Powered by
2019 IEEE 2nd International Workshop on Blockchain Oriented Software Engineering (IWBOSE),
February 24, 2019,
Hangzhou, China
2019 IEEE 2nd International Workshop on Blockchain Oriented Software Engineering (IWBOSE)
Frontmatter
Message from the Chairs
Welcome to the 2nd International Workshop on Blockchain Oriented Software Engineering (IWBOSE2019). The workshop is co-lacated with SANER 2019 and will be held on the 24th of February in Hangzhou, China.
The workshop aims at gathering together researchers from the academia and from the industry to focus on the new challenges posed by the new software technology supporting the various Blockchains infrastructure. The Workshop’s goal is to gather together practitioners and researchers to discuss on progresses on the research and on the practical usage of Blockchain technologies and smart contracts, focusing on the application and definition of software engineering principles and practices specific for such software technology, and for the technologies relying on it. Motivations for this workshop are the ever-increasing interest both in the research community and in the industry on Blockchain and smart contracts principles and applications, being the management of cryptocurrencies the most popular topic. These novelties call for specific tools, paradigms, principles, approaches and research to deal with it and for a specific Blockchain Oriented Software Engineering (BOSE).
General Modeling
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun
(Fujitsu Labs, Japan; Fujitsu, China)
Blockchain is a decentralized ledger technology, and
it is the technology underlying Bitcoin and Ethereum. The
interest in blockchain has been increasing since its emergence.
Hyperledger Fabric is one of the permissioned blockchain frameworks.
One of the characteristics of Hyperledger Fabric is it utilizes
general-purpose programming languages, e.g., Go, Node.js,
and Java, to implement smart contracts (called chaincode in
Hyperledger Fabric). The advantages of utilizing these languages
are already known to potential developers, and development tools
might already exist. However, one of the disadvantages is that
these languages were not originally designed for writing smart
contracts. Hence, there may be risks that developers do not need
to consider when using specific languages such as Solidity of
Ethereum. Furthermore, even though development tools exist,
how many risks are covered by the tools is an open question.
In this paper, we focus on Go language and the tools. First, we
surveyed what kind of risks are associated with chaincodes are
developed using Go language and observed there are 14 potential
risks. Then, we investigated how many risks can be covered by
Go tools, e.g., golint and gosec, and a vulnerability detection
tool for chaincodes called Chaincode Scanner. From our results,
we observed that some risks are not covered by the existing
tools. Hence, we develop a detection tool to cover risks by static
analysis. Finally, in this paper, we describe how to find the risks
with our tool and evaluate the usefulness.
@InProceedings{IWBOSE19p1,
author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun},
title = {Potential Risks of Hyperledger Fabric Smart Contracts},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {1--10},
doi = {},
year = {2019},
}
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung,
Donghwan Shin, Minhyo Bae, and Eunkyoung Jee
(University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea)
A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement.
@InProceedings{IWBOSE19p11,
author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee},
title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {11--21},
doi = {},
year = {2019},
}
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi
(University of Cagliari, Italy; Tampere University of Technology, Finland)
Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new
applications. Likewise, microservices are getting more and more
popular in the latest years thanks to their properties, that
allow teams to slice existing information systems into small and
independent services that can be developed independently by
different teams.
A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks
with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment
is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts
and how the two innovative paradigms match together.
Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly
beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable
@InProceedings{IWBOSE19p22,
author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi},
title = {Implementing a Microservices System with Blockchain Smart Contracts},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {22--31},
doi = {},
year = {2019},
}
Blockchain Applications
On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study
Marco Ortu, Matteo Orrù, and
Giuseppe Destefanis
(University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK)
Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution.
@InProceedings{IWBOSE19p32,
author = {Marco Ortu and Matteo Orrù and Giuseppe Destefanis},
title = {On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {32--37},
doi = {},
year = {2019},
}
Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding
Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu
(Free University of Bolzano, Italy; University of Cagliari, Italy)
Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding.
@InProceedings{IWBOSE19p38,
author = {Felix Hartmann and Gloria Grottolo and Xiaofeng Wang and Maria Ilaria Lunesu},
title = {Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {38--43},
doi = {},
year = {2019},
}
Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices
Andy Amoordon and
Henrique Rocha
(Inria, France; University of Antwerp, Belgium)
In this paper, we present Tendermint: a Byzantine Fault Tolerant (BFT) application-based blockchain. We show that Tendermint promotes another perception of blockchain programming. Unlike Ethereum which is a blockchain holding many applications, Tendermint proposes to have one application per blockchain. We discuss the idiosyncrasies of Tendermint and how it could, potentially, ease blockchain programming and improve performance. We finish by showing weaknesses of Tendermint, good practices to adopt to hinder security attacks when handling Tendermint nodes, and some potential adjustments in the IBC protocol — an interoperability protocol designed for Tendermint. Our goal is to introduce Tendermint by showing its main characteristics over traditional blockchain platforms such as Bitcoin or Ethereum.
@InProceedings{IWBOSE19p44,
author = {Andy Amoordon and Henrique Rocha},
title = {Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {44--49},
doi = {},
year = {2019},
}
A Privacy-Preserving E-Commerce System Based on the Blockchain Technology
Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao
(Xi'an Jiaotong University, China)
With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO.
@InProceedings{IWBOSE19p50,
author = {Yiming Jiang and Chenxu Wang and Yawei Wang and Lang Gao},
title = {A Privacy-Preserving E-Commerce System Based on the Blockchain Technology},
booktitle = {Proc.\ IWBOSE},
publisher = {IEEE},
pages = {50--55},
doi = {},
year = {2019},
}
proc time: 0.09