SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts
<p>Runtime-verification of smart contracts ensures the absence of exploitations within a transaction during execution. It is a crucial security aspect that is often omitted due to its high onchain overhead. The lack of runtime-verification in public blockchains allowed attackers to compromise...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , , |
| منشور في: |
2023
|
| الموضوعات: | |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1864513528839274496 |
|---|---|
| author | Isra M. Ali (17869355) |
| author2 | Noureddine Lasla (17051754) Mohamed M. Abdallah (8476953) Aiman Erbad (14150589) |
| author2_role | author author author |
| author_facet | Isra M. Ali (17869355) Noureddine Lasla (17051754) Mohamed M. Abdallah (8476953) Aiman Erbad (14150589) |
| author_role | author |
| dc.creator.none.fl_str_mv | Isra M. Ali (17869355) Noureddine Lasla (17051754) Mohamed M. Abdallah (8476953) Aiman Erbad (14150589) |
| dc.date.none.fl_str_mv | 2023-07-01T00:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1016/j.jnca.2023.103658 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/SRP_An_Efficient_Runtime_Protection_Framework_for_Blockchain-based_Smart_Contracts/25107596 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Built environment and design Architecture Information and computing sciences Computer vision and multimedia computation Blockchain Smart contract Off-chain processing Runtime verification Concurrent execution |
| dc.title.none.fl_str_mv | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p>Runtime-verification of smart contracts ensures the absence of exploitations within a transaction during execution. It is a crucial security aspect that is often omitted due to its high onchain overhead. The lack of runtime-verification in public blockchains allowed attackers to compromise vulnerable contracts and cause significant monetary losses. Although several runtime protection solutions have been proposed, they do not discuss the onchain overhead limitation, which may hinder their deployment and undermine their effectiveness. To address this problem, we propose an efficient Smart contract Runtime Protection framework, called SRP, that minimizes the onchain burden of runtime-verification by integrating an off-chain mechanism with onchain contract execution. The proposed hybrid architecture is designed to protect already-deployed smart contracts from attacks in real-time while maintaining the throughput of the underlying blockchain. We first present SRP from a design perspective proposing a protocol customized for off-chain runtime-verification interoperability. Then, we evaluate our approach empirically and demonstrate the applicability of SRP using a proof-of-concept implementation on a local instance of the Ethereum network. Our empirical and experimental results indicate the feasibility and efficiency of our approach, where SRP outperforms the onchain-only mechanism in terms of service time and throughput, for increasing workloads.</p><h2>Other Information</h2> <p> Published in: Journal of Network and Computer Applications<br> License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1016/j.jnca.2023.103658" target="_blank">https://dx.doi.org/10.1016/j.jnca.2023.103658</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_640efb7a77ee2de43a488a96b547d9e8 |
| identifier_str_mv | 10.1016/j.jnca.2023.103658 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/25107596 |
| publishDate | 2023 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart ContractsIsra M. Ali (17869355)Noureddine Lasla (17051754)Mohamed M. Abdallah (8476953)Aiman Erbad (14150589)Built environment and designArchitectureInformation and computing sciencesComputer vision and multimedia computationBlockchainSmart contractOff-chain processingRuntime verificationConcurrent execution<p>Runtime-verification of smart contracts ensures the absence of exploitations within a transaction during execution. It is a crucial security aspect that is often omitted due to its high onchain overhead. The lack of runtime-verification in public blockchains allowed attackers to compromise vulnerable contracts and cause significant monetary losses. Although several runtime protection solutions have been proposed, they do not discuss the onchain overhead limitation, which may hinder their deployment and undermine their effectiveness. To address this problem, we propose an efficient Smart contract Runtime Protection framework, called SRP, that minimizes the onchain burden of runtime-verification by integrating an off-chain mechanism with onchain contract execution. The proposed hybrid architecture is designed to protect already-deployed smart contracts from attacks in real-time while maintaining the throughput of the underlying blockchain. We first present SRP from a design perspective proposing a protocol customized for off-chain runtime-verification interoperability. Then, we evaluate our approach empirically and demonstrate the applicability of SRP using a proof-of-concept implementation on a local instance of the Ethereum network. Our empirical and experimental results indicate the feasibility and efficiency of our approach, where SRP outperforms the onchain-only mechanism in terms of service time and throughput, for increasing workloads.</p><h2>Other Information</h2> <p> Published in: Journal of Network and Computer Applications<br> License: <a href="http://creativecommons.org/licenses/by/4.0/" target="_blank">http://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1016/j.jnca.2023.103658" target="_blank">https://dx.doi.org/10.1016/j.jnca.2023.103658</a></p>2023-07-01T00:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1016/j.jnca.2023.103658https://figshare.com/articles/journal_contribution/SRP_An_Efficient_Runtime_Protection_Framework_for_Blockchain-based_Smart_Contracts/25107596CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/251075962023-07-01T00:00:00Z |
| spellingShingle | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts Isra M. Ali (17869355) Built environment and design Architecture Information and computing sciences Computer vision and multimedia computation Blockchain Smart contract Off-chain processing Runtime verification Concurrent execution |
| status_str | publishedVersion |
| title | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| title_full | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| title_fullStr | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| title_full_unstemmed | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| title_short | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| title_sort | SRP: An Efficient Runtime Protection Framework for Blockchain-based Smart Contracts |
| topic | Built environment and design Architecture Information and computing sciences Computer vision and multimedia computation Blockchain Smart contract Off-chain processing Runtime verification Concurrent execution |