서브메뉴
검색
Compositional Security for Smart Contracts.
Compositional Security for Smart Contracts.
- 자료유형
- 학위논문
- Control Number
- 0017162396
- International Standard Book Number
- 9798384048107
- Dewey Decimal Classification Number
- 004
- Main Entry-Personal Name
- Yao, Siqiu.
- Publication, Distribution, etc. (Imprint
- [S.l.] : Cornell University., 2024
- Publication, Distribution, etc. (Imprint
- Ann Arbor : ProQuest Dissertations & Theses, 2024
- Physical Description
- 163 p.
- General Note
- Source: Dissertations Abstracts International, Volume: 86-03, Section: A.
- General Note
- Advisor: Myers, Andrew.
- Dissertation Note
- Thesis (Ph.D.)--Cornell University, 2024.
- Summary, Etc.
- 요약Securing smart contracts remains a fundamental challenge. At its core, it is a question of building software that is secure in composition with untrusted code, which extends far beyond the blockchain setting. We introduce SCIF, a language for building smart contracts that are compositionally secure. SCIF is based on the fundamentally compositional principle of secure information flow, but extends this core mechanism to be the first language to include protection against reentrancy attacks, confused deputy attacks, and improper error handling, even in the presence of malicious contracts that do not follow the rules of SCIF. SCIF proposes a novel and principled way to understand and prevent reentrancy attacks and confused deputy attacks. Additionally, SCIF supports a rich ecosystem of interacting principals with partial trust through its mechanisms for dynamic trust management. SCIF has been implemented as a compiler to Solidity. We describe the SCIF language, including its static checking rules and its runtime system. Finally, we implement several applications requiring intricate security reasoning, showing how SCIF supports building complex smart contracts securely and provides the programmer with accurate diagnostics about potential security bugs.
- Subject Added Entry-Topical Term
- Computer science.
- Subject Added Entry-Topical Term
- Computer engineering.
- Subject Added Entry-Topical Term
- Information science.
- Index Term-Uncontrolled
- Decentralized systems
- Index Term-Uncontrolled
- Information flow control
- Index Term-Uncontrolled
- Integrity
- Index Term-Uncontrolled
- Programming languages
- Index Term-Uncontrolled
- Security
- Added Entry-Corporate Name
- Cornell University Computer Science
- Host Item Entry
- Dissertations Abstracts International. 86-03A.
- Electronic Location and Access
- 로그인을 한후 보실 수 있는 자료입니다.
- Control Number
- joongbu:654694
