Loading…
SolType: refinement types for arithmetic overflow in solidity
As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as integers are often used to represent financial assets like account...
Saved in:
| Published in: | Proceedings of ACM on programming languages 2022-01, Vol.6 (POPL), p.1-29 |
|---|---|
| Main Authors: | , , , , |
| Format: | Article |
| Language: | English |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413 |
| container_end_page | 29 |
| container_issue | POPL |
| container_start_page | 1 |
| container_title | Proceedings of ACM on programming languages |
| container_volume | 6 |
| creator | Tan, Bryan Mariano, Benjamin Lahiri, Shuvendu K. Dillig, Isil Feng, Yu |
| description | As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as integers are often used to represent financial assets like account balances. Motivated by this observation, this paper presents SolType, a refinement type system for Solidity that can be used to prevent arithmetic over- and under-flows in smart contracts. SolType allows developers to add refinement type annotations and uses them to prove that arithmetic operations do not lead to over- and under-flows. SolType incorporates a rich vocabulary of refinement terms that allow expressing relationships between integer values and aggregate properties of complex data structures. Furthermore, our implementation, called Solid, incorporates a type inference engine and can automatically infer useful type annotations, including non-trivial contract invariants.
To evaluate the usefulness of our type system, we use Solid to prove arithmetic safety of a total of 120 smart contracts. When used in its fully automated mode (i.e., using Solid's type inference capabilities), Solid is able to eliminate 86.3% of redundant runtime checks used to guard against overflows. We also compare Solid against a state-of-the-art arithmetic safety verifier called VeriSmart and show that Solid has a significantly lower false positive rate, while being significantly faster in terms of verification time. |
| doi_str_mv | 10.1145/3498665 |
| format | article |
| fullrecord | <record><control><sourceid>crossref</sourceid><recordid>TN_cdi_crossref_primary_10_1145_3498665</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_1145_3498665</sourcerecordid><originalsourceid>FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413</originalsourceid><addsrcrecordid>eNpNj01LAzEYhIMoWGrxL-TmafXNdyJ4kOIXFDy0PS9pNsHI7qYkQdl_74o9eJkZ5jDMg9A1gVtCuLhj3GgpxRlaUK5EQzgl5__yJVqV8gkAxDCumVmgh23qd9PR3-PsQxz94MeK61wUHFLGNsf6MfgaHU5fPoc-feM44pL62MU6XaGLYPviVydfov3z02792mzeX97Wj5vGUaFrYyVXzB1AaUGMYmA0NayTPtADVUYKS4OgQXcawBurqWOC8VkUWEk9J2yJbv52XU6lzE_bY46DzVNLoP0Fb0_g7AeieUjY</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>SolType: refinement types for arithmetic overflow in solidity</title><source>ACM Digital Library Complete</source><creator>Tan, Bryan ; Mariano, Benjamin ; Lahiri, Shuvendu K. ; Dillig, Isil ; Feng, Yu</creator><creatorcontrib>Tan, Bryan ; Mariano, Benjamin ; Lahiri, Shuvendu K. ; Dillig, Isil ; Feng, Yu</creatorcontrib><description>As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as integers are often used to represent financial assets like account balances. Motivated by this observation, this paper presents SolType, a refinement type system for Solidity that can be used to prevent arithmetic over- and under-flows in smart contracts. SolType allows developers to add refinement type annotations and uses them to prove that arithmetic operations do not lead to over- and under-flows. SolType incorporates a rich vocabulary of refinement terms that allow expressing relationships between integer values and aggregate properties of complex data structures. Furthermore, our implementation, called Solid, incorporates a type inference engine and can automatically infer useful type annotations, including non-trivial contract invariants.
To evaluate the usefulness of our type system, we use Solid to prove arithmetic safety of a total of 120 smart contracts. When used in its fully automated mode (i.e., using Solid's type inference capabilities), Solid is able to eliminate 86.3% of redundant runtime checks used to guard against overflows. We also compare Solid against a state-of-the-art arithmetic safety verifier called VeriSmart and show that Solid has a significantly lower false positive rate, while being significantly faster in terms of verification time.</description><identifier>ISSN: 2475-1421</identifier><identifier>EISSN: 2475-1421</identifier><identifier>DOI: 10.1145/3498665</identifier><language>eng</language><ispartof>Proceedings of ACM on programming languages, 2022-01, Vol.6 (POPL), p.1-29</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413</citedby><cites>FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413</cites><orcidid>0000-0002-4008-3846 ; 0000-0001-8006-1230</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Tan, Bryan</creatorcontrib><creatorcontrib>Mariano, Benjamin</creatorcontrib><creatorcontrib>Lahiri, Shuvendu K.</creatorcontrib><creatorcontrib>Dillig, Isil</creatorcontrib><creatorcontrib>Feng, Yu</creatorcontrib><title>SolType: refinement types for arithmetic overflow in solidity</title><title>Proceedings of ACM on programming languages</title><description>As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as integers are often used to represent financial assets like account balances. Motivated by this observation, this paper presents SolType, a refinement type system for Solidity that can be used to prevent arithmetic over- and under-flows in smart contracts. SolType allows developers to add refinement type annotations and uses them to prove that arithmetic operations do not lead to over- and under-flows. SolType incorporates a rich vocabulary of refinement terms that allow expressing relationships between integer values and aggregate properties of complex data structures. Furthermore, our implementation, called Solid, incorporates a type inference engine and can automatically infer useful type annotations, including non-trivial contract invariants.
