Smart contracts are computer programs that can be used to store the terms of a contract into a blockchain, where they can be executed automatically. The promising technology is being used in cryptocurrencies and is waiting in the wings in many industries: Real estate transactions, licensing, checking supply chains or controlling production processes – many transactions and processes that today have to be done manually could be automated and significantly accelerated in the future with programmed contracts.
However, interest in smart contracts is also growing in hacker circles. The programs are permanently online. As soon as a vulnerability is discovered somewhere in the code, it can easily be exploited. In recent times, there have been several thefts of cryptocurrency because smart contracts had security vulnerabilities that were not closed quickly enough. “Many companies have lost their trust in the technology,” explains professor Davi. “If we want smart contracts to reach their full potential, we need to effectively secure them against hacking.”
With the funds from the ERC Grant, he plans to create the first solution for the protection of smart contracts that covers all development and deployment phases of a blockchain: A key element will be the first compiler for smart contracts that detects and automatically fixes programming errors already in the development phase. Cyberattacks on ongoing transactions will be detected by a new monitoring tool and averted before they cause major damage. In addition, to assess the security of existing contracts and better understand the reasons for cyberattacks, Davi and his team are researching novel forensic analysis techniques. “The ERC grant gives us the opportunity to integrate our diverse ideas into a powerful overall solution.”
About the researcher
Lucas Davi received his doctorate at TU Darmstadt, supervised by CROSSING-PI professor Ahmad-Reza Sadeghi. During the time, he was developing novel defense mechanisms against software exploits for various computer architectures. For his doctoral thesis, he was awarded the ACM SIG SAC Doctoral Dissertation Award in 2016, the most recognized international dissertation award in the field of computer security. He is also a two-time winner of the German IT Security Award. As a Principal Investigator, he leads projects in the DFG Collaborative Research Center CROSSING at TU Darmstadt and in the . Since 2016, he has been an assistant professor for computer science at Cluster of Excellence CASA at Ruhr Uni Bochum at University Duisburg-Essen, where he has established his paluno – The Ruhr Institute for Software Technology. research group Secure Software Systems (SYSSEC)