SMACS: Smart Contract Access Control Service
This addresses security challenges for smart contract developers and users, offering a practical solution to improve runtime security, though it is incremental in building on existing access control concepts.
The paper tackles the problem of security issues in blockchain-based smart contracts by proposing the SMACS framework, which enables low-cost, updatable access control rules to mitigate vulnerabilities, with evaluation showing reduced costs and enhanced protection.
Although blockchain-based smart contracts promise a ``trustless'' way of enforcing agreements even with monetary consequences, they suffer from multiple security issues. Many of these issues could be mitigated via an effective access control system, however, its realization is challenging due to the properties of current blockchain platforms (like lack of privacy, costly on-chain resources, or latency). To address this problem, we propose the SMACS framework, where updatable and sophisticated Access Control Rules (ACRs)} for smart contracts can be realized with low cost. SMACS shifts the burden of expensive ACRs validation and management operations to an off-chain infrastructure, while implementing on-chain only lightweight token-based access control. SMACS is flexible and in addition to simple access control lists can easily implement rules enhancing the runtime security of smart contracts. With dedicated ACRs backed by vulnerability-detection tools, SMACS can protect vulnerable contracts after deployment. We fully implement SMACS and evaluate it.