English
Related papers

Related papers: A Sound Type System for Secure Currency Flow

200 papers

This paper develops semantic typing in a smart-contract setting to ensure type safety of code that uses statically untypable language constructs, such as the fallback function. The idea is that the creator of a contract on the blockchain…

Programming Languages · Computer Science 2026-04-28 Stian Lybech , Daniele Gorla , Luca Aceto

We continue the development of TinySol, a minimal object-oriented language based on Solidity, the standard smart-contract language used for the Ethereum platform. We first extend TinySol with exceptions and a gas mechanism, and equip it…

Programming Languages · Computer Science 2024-07-23 Luca Aceto , Daniele Gorla , Stian Lybech , Mohammad Hamdaqa

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve…

Cryptography and Security · Computer Science 2023-07-21 Ethan Cecchetti , Siqiu Yao , Haobin Ni , Andrew C. Myers

As smart contracts gain adoption in financial transactions, it becomes increasingly important to ensure that they are free of bugs and security vulnerabilities. Of particular relevance in this context are arithmetic overflow bugs, as…

Programming Languages · Computer Science 2021-12-22 Bryan Tan , Benjamin Mariano , Shuvendu K. Lahiri , Isil Dillig , Yu Feng

Soundness of a type system is a fundemental property that guarantees that no operation that is not supported by a value will be performed on that value at run time. A type checker for a sound type system is expected to issue a warning on…

Programming Languages · Computer Science 2024-08-21 Elad Kinsbruner , Hila Peleg , Shachar Itzhaky

We propose a type system for a calculus of contracting processes. Processes can establish sessions by stipulating contracts, and then can interact either by keeping the promises made, or not. Type safety guarantees that a typeable process…

Programming Languages · Computer Science 2019-03-14 Massimo Bartoletti , Alceste Scalas , Emilio Tuosto , Roberto Zunino

The recent release of Solidity 0.5 introduced a new type to prevent Ether transfers to smart contracts that are not supposed to receive money. Unfortunately, the compiler fails in enforcing the guarantees this type intended to convey, hence…

Programming Languages · Computer Science 2019-07-08 Silvia Crafa , Matteo Di Pirro

We present Solythesis, a source to source Solidity compiler which takes a smart contract code and a user specified invariant as the input and produces an instrumented contract that rejects all transactions that violate the invariant. The…

Programming Languages · Computer Science 2020-12-15 Ao Li , Jemin Andrew Choi , Fan Long

Protecting confidential data from leaking is a critical challenge in computer systems, particularly given the growing number of observers on the internet. Therefore, limiting information flow using robust security policies becomes…

The Windows Vista operating system implements an interesting model of multi-level integrity. We observe that in this model, trusted code can be blamed for any information-flow attack; thus, it is possible to eliminate such attacks by static…

Cryptography and Security · Computer Science 2008-12-18 Avik Chaudhuri , Prasad Naldurg , Sriram Rajamani

This work provides a study to demonstrate the potential of using off-the-shelf programming languages and their theories to build sound language-based-security tools. Our study focuses on information flow security encompassing…

Cryptography and Security · Computer Science 2020-07-20 Minh Ngo , David A. Naumann , Tamara Rezk

We show how security type systems from the literature of language-based noninterference can be represented more directly as predicates defined by structural recursion on the programs. In this context, we show how our uniform syntactic…

Cryptography and Security · Computer Science 2013-08-16 Andrei Popescu

Synchronous reactive data flow is a paradigm that provides a high-level abstract programming model for embedded and cyber-physical systems, including the locally synchronous components of IoT systems. Security in such systems is severely…

Programming Languages · Computer Science 2022-01-04 Sanjiva Prasad , R. Madhukar Yerraguntla , Subodh Sharma

We present the first session typing system guaranteeing request-response liveness properties for possibly non-terminating communicating processes. The types augment the branch and select types of the standard binary session types with a set…

Logic in Computer Science · Computer Science 2017-01-11 Søren Debois , Thomas Hildebrandt , Tijs Slaats , Nobuko Yoshida

Mature push button tools have emerged for checking trace properties (e.g. secrecy or authentication) of security protocols. The case of indistinguishability-based privacy properties (e.g. ballot privacy or anonymity) is more complex and…

Cryptography and Security · Computer Science 2017-08-29 Véronique Cortier , Niklas Grimm , Joseph Lallemand , Matteo Maffei

We propose a type-based analysis to infer the session protocols of channels in an ML-like concurrent functional language. Combining and extending well-known techniques, we develop a type-checking system that separates the underlying ML type…

Programming Languages · Computer Science 2016-04-14 Carlo Spaccasassi , Vasileios Koutavas

Microservices architectures allow for short deployment cycles and immediate effects but offer no safety mechanisms when service contracts need to be changed. Maintaining the soundness of microservice architectures is an error-prone task…

Programming Languages · Computer Science 2020-02-17 João Costa Seco , Paulo Ferreira , Hugo Lourenço , Carla Ferreira , Lucio Ferrao

Subtyping in concurrency has been extensively studied since early 1990s as one of the most interesting issues in type theory. The correctness of subtyping relations has been usually provided as the soundness for type safety. The converse…

Logic in Computer Science · Computer Science 2019-03-14 Tzu-chun Chen , Mariangiola Dezani-Ciancaglini , Alceste Scalas , Nobuko Yoshida

In automated complexity analysis, noninterference-based type systems statically guarantee, via soundness, the property that well-typed programs compute functions of a given complexity class, e.g., the class FP of functions computable in…

Logic in Computer Science · Computer Science 2024-01-29 Emmanuel Hainry , Bruce M. Kapron , Jean-Yves Marion , Romain Péchoux

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden
‹ Prev 1 2 3 10 Next ›