Compositional Security for Reentrant Applications
This addresses security vulnerabilities in smart contracts, which are critical for blockchain applications, though it is incremental by building on information flow control.
The paper tackles the problem of achieving compositional security for smart contracts in the presence of reentrancy attacks, introducing a security type system that provably enforces secure information flow and helps locate vulnerabilities.
The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve compositional security, offering strong guarantees even when combining software from different trust domains. Unfortunately, this appealing story breaks down in the presence of reentrancy attacks. We formalize a general definition of reentrancy and introduce a security condition that allows software modules like smart contracts to protect their key invariants while retaining the expressive power of safe forms of reentrancy. We present a security type system that provably enforces secure information flow; in conjunction with run-time mechanisms, it enforces secure reentrancy even in the presence of unknown code; and it helps locate and correct recent high-profile vulnerabilities.