Title: Securing Smart Contracts with Information Flow
Securing blockchain smart contracts is difficult, especially when they interact with one another. Existing tools for reasoning about smart contract security are limited in one of two ways: they either cannot analyze cooperative interaction between contracts, or they require all interacting code to be written in a specific language. We propose an approach based on information flow control~(IFC), which supports fine-grained, compositional security policies and rules out dangerous vulnerabilities. However, existing IFC systems provide few guarantees on interaction with legacy contracts and unknown code. We extend existing IFC constructs to support these important functionalities while retaining compositional security guarantees, including reentrancy control. We mix static and dynamic mechanisms to achieve these goals in a flexible manner while minimizing run-time costs. more »« less
Cecchetti, E.; Yao, S.; Ni, H.; Myers, A.C.(
, Proceedings of the IEEE Symposium on Security and Privacy)
null
(Ed.)
The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve compositional security, offering strong guarantees even when combining software from different trust domains. Unfortunately, this appealing story breaks down in the presence of reentrancy attacks. We formalize a general definition of reentrancy and introduce a security condition that allows software modules like smart contracts to protect their key invariants while retaining the expressive power of safe forms of reentrancy. We present a security type system that provably enforces secure information flow; in conjunction with run-time mechanisms, it enforces secure reentrancy even in the presence of unknown code; and it helps locate and correct recent high-profile vulnerabilities.
Aumayr, Lukas; Moreno-Sanchez, Pedro; Kate, Aniket; Maffei, Matteo.(
, Network and Distributed System Security (NDSS) Symposium)
Payment channel networks (PCNs) mitigate the scalability issues of current decentralized cryptocurrencies. They allow for arbitrarily many payments between users connected through a path of intermediate payment channels, while requiring interacting with the blockchain only to open and close the channels. Unfortunately, PCNs are (i) tailored to payments, excluding more complex smart contract functionalities, such as the oracle-enabling Discreet Log Contracts and (ii) their need for active participation from intermediaries may make payments unreliable, slower, expensive, and privacy-invasive. Virtual channels are among the most promising techniques to mitigate these issues, allowing two endpoints of a path to create a direct channel over the intermediaries without any interaction with the blockchain. After such a virtual channel is constructed, (i) the endpoints can use this direct channel for applications other than payments and (ii) the intermediaries are no longer involved in updates.
In this work, we first introduce the Domino attack, a new DoS/griefing style attack that leverages virtual channels to destruct the PCN itself and is inherent to the design adopted by the existing Bitcoin-compatible virtual channels. We then demonstrate its severity by a quantitative analysis on a snapshot of the Lightning Network (LN), the most widely deployed PCN at present. We finally discuss other serious drawbacks of existing virtual channel designs, such as the support for only a single intermediary, a latency and blockchain overhead linear in the path length, or a non-constant storage overhead per user.
We then present Donner, the first virtual channel construction that overcomes the shortcomings above, by relying on a novel design paradigm. We formally define and prove security and privacy properties in the Universal Composability framework. Our evaluation shows that Donner is efficient, reduces the on-chain number of transactions for disputes from linear in the path length to a single one, which is the key to prevent Domino attacks, and reduces the storage overhead from logarithmic in the path length to constant. Donner is Bitcoin-compatible and can be easily integrated in the LN.
McCall, McKenna; Bichhawat, Abhishek; Jia, Limin(
, 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P))
To prevent applications from leaking users' private data to attackers, researchers have developed runtime information flow control (IFC) mechanisms. Most existing approaches are either based on taint tracking or multi-execution, and the same technique is used to protect the entire application. However, today's applications are typically composed of multiple components from heterogenous and unequally trusted sources. The goal of this paper is to develop a framework to enable the flexible composition of IFC enforcement mechanisms. More concretely, we focus on reactive programs, which is an abstract model for event-driven programs including web and mobile applications. We formalize the semantics of existing IFC enforcement mechanisms with well-defined interfaces for composition, define knowledge-based security guarantees that can precisely quantify the effect of implicit leaks from taint tracking, and prove sound all composed systems that we instantiate the framework with. We identify requirements for future enforcement mechanisms to be securely composed in our framework. Finally, we implement a prototype in OCaml and compare the effects of different compositions.
