Massimo Bartoletti ; Stefano Lande ; Maurizio Murgia ; Roberto Zunino - Verifying liquidity of recursive Bitcoin contracts

lmcs:6943 - Logical Methods in Computer Science, February 1, 2022, Volume 18, Issue 1 - https://doi.org/10.46298/lmcs-18(1:22)2022
Verifying liquidity of recursive Bitcoin contracts

Authors: Massimo Bartoletti ; Stefano Lande ; Maurizio Murgia ORCID-iD; Roberto Zunino

    Smart contracts - computer protocols that regulate the exchange of crypto-assets in trustless environments - have become popular with the spread of blockchain technologies. A landmark security property of smart contracts is liquidity: in a non-liquid contract, it may happen that some assets remain frozen, i.e. not redeemable by anyone. The relevance of this issue is witnessed by recent liquidity attacks to Ethereum, which have frozen hundreds of USD millions. We address the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion. Our main result is a verification technique for liquidity. We first transform the infinite-state semantics of BitML into a finite-state one, which focusses on the behaviour of a chosen set of contracts, abstracting from the moves of the context. With respect to the chosen contracts, this abstraction is sound, i.e. if the abstracted contract is liquid, then also the concrete one is such. We then verify liquidity by model-checking the finite-state abstraction. We implement a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin, and we assess it through a benchmark of representative contracts.


    Volume: Volume 18, Issue 1
    Published on: February 1, 2022
    Accepted on: January 4, 2022
    Submitted on: December 1, 2020
    Keywords: Computer Science - Cryptography and Security

    Share

    Consultation statistics

    This page has been seen 561 times.
    This article's PDF has been downloaded 647 times.