Secure Smart Contracts

Smart contracts are computer programs that can be used to store the terms of a contract into a blockchain, where they can be executed automatically. The promising technology is being used in cryptocurrencies and is waiting in the wings in many industries: Real estate transactions, licensing, checking supply chains or controlling production processes – many transactions and processes that today have to be done manually could be automated and significantly accelerated in the future with programmed contracts.

However, interest in smart contracts is also growing in hacker circles. The programs are permanently online. As soon as a vulnerability is discovered somewhere in the code, it can easily be exploited. In recent times, there have been several thefts of cryptocurrency because smart contracts had security vulnerabilities that were not closed quickly enough. “Many companies have lost their trust in the technology,” explains professor Davi. “If we want smart contracts to reach their full potential, we need to effectively secure them against hacking.”

With the funds from the ERC Grant, he plans to create the first solution for the protection of smart contracts that covers all development and deployment phases of a blockchain: A key element will be the first compiler for smart contracts that detects and automatically fixes programming errors already in the development phase. Cyberattacks on ongoing transactions will be detected by a new monitoring tool and averted before they cause major damage. In addition, to assess the security of existing contracts and better understand the reasons for cyberattacks, Davi and his team are researching novel forensic analysis techniques. “The ERC grant gives us the opportunity to integrate our diverse ideas into a powerful overall solution.”