Andrei Marian Dan

Bio: Andrei Marian Dan is an academic researcher from ETH Zurich. The author has contributed to research in topics: Sequential consistency & Memory model. The author has an hindex of 6, co-authored 12 publications receiving 573 citations. Previous affiliations of Andrei Marian Dan include Hitachi & ABB Ltd.

Securify: Practical Security Analysis of Smart Contracts

Abstract: Permissionless blockchains allow the execution of arbitrary programs (called smart contracts), enabling mutually untrusted entities to interact without relying on trusted third parties. Despite their potential, repeated security concerns have shaken the trust in handling billions of USD by smart contracts. To address this problem, we present Securify, a security analyzer for Ethereum smart contracts that is scalable, fully automated, and able to prove contract behaviors as safe/unsafe with respect to a given property. Securify's analysis consists of two steps. First, it symbolically analyzes the contract's dependency graph to extract precise semantic information from the code. Then, it checks compliance and violation patterns that capture sufficient conditions for proving if a property holds or not. To enable extensibility, all patterns are specified in a designated domain-specific language. Securify is publicly released, it has analyzed >18K contracts submitted by its users, and is regularly used to conduct security audits by experts. We present an extensive evaluation of Securify over real-world Ethereum smart contracts and demonstrate that it can effectively prove the correctness of smart contracts and discover critical violations.

Predicate Abstraction for Relaxed Memory Models

Abstract: We present a novel approach for predicate abstraction of programs running on relaxed memory models. Our approach consists of two steps.

Effective Abstractions for Verification under Relaxed Memory Models

Abstract: We present a new abstract interpretation based approach for automatically verifying concurrent programs running on relaxed memory models. Our approach is based on three key insights: i behaviors of relaxed models e.g. TSO and PSO are naturally captured using explicit encodings of store buffers. Directly using such encodings for program analysis is challenging due to shift operations on buffer contents that result in significant loss of analysis precision. We present a new abstraction of the memory model that eliminates expensive shifting of store buffer contents and significantly improves the precision and scalability of program analysis, ii an encoding of store buffer sizes that leverages knowledge of the abstract interpretation domain, further improving analysis precision, and iii a source-to-source transformation that realizes the above two techniques: given a program P and a relaxed memory model M, it produces a new program PM where the behaviors of P running on M are over-approximated by the behavior of PM running on sequential consistency SC. This step makes it possible to directly use state-of-the-art analyzers under SC. We implemented our approach and evaluated it on a set of finite and infinite-state concurrent algorithms under two memory models: Intel's x86 TSO and PSO. Experimental results indicate that our technique achieves better precision and efficiency than prior work: we can automatically verify algorithms with fewer fences, faster and with lower memory consumption.

Securify: Practical Security Analysis of Smart Contracts

Abstract: Permissionless blockchains allow the execution of arbitrary programs (called smart contracts), enabling mutually untrusted entities to interact without relying on trusted third parties. Despite their potential, repeated security concerns have shaken the trust in handling billions of USD by smart contracts. To address this problem, we present Securify, a security analyzer for Ethereum smart contracts that is scalable, fully automated, and able to prove contract behaviors as safe/unsafe with respect to a given property. Securify's analysis consists of two steps. First, it symbolically analyzes the contract's dependency graph to extract precise semantic information from the code. Then, it checks compliance and violation patterns that capture sufficient conditions for proving if a property holds or not. To enable extensibility, all patterns are specified in a designated domain-specific language. Securify is publicly released, it has analyzed >18K contracts submitted by its users, and is regularly used to conduct security audits by experts. We present an extensive evaluation of Securify over real-world Ethereum smart contracts and demonstrate that it can effectively prove the correctness of smart contracts and discover critical violations.

Synthesis of Memory Fences via Refinement Propagation

Abstract: We address the problem of fence inference in infinite-state concurrent programs running on relaxed memory models such as TSO and PSO. We present a novel algorithm that can automatically synthesize the necessary fences for infinite-state programs.

A Survey on Consensus Mechanisms and Mining Strategy Management in Blockchain Networks

Abstract: The past decade has witnessed the rapid evolution in blockchain technologies, which has attracted tremendous interests from both the research communities and industries. The blockchain network was originated from the Internet financial sector as a decentralized, immutable ledger system for transactional data ordering. Nowadays, it is envisioned as a powerful backbone/framework for decentralized data processing and data-driven self-organization in flat, open-access networks. In particular, the plausible characteristics of decentralization, immutability, and self-organization are primarily owing to the unique decentralized consensus mechanisms introduced by blockchain networks. This survey is motivated by the lack of a comprehensive literature review on the development of decentralized consensus mechanisms in blockchain networks. In this paper, we provide a systematic vision of the organization of blockchain networks. By emphasizing the unique characteristics of decentralized consensus in blockchain networks, our in-depth review of the state-of-the-art consensus protocols is focused on both the perspective of distributed consensus system design and the perspective of incentive mechanism design. From a game-theoretic point of view, we also provide a thorough review of the strategy adopted for self-organization by the individual nodes in the blockchain backbone networks. Consequently, we provide a comprehensive survey of the emerging applications of blockchain networks in a broad area of telecommunication. We highlight our special interest in how the consensus mechanisms impact these applications. Finally, we discuss several open issues in the protocol design for blockchain consensus and the related potential research directions.

Blockchain-Enabled Smart Contracts: Architecture, Applications, and Future Trends

Abstract: In recent years, the rapid development of cryptocurrencies and their underlying blockchain technology has revived Szabo’s original idea of smart contracts, i.e., computer protocols that are designed to automatically facilitate, verify, and enforce the negotiation and implementation of digital contracts without central authorities. Smart contracts can find a wide spectrum of potential application scenarios in the digital economy and intelligent industries, including financial services, management, healthcare, and Internet of Things, among others, and also have been integrated into the mainstream blockchain-based development platforms, such as Ethereum and Hyperledger. However, smart contracts are still far from mature, and major technical challenges such as security and privacy issues are still awaiting further research efforts. For instance, the most notorious case might be “The DAO Attack” in June 2016, which led to more than $50 million Ether transferred into an adversary’s account. In this paper, we strive to present a systematic and comprehensive overview of blockchain-enabled smart contracts, aiming at stimulating further research toward this emerging research area. We first introduced the operating mechanism and mainstream platforms of blockchain-enabled smart contracts, and proposed a research framework for smart contracts based on a novel six-layer architecture. Second, both the technical and legal challenges, as well as the recent research progresses, are listed. Third, we presented several typical application scenarios. Toward the end, we discussed the future development trends of smart contracts. This paper is aimed at providing helpful guidance and reference for future research efforts.

Blockchain for AI: Review and Open Research Challenges

Abstract: Recently, artificial intelligence (AI) and blockchain have become two of the most trending and disruptive technologies. Blockchain technology has the ability to automate payment in cryptocurrency and to provide access to a shared ledger of data, transactions, and logs in a decentralized, secure, and trusted manner. Also with smart contracts, blockchain has the ability to govern interactions among participants with no intermediary or a trusted third party. AI, on the other hand, offers intelligence and decision-making capabilities for machines similar to humans. In this paper, we present a detailed survey on blockchain applications for AI. We review the literature, tabulate, and summarize the emerging blockchain applications, platforms, and protocols specifically targeting AI area. We also identify and discuss open research challenges of utilizing blockchain technologies for AI.