Typing Fallback Functions: A Semantic Approach to Type Safe Smart Contracts
Stian Lybech, Daniele Gorla, Luca Aceto
TL;DR
The paper tackles type-safety for smart contracts that use untypable constructs like the fallback function by adopting a semantic typing approach. It develops a TinySol-based framework with security types, a typed operational semantics, and coinductive typing interpretations, augmented by up-to techniques to keep proofs finite and storable on the blockchain. The key contributions include formalizing non-interference within a smart-contract setting, enabling proof-carrying-code certificates for untypable fragments, and demonstrating how pointer-to-implementation patterns can be typed safely. This approach offers a principled path to certifying runtime safety of complex contract interactions while preserving expressiveness for upgradable and reflection-like features on-chain.
Abstract
This paper develops semantic typing in a smart-contract setting to ensure type safety of code that uses statically untypable language constructs, such as the fallback function. The idea is that the creator of a contract on the blockchain equips code containing such constructs with a formal proof of its type safety, given in terms of the semantics of types. Then, a user of the contract only needs to check the validity of the provided `proof certificate' of type safety. This is a form of proof-carrying code, which naturally fits with the immutable nature of the blockchain environment. As a concrete application of our approach, we focus on ensuring information flow control and non-interference for the language TINYSOL, a distilled version of the Solidity language, through security types. We provide the semantics of types in terms of a typed operational semantics of TINYSOL, and a way for expressing the proofs of safety as coinductively-defined typing interpretations and for representing them compactly via up-to techniques, similar to those used for bisimilarity. We also show how our machinery can be used to type the typical pointer-to-implementation pattern based on the fallback function. However, our main contribution is not the safety theorem per se (and so security properties different from non-interference can be considered as well), but rather the presentation of the theoretical developments necessary to make this approach work in a blockchain/smart-contract setting.