References of "Tikhomirov, Sergei 50023104"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailSmartCheck: Static Analysis of Ethereum Smart Contracts
Tikhomirov, Sergei UL; Voskresenskaya, Ekaterina; Ivanitskiy, Ivan et al

Scientific Conference (2018, May 27)

Ethereum is a major blockchain-based platform for smart contracts – Turing complete programs that are executed in a decentralized network and usually manipulate digital units of value. Solidity is the ... [more ▼]

Ethereum is a major blockchain-based platform for smart contracts – Turing complete programs that are executed in a decentralized network and usually manipulate digital units of value. Solidity is the most mature high-level smart contract language. Ethereum is a hostile execution environment, where anonymous attackers exploit bugs for immediate financial gain. Developers have a very limited ability to patch deployed contracts. Hackers steal up to tens of millions of dollars from flawed contracts, a well-known example being “The DAO“, broken in June 2016. Advice on secure Ethereum programming practices is spread out across blogs, papers, and tutorials. Many sources are outdated due to a rapid pace of development in this field. Automated vulnerability detection tools, which help detect potentially problematic language constructs, are still underdeveloped in this area. We provide a comprehensive classification of code issues in Solidity and implement SmartCheck – an extensible static analysis tool that detects them. SmartCheck translates Solidity source code into an XML-based intermediate representation and checks it against XPath patterns. We evaluated our tool on a big dataset of real-world contracts and compared the results with manual audit on three contracts. Our tool reflects the current state of knowledge on Solidity vulnerabilities and shows significant improvements over alternatives. SmartCheck has its limitations, as detection of some bugs requires more sophisticated techniques such as taint analysis or even manual audit. We believe though that a static analyzer should be an essential part of contract developers’ toolbox, letting them fix simple bugs fast and allocate more effort to complex issues. [less ▲]

Detailed reference viewed: 446 (17 UL)
Full Text
Peer Reviewed
See detailPrivacy-preserving KYC on Ethereum
Biryukov, Alex UL; Khovratovich, Dmitry; Tikhomirov, Sergei UL

Scientific Conference (2018, May 09)

Identity is a fundamental concept for the financial industry. In order to comply with regulation, financial institutions must verify the identity of their customers. Identities are currently handled in a ... [more ▼]

Identity is a fundamental concept for the financial industry. In order to comply with regulation, financial institutions must verify the identity of their customers. Identities are currently handled in a centralized way, which diminishes users' control over their personal information and threats their privacy. Blockchain systems, especially those with support for smart contracts (e.g.,~Ethereum), are expected to serve as a basis of more decentralized systems for digital identity management. We propose a design of a privacy-preserving KYC scheme on top of Ethereum. It would let providers of financial services leverage the potential of blockchain technology to increase efficiency of customer onboarding while complying with regulation and protecting users' privacy. [less ▲]

Detailed reference viewed: 238 (6 UL)
Full Text
Peer Reviewed
See detailEthereum: state of knowledge and research perspectives
Tikhomirov, Sergei UL

Scientific Conference (2017, October 24)

Ethereum is a decentralized application platform that allows users to write, deploy, and interact with smart contracts -- programs that encode financial agreements. A peer-to-peer network of mutually ... [more ▼]

Ethereum is a decentralized application platform that allows users to write, deploy, and interact with smart contracts -- programs that encode financial agreements. A peer-to-peer network of mutually distrusting nodes maintains a common view of the state of all accounts and executes smart contracts' code upon request. The global state is stored in a blockchain secured by a proof-of-work consensus mechanism similar to that in Bitcoin. The core value proposition of Ethereum is a Turing-complete programming language that enables implementing complex logic in smart contracts. Decentralized applications without a trusted third party are appealing in many areas, such as financial services, crowdfunding, and gambling. Smart contracts as a research topic contains many unsolved challenges and spans over areas ranging from cryptography, consensus algorithms, and programming languages to governance, ethical, and legal issues. This paper is the first to summarize the state of knowledge in this field. We provide a technical overview of Ethereum and outline open challenges along with proposed solutions. We also mention alternative blockchains with Turing complete programming capabilities. [less ▲]

Detailed reference viewed: 940 (29 UL)
Full Text
Peer Reviewed
See detailFindel: Secure Derivative Contracts for Ethereum
Biryukov, Alex UL; Khovratovich, Dmitry UL; Tikhomirov, Sergei UL

Scientific Conference (2017, April 07)

Blockchain-based smart contracts are considered a promising technology for handling financial agreements securely. In order to realize this vision, we need a formal language to unambiguously describe ... [more ▼]

Blockchain-based smart contracts are considered a promising technology for handling financial agreements securely. In order to realize this vision, we need a formal language to unambiguously describe contract clauses. We introduce Findel -- a purely declarative financial domain-specific language (DSL) well suited for implementation in blockchain networks. We implement an Ethereum smart contract that acts as a marketplace for Findel contracts and measure the cost of its operation. We analyze challenges in modeling financial agreements in decentralized networks and outline directions for future work. [less ▲]

Detailed reference viewed: 1161 (75 UL)