SlideShare a Scribd company logo

Upgradability of smart contracts review framework enhances security and scalability

IRJET Journal
IRJET Journal

This document reviews approaches for making smart contracts upgradable on blockchain platforms like Ethereum. It summarizes six existing patterns for smart contract upgradability: basic data segregation, satellite data segregation, register pattern (which use data segregation) and inherited storage proxy, eternal storage proxy, unstructured storage proxy (which use proxy contracts). The document analyzes these patterns and finds that while proxy patterns enable full upgradability, they have scalability issues. It also finds that existing patterns lack security mechanisms to prevent attacks like DAO attacks. The document then proposes a new "comprehensive data proxy pattern" which uses data segregation and a proxy contract with added verification to enable upgradability, scalability and security against

Engineering
1 of 5
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2602 Upgradability of smart contracts: A Review Girish N M1, Sharadadevi Kaganurmath2 1UG Student, RV College of Engineering, Bengaluru, Karnataka, India 2Professor, Dept of Information Science and Engineering, RV College of Engineering, Bengaluru, Karnataka, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Smart contracts have been developed and employedinbothpermissionedandpermissionlessblockchains recently, mainly to enforce agreementsamongpartieswithout the need for intermediaries. This achievement is the result of blockchain immutability which guarantees that no party can alter the conditions of an already deployedcontract. However, immutability also makes patching or updating contracts impossible even when incorrectness, unfairness, or security flaws are spotted in them. So far, researchers in academiaand industry have developed two main methods, data segregation and proxy storage, with six patterns to make deployed contracts upgradable. However, until now, there has been no comprehensive framework that can simultaneously offer upgradability, security resilience, and scalability features. For example, none of the existing solutions have implemented any security mechanism that can resist attacks such as the DAO one. Through extensive analysis and implementation of all these patterns, and taking state-of-the-art attacks on the Ethereum network into consideration, we review framework, “Comprehensive-Data-Proxy pattern” which uses data segregation on the top of proxy pattern, that can completely defend against any types of Reentrancy attacks. Additionally, this solution mitigates the scalability issue of the proxy pattern. Our experiments show that the framework can address these two issues with negligible impact on performance. Key Words: Blockchain, Smart Contract, Ethereum, Distributed platform, DAO I. INTRODUCTION Due to the immutability of blockchains, smart contracts[26] are replacing regular contracts since they can do away with middlemen. This immutable quality guarantees that deployed contracts are not changed by any participating parties, fostering confidence between them. With the exception of Bitcoin [12], many blockchains have been built to accommodate smart contracts. Smart contracts are written in languages like Go-Lang [1] and Solidity [19] on some platforms, such as Ethereum [7]. Once deployed, they can be executed by the parties concerned at specific addresses within the Ethereum network [17]. Anyone can access any address or smart contract on a permissionless blockchain like Ethereum and start its execution if the necessary criteria are satisfied. In actuality, anyone can create and use contract. Making sure that the deployed smart contracts are accurate,equitable,andsecure is crucial [11]. Writing fair and error-free contracts is far from simple, as shown by the numerous attacks being attempted against the Ethereum platform [4]. This kind of security vulnerabilityrequiresthetargetedsmartcontractto be patched immediately, or attackers exploit it again. However, patching or upgrading a contract is in contrast with the immutability feature of blockchain. We need to find a way to patch or upgrade smart contracts if we aim to develop this new technology and prepare it for mass adoption. So far, there have been two categories of upgradable patterns developed by researchers to achieve upgradability on the Ethereum platform. The technique used in all these solutions is to map the states of storage data in the newly deployed contracts to the original versions. By doing so, the states of data can be updated and manipulated by the new contracts without making any changes to the previous versions, something which was supposedly impossibleto do directly before. For instance, in [25], the authors introducea data segregation pattern, which suggests that a contract is written as two separate (sub)contracts;a data contractanda logic contract. In this case, the upgradability is achieved through upgrading the logic contract without touching the data in the data contract. Inanotherapproach,OpenZeppelin [9] developed a novel method that uses a proxy contract to overtake the ownership of storage addresses of all versions of a given contract. Any call to the target contract would be redirected to the proxy contract which in turn, will send all transactions to the same address it controls, and through this, achieves the upgradabilitygoal.Tosumup,mappingthe states of new version of the deployed contract to its original storage address is the key to any state-of-the-art solution. While these solutions can bring upgradability to smart contracts in the immutable environmentofblockchain,what is missing in them is resilience to attacks, which was one of the reasons behind the need for updating the contract in the first place. Indeed, none of the existing patterns implement any control to prevent critical attacks, such as Reentrancy attacks [16], in Ethereum.Forinstance,protectingtheEthers held by logic contracts in data segregation patterns is vital, but none of sub-patterns in this category can handleit.Thus, it remains an open question how we can apply a security mechanism to improve updatable contracts resilience to attacks. In this paper, we first introduce six main state-of-the-art approaches and then comprehensively analyse four of them