Lehmann, Nico; Kunkel, Rose; Brown, Jordan; Yang, Jean; Vazou, Niki; Polikarpova, Nadia; Stefan, Deian; Jhala, Ranjit(
, USENIX Symposium on Operating Systems Design and Implementation)
We present STORM, a web framework that allows developers
to build MVC applications with compile-time enforcement of
centrally specified data-dependent security policies. STORM
ensures security using a Security Typed ORM that refines the
(type) abstractions of each layer of the MVC API with logical
assertions that describe the data produced and consumed by
the underlying operation and the users allowed access to that
data. To evaluate the security guarantees of STORM, we build a
formally verified reference implementation using the Labeled
IO (LIO) IFC framework. We present case studies and end-to-
end applications that show how STORM lets developers specify
diverse policies while centralizing the trusted code to under 1%
of the application, and statically enforces security with modest
type annotation overhead, and no run-time cost.
Sean McHale, Lincoln Murr(
, 2023 7th International Conference on Medical and Health Informatics (ICMHI 2023))
This paper presents a novel framework for creating a recoverable rare disease patient identity system using blockchain and smart contracts, decentralized identifiers (DIDs), and the InterPlanetary File System (IPFS). Smart contracts are executable code that can be written into decentralized storage such as blockchains in order to enable tamper-proof transactions of data. DIDs provide a secure, decentralized, and extensible way to create, store, and manage digital identities, while IPFS provides a distributed, immutable, and secure storage system for patient identities. Utilizing these technologies with smart contracts, we created a framework to store persistent medical records of patients. Smart contracts additionally allow account recovery without the use of any centralized authority. The framework enables healthcare providers to securely access a patient's data while maintaining the patient's ownership of their data. The paper explores the advantages of using a decentralized identity system and highlights the potential of this approach to improve the security and universality of medical records for patients with rare diseases.
Cecchetti, Ethan, Yao, Siqiu, Ni, Haobin, and Myers, Andrew C. Securing Smart Contracts with Information Flow. Retrieved from https://par.nsf.gov/biblio/10158698. International Symposium on Foundations and Applications of Blockchain .
Cecchetti, Ethan, Yao, Siqiu, Ni, Haobin, & Myers, Andrew C. Securing Smart Contracts with Information Flow. International Symposium on Foundations and Applications of Blockchain, (). Retrieved from https://par.nsf.gov/biblio/10158698.
Cecchetti, Ethan, Yao, Siqiu, Ni, Haobin, and Myers, Andrew C.
"Securing Smart Contracts with Information Flow". International Symposium on Foundations and Applications of Blockchain (). Country unknown/Code not available. https://par.nsf.gov/biblio/10158698.
@article{osti_10158698,
place = {Country unknown/Code not available},
title = {Securing Smart Contracts with Information Flow},
url = {https://par.nsf.gov/biblio/10158698},
abstractNote = {Securing blockchain smart contracts is difficult, especially when they interact with one another. Existing tools for reasoning about smart contract security are limited in one of two ways: they either cannot analyze cooperative interaction between contracts, or they require all interacting code to be written in a specific language. We propose an approach based on information flow control~(IFC), which supports fine-grained, compositional security policies and rules out dangerous vulnerabilities. However, existing IFC systems provide few guarantees on interaction with legacy contracts and unknown code. We extend existing IFC constructs to support these important functionalities while retaining compositional security guarantees, including reentrancy control. We mix static and dynamic mechanisms to achieve these goals in a flexible manner while minimizing run-time costs.},
journal = {International Symposium on Foundations and Applications of Blockchain},
author = {Cecchetti, Ethan and Yao, Siqiu and Ni, Haobin and Myers, Andrew C.},
}
Warning: Leaving National Science Foundation Website
You are now leaving the National Science Foundation website to go to a non-government website.
Website:
NSF takes no responsibility for and exercises no control over the views expressed or the accuracy of
the information contained on this site. Also be aware that NSF's privacy policy does not apply to this site.
