Example
References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 11/13/2003 1 Assertions Statements about input to a routine or state of a class Have two primary roles As documentation,
ENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
Defining the Ethereum Virtual Machine for Interactive Theorem Provers
Defining the Ethereum Virtual Machine for Interactive Theorem Provers Yoichi Hirai c IFCA Ethereum Foundation yoichi@ethereum.org Abstract. Smart contracts in Ethereum are executed by the Ethereum Virtual
Efficient patch-based auditing for web application vulnerabilities
Efficient patch-based auditing for web application vulnerabilities Taesoo Kim, Ramesh Chandra, and Nickolai Zeldovich MIT CSAIL Abstract POIROT is a system that, given a patch for a newly discovered security
Accelerating Blockchain Search of Full Nodes Using GPUs
Accelerating Blockchain Search of Full Nodes Using GPUs Shin Morishima Dept. of ICS, Keio University, 3-14-1 Hiyoshi, Kohoku, Yokohama, Japan Email: morisima@arc.ics.keio.ac.jp Abstract Blockchain is a
Countering Block Withholding Attack Efficiently
Countering Block Withholding Attack Efficiently Suhyeon Lee 1,2 and Seungjoo Kim 1 1 CIST(Center for Information Security Technologies), Korea University 1 {orion-alpha, skim71}@korea.ac.kr 2 Agency for
GENESIS VISION NETWORK
GENESIS VISION NETWORK Contents 1. Description of the problem 7 11. Trust management 15 2. The problem with smart contracts 8 12. GVN Token 16 3. Centralised exchanges against decentralised 8 13. Deposit
Table of contents. Abstract. Disclaimer. Scope. Procedure. AS-IS overview. Audit overview. Conclusion. Appendix A. Automated tools reports 12
1 Table of contents Abstract 3 Disclaimer 3 Scope 3 Procedure 4 AS-IS overview 5 Audit overview 10 Conclusion 11 Disclaimer 12 Appendix A. Automated tools reports 12 2 Abstract In this report, we consider
Sharding. Making blockchains scalable, decentralized and secure.
Sharding Making blockchains scalable, decentralized and secure. The Scalability Triangle Scalability Decentralization Semi-formally defining these properties Assume the total computational/bandwidth capacity
Unblockable Chains. Is Blockchain the ultimate malicious infrastructure? Omer Zohar
Unblockable Chains Is Blockchain the ultimate malicious infrastructure? Omer Zohar #WhoAmI Researching malware backbones for the past decade Following blockchain eco-system since 2013 Finally had some
Blockchains: new home for proven-correct software. Paris, Yoichi Hirai formal verification engineer, the Ethereum Foundation
Blockchains: new home for proven-correct software Paris, 2017-2-17 Yoichi Hirai formal verification engineer, the Ethereum Foundation Lyon: 2014 January Have you heard of a web site where you can get Bitcoin
Next Paradigm for Decentralized Apps. Table of Contents 1. Introduction 1. Color Spectrum Overview 3. Two-tier Architecture of Color Spectrum 4
Color Spectrum: Next Paradigm for Decentralized Apps Table of Contents Table of Contents 1 Introduction 1 Color Spectrum Overview 3 Two-tier Architecture of Color Spectrum 4 Clouds in Color Spectrum 4
Predicting Vulnerable Software Components
Predicting Vulnerable Software Components Stephan Neuhaus, et. al. 10/29/2008 Stuart A Jaskowiak, CSC 682 1 What's in the paper? Introduction Scope of this Work Components and Vulnerabilities Imports and
Hyperledger Quilt and Interledger Protocol. Nathan Aw - Technical Ambassador Edmund To - Organizer of Hyperledger Meetup Hong Kong
Hyperledger Quilt and Interledger Protocol Nathan Aw - Technical Ambassador Edmund To - Organizer of Hyperledger Meetup Hong Kong Housekeeping Road Map of 2018 - More meet ups! Thank you to our sponsor
Set: Hub-and-Spoke Cryptographic Payment Channels
Set: Hub-and-Spoke Cryptographic Payment Channels v0.0.1 Nathan Ginnever: nathan@finalitylabs.io Abstract Here we outline the Set-Payment channel protocol (In a later paper we incrementally extend Set
CONSENSUS PROTOCOLS & BLOCKCHAINS. Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente)
CONSENSUS PROTOCOLS & BLOCKCHAINS Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente) 2 Consensus protocols & blockchain 3 Consensus protocols & blockchain 4 Consensus protocols
Software Vulnerabilities August 31, 2011 / CS261 Computer Security
Software Vulnerabilities August 31, 2011 / CS261 Computer Security Software Vulnerabilities...1 Review paper discussion...2 Trampolining...2 Heap smashing...2 malloc/free...2 Double freeing...4 Defenses...5
Technical Analysis of Established Blockchain Systems
Technical Analysis of Established Blockchain Systems Florian Haffke, 20.11.2017, Munich Chair of Software Engineering for Business Information Systems (sebis) Faculty of Informatics Technische Universität
EE 122: Network Security
Motivation EE 122: Network Security Kevin Lai December 2, 2002 Internet currently used for important services - financial transactions, medical records Could be used in the future for critical services
The University of Bradford Institutional Repository
The University of Bradford Institutional Repository http://bradscholars.brad.ac.uk This work is made available online in accordance with publisher policies. Please refer to the repository record for this
Online Detection of Effectively Callback Free Objects with Applications to Smart Contracts
1 Online Detection of Effectively Callback Free Objects with Applications to Smart Contracts SHELLY GROSSMAN, Tel Aviv University ITTAI ABRAHAM, VMware Research GUY GOLAN-GUETA, VMware Research YAN MICHALEVSKY,
Off-Whitepaper. Ethereum. Micah Dameron. Abstract
Off-Whitepaper Ethereum Micah Dameron Beautiful is better than ugly. Explicit is better than implicit. Simple is better than complex. Complex is better than complicated. The Zen of Python Abstract The
Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214
Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in
You are advised to read this disclaimer carefully before reading, accessing or making any other use of this document.