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2603 that address the upgradability problem in Ethereum. Three of these use data segregation pattern:basic data segregation, satellite data segregation and register pattern [25]. The remaining three methods that employ the proxy pattern approach are Inherited Storage Proxy [14], Eternal Storage Proxy [13] and Unstructured Storage Proxy [15]. After introducing the six approaches, we deeply examine three kinds of popular attacks on Ethereum which were studiedin [16], [8] and [21], namely, cross-functionReentrancy,typical Reentrancy and DAO attacks. After analysing and implementing these attacks, we then review mechanism to enhance the current upgrading approaches in terms of resilience to such attacks. Next, we thoroughly analyse the proxy patterns and specifically, we study the function signatures [19] of smart contractsinordertodeterminehow to improve the scalability of thispattern.Wetheyimplement the design of multi-contracts proxy with a single contract so that this implementation requires only one proxy for better scalability. To this end, we formulateandimplementthecomprehensive combined-model, Comprehensive-data-proxypattern[3], to fully achieve upgradability as well as security resilience and scalability. Under this model, the design smart contracts in two layers as proposed by typical data segregation patterns, but with the distinctivecharacteristics.First,theyembed one extra authentication and data verification component between data layer and its logic contract layer, to rule out the possibility of DAO attacks.Second, weimplementa proxy pattern at the data layer to fully achieve upgradability. The first contribution is the analysing of state-of-the-art methods that have been developed to upgrade smart contracts, in which we shows that while proxy patterns can fully achieve upgradability, they raise concerns about memory handling and scalability. We also foundthatnone of the existing patterns have any security control to defend against typical attacks.Then, wemake enhancementstoeach pattern based on our evaluation in the previous step. We show that with the enhancement, i.e. Ether-Transfer- Verification, all the existing data segregationpatternswould completelythwart well-knownRe-entrancyandDAOattacks. The new model of upgradable smart contract, i.e. Comprehensive-dataproxy pattern, which can simultaneously provide upgradability and resilience to typical DAO and Re-entrancy attacks. The restofthe paper is organised as follows: In Section II, we introduce the general background of smart contracts and the problems that justify the need for upgradability feature. Discussion on the results will be presented in Section III. We wrap up the paper in Section IV with our conclusion and further work. II. BACKGROUND A. The Concept of Upgradable Smart Contract If smart contracts are immutable, how can we update them like conventional software? This is the main research question. It is crucial to understandthatanalreadydeployed contract or opcode cannot be changed in any way. However, we can upgrade contracts by creating a storage mapping from the new contract to the old one. Several sorts of patterns are now used to deal with contract upgradeability. The six most common upgradable contract patterns will be examined in the remaining paragraphs of this section. Additionally, we separate them into two groups: proxy and data segregation. B. Data Segregation Patterns In this section, we discuss the first upgradable pattern of smart contract, i.e. Data Segregation. The core idea behind data segregation is to separate data from the contract logic. In this way, a given contract is written in two separate (sub)contracts, a data contract and a logic or business contract. The logic Fig. 1.Upgradability by Data Segregation. contract interacts and manipulates the data in the data contract through some interfaces provided by the data contract (see Fig. 1). By doing so, it brings the upgradability to the contract as the logic contract can be upgraded and redeployed, while the data contractwhichholdsall thestates of for the contract remains the same on the chain. However, one disadvantage of this simple pattern is that, the data contract in this case does not have any upgradable capacity like its counterpart. There are currently three patterns in this category: basic data segregation, satellite pattern, and register contract pattern. In the basic data segregation approach, an original contract is simply separated into two child contracts; a data contract and a logic contract. For instance, an ERC20 [23] standard contract is realised by a data contract which contains the states such as accounts and balance of account, and a logic contract which covers operations like mint and transfer methods. Similarly, SatelliteContractalsocontainsa data contract and satellitecontractswhichworkssimilarlyto the logic contract mentioned before. What makes this pattern different from the previous one is that each of the satellite contracts is responsible for one functionality only. Register contract pattern is additionally used to update the logic contract address to the data contract. Although this pattern can refer to the latest copy of a contract, it cannot import the existing data into the new version of thecontract. Therefore, it should be used with other types of upgradable pattern, such as basic segregation or satellite contract pattern.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2604 C. Proxy Patterns Another upgradable category is about proxy contracts, as Zeppolinos [10] has suggested for the Ethereum platform. There are currently three types of upgradable proxy patterns: Inherited Proxy Storage,Eternal ProxyStorageand Unstructured Proxy Storage. They all share the same foundation that the proxy contract takes control of all the states of contracts by handling every call to them though delegatecalls [6]. By doing this, the sender’s original address is preserved while its call is passed through the proxy contract to the original storage address, as shown in Fig. 2. Fig. 2.Upgradability by using the Inherited Storage. As it can be seen, all the calls to the contract are handled by the proxy contract. It forwards all thesecallstotheexecution storage area of the contract by using delegatecall. Through this, the proxy is in control of the storage, and all states of the contract, since the delegatecall does not change the sender origin. It is also worth noticing that there is no need for separation of data and logic contractsinthissolution.The target contract will update itself with its storage being controlled by the proxy contract, thus, it can access all the states of its original contract. III. REVIEW RESULTS In this section, we describe the key results of the experiment regarding to the performance of upgradable patterns, resilience to DAO and re-entrance attacks and upgradability capacity. A. Performance Indicators In order to evaluate the gas used and TPSfor eachpattern, we perform the experiment with two standard transactions; the mint (top up) and transfer transactions. Fig. 