Conference Paper/Proceeding/Abstract 887 views 64 downloads
Verification of Bitcoin Script in Agda using Weakest Preconditions for Access Control
27th International Conference on Types for Proofs and Programs (TYPES 2021), Volume: 239, Pages: 1:1 - 1:25
Swansea University Authors: Arnold Beckmann , Anton Setzer
-
PDF | Version of Record
© Fahad F. Alhabardi, Arnold Beckmann, Bogdan Lazar, and Anton Setzer; licensed under Creative Commons License CC-BY 4.0
Download (829.9KB)
DOI (Published version): 10.4230/LIPIcs.TYPES.2021.1
Abstract
This paper contributes to the verification of programs written in Bitcoin’s smart contract language script in the interactive theorem prover Agda. It focuses on the security property of access control for script programs that govern the distribution of Bitcoins. It advocates that weakest preconditio...
Published in: | 27th International Conference on Types for Proofs and Programs (TYPES 2021) |
---|---|
ISBN: | 978-3-95977-254-9 |
ISSN: | 1868-8969 |
Published: |
Dagstuhl, Germany
Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik
2022
|
Online Access: |
Check full text
|
URI: | https://cronfa.swan.ac.uk/Record/cronfa60178 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Abstract: |
This paper contributes to the verification of programs written in Bitcoin’s smart contract language script in the interactive theorem prover Agda. It focuses on the security property of access control for script programs that govern the distribution of Bitcoins. It advocates that weakest preconditions in the context of Hoare triples are the appropriate notion for verifying access control. It aims at obtaining human-readable descriptions of weakest preconditions in order to close the validation gap between user requirements and formal specification of smart contracts.As examples for the proposed approach, the paper focuses on two standard script programs that govern the distribution of Bitcoins, Pay to Public Key Hash (P2PKH) and Pay to Multisig (P2MS). The paper introduces an operational semantics of the script commands used in P2PKH and P2MS, which is formalised in the Agda proof assistant and reasoned about using Hoare triples. Two methodologies for obtaining human-readable descriptions of weakest preconditions are discussed:(1) a step-by-step approach, which works backwards instruction by instruction through a script, sometimes stepping over several instructions in one go;(2) symbolic execution of the code and translation into a nested case distinction, which allows to read off weakest preconditions as the disjunction of conjunctions of conditions along accepting paths.A syntax for equational reasoning with Hoare Triples is defined in order to formalise those approaches in Agda. |
---|---|
Keywords: |
Bitcoin; Agda; Verification; Hoare logic; Bitcoin script; P2PKH; P2MS; Access control; Weakest; precondition; Predicate transformer semantics; Provable correctness; Symbolic execution; Smart contracts |
College: |
Faculty of Science and Engineering |
Funders: |
Fahad F. Alhabardi: Supported by Saudi Arabia Cultural Bureau in London.
Anton Setzer: Supported by COST actions CA20111 EuroProofNet and CA15123 EU Types. |
Start Page: |
1:1 |
End Page: |
1:25 |