R. K. Shyamasundar’s research while affiliated with Indian Institute of Technology Bombay and other places

Smart contracts have been subjected to several attacks that have exploited various vulnerabilities of languages like Solidity, which has resulted in huge financial losses. The functioning and deployment of smart contracts are somewhat different from classical programming environments. Once a smart contract is up and running, changing it, is very complicated and nearly infeasible as the contract is expected to be immutable when created. If we find a defect in a deployed smart contract, a new version of the contract has to be created and deployed with concurrence from the stakeholders. Further, when a new version of an existing contract is deployed, data stored in the previous contract does not get transferred automatically to the newly refined contract. We have to manually initialize the new contract with the past data which makes it very cumbersome and not very trustworthy. As neither updating a contract nor rolling back an update is possible, it greatly increases the complexity of implementation and places a huge responsibility while being deployed initially on the blockchain.The main rationale for smart contracts has been to enforce contracts safely among the stakeholders. In this paper, we shall discuss a framework for runtime monitoring to prevent the exploitation of a major class of vulnerabilities using the programmers’ annotations given in the smart contracts coded in Solidity. We have chosen several phrases for annotation mimicking declarations of concurrent programming languages so that the underlying run-time monitors can be automatically generated. The annotations simply reflect the intended constraints on the execution of programs relative to the object state relative to observables like method calls, exceptions, etc. Such a framework further adds to the advantage of debugging at the source level as the original structure is preserved and also enhances the trust of the user as the run-time monitoring assertion logs provide a rough proof-outline of the contract.KeywordsSmart contractBlockchainEVMCorrectnessDebuggingDistributed programming languagesObject state

Blockchains ensure integrity, transparency, and immutability of transactions they process. It also guarantees the eventual inclusion of all the transactions submitted to the blockchain and records them in its ledger. Bitcoin and Litecoin are examples of time-tested, reliable public blockchains that handle only one type of transaction – send/receive money (i.e., transfer-of-value) from one user to another. Whereas, general-purpose blockchains like Ethereum provide means and methods to encapsulate transfer of not only value but anything fungible that can be digitally represented with the help of programs aka smart contracts. However, with a high-level Turing-complete programming language to write smart contracts, Ethereum encountered vulnerabilities in its contracts thus forgoing the claim of immutability. On the contrary, script-based blockchains like Bitcoin and Litecoin have withstood the test of time and hence are perceived reliable – a very important aspect while managing assets like land. In this paper, we present a transfer-of-asset system for land management that borrows from Litecoin protocol its script, underlying consensus, and block structure. Our resultant system is a permissioned blockchain, where only a set of pre-approved miners can append land records to the blockchain. We introduce sidechains that are roped in a mainchain. The mainchain stores land records, which can be queried by citizens; whereas, sidechains hold intricate details about intermediate validations performed by regulators, registrars, and notaries. The process of land management used in this paper is a typical process in the states of India. Our system can be used to manage any asset class that is finite in nature. Our approach provides transparency of transactions at a higher level and privacy to individual transactions.