5. Gas used for deployment, mint and transfer (gas used for deployment was presented by 3 percent of actual value for presenting purpose We also measured the gas consumed in the process of deploying smart contracts for each pattern as shown in Fig. 5. As it can be seen from the these above tables, and TPS in table 6, the amount of Gas Fig. 6.The TPS performance indicator. used for the deployment, mint and transfer method as well as the TPS are consistent with our analysesinsection III. It also proved that these two indicators of proposed pattern, are not considerable more than these existing methods. B. Resilience to DAO Attacks In order to evaluate the resilience of patterns against two common attacks on the Ethereum Public Chain, we launched the attacks on each of them. Out result is consistent with our analysis. Without a proper protection mechanism, all patterns are vulnerable to DAO and Reentrancy attacks. On thecontrary,theproposedpattern completely blocks these attacks even though the above- mentioned vulnerabilities existinthelogiccontract.Inthe other words, DAT and any types of Reentrancyattacksare eliminated by the use of data segregation technique introduced. C. Upgradable Capacity As we stated before, none of the data segregationpatterns can provide full upgradability, since only the logic contract of this category is upgradable while its counterpart (the data contract) is not. On the other hand, all the three proxy patterns as well as the patternhavethe capacity for complete upgradability. In the case of proxy patterns, the target contact can be upgraded freely regardless of the proxycontract.Thepatternalsoachieves this with both logic contract and data contract,plusmulti- proxy contract capacity. CONCLUSION In this paper, we analysed the need for upgradability in smart contracts, state-of-the-art upgradable patterns, then we thoroughly analysed those patterns to show the main differences, also the limitations.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2605 REFERENCES [1] Golang documentation. [Online]. Available: https://golang.org/doc/ [2] N. Atzei, M. Bartoletti, and T. Cimoli,“Asurveyofattacks on ethereum smart contracts sok,” in Proceedings ofthe 6th International Conference on Principles of Security and Trust - Volume 10204. New York, NY,USA:Springer- Verlag New York, Inc., 2017, pp. 164–186. [Online]. Available:https://doi.org/10.1007/978-3-662-54455-6 8 [3] C. Bui. (2019, May) Upgradable smartcontractpatterns. [Online]. Available: https://github.com/SWlabs/dao- attacks [4] Consensys, “Known attacks,” May 2016. [Online]. Available: https://consensys.github.io/smart-contract- best-practices/known attacks/ [5] P. Daian. (2016, Jun) Analysis of the dao exploit. [Online]. Available: http://hackingdistributed.com/2016/06/18/analysis- of-the-dao-exploit/ [6] Ethereum, “Ethereum virtual machine opcodes,” Sep 2018. [Online]. Available: https://ethervm.io/#CALLDATALOAD [7] “What is ethereum,” July 2019. [Online]. Available: http://www.ethdocs.org/en/latest/introduction/what- is-ethereum.html [8] S. Kalra, S. Goel, M. Dhawan, and S. Sharma, “Zeus: Analyzing safety of smart contracts,” 01 2018. [9] Z. Labs, “Upgradeability using eternal storage,” April 2018. [Online]. Available: https://github.com/zeppelinos/labs/blob/master/upgr adeabilityusingeternalstorage/contracts/Proxy.sol [10] “Upgradeability using eternal storage,” April 2018. [Online]. Available: https://github.com/zeppelinos/labs/tree/master/upgr adeabilityusingeternalstorage [11]L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making smart contracts smarter,” in Proceedingsofthe 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: ACM, 2016, pp. 254–269. [Online]. Available: http://doi.acm.org/10.1145/2976749.2978309 [12]S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Dec 2008, accessed: 2015-07-01. [Online]. Available: https://bitcoin.org/ bitcoin.pdf [13]OpenZeppelin. (2018, April) Upgradeability using eternal storage. [Online]. Available: https://github.com/OpenZeppelin/ openzeppelin- labs/tree/ff479995ed90c4dbb5e32294fa95b16a22bb9 9c8/ upgradeability using eternal storage [14]Upgradeability using inherited storage. [Online]. Available: https://github.com/OpenZeppelin/openzeppelin- labs/tree/ ff479995ed90c4dbb5e32294fa95b16a22bb99c8/upgra deability using inherited storage [15]Upgradeability using unstructured storage. [Online]. Available: https://github.com/OpenZeppelin/openzeppelin- labs/tree/ff479995ed90c4dbb5e32294fa95b16a22bb9 9c8/upgradeabilityusingunstructuredstorage [16]M. Rodler, W. Li, G. Karame, and L. Davi, “Sereum: Protecting existing smart contracts against re-entrancy attacks,” in Proceedings of the Network and Distributed System Security Symposium (NDSS’19), 2019. [17]F. Schar, “Decentralized finance: On blockchain- and smart contract-¨ based financial markets,” 03 2020. [18]D. Siegel. (2016, June) Understanding the dao attack. [Online]. Available: https://www.coindesk.com/understanding-dao-hack- journalists [19]Solidity. (2019, Mar) Solidity assembly. [Online]. Available: https://solidity.readthedocs.io/en/v0.5.5/assembly.ht ml [20]Solidity assembly. [Online]. Available: https://solidity.readthedocs.io/en/v0.5.3/assembly.ht ml [21]P. Tsankov, A. Dan, D. Drachsler-Cohen, A. Gervais, F. Bunzli,¨ and M. Vechev, “Securify: Practical security analysis of smart contracts,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’18. New York, NY, USA: ACM, 2018, pp. 67–82. [Online]. Available: http://doi.acm.org/10.1145/3243734.3243780
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2606 [22]D. Wesley. (2017, Oct) Reentrancy attack on a smart contract. [Online]. Available: https://medium.com/JusDev1988/Reentrancy-attack- on-a-smart-contract-677eae1300f2 [23]E. Wiki, “Erc20 token standard,” Dec 2018. [Online]. Available: https://theethereum.wiki/w/index.php/ERC20 Token Standard [24]M. Wohrer and U. Zdun, “Smart contracts: security patterns in the ethereum ecosystem and solidity,” in 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), March 2018, pp. 2–8. [25]M. Wohrer and U. Zdun, “Design patterns for smart contracts in the¨ ethereum ecosystem,” 2018. [26]G. Wood, “Ethereum:Asecuredecentralisedgeneralised transaction ledger eip-150 revision (759dccd - 2017- 08-07),”2017,accessed:201801-03.[Online].Available: https://ethereum.github.io/yellowpaper/paper.pdf [27]X. Xu, I. Weber, M. Staples, L. Zhu, J. Bosch, L. Bass, C. Pautasso, and P. Rimba, “A taxonomy of blockchain- based systems for architecture design,” in 2017 IEEE International Conference on Software Architecture (ICSA), April 2017, pp. 243–252. [28]X. Xu, C. Pautasso, L. Zhu, Q. Lu, and I. Weber, “A pattern collection for blockchain-based applications,” 07 2018.

