A Runtime Monitoring Framework for Correct Execution of Smart Contracts
Speaker: RK Shyamasundar – Mumbai, IndiaTopic(s): Security and Privacy
Abstract
Smart contracts have been subjected to several attacks that have exploited various vulnerabilities of languages like Solidity, which has resulted in huge financial losses. The functioning and deployment of smart contracts are somewhat different from classical programming environments. Once a smart contract is up and running, changing it, is very complicated and nearly infeasible as the contract was expected to be immutable when created. If we find a defect in a deployed smart contract, a new version of that contract has to be created and deployed with concurrence from the stakeholders. Further, when a new version of an existing contract is deployed, data stored in the previous contract does not get transferred automatically to the newly refined contract. We have to manually populate the new contract with the past data which makes it very cumbersome and not very trustworthy. As neither updating a contract nor rolling back an update is possible, it greatly increases the complexity of implementation and places a huge responsibility while being deployed initially on the blockchain
Smart contracts have been subjected to several attacks that have exploited various vulnerabilities of languages like Solidity, which has resulted in huge financial losses. The main rationale for smart contracts has been to enforce contracts safely among the stakeholders. In this talk, we shall first provide a brief survey of various attacks and discuss various approaches used in the literature to prevent such exploitation. Secondly, we shall discuss run-time frameworks for runtime monitoring to prevent the exploitation of a major class of vulnerabilities. We shall further discuss techniques that enable automatic generation of run-time monitors with user annotations.
About this Lecture
Number of Slides: 65Duration: 60 minutes
Languages Available: English
Last Updated:
Request this Lecture
To request this particular lecture, please complete this online form.
Request a Tour
To request a tour with this speaker, please complete this online form.
All requests will be sent to ACM headquarters for review.