Deklarative Smart Contracts
0 likes•70 views
The document discusses declarative smart contracts executed automatically on blockchains, highlighting the importance of verification and validation in ensuring they function correctly. It explores the use of domain-specific languages (DSLs), workflows for multi-party contracts, and architectures that enhance trust and correctness. Additionally, it addresses the necessity of integrating simulation and verification tools to improve the reliability and understanding of contracts in blockchain environments.
Deklarative Smart Contracts
- 2. Context 1
- 3. An actual contract, executed automatically. Any Turing Complete Program running on a Blockchain. over time SMART CONTRACT
- 4. An actual contract, executed automatically. Multiple Parties. Decision | | Agreement | | Coordination. (Legally) Binding & Trusted. Formal Language. Checkable. Understandable. „Event Tracking“ Progress over time
- 6. Contract Definition Contract Execution Understand Behavior Functional Correctness Non-Repudiability Verified Behavior Non-Gameability }BC
- 7. Blockchains can provide certain non-functional properties to executable contracts. Blockchains are a suitable (partial) implementation technology iff these properties are needed.
- 8. Verification Ensure that the program performs correctly the things the program text tells it to do. Validation Ensure that the program does the correct things, wrt. to the requirements.
- 9. Verification Ensure that the program performs correctly the things the program text tells it to do. Validation Ensure that the program does the correct things, wrt. to the requirements. Contract Execution Contract Definition
- 10. Correct-by-Construction The language/framework/ API/modeling tool doesn’t allow a particular class of mistakes. Analysis-and-Fix You analyze the code/model after the fact and try to find problems which devs then fix.
- 12. „ Well, people realize that these contracts have to run reliably, after all, the programs deal with real values now. “ Some Blockchain Guy
- 13. Not the first community to realize ... J
- 14. Lots of History & Research Computational Law Obligation, Permission Ordering, Causality, Time Event, State
- 15. Lots of History & Research Blockchains Composing contracts: an adventure in financial engineering https://lexifi.com/files/resources/MLFiPaper.pdf POETS Process-oriented event-driven transaction systems https://github.com/legalese/poets/blob/master/doc/ Henglein%20-%20POETS%20Process-oriented%20event- driven%20transaction%20systems.pdf https://github.com/legalese/poets/blob/master/ doc/hvitvedmaster.pdf Domain-Specific Languages for Enterprise Systems https://bitbucket.org/jespera/poets/raw/c0ee7194ce57d2ad6ca8894c 8a44e88e546d5f4a/doc/poets-techreport/tr.pdf Contracts in Programming and in Enterprise Systems
- 16. Solution 2
- 17. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF MPS / Convecton Distribution, Trust Correctness Validation Simulation Collaboration Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts Generate to verification tools to build more confidence beyond type checking.
- 19. Declarative Description MultiPartyBooleanDecision A declarative, configurable specification of how a number of parties makes a (Boolean) decision.
- 20. Execution and Test A MPBD instance maintains the state of a decision process as it evolves over time. Here, we play with an instance in the interactive REPL.
- 21. Combination with State Machines More complex contracts are modeled as state machines; events are the API. Internally, the use BPBDs.
- 22. Combintation with State Machines II Here, a transition action creates a new AccessControl instance ... The state of that instance is then used in guard condition for the top level SM.
- 23. Preventing Game Theoretical Attacks Only „valid“ senders can enter this state. Events can only arrive at limited rate. States must be entered turn-by-turn.
- 24. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF MPS / Convecton Distribution, Trust Correctness Validation Simulation Collaboration Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts I D E A
- 25. Example: HyperCSL Blockchains Lisp (Clojure) based internal DSL for specifi- cation of general commercial contracts. Inspired by Simon Peyton Jones and Jean-Marc Eber and the POETS group at CPHU and ITU in Denmark. Uses Ken Adams’ Categories of Contract Language as fundametal semantic building blocks. Interpreter and UI in prototype stage.
- 27. Example: HyperCSL Blockchains A UI to visualize the interactive execution of CSL contracts.
- 28. Tooling 3
- 29. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF MPS / Convecton Distribution, Trust Correctness Validation Simulation Collaboration Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts KernelF is an extensible functional language used at the core of DSLs.
- 30. DSL Development New Language GPL Extension Formalization Reuse GPL incl. Expressions and TS Add/Embed DS-extensions Compatible notational style Reduce to GPL Analyze Domain to find Abstractions Define suitable, new notations. Rely on existing behavioral paradigm Reuse standard expression language Interpret/Generate to one or more GPLs Use existing notation from domain Clean up and formalize Generate/Interpret Often import existing „models“ KernelF
- 31. Functional Features Functional, no state at its core. Purity + Effect Tracking The usual types, literals and op‘s Various Conditionals Functions and Blocks No null, only opt<T> Error Handling Immutable Collections and higher-order functions Enums, tuples, records, all immutable Constraints on types and functions Boxes (like Clojure‘s ref) Transactional Memory State Machines Interactors Stateful Features Extensible/Embeddable through modular language implementation and other means.
- 32. (Meta-) Tooling Language Workbench Open Source, by Jetbrains Very Powerful Used for years by itemis and others Vast Experience
- 37. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF MPS / Convecton Distribution, Trust Correctness Validation Simulation Collaboration Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts
- 38. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF MPS / Convecton Distribution, Trust Correctness Validation Simulation Collaboration Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts <x TRUST?
- 39. Verifying Blockchain Infrastructure Blockchains Formal Semantics of the EVM in K https://www.ideals.illinois.edu/bitstream/handle/2142/97207/hilden brandt-saxena-zhu-rodrigues-guth-daian-rosu-2017-tr_0818.pdf IELE: Register-Based VM for the Blockchain https://runtimeverification.com/blog/new-technologies-for-the-blockchain- iele-virtual-machine-and-k-universal-language-framework/ ERC20-K: Formal Executable Spec of ERC20 https://github.com/runtimeverification/erc20-semantics Formal Verification for Solidity Contracts https://forum.ethereum.org/discussion/3779/formal-verification-for-solidity-contracts
- 40. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF Distribution, Trust Correctness Validation Simulation Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts Did I program/specify the right behaviors? Will the infrastructure execute the behaviors faithfully?
- 41. Ethereum VM/Network Iulia Hyperledger Java Executable Multi-Party Contract Language DSL Logistics DSL Finance DSL … KernelF Distribution, Trust Correctness Validation Simulation Expressiveness SMTLIB Z3 HTML JavaScript CSS Interaction, Integration An Architecture For Smart Contracts Did I program/specify the right behaviors? Will the infrastructure execute the behaviors faithfully?
- 42. Wrap Up
- 43. Further Reading Blockchains Mutable State in KernelF https://medium.com/@markusvoelter/ dealing-with-mutable-state-in-kernelf-e0fdec8a489b A Smart Contract Development Stack https://languageengineering.io/ a-smart-contract-development-stack-54533a3a503a A Smart Contract Development Stack, Pt. 2 https://languageengineering.io/a-smart-contract-development- stack-part-ii-game-theoretical-aspects-ca7a9d2e548d KernelF Reference http://voelter.de/data/pub/kernelf-reference.pdf DSLs in Safety-Critical Development http://voelter.de/data/pub/MPS-in-Safety-1.0.pdf
- 44. We need better languages Integration of verification tools Simulation, Experimentation and Test to describe contracts in a meaningful way can be an important step to assure correctness should be available in an interactive, local environment Contracts must be functionally correct in order for stakeholders to trust them. Deployment to Blockchain is non-func, it provides guarantees beyond functionality Other deployments are useful, that provide other trade-offs (secure , fast )