Recommended

Pairwyse DSL Protocol - Whitepaper - V08.pdf
Pairwyse DSL Protocol - Whitepaper - V08.pdfPairwyse DSL Protocol - Whitepaper - V08.pdf
Pairwyse DSL Protocol - Whitepaper - V08.pdfashwin164916
 
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGY
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGYOVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGY
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGYIRJET Journal
 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET Journal
 
Blockchain-based Applications
Blockchain-based ApplicationsBlockchain-based Applications
Blockchain-based ApplicationsSadegh Dorri N.
 
IRJET- Study of Blockchain and its Concepts
IRJET- Study of Blockchain and its ConceptsIRJET- Study of Blockchain and its Concepts
IRJET- Study of Blockchain and its ConceptsIRJET Journal
 
Smart Contract for Insurance: Opportunities and Challenges for Insurers
Smart Contract for Insurance: Opportunities and Challenges for InsurersSmart Contract for Insurance: Opportunities and Challenges for Insurers
Smart Contract for Insurance: Opportunities and Challenges for InsurersIRJET Journal
 
Hyperledger Architecture Vol 2 > Smart Contracts
Hyperledger Architecture Vol 2 > Smart ContractsHyperledger Architecture Vol 2 > Smart Contracts
Hyperledger Architecture Vol 2 > Smart ContractsVIJAY MUTHU
 
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS
 

Recommended

Pairwyse DSL Protocol - Whitepaper - V08.pdf
Pairwyse DSL Protocol - Whitepaper - V08.pdfPairwyse DSL Protocol - Whitepaper - V08.pdf
Pairwyse DSL Protocol - Whitepaper - V08.pdfashwin164916
 
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGY
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGYOVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGY
OVERVIEW OF SMART CONTRACT IN BLOCKCHAIN TECHNOLOGYIRJET Journal
 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET Journal
 
Blockchain-based Applications
Blockchain-based ApplicationsBlockchain-based Applications
Blockchain-based ApplicationsSadegh Dorri N.
 
IRJET- Study of Blockchain and its Concepts
IRJET- Study of Blockchain and its ConceptsIRJET- Study of Blockchain and its Concepts
IRJET- Study of Blockchain and its ConceptsIRJET Journal
 
Smart Contract for Insurance: Opportunities and Challenges for Insurers
Smart Contract for Insurance: Opportunities and Challenges for InsurersSmart Contract for Insurance: Opportunities and Challenges for Insurers
Smart Contract for Insurance: Opportunities and Challenges for InsurersIRJET Journal
 
Hyperledger Architecture Vol 2 > Smart Contracts
Hyperledger Architecture Vol 2 > Smart ContractsHyperledger Architecture Vol 2 > Smart Contracts
Hyperledger Architecture Vol 2 > Smart ContractsVIJAY MUTHU
 
V SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS - Smart Contract and Token System_EN
V SYSTEMS - Smart Contract and Token System_ENV SYSTEMS
 
Sarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieeeSarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieeeIT Strategy Group
 
IRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud ServerIRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud ServerIRJET Journal
 
IRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum BlockchainIRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum BlockchainIRJET Journal
 
What Is A Smart Contract Audit?
What Is A Smart Contract Audit?What Is A Smart Contract Audit?
What Is A Smart Contract Audit?Blocktech Brew
 
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINAN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINIRJET Journal
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDijccsa
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDijccsa
 
IRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger FabricIRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger FabricIRJET Journal
 
Blockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT DevicesBlockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT DevicesIRJET Journal
 
The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...Conference Papers
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
SGX consensus
SGX consensusSGX consensus
SGX consensusTommy Koens
 
IRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for CarsIRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for CarsIRJET Journal
 
Cross domain identity trust management for grid computing
Cross domain identity trust management for grid computingCross domain identity trust management for grid computing
Cross domain identity trust management for grid computingijsptm
 
Benchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQLBenchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQLTELKOMNIKA JOURNAL
 
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTIONSECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTIONIJNSA Journal
 
Decentralized Car Hailing Application
Decentralized Car Hailing ApplicationDecentralized Car Hailing Application
Decentralized Car Hailing ApplicationIRJET Journal
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusCMR WORLD TECH
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusCMR WORLD TECH
 
