CN110807195B

CN110807195B - Intelligent contract issuing method, issuing platform device and issuing system

Info

Publication number: CN110807195B
Application number: CN201910921071.8A
Authority: CN
Inventors: 郁昱; 张宇尧; 李开涞
Original assignee: Tuling Artificial Intelligence Institute Nanjing Co ltd
Current assignee: Tuling Artificial Intelligence Institute Nanjing Co ltd
Priority date: 2019-09-26
Filing date: 2019-09-26
Publication date: 2023-08-25
Anticipated expiration: 2039-09-26
Also published as: CN110807195A

Abstract

The application provides a method, a device and a system for publishing an intelligent contract. And then repairing the security holes in the execution logic based on a preset security logic description rule to obtain a repaired second executable program. And finally, issuing the repaired second executable program to the block chain network. The intelligent contract issuing method, the intelligent contract issuing platform device and the intelligent contract issuing system can automatically check and repair security holes existing in the intelligent contract before the intelligent contract is issued.

Description

Intelligent contract issuing method, issuing platform device and issuing system

Technical Field

The present application relates to the field of computers, and in particular, to a method for publishing an intelligent contract, a platform device for publishing the intelligent contract, and a system for publishing the intelligent contract.

Background

The non-tamperable nature of blockchains makes the update mechanism of smart contracts different from that of traditional programs. Once the smart contracts are published and stored on the blockchain, the smart contracts cannot be altered at will. Unlike other businesses, smart contracts themselves carry some financial attributes, which run-time involve accounts and their funding changes, etc. If the intelligent contracts issued on the blockchain have security holes, the intelligent contracts with the security holes are more easily utilized by attackers, so that technical problems such as data maintenance and the like and even legal problems are caused.

Since a security hole is found even in an already issued smart contract, the smart contract cannot be repaired any more. Discovered security vulnerabilities are repaired before the intelligent contract is issued in the blockchain to prevent exploitation by an attacker. However, most of the analysis tools and analysis methods at present can only realize the function of detecting security holes in intelligent contracts, and cannot provide corresponding repair schemes, and a large number of security holes are found every day, so that developers only relying on intelligent contracts cannot repair a large number of security holes timely and effectively.

Disclosure of Invention

In view of the above-mentioned drawbacks of the prior art, an object of the present application is to provide a method, a platform device and a system for publishing an intelligent contract, which are used for solving the problem that an analysis tool cannot provide a repairing scheme corresponding to an intelligent contract security hole and a developer of the intelligent contract cannot repair a large number of security holes effectively in time before the intelligent contract is published in the prior art.

To achieve the above and other related objects, a first aspect of the present application provides a method for publishing an intelligent contract, including: analyzing a first executable program of an intelligent contract to be issued to obtain current execution logic of the first executable program; repairing the security hole in the execution logic based on a preset security logic description rule to obtain a repaired second executable program; wherein the security logic description rule comprises security execution logic when executing an intelligent contract according to a resource of an external node; the second executable program is published into a blockchain network.

In certain embodiments of the first aspect of the present application, the step of parsing the first executable program of the smart contract to be issued to obtain the current execution logic of the first executable program includes: disassembling the first executable program to obtain control relationships and data relationships describing the smart contract execution process; wherein the control relationships and data relationships are used to describe the currently executing logic and include logical relationships that are generated based on invoking resources of external nodes.

In certain implementations of the first aspect of the present application, the currently executing logic is described by a block diagram.

In certain embodiments of the first aspect of the present application, the security breach comprises at least one of: the state variable change instruction is located after the external call instruction, in the absence of a check instruction for out-of-range operations, and in the absence of a check instruction for external calls.

In certain embodiments of the first aspect of the present application, the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program includes: checking a control relation between external resource call and state variable update in the current execution logic; and adjusting the control sequence between the external resource call and the state variable update based on the checking result and according to the corresponding safety logic description rule so as to obtain the repaired second executable program.

In certain embodiments of the first aspect of the present application, the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program includes: checking a data relationship generated based on external resource calls in the current execution logic; based on the checking result and according to the corresponding safety logic description rule, supplementing a data validity checking mechanism of the called external resource to obtain a repaired second executable program.

In certain embodiments of the first aspect of the present application, the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program includes: checking a control relation and/or a data relation of an execution result of the called external resource in the current execution logic; based on the checking result and according to the corresponding safety logic description rule, supplementing an exception handling mechanism for the execution result to obtain a repaired second executable program.

In certain embodiments of the first aspect of the present application, before performing the publishing step, further comprising the steps of: the second executable program is verified based on the trusted portion of the current execution logic.

In certain embodiments of the first aspect of the present application, the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program includes: rewriting security vulnerabilities in intermediate codes obtained by analyzing the first executable program according to the security logic description rules; the rewritten intermediate code is translated into a second executable program.

In certain embodiments of the first aspect of the present application, prior to performing the translating step, further comprising the steps of: and verifying the rewritten intermediate code based on the trusted part in the current execution logic.

In certain embodiments of the first aspect of the present application, further comprising: updating the security logic description rule.

