English
Related papers

Related papers: Compositional Security for Reentrant Applications

200 papers

In this work we explore ways to restrict the ability to call Solidity smart contract functions for a specified duration. We describe methods to restrict functions from being called twice in the same transaction, block, or time period. This…

Cryptography and Security · Computer Science 2024-05-16 Valerian Callens , Zeeshan Meghji , Jan Gorzny

Regenerating codes are a class of codes for distributed storage networks that provide reliability and availability of data, and also perform efficient node repair. Another important aspect of a distributed storage network is its security.…

Information Theory · Computer Science 2015-03-19 Nihar B. Shah , K. V. Rashmi , P. Vijay Kumar

Building storage systems has remained the domain of systems experts for many years. They are complex and difficult to implement. Extreme care is needed to ensure necessary guarantees of performance and operational correctness. Furthermore,…

Software Engineering · Computer Science 2018-07-26 Daniel G. Waddington

The industrial market continuously needs reliable solutions to secure autonomous systems. Especially as these systems become more complex and interconnected, reliable security solutions are becoming increasingly important. One promising…

Cryptography and Security · Computer Science 2025-06-30 Önder Gürcan

We propose a constraint-based flow-sensitive static analysis for concurrent programs by iteratively composing thread-modular abstract interpreters via the use of a system of lightweight constraints. Our method is compositional in that it…

Programming Languages · Computer Science 2017-10-02 Markus Kusano , Chao Wang

This paper develops semantic typing in a smart-contract setting to ensure type safety of code that uses statically untypable language constructs, such as the fallback function. The idea is that the creator of a contract on the blockchain…

Programming Languages · Computer Science 2026-04-28 Stian Lybech , Daniele Gorla , Luca Aceto

Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the…

Cryptography and Security · Computer Science 2012-12-18 Gabriele Costa , Fabio Martinelli , Artsiom Yautsiukhin

Scalable and automatic formal verification for concurrent systems is always demanding. In this paper, we propose a verification framework to support automated compositional reasoning for concurrent programs with shared variables. Our…

Formal Languages and Automata Theory · Computer Science 2018-03-28 Fuyuan Zhang , Yongwang Zhao , David Sanan , Yang Liu , Alwen Tiu , Shang-Wei Lin , Jun Sun

We give a sequential model for noninterference security including probability (but not demonic choice), thus supporting reasoning about the likelihood that high-security values might be revealed by observations of low-security activity. Our…

Formal Languages and Automata Theory · Computer Science 2010-07-08 Annabelle McIver , Larissa Meinicke , Carroll Morgan

Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template…

Programming Languages · Computer Science 2026-05-19 Mike Samuel , Tom Palmer , Shaw Summa , Robert Grayson

Smart contracts have recently been adopted by many security protocols. However, existing studies lack satisfactory theoretical support on how contracts benefit security protocols. This paper aims to give a systematic analysis of smart…

Cryptography and Security · Computer Science 2022-04-21 Rujia Li , Qin Wang , Qi Wang , David Galindo

We present a methodology to develop verified smart contracts. We write smart contracts, their specifications and implementations in the verification-friendly language Dafny. In our methodology the ability to write specifications,…

Logic in Computer Science · Computer Science 2022-08-08 Franck Cassez , Joanne Fuller , Horacio Mijail Anton Quiles

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust…

Cryptography and Security · Computer Science 2018-02-06 Ana Nora Evans

Trust is an absolute necessity for digital communications; but is often viewed as an implicit singular entity. The use of the internet as the primary vehicle for information exchange has made accountability and verifiability of system code…

Cryptography and Security · Computer Science 2014-03-04 Orhio Mark Creado , Bala Srinivasan , Phu Dung Le , Jefferson Tan

In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and…

Cryptography and Security · Computer Science 2014-04-09 Thomas Bauereiss , Dieter Hutter

Reentrancy vulnerability as one of the most notorious vulnerabilities, has been a prominent topic in smart contract security research. Research shows that existing vulnerability detection presents a range of challenges, especially as smart…

Software Engineering · Computer Science 2024-03-19 Zexu Wang , Jiachi Chen , Yanlin Wang , Yu Zhang , Weizhe Zhang , Zibin Zheng

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

Smart contracts concentrate high value assets and complex logic in small, immutable programs, where even minor bugs can cause major losses. Existing taxonomies and tools remain fragmented, organized around symptoms such as reentrancy rather…

Cryptography and Security · Computer Science 2025-11-13 Parsa Hedayatnia , Tina Tavakkoli , Hadi Amini , Mohammad Allahbakhsh , Haleh Amintoosi

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

We present Solythesis, a source to source Solidity compiler which takes a smart contract code and a user specified invariant as the input and produces an instrumented contract that rejects all transactions that violate the invariant. The…

Programming Languages · Computer Science 2020-12-15 Ao Li , Jemin Andrew Choi , Fan Long