You are advised to read this disclaimer carefully before reading, accessing or making any other use of this document. Please note that owing to restrictions imposed by law in various jurisdictions, soliciting
Upgrading Bitcoin: Segregated Witness. Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs March-2016
Upgrading Bitcoin: Segregated Witness Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs 141-143 16-March-2016 Topics A short introduction to Bitcoin transactions What is transaction
Consensus & Blockchain
Consensus & Blockchain S P Suresh Chennai Mathematical Institute Formal Methods Update Meeting IIT Mandi July 17, 2017 The Bitcoin revolution is upon us What is Bitcoin? Bitcoin: an exciting new currency
Last Time. Think carefully about whether you use a heap Look carefully for stack overflow Especially when you have multiple threads
Last Time Cost of nearly full resources RAM is limited Think carefully about whether you use a heap Look carefully for stack overflow Especially when you have multiple threads Embedded C Extensions for
Online Detection of Effectively Callback Free Objects with Applications to Smart Contracts
Online Detection of Effectively Callback Free Objects with Applications to Smart Contracts SHELLY GROSSMAN, Tel Aviv University, Israel ITTAI ABRAHAM, VMware Research, USA GUY GOLAN-GUETA, VMware Research,
References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 10/14/2004 1
References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 10/14/2004 1 Assertions Statements about input to a routine or state of a class Have two primary roles As documentation,
MobileFindr: Function Similarity Identification for Reversing Mobile Binaries. Yibin Liao, Ruoyan Cai, Guodong Zhu, Yue Yin, Kang Li
MobileFindr: Function Similarity Identification for Reversing Mobile Binaries Yibin Liao, Ruoyan Cai, Guodong Zhu, Yue Yin, Kang Li Reverse Engineering The process of taking a software program s binary
Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach
Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach Anastasia Mavridou 1 and Aron Laszka 2 1 Vanderbilt University 2 University of Houston Accepted for publication in the proceedings
HP 50g Examples. Getting Started
HP 50g Examples The examples collected in this brief article are meant as an introduction to the HP 50g graphing calculator. Although the HP 50g can switch between Reverse Polish Notation (RPN) input and
Using Chains for what They re Good For
Using Chains for what They re Good For Andrew Poelstra usingchainsfor@wpsoftware.net Scaling Bitcoin, November 5, 2017 1 / 14 On-Chain Smart Contracting Bitcoin (and Ethereum, etc.) uses a scripting language
CS154, Lecture 18: PCPs, Hardness of Approximation, Approximation-Preserving Reductions, Interactive Proofs, Zero-Knowledge, Cold Fusion, Peace in
CS154, Lecture 18: PCPs, Hardness of Approximation, Approximation-Preserving Reductions, Interactive Proofs, Zero-Knowledge, Cold Fusion, Peace in the Middle East There are thousands of NP-complete problems
Optimizing for Bugs Fixed
Optimizing for Bugs Fixed The Design Principles behind the Clang Static Analyzer Anna Zaks, Manager of Program Analysis Team @ Apple What is This Talk About? LLVM/clang project Overview of the Clang Static
Lecture 6. Mechanics of Bitcoin
Lecture 6 Mechanics of Bitcoin Bitcoin transactions time An account-based ledger (not Bitcoin) Create 25 coins and credit to Alice ASSERTED BY MINERS SIMPLIFICATION: only one transaction per block time
Test Automation. 20 December 2017
Test Automation 20 December 2017 The problem of test automation Testing has repetitive components, so automation is justified The problem is cost-benefit evaluation of automation [Kaner] Time for: test
Technical White Paper of. MOAC Mother of All Chains. June 8 th, 2017
Technical White Paper of MOAC Mother of All Chains June 8 th, 2017 [Abstract] MOAC is to design a scalable and resilient Blockchain that supports transactions, data access, control flow in a layered structure.