The second aspect of the present application also provides an intelligent contract issuing platform apparatus, including: the interface device is used for receiving a first executable program of the intelligent contract and issuing a second executable program repaired by the first executable program into the blockchain network; a storage device for storing at least one program; and the processing device is connected with the storage device and the interface device and is used for calling and executing the at least one program to coordinate the interface device and the storage device to execute the release method according to the first aspect.

A third aspect of the present application also provides a computer-readable storage medium storing at least one program which, when invoked, performs the publishing method of the first aspect described above.

A fourth aspect of the present application also provides a system for issuing an intelligent contract, including: the analyzing module is used for analyzing a first executable program of an intelligent contract to be issued so as to obtain the current execution logic of the first executable program; the repair module is used for repairing the security holes in the execution logic based on a preset security logic description rule so as to obtain a repaired second executable program; wherein the security logic description rule comprises security execution logic when executing an intelligent contract according to a resource of an external node; and the issuing module is used for issuing the second executable program to the blockchain network.

As described above, the method, the platform device and the system for publishing the intelligent contract according to the present application can automatically check the execution logic of the executable program of the intelligent contract before the intelligent contract is published, and automatically rewrite the executable program with security holes based on the check result, thereby repairing and eliminating various security holes in the executable program, and publishing the rewritten executable program without security holes to the blockchain network. And the additional manual analysis and repair cost is reduced, and the overall safety of the blockchain platform is improved.

Drawings

FIG. 1 is a schematic diagram of a hardware system of an intelligent contract issuing platform device according to an embodiment of the present application.

Fig. 2 is a schematic block flow diagram of a method of issuing a smart contract according to the present application.

FIG. 3 is a block diagram illustrating the current execution logic of a smart contract.

FIG. 4 is a schematic diagram of a smart contract issuing system according to an embodiment of the present application.

FIG. 5 is a schematic diagram of a system for publishing intelligent contracts and a blockchain network according to the present application.

Detailed Description

Further advantages and effects of the present application will become apparent to those skilled in the art from the disclosure of the present application, which is described by the following specific examples.

Although the terms first, second, etc. may be used herein to describe various elements in some examples, these elements should not be limited by these terms. These terms are only used to distinguish one element from another element. For example, a first executable program may be referred to as a second executable program, and similarly, a second executable program may be referred to as a first executable program without departing from the scope of the various described embodiments. Both the first executable and the second executable are described as one executable, but they are not the same executable unless the context clearly indicates otherwise.

Furthermore, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including" specify the presence of stated features, steps, operations, elements, components, items, categories, and/or groups, but do not preclude the presence, presence or addition of one or more other features, steps, operations, elements, components, items, categories, and/or groups. The terms "or" and/or "as used herein are to be construed as inclusive, or meaning any one or any combination. Thus, "A, B or C" or "A, B and/or C" means "any of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and B; a and C; b and C; A. b and C). An exception to this definition will occur only when a combination of elements, functions, steps or operations are in some way inherently mutually exclusive.

The intelligent contracts issued on the blockchain platform are bytecodes that a compiler compiles source code of the intelligent contracts written by a developer using a high-level programming language into intelligent contracts that are executable by the virtual machine to be commonly maintained and used by a plurality of node devices in the blockchain platform once issued on the blockchain platform. For example, the intelligent contract issued on the ethernet block chain platform can respond to the received information, can receive and store account information and corresponding fund information, and can also send user account information and corresponding fund information outwards. Based on the financial properties of the smart contracts, if the smart contracts published on the blockchain have security holes, the smart contracts with security holes are more available to an attacker to benefit from.

In order to avoid that the intelligent measure released on the blockchain is tampered and intercepted due to security holes, it is necessary to analyze and repair the security holes existing in the intelligent measure before releasing. However, the manner of testing prior to release is limited by the data used by the test case, and it is not necessary to find out the logic problem and the exception handling problem in the program.

The application provides a method, a platform device and a system for publishing intelligent contracts, which can automatically check security holes and repair corresponding security holes on the intelligent contracts without providing a source program by a developer before the intelligent contracts are published, and publish the checked and repaired intelligent contracts to a blockchain. The security of the intelligent contracts distributed on the blockchain is improved, and the problem that developers of the intelligent contracts cannot timely and effectively repair a large number of security holes is solved.

Wherein the intelligent contract refers to program code running on a blockchain that is capable of performing arbitrary computations and implementing complex logic. The program code of the intelligent contract can have the functions of transmitting account information of the user and corresponding fund information, calling with other intelligent contracts, maintaining the account information of the user and the corresponding fund information together with other node equipment of the blockchain platform, and the like. The intelligent contracts issued on the blockchain are bytecodes that a compiler compiles source code of intelligent contracts written by a developer using a high-level programming language into intelligent contracts that can be executed by a virtual machine or a processor. Wherein the high-level programming language includes, but is not limited to, any of the following: the compiler corresponds to the high-level programming language, and the types of compilers used in compiling are different when the high-level programming language is different.

