SCIF: Smart Contract Information Flow
SCIF is a new programming language for building compositionally secure smart contracts. Smart contracts implemented in SCIF are checked by the compiler for their security properties before they are deployed. SCIF is especially designed to support building secure systems in which multiple smart contracts interact. It detects and prevents common security vulnerabilities such as use of untrusted information, reentrancy attacks, and confused deputy attacks.
The core security mechanism of SCIF is static information flow checking, applied to integrity policies that can be used to annotate code. State-of-the-art compile-time diagnosis tools give programmers accurate feedback about where security bugs exist in their code. The SCIF runtime system also supports dynamic trust management so that security and trust policies can evolve securely even after contracts are deployed. A precise run-time lock mechanism prevents reentrancy vulnerabilities, and confused deputy attacks are prevented by run-time mechanisms to prevent type confusion.
SCIF code is similar to Solidity code, though with additional security annotations. SCIF programs compile to Solidity and can interoperate with existing contracts implemented in Solidity.
References
- Ethan Cecchetti, Siqiu Yao, Haobin Ni, and Andrew C. Myers. Compositional security for reentrant applications. IEEE Symp. on Security and Privacy, May 2021.
- Ethan Cecchetti, Siqiu Yao, Haobin Ni, and Andrew C. Myers. Securing smart contracts with information flow. 3rd Int'l Symp. on Foundations and Applications of Blockchain (FAB), April 2020.
Acknowledgments
This research has been supported by NSF grant 1704615 and by a gift from Ripple Inc.