arxiv: v1 [cs.dc] 17 Feb 2017
![arxiv: v1 [cs.dc] 17 Feb 2017](/thumbs/74/71106582.jpg "arxiv: v1 [cs.dc] 17 Feb 2017")
A Concurrent Perspective on Smart Contracts Ilya Sergey 1 and Aquinas Hobor 2 arxiv:1702.05511v1 [cs.dc] 17 Feb 2017 1 University College London, United Kingdom i.sergey@ucl.ac.uk 2 Yale-NUS College and
Pillar Token Code Review
Pillar Token Code Review July 14, 2017 Prepared By: Kshitish Balhotra Independent Reviewers Umesh Kushwaha, Bhavish Balhotra kshitish@dltlabs.io dltlabs.io Table of Contents I. Introduction... 2 II. Overview...
Ethereum Pro White Paper. Released November 12th, 2017
Ethereum Pro White Paper Released November 12th, 2017 Abstract In the world of cryptocurrency, there lacks a means to provide reliable confidence in the approval process of transactions, with the result
Formally Specifying Blockchain Protocols
Formally Specifying Blockchain Protocols 1 IOHK company building blockchain applications research focused invested in functional programming built Cardano network, Ada cryptocurrency 2 Blockchain Protocols
Introduction to Problem Solving and Programming in Python.
Introduction to Problem Solving and Programming in Python http://cis-linux1.temple.edu/~tuf80213/courses/temple/cis1051/ Overview Types of errors Testing methods Debugging in Python 2 Errors An error in
Quick Multitouch Apps using kivy and Python
Quick Multitouch Apps using kivy and Python About Me! Python and Kivy + Setting up Kivy... 1) in Linux 2) in Windows 3) Mac OSX Hello World in Kivy :) Controlling the Environment Many environment variables
SMARTDATA: Leveraging Blockchain to Securely Capture & Verify Scientific Provenance Data
UT DALLAS Erik Jonsson School of Engineering & Computer Science SMARTDATA: Leveraging Blockchain to Securely Capture & Verify Scientific Provenance Data Dr.Murat Kantarcioglu Joint work with Aravind Ramachandran
Smart Contract Security Audit Report. Loopring Protocol Smart Contract version 2
Smart Contract Security Audit Report Loopring Protocol Smart Contract version 2 Dec 15, 2018 1. Introduction Loopring Protocol Smart Contract version 2 is a set of smart contracts in the Loopring ecosystem
CS/ECE 5780/6780: Embedded System Design
CS/ECE 5780/6780: Embedded System Design John Regehr Lecture 18: Introduction to Verification What is verification? Verification: A process that determines if the design conforms to the specification.
Hardware Emulation and Virtual Machines
Hardware Emulation and Virtual Machines Overview Review of How Programs Run: Registers Execution Cycle Processor Emulation Types: Pure Translation Static Recompilation Dynamic Recompilation Direct Bytecode
The promise and peril of smart contracts
The promise and peril of smart contracts Joseph Bonneau Department of Computer Science New York University Understanding smart contracts The Bitcoin ledger track (mostly) payments time Create 25 coins
HAMPI A Solver for String Theories
HAMPI A Solver for String Theories Vijay Ganesh MIT (With Adam Kiezun, Philip Guo, Pieter Hooimeijer and Mike Ernst) Dagstuhl, 2010 Motivation for String Theories String-manipulating programs ü String
Static Analysis of Dynamically Typed Languages made Easy
Static Analysis of Dynamically Typed Languages made Easy Yin Wang School of Informatics and Computing Indiana University Overview Work done as two internships at Google (2009 summer and 2010 summer) Motivation:
Power of Slicing in Internet Flow Measurement. Ramana Rao Kompella Cristian Estan
Power of Slicing in Internet Flow Measurement Ramana Rao Kompella Cristian Estan 1 IP Network Management Network Operator What is happening in my network? How much traffic flows towards a given destination?
Previous Name: D3. Fourth Estate. A secure, decentralized news data storing and sharing solution for journalists
Previous Name: D3 Fourth Estate A secure, decentralized news data storing and sharing solution for journalists Aaron Chong Remini Yip International Student Blockchain Competition s Presentation 1 Problem
ISSUSE AND FEATURES TO CONSIDER WHEN SELECTING A BLOCKCHAIN SYSTEM. Find us at
ISSUSE AND FEATURES TO CONSIDER WHEN SELECTING A BLOCKCHAIN SYSTEM Find us at www.chainfrog.com Licenses Most blockchains are open-source (and you should not select a closed source one) If you are going
The game If you listen very carefully during the first 4 cards (or use the cheat sheet) you will get an advantage on the last 5 cards
The blockchain game GAMEMASTER NOTES Time: 10 minutes The game: up to 9 info/question cards + a short test with 7 questions Reward: The game If you listen very carefully during the first 4 cards (or use