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTUREIRJET Journal
 

More Related Content

Similar to Upgradability of smart contracts review framework enhances security and scalability

Sarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieeeSarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieeeIT Strategy Group
 
IRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud ServerIRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud ServerIRJET Journal
 
IRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum BlockchainIRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum BlockchainIRJET Journal
 
What Is A Smart Contract Audit?
What Is A Smart Contract Audit?What Is A Smart Contract Audit?
What Is A Smart Contract Audit?Blocktech Brew
 
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINAN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINIRJET Journal
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDijccsa
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDijccsa
 
IRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger FabricIRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger FabricIRJET Journal
 
Blockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT DevicesBlockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT DevicesIRJET Journal
 
The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...Conference Papers
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
IRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for CarsIRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for CarsIRJET Journal
 
Cross domain identity trust management for grid computing
Cross domain identity trust management for grid computingCross domain identity trust management for grid computing
Cross domain identity trust management for grid computingijsptm
 
Benchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQLBenchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQLTELKOMNIKA JOURNAL
 
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTIONSECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTIONIJNSA Journal
 
Decentralized Car Hailing Application
Decentralized Car Hailing ApplicationDecentralized Car Hailing Application
Decentralized Car Hailing ApplicationIRJET Journal
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusCMR WORLD TECH
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusCMR WORLD TECH
 

Similar to Upgradability of smart contracts review framework enhances security and scalability (20)

Sarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieeeSarwar sayeed , hector marco gisbert, tom caira ieee
Sarwar sayeed , hector marco gisbert, tom caira ieee
 
IRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud ServerIRJET- Secure Database Management and Privacy Preserving in Cloud Server
IRJET- Secure Database Management and Privacy Preserving in Cloud Server
 
IRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum BlockchainIRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
IRJET- Photogroup: Decentralized Web Application using Ethereum Blockchain
 
What Is A Smart Contract Audit?
What Is A Smart Contract Audit?What Is A Smart Contract Audit?
What Is A Smart Contract Audit?
 
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAINAN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
AN IDENTITY MANAGEMENT SYSTEM USING BLOCKCHAIN
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
 
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUDDYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
DYNAMIC TENANT PROVISIONING AND SERVICE ORCHESTRATION IN HYBRID CLOUD
 
IRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger FabricIRJET- Smart Contracts for Insurance based on Hyperledger Fabric
IRJET- Smart Contracts for Insurance based on Hyperledger Fabric
 
Blockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT DevicesBlockchain Technology using System Requirement Specification and IoT Devices
Blockchain Technology using System Requirement Specification and IoT Devices
 
The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...The design and implementation of trade finance application based on hyperledg...
The design and implementation of trade finance application based on hyperledg...
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
SGX consensus
SGX consensusSGX consensus
SGX consensus
 
IRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for CarsIRJET - Bit-Contracts: Smart Contracts for Cars
IRJET - Bit-Contracts: Smart Contracts for Cars
 
Cross domain identity trust management for grid computing
Cross domain identity trust management for grid computingCross domain identity trust management for grid computing
Cross domain identity trust management for grid computing
 
Benchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQLBenchmark and comparison between hyperledger and MySQL
Benchmark and comparison between hyperledger and MySQL
 
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTIONSECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
SECURE COLLABORATIVE PROCESSING ARCHITECTURE FOR MITB ATTACK DETECTION
 
Decentralized Car Hailing Application
Decentralized Car Hailing ApplicationDecentralized Car Hailing Application
Decentralized Car Hailing Application
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensus
 
Hyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensusHyperledger arch wg_paper_1_consensus
Hyperledger arch wg_paper_1_consensus
 

More from IRJET Journal

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTUREIRJET Journal
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...IRJET Journal
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsIRJET Journal
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...IRJET Journal
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...IRJET Journal
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...IRJET Journal
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...IRJET Journal
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASIRJET Journal
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...IRJET Journal
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProIRJET Journal
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...IRJET Journal
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemIRJET Journal
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesIRJET Journal
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web applicationIRJET Journal
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...IRJET Journal
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.IRJET Journal
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...IRJET Journal
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignIRJET Journal
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...IRJET Journal
 

More from IRJET Journal (20)

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
 

Recently uploaded

UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage examplePragyanshuParadkar1
 
EduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIEduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIkoyaldeepu123
 
Effects of rheological properties on mixing
Effects of rheological properties on mixingEffects of rheological properties on mixing
Effects of rheological properties on mixingviprabot1
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 

Recently uploaded (20)

UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage example
 
EduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AIEduAI - E learning Platform integrated with AI
EduAI - E learning Platform integrated with AI
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Effects of rheological properties on mixing
Effects of rheological properties on mixingEffects of rheological properties on mixing
Effects of rheological properties on mixing
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 

Upgradability of smart contracts review framework enhances security and scalability

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2602 Upgradability of smart contracts: A Review Girish N M1, Sharadadevi Kaganurmath2 1UG Student, RV College of Engineering, Bengaluru, Karnataka, India 2Professor, Dept of Information Science and Engineering, RV College of Engineering, Bengaluru, Karnataka, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Smart contracts have been developed and employedinbothpermissionedandpermissionlessblockchains recently, mainly to enforce agreementsamongpartieswithout the need for intermediaries. This achievement is the result of blockchain immutability which guarantees that no party can alter the conditions of an already deployedcontract. However, immutability also makes patching or updating contracts impossible even when incorrectness, unfairness, or security flaws are spotted in them. So far, researchers in academiaand industry have developed two main methods, data segregation and proxy storage, with six patterns to make deployed contracts upgradable. However, until now, there has been no comprehensive framework that can simultaneously offer upgradability, security resilience, and scalability features. For example, none of the existing solutions have implemented any security mechanism that can resist attacks such as the DAO one. Through extensive analysis and implementation of all these patterns, and taking state-of-the-art attacks on the Ethereum network into consideration, we review framework, “Comprehensive-Data-Proxy pattern” which uses data segregation on the top of proxy pattern, that can completely defend against any types of Reentrancy attacks. Additionally, this solution mitigates the scalability issue of the proxy pattern. Our experiments show that the framework can address these two issues with negligible impact on performance. Key Words: Blockchain, Smart Contract, Ethereum, Distributed platform, DAO I. INTRODUCTION Due to the immutability of blockchains, smart contracts[26] are replacing regular contracts since they can do away with middlemen. This immutable quality guarantees that deployed contracts are not changed by any participating parties, fostering confidence between them. With the exception of Bitcoin [12], many blockchains have been built to accommodate smart contracts. Smart contracts are written in languages like Go-Lang [1] and Solidity [19] on some platforms, such as Ethereum [7]. Once deployed, they can be executed by the parties concerned at specific addresses within the Ethereum network [17]. Anyone can access any address or smart contract on a permissionless blockchain like Ethereum and start its execution if the necessary criteria are satisfied. In actuality, anyone can create and use contract. Making sure that the deployed smart contracts are accurate,equitable,andsecure is crucial [11]. Writing fair and error-free contracts is far from simple, as shown by the numerous attacks being attempted against the Ethereum platform [4]. This kind of security vulnerabilityrequiresthetargetedsmartcontractto be patched immediately, or attackers exploit it again. However, patching or upgrading a contract is in contrast with the immutability feature of blockchain. We need to find a way to patch or upgrade smart contracts if we aim to develop this new technology and prepare it for mass adoption. So far, there have been two categories of upgradable patterns developed by researchers to achieve upgradability on the Ethereum platform. The technique used in all these solutions is to map the states of storage data in the newly deployed contracts to the original versions. By doing so, the states of data can be updated and manipulated by the new contracts without making any changes to the previous versions, something which was supposedly impossibleto do directly before. For instance, in [25], the authors introducea data segregation pattern, which suggests that a contract is written as two separate (sub)contracts;a data contractanda logic contract. In this case, the upgradability is achieved through upgrading the logic contract without touching the data in the data contract. Inanotherapproach,OpenZeppelin [9] developed a novel method that uses a proxy contract to overtake the ownership of storage addresses of all versions of a given contract. Any call to the target contract would be redirected to the proxy contract which in turn, will send all transactions to the same address it controls, and through this, achieves the upgradabilitygoal.Tosumup,mappingthe states of new version of the deployed contract to its original storage address is the key to any state-of-the-art solution. While these solutions can bring upgradability to smart contracts in the immutable environmentofblockchain,what is missing in them is resilience to attacks, which was one of the reasons behind the need for updating the contract in the first place. Indeed, none of the existing patterns implement any control to prevent critical attacks, such as Reentrancy attacks [16], in Ethereum.Forinstance,protectingtheEthers held by logic contracts in data segregation patterns is vital, but none of sub-patterns in this category can handleit.Thus, it remains an open question how we can apply a security mechanism to improve updatable contracts resilience to attacks. In this paper, we first introduce six main state-of-the-art approaches and then comprehensively analyse four of them
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2603 that address the upgradability problem in Ethereum. Three of these use data segregation pattern:basic data segregation, satellite data segregation and register pattern [25]. The remaining three methods that employ the proxy pattern approach are Inherited Storage Proxy [14], Eternal Storage Proxy [13] and Unstructured Storage Proxy [15]. After introducing the six approaches, we deeply examine three kinds of popular attacks on Ethereum which were studiedin [16], [8] and [21], namely, cross-functionReentrancy,typical Reentrancy and DAO attacks. After analysing and implementing these attacks, we then review mechanism to enhance the current upgrading approaches in terms of resilience to such attacks. Next, we thoroughly analyse the proxy patterns and specifically, we study the function signatures [19] of smart contractsinordertodeterminehow to improve the scalability of thispattern.Wetheyimplement the design of multi-contracts proxy with a single contract so that this implementation