Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach

by   Anastasia Mavridou, et al.

The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deployed in practice suffer from security vulnerabilities, which enable malicious users to steal assets from a contract or to cause damage. Vulnerabilities present a serious issue since contracts may handle financial assets of considerable value, and contract bugs are non-fixable by design. To help developers create more secure smart contracts, we introduce FSolidM, a framework rooted in rigorous semantics for designing con- tracts as Finite State Machines (FSM). We present a tool for creating FSM on an easy-to-use graphical interface and for automatically generating Ethereum contracts. Further, we introduce a set of design patterns, which we implement as plugins that developers can easily add to their contracts to enhance security and functionality.



There are no comments yet.


page 14

page 24


Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts

Blockchain-based distributed computing platforms enable the trusted exec...

VeriSolid: Correct-by-Design Smart Contracts for Ethereum

The adoption of blockchain based distributed ledgers is growing fast due...

Building Executable Secure Design Models for Smart Contracts with Formal Methods

Smart contracts are appealing because they are self-executing business a...

An Alternative Paradigm for Developing and Pricing Storage on Smart Contract Platforms

Smart contract platforms facilitate the development of important and div...

TokenHook: Secure ERC-20 smart contract

ERC-20 is the most prominent Ethereum standard for fungible tokens. Toke...

Automatic Generation of Precise and Useful Commutativity Conditions (Extended Version)

Reasoning about commutativity between data-structure operations is an im...

eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts

Ethereum has emerged as the most popular smart contract development plat...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.