Pieter Hartel

Pieter Hartel, Richard Schumi

It is crucial that smart contracts are tested thoroughly due to their immutable nature. Even small bugs in smart contracts can lead to huge monetary losses. However, testing is not enough; it is also important to ensure the quality and completeness of the tests. There are already several approaches that tackle this challenge with mutation testing, but their effectiveness is questionable since they only considered small contract samples. Hence, we evaluate the quality of smart contract mutation testing at scale. We choose the most promising of the existing (smart contract specific) mutation operators, analyse their effectiveness in terms of killability and highlight severe vulnerabilities that can be injected with the mutations. Moreover, we improve the existing mutation methods by introducing a novel killing condition that is able to detect a deviation in the gas consumption, i.e., in the monetary value that is required to perform transactions. This paper has a replication package at https://github.com/pieterhartel/Mutation-at-scale

Pieter Hartel, Rolf van Wegberg

Law enforcement agencies struggle with criminals using to end-to-end encryption (E2EE). A recent policy paper states: "while encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement". The main argument is that E2EE hampers attribution and prosecution of criminals who rely on encrypted communication - ranging from drug syndicates to child sexual abuse material (CSAM) platforms. This statement - in policy circles dubbed 'going dark' - is not yet supported by empirical evidence. That is why, in our work, we analyse public court data from the Netherlands to show to what extent law enforcement agencies and the public prosecution service are impacted by the use of E2EE in bringing cases to court and their outcome. Our results show that Dutch courts appear to be as successful in convicting offenders who rely on E2EE as those who do not. Our data does not permit us to draw conclusions on the effect of E2EE on criminal investigations.

Pieter Hartel, Ivan Homoliak, Daniël Reijsbergen

Since it takes time and effort to put a new product or service on the market, one would like to predict whether it will be a success. In general this is not possible, but it is possible to follow best practices in order to maximise the chance of success. A smart contract is intended to encode business logic and is therefore at the heart of every new business on the Ethereum blockchain. We have investigated how to measure the success of smart contracts, and whether successful smart contracts have characteristics that less successful smart contracts lack. The appearance of a smart contract on a listing website such as Etherscan or StateoftheDapps is such a characteristic. In this paper, we present a three-pronged analysis of the relative success of listed smart contracts. First, we have used statistical analysis on the publicly visible transaction history of the Ethereum blockchain to determine that listed contracts are significantly more successful than their unlisted counterparts. Next, we have conducted a survey among more than 200 developers via an anonymous online survey about their experience with the listing process. A significant majority of respondents do not believe that listing a contract itself contributes to its success, but they believe that the extra attention that is typically paid in tandem with the listing process does contribute. Finally, based on the respondents' answers, we have drafted 10 recommendations for developers and validated them by submitting them to an international panel of experts.

Pieter Hartel, Mark van Staalduinen

The Ethereum blockchain is essentially a globally replicated public database. Programs called smart contracts can access this database. Over 10 million smart contracts have been deployed on the Ethereum blockchain. Executing a method of a smart contract generates a transaction that is also stored on the blockchain. There are over 1 billion Ethereum transactions to date. Smart contracts that are transparent about their function are more successful than opaque contracts. We have therefore developed a tool (ContractVis) to explore the transparency of smart contracts. The tool generates a replay script for the historic transactions of a smart contract. The script executes the transactions with the same arguments as recorded on the blockchain, but in a minimal test environment. Running a replay script provides insights into the contract, and insights into the blockchain explorer that was used to retrieve the contract and its history. We provide five concrete recommendations for blockchain explorers like Etherscan to improve the transparency of smart contracts.

Ivan Homoliak, Dominik Breitenbacher, Ondrej Hujnak et al.

With the recent rise of cryptocurrencies' popularity, the security and management of crypto-tokens have become critical. We have witnessed many attacks on users and providers, which have resulted in significant financial losses. To remedy these issues, several wallet solutions have been proposed. However, these solutions often lack either essential security features, usability, or do not allow users to customize their spending rules. In this paper, we propose SmartOTPs, a smart-contract wallet framework that gives a flexible, usable, and secure way of managing crypto-tokens in a self-sovereign fashion. The proposed framework consists of four components (i.e., an authenticator, a client, a hardware wallet, and a smart contract), and it provides 2-factor authentication (2FA) performed in two stages of interaction with the blockchain. To the best of our knowledge, our framework is the first one that utilizes one-time passwords (OTPs) in the setting of the public blockchain. In SmartOTPs, the OTPs are aggregated by a Merkle tree and hash chains whereby for each authentication only a short OTP (e.g., 16B-long) is transferred from the authenticator to the client. Such a novel setting enables us to make a fully air-gapped authenticator by utilizing small QR codes or a few mnemonic words, while additionally offering resilience against quantum cryptanalysis. We have made a proof-of-concept based on the Ethereum platform. Our cost analysis shows that the average cost of a transfer operation is comparable to existing 2FA solutions using smart contracts with multi-signatures.

Vincent Chia, Pieter Hartel, Qingze Hum et al.

Blockchain technology has become almost as famous for incidents involving security breaches as for its innovative potential. We shed light on the prevalence and nature of these incidents through a database structured using the STIX format. Apart from OPSEC-related incidents, we find that the nature of many incidents is specific to blockchain technology. Two categories stand out: smart contracts, and techno-economic protocol incentives. For smart contracts, we propose to use recent advances in software testing to find flaws before deployment. For protocols, we propose the PRESTO framework that allows us to compare different protocols within a five-dimensional framework.