requires only one proxy for better scalability. To this end, we formulateandimplementthecomprehensive combined-model, Comprehensive-data-proxypattern[3], to fully achieve upgradability as well as security resilience and scalability. Under this model, the design smart contracts in two layers as proposed by typical data segregation patterns, but with the distinctivecharacteristics.First,theyembed one extra authentication and data verification component between data layer and its logic contract layer, to rule out the possibility of DAO attacks.Second, weimplementa proxy pattern at the data layer to fully achieve upgradability. The first contribution is the analysing of state-of-the-art methods that have been developed to upgrade smart contracts, in which we shows that while proxy patterns can fully achieve upgradability, they raise concerns about memory handling and scalability. We also foundthatnone of the existing patterns have any security control to defend against typical attacks.Then, wemake enhancementstoeach pattern based on our evaluation in the previous step. We show that with the enhancement, i.e. Ether-Transfer- Verification, all the existing data segregationpatternswould completelythwart well-knownRe-entrancyandDAOattacks. The new model of upgradable smart contract, i.e. Comprehensive-dataproxy pattern, which can simultaneously provide upgradability and resilience to typical DAO and Re-entrancy attacks. The restofthe paper is organised as follows: In Section II, we introduce the general background of smart contracts and the problems that justify the need for upgradability feature. Discussion on the results will be presented in Section III. We wrap up the paper in Section IV with our conclusion and further work. II. BACKGROUND A. The Concept of Upgradable Smart Contract If smart contracts are immutable, how can we update them like conventional software? This is the main research question. It is crucial to understandthatanalreadydeployed contract or opcode cannot be changed in any way. However, we can upgrade contracts by creating a storage mapping from the new contract to the old one. Several sorts of patterns are now used to deal with contract upgradeability. The six most common upgradable contract patterns will be examined in the remaining paragraphs of this section. Additionally, we separate them into two groups: proxy and data segregation. B. Data Segregation Patterns In this section, we discuss the first upgradable pattern of smart contract, i.e. Data Segregation. The core idea behind data segregation is to separate data from the contract logic. In this way, a given contract is written in two separate (sub)contracts, a data contract and a logic or business contract. The logic Fig. 1.Upgradability by Data Segregation. contract interacts and manipulates the data in the data contract through some interfaces provided by the data contract (see Fig. 1). By doing so, it brings the upgradability to the contract as the logic contract can be upgraded and redeployed, while the data contractwhichholdsall thestates of for the contract remains the same on the chain. However, one disadvantage of this simple pattern is that, the data contract in this case does not have any upgradable capacity like its counterpart. There are currently three patterns in this category: basic data segregation, satellite pattern, and register contract pattern. In the basic data segregation approach, an original contract is simply separated into two child contracts; a data contract and a logic contract. For instance, an ERC20 [23] standard contract is realised by a data contract which contains the states such as accounts and balance of account, and a logic contract which covers operations like mint and transfer methods. Similarly, SatelliteContractalsocontainsa data contract and satellitecontractswhichworkssimilarlyto the logic contract mentioned before. What makes this pattern different from the previous one is that each of the satellite contracts is responsible for one functionality only. Register contract pattern is additionally used to update the logic contract address to the data contract. Although this pattern can refer to the latest copy of a contract, it cannot import the existing data into the new version of thecontract. Therefore, it should be used with other types of upgradable pattern, such as basic segregation or satellite contract pattern.
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2604 C. Proxy Patterns Another upgradable category is about proxy contracts, as Zeppolinos [10] has suggested for the Ethereum platform. There are currently three types of upgradable proxy patterns: Inherited Proxy Storage,Eternal ProxyStorageand Unstructured Proxy Storage. They all share the same foundation that the proxy contract takes control of all the states of contracts by handling every call to them though delegatecalls [6]. By doing this, the sender’s original address is preserved while its call is passed through the proxy contract to the original storage address, as shown in Fig. 2. Fig. 2.Upgradability by using the Inherited Storage. As it can be seen, all the calls to the contract are handled by the proxy contract. It forwards all thesecallstotheexecution storage area of the contract by using delegatecall. Through this, the proxy is in control of the storage, and all states of the contract, since the delegatecall does not change the sender origin. It is also worth noticing that there is no need for separation of data and logic contractsinthissolution.The target contract will update itself with its storage being controlled by the proxy contract, thus, it can access all the states of its original contract. III. REVIEW RESULTS In this section, we describe the key results of the experiment regarding to the performance of upgradable patterns, resilience to DAO and re-entrance attacks and upgradability capacity. A. Performance Indicators In order to evaluate the gas used and TPSfor eachpattern, we perform the experiment with two standard transactions; the mint (top up) and transfer transactions. Fig. 5. Gas used for deployment, mint and transfer (gas used for deployment was presented by 3 percent of actual value for presenting purpose We also measured the gas consumed in the process of deploying smart contracts for each pattern as shown in Fig. 5. As it can be seen from the these above tables, and TPS in table 6, the amount of Gas