Monitoring Smart Contracts with RTLola
Smart contracts are small computer programs, which are part of a blockchain and describe digital contracts. With them, one does not need to trust a third party, because the contract acts accordingly by itself. Since smart contracts cannot be altered after they are added to the blockchain, it is especially important that they behave correctly in all cases. They also often handle a huge amount of money, where an error would be fatal. Runtime monitoring checks the speciﬁcation about the behavior of the program during the runtime of the program. In comparison to static methods, which have to take all possible executions into account, monitoring has the advantage that it only has to check the current execution. Because of that, it has no problems with scalability, and the monitor can directly act accordingly once it encounters a violation. One way to express these speciﬁcations is with the stream-based monitoring language RTLola by writing stream-equations. Input streams receive values from the state of the monitored program. Output streams are then computed based on current, but also earlier values from input streams and other output streams. A Trigger is a boolean expression, that indicates a violation of the speciﬁcation. We implemented a translator, which receives a Solidity smart contract and a RTLola speciﬁcation. It produces a new smart contract that behaves the same but where a monitor checks the speciﬁcation during the runtime of the contract. Once a violation of the speciﬁcation occurs, the monitor can directly react to the error by executing speciﬁed code.