Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts
This addresses security vulnerabilities in Ethereum smart contracts, which is critical due to their non-fixable bugs and financial implications, though it is an incremental improvement over existing design tools.
The paper tackles the problem of error-prone smart contract development by introducing FSolidM, a framework that allows developers to design contracts as finite state machines, resulting in enhanced security and functionality through graphical editing and code generation.
Blockchain-based distributed computing platforms enable the trusted execution of computation - defined in the form of smart contracts - without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely error prone. In practice, contracts are riddled with security vulnerabilities comprising a critical issue since bugs are by design non-fixable and contracts may handle financial assets of significant value. To facilitate the development of secure smart contracts, we have created the FSolidM framework, which allows developers to define contracts as finite state machines (FSMs) with rigorous and clear semantics. FSolidM provides an easy-to-use graphical editor for specifying FSMs, a code generator for creating Ethereum smart contracts, and a set of plugins that developers may add to their FSMs to enhance security and functionality.