Fig. 6.The TPS performance indicator. used for the deployment, mint and transfer method as well as the TPS are consistent with our analysesinsection III. It also proved that these two indicators of proposed pattern, are not considerable more than these existing methods. B. Resilience to DAO Attacks In order to evaluate the resilience of patterns against two common attacks on the Ethereum Public Chain, we launched the attacks on each of them. Out result is consistent with our analysis. Without a proper protection mechanism, all patterns are vulnerable to DAO and Reentrancy attacks. On thecontrary,theproposedpattern completely blocks these attacks even though the above- mentioned vulnerabilities existinthelogiccontract.Inthe other words, DAT and any types of Reentrancyattacksare eliminated by the use of data segregation technique introduced. C. Upgradable Capacity As we stated before, none of the data segregationpatterns can provide full upgradability, since only the logic contract of this category is upgradable while its counterpart (the data contract) is not. On the other hand, all the three proxy patterns as well as the patternhavethe capacity for complete upgradability. In the case of proxy patterns, the target contact can be upgraded freely regardless of the proxycontract.Thepatternalsoachieves this with both logic contract and data contract,plusmulti- proxy contract capacity. CONCLUSION In this paper, we analysed the need for upgradability in smart contracts, state-of-the-art upgradable patterns, then we thoroughly analysed those patterns to show the main differences, also the limitations.
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2605 REFERENCES [1] Golang documentation. [Online]. Available: https://golang.org/doc/ [2] N. Atzei, M. Bartoletti, and T. Cimoli,“Asurveyofattacks on ethereum smart contracts sok,” in Proceedings ofthe 6th International Conference on Principles of Security and Trust - Volume 10204. New York, NY,USA:Springer- Verlag New York, Inc., 2017, pp. 164–186. [Online]. Available:https://doi.org/10.1007/978-3-662-54455-6 8 [3] C. Bui. (2019, May) Upgradable smartcontractpatterns. [Online]. Available: https://github.com/SWlabs/dao- attacks [4] Consensys, “Known attacks,” May 2016. [Online]. Available: https://consensys.github.io/smart-contract- best-practices/known attacks/ [5] P. Daian. (2016, Jun) Analysis of the dao exploit. [Online]. Available: http://hackingdistributed.com/2016/06/18/analysis- of-the-dao-exploit/ [6] Ethereum, “Ethereum virtual machine opcodes,” Sep 2018. [Online]. Available: https://ethervm.io/#CALLDATALOAD [7] “What is ethereum,” July 2019. [Online]. Available: http://www.ethdocs.org/en/latest/introduction/what- is-ethereum.html [8] S. Kalra, S. Goel, M. Dhawan, and S. Sharma, “Zeus: Analyzing safety of smart contracts,” 01 2018. [9] Z. Labs, “Upgradeability using eternal storage,” April 2018. [Online]. Available: https://github.com/zeppelinos/labs/blob/master/upgr adeabilityusingeternalstorage/contracts/Proxy.sol [10] “Upgradeability using eternal storage,” April 2018. [Online]. Available: https://github.com/zeppelinos/labs/tree/master/upgr adeabilityusingeternalstorage [11]L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making smart contracts smarter,” in Proceedingsofthe 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16. New York, NY, USA: ACM, 2016, pp. 254–269. [Online]. Available: http://doi.acm.org/10.1145/2976749.2978309 [12]S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Dec 2008, accessed: 2015-07-01. [Online]. Available: https://bitcoin.org/ bitcoin.pdf [13]OpenZeppelin. (2018, April) Upgradeability using eternal storage. [Online]. Available: https://github.com/OpenZeppelin/ openzeppelin- labs/tree/ff479995ed90c4dbb5e32294fa95b16a22bb9 9c8/ upgradeability using eternal storage [14]Upgradeability using inherited storage. [Online]. Available: https://github.com/OpenZeppelin/openzeppelin- labs/tree/ ff479995ed90c4dbb5e32294fa95b16a22bb99c8/upgra deability using inherited storage [15]Upgradeability using unstructured storage. [Online]. Available: https://github.com/OpenZeppelin/openzeppelin- labs/tree/ff479995ed90c4dbb5e32294fa95b16a22bb9 9c8/upgradeabilityusingunstructuredstorage [16]M. Rodler, W. Li, G. Karame, and L. Davi, “Sereum: Protecting existing smart contracts against re-entrancy attacks,” in Proceedings of the Network and Distributed System Security Symposium (NDSS’19), 2019. [17]F. Schar, “Decentralized finance: On blockchain- and smart contract-¨ based financial markets,” 03 2020. [18]D. Siegel. (2016, June) Understanding the dao attack. [Online]. Available: https://www.coindesk.com/understanding-dao-hack- journalists [19]Solidity. (2019, Mar) Solidity assembly. [Online]. Available: https://solidity.readthedocs.io/en/v0.5.5/assembly.ht ml [20]Solidity assembly. [Online]. Available: https://solidity.readthedocs.io/en/v0.5.3/assembly.ht ml [21]P. Tsankov, A. Dan, D. Drachsler-Cohen, A. Gervais, F. Bunzli,¨ and M. Vechev, “Securify: Practical security analysis of smart contracts,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’18. New York, NY, USA: ACM, 2018, pp. 67–82. [Online]. Available: http://doi.acm.org/10.1145/3243734.3243780
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2606 [22]D. Wesley. (2017, Oct) Reentrancy attack on a smart contract. [Online]. Available: https://medium.com/JusDev1988/Reentrancy-attack- on-a-smart-contract-677eae1300f2 [23]E. Wiki, “Erc20 token standard,” Dec 2018. [Online]. Available: https://theethereum.wiki/w/index.php/ERC20 Token Standard [24]M. Wohrer and U. Zdun, “Smart contracts: security patterns in the ethereum ecosystem and solidity,” in 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE), March 2018, pp. 2–8. [25]M. Wohrer and U. Zdun, “Design patterns for smart contracts in the¨ ethereum ecosystem,” 2018. [26]G. Wood, “Ethereum:Asecuredecentralisedgeneralised transaction ledger eip-150 revision (759dccd - 2017- 08-07),”2017,accessed:201801-03.[Online].Available: https://ethereum.github.io/yellowpaper/paper.pdf [27]X. Xu, I. Weber, M. Staples, L. Zhu, J. Bosch, L. Bass, C. Pautasso, and P. Rimba, “A taxonomy of blockchain- based systems for architecture design,” in 2017 IEEE International Conference on Software Architecture (ICSA), April 2017, pp. 243–252. [28]X. Xu, C. Pautasso, L. Zhu, Q. Lu, and I. Weber, “A pattern collection for blockchain-based applications,” 07 2018.