To evaluate the usefulness of our type system, we use Solid to prove arithmetic safety of a total of 120 smart contracts. When used in its fully automated mode (i.e., using Solid's type inference capabilities), Solid is able to eliminate 86.3% of redundant runtime checks used to guard against overflows. We also compare Solid against a state-of-the-art arithmetic safety verifier called VeriSmart and show that Solid has a significantly lower false positive rate, while being significantly faster in terms of verification time.</description><issn>2475-1421</issn><issn>2475-1421</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNpNj01LAzEYhIMoWGrxL-TmafXNdyJ4kOIXFDy0PS9pNsHI7qYkQdl_74o9eJkZ5jDMg9A1gVtCuLhj3GgpxRlaUK5EQzgl5__yJVqV8gkAxDCumVmgh23qd9PR3-PsQxz94MeK61wUHFLGNsf6MfgaHU5fPoc-feM44pL62MU6XaGLYPviVydfov3z02792mzeX97Wj5vGUaFrYyVXzB1AaUGMYmA0NayTPtADVUYKS4OgQXcawBurqWOC8VkUWEk9J2yJbv52XU6lzE_bY46DzVNLoP0Fb0_g7AeieUjY</recordid><startdate>20220101</startdate><enddate>20220101</enddate><creator>Tan, Bryan</creator><creator>Mariano, Benjamin</creator><creator>Lahiri, Shuvendu K.</creator><creator>Dillig, Isil</creator><creator>Feng, Yu</creator><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-4008-3846</orcidid><orcidid>https://orcid.org/0000-0001-8006-1230</orcidid></search><sort><creationdate>20220101</creationdate><title>SolType: refinement types for arithmetic overflow in solidity</title><author>Tan, Bryan ; Mariano, Benjamin ; Lahiri, Shuvendu K. ; Dillig, Isil ; Feng, Yu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Tan, Bryan</creatorcontrib><creatorcontrib>Mariano, Benjamin</creatorcontrib><creatorcontrib>Lahiri, Shuvendu K.</creatorcontrib><creatorcontrib>Dillig, Isil</creatorcontrib><creatorcontrib>Feng, Yu</creatorcontrib><collection>CrossRef</collection><jtitle>Proceedings of ACM on programming languages</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Tan, Bryan</au><au>Mariano, Benjamin</au><au>Lahiri, Shuvendu K.</au><au>Dillig, Isil</au><au>Feng, Yu</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>SolType: refinement types for arithmetic overflow in solidity</atitle><jtitle>Proceedings of ACM on programming languages</jtitle><date>2022-01-01</date><risdate>2022</risdate><volume>6</volume><issue>POPL</issue><spage>1</spage><epage>29</epage><pages>1-29</pages><issn>2475-1421</issn><eissn>2475-1421</eissn><abstract>As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as integers are often used to represent financial assets like account balances. Motivated by this observation, this paper presents SolType, a refinement type system for Solidity that can be used to prevent arithmetic over- and under-flows in smart contracts. SolType allows developers to add refinement type annotations and uses them to prove that arithmetic operations do not lead to over- and under-flows. SolType incorporates a rich vocabulary of refinement terms that allow expressing relationships between integer values and aggregate properties of complex data structures. Furthermore, our implementation, called Solid, incorporates a type inference engine and can automatically infer useful type annotations, including non-trivial contract invariants.
To evaluate the usefulness of our type system, we use Solid to prove arithmetic safety of a total of 120 smart contracts. When used in its fully automated mode (i.e., using Solid's type inference capabilities), Solid is able to eliminate 86.3% of redundant runtime checks used to guard against overflows. We also compare Solid against a state-of-the-art arithmetic safety verifier called VeriSmart and show that Solid has a significantly lower false positive rate, while being significantly faster in terms of verification time.</abstract><doi>10.1145/3498665</doi><tpages>29</tpages><orcidid>https://orcid.org/0000-0002-4008-3846</orcidid><orcidid>https://orcid.org/0000-0001-8006-1230</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2475-1421 |
| ispartof | Proceedings of ACM on programming languages, 2022-01, Vol.6 (POPL), p.1-29 |
| issn | 2475-1421 2475-1421 |
| language | eng |
| recordid | cdi_crossref_primary_10_1145_3498665 |
| source | ACM Digital Library Complete |
| title | SolType: refinement types for arithmetic overflow in solidity |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T13%3A58%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=SolType:%20refinement%20types%20for%20arithmetic%20overflow%20in%20solidity&rft.jtitle=Proceedings%20of%20ACM%20on%20programming%20languages&rft.au=Tan,%20Bryan&rft.date=2022-01-01&rft.volume=6&rft.issue=POPL&rft.spage=1&rft.epage=29&rft.pages=1-29&rft.issn=2475-1421&rft.eissn=2475-1421&rft_id=info:doi/10.1145/3498665&rft_dat=%3Ccrossref%3E10_1145_3498665%3C/crossref%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c258t-a6473cb07851973098293d6ef2b27965a2f52f8d800e9a82c3534c3570a62e413%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |