Smart contracts are computer programs which execute on top of blockchains to manage the flow of funds, exchange of assets, and transfer of digital rights between various parties. Despite the high stakes involved, smart contracts have often been written in an undisciplined way and subject to many vulnerabilities, with losses of up to 250 million Euro in a single smart contract.
Existing vulnerability detection techniques mostly rely on generic execution-flow patterns and do not capture run-time data precisely. As a result of that, they tend to over-report some problems while missing others. In particular, it is important to monitor the temporal behavior and execution cost (“gas” usage) of transactions in smart contracts during their execution. However, run-time monitoring of smart contracts is currently not possible in a precise way due to inherent limitations of their execution environment.
This project investigates what run-time properties smart contracts have to fulfill in order to be safe from certain types of vulnerabilities, while also implementing the necessary infrastructure for such monitoring. As a result of the project, we will get novel approaches for monitoring smart contracts against vulnerabilities, and learn about safe designs for next-generation smart-contracts and even smart-contract platforms.
TEMOS will make run-time monitoring for smart contracts precise, automated, and scalable to real smart contracts.