Referring to fig. 1, fig. 1 is a schematic structural diagram of a hardware system of an issuing platform apparatus for smart contracts according to an embodiment of the present application, where the issuing platform apparatus 10 may be a single computer device, a service system based on a cloud architecture, and so on. Wherein the single computer device may be an autonomously configured computer device that may perform the method of issuing the smart contract, which may be located in a private machine room or in a rented machine location in a public machine room. The Cloud architecture Service system comprises a Public Cloud (Public Cloud) Service end and a Private Cloud (Private Cloud) Service end, wherein the Public or Private Cloud Service end comprises Software-as-a-Service (Software as a Service, abbreviated as SaaS), platform-as-a-Service (Platform as a Service, abbreviated as PaaS), infrastructure-as-a-Service (Infrastructure as a Service, abbreviated as IaaS) and the like. The private cloud service end is, for example, an ali cloud computing service platform, an Amazon (Amazon) cloud computing service platform, a hundred degree cloud computing platform, a Tencel cloud computing platform, and the like.

As shown in fig. 1, the smart contract issuing platform apparatus 10 includes an interface apparatus 12, a storage apparatus 11, and a processing apparatus 13. The above-mentioned devices may be located on a single server or in a plurality of servers and cooperatively completed through data communication between the servers according to the hardware device for executing the distribution method actually operated by the distribution platform device 10.

The interface device 12 of the publishing platform device 10 is used for receiving a first executable program of the intelligent contract to be published and providing the first executable program to the processing device; the processing device inspects and repairs the first executable program and issues a second executable program of the repaired smart contract into a blockchain network through the interface device 12. The interface device 12 includes, but is not limited to, a network card, a mobile network access module, etc.

The first executable program is a bytecode file compiled by a compiler for executing a smart contract. The second executable program is a bytecode file checked and repaired by the distribution platform device 10, which enables a smart contract with the first executable program. The byte code file is an execution file existence form of the high-level programming language, is a binary file, and is a file which needs virtual machine interpretation execution or needs processor execution. For example, if the high-level programming language of the source program is Java, the bytecode file is a class file. As another example, the high-level programming language of the source program is the solubility language, and the bytecode file is a. evm file. The type of the bytecode file is associated with the high-level programming language.

The storage means 11 are adapted to store at least one program executable by the distribution method. The storage means 11 may be located on the same physical server as the processing means 13 or in a different physical server and the program is transferred to the processing means 13 running the program via the interface means 12 of the respective server. The storage 11 may include high-speed random access memory, and may also include non-volatile memory, such as one or more disk storage devices, flash memory devices, or other non-volatile solid state storage devices, and the like. In an embodiment, the storage device may also include memory remote from the one or more processors, such as network-attached memory accessed via RF circuitry or external ports and a communication network (not shown), which may be the internet, one or more intranets, a Local Area Network (LAN), a wide area network (WLAN), a Storage Area Network (SAN), etc., or a suitable combination thereof. The storage means 11 further comprise a memory controller which can control the access to memory by other components of the device, such as the CPU and the peripheral interface. Among other software components stored in memory include an operating system, a communication module (or instruction set), a text input module (or instruction set), and an application (or instruction set).

The processing means 13 is connected to the interface means 12 and the storage means 11 for invoking and executing the at least one program to coordinate the execution of the distribution method by the interface means 12 and the storage means 11. The processing means 13 is operatively coupled to the storage means 11. More specifically, the processing means 13 may execute programs stored in the memory and/or the nonvolatile storage device to perform operations in the distribution platform arrangement 10. As such, the processing device 13 may include one or more general purpose microprocessors, one or more application specific processors (ASICs), one or more field programmable logic arrays (FPGAs), or any combination thereof. The multiple CPUs included in the processing device may be located in the same physical server or distributed among multiple physical servers, and implement data communication by means of the interface device 12, so as to issue the repaired second executable program into the blockchain network.

Referring now to FIG. 2, FIG. 2 is a block diagram illustrating a flowchart of a method for publishing a smart contract according to the present application. The publishing method may be performed by a publishing platform means of the smart contract or other computer device that may perform the steps associated with the publishing method of the smart contract.

In step S110, the publishing platform device parses a first executable program of an intelligent contract to be published to obtain current execution logic of the first executable program.

The publishing platform device obtains a first executable program of an intelligent contract to be published, and analyzes the obtained first executable program to facilitate obtaining logic of an internal execution process in the first executable program, calling logic of an external resource and a data processing process generated when the external resource is called. The external resource call includes, but is not limited to, at least one of: invoking processing results of the external smart contract, invoking data stored by the external contract, invoking the external smart contract, and the like.

The publishing platform device may acquire a first executable program submitted by a user at a WEB browser or a client through an interface device, so as to trigger the publishing platform device to execute step S110.

In one embodiment, parsing the first executable program of the smart contract to be issued is accomplished by disassembling the first executable program to obtain control relationships and data relationships describing the execution of the smart contract. The disassembly is the process of converting machine language into assembly language code, i.e., the disassembly may convert the first executable program into an assembly execution sequence. The manner and/or tools for disassembling the first executable program may also be different for intelligent contracts written in different types of high-level programming languages. For example, the high-level programming language is a stability, and the disassembly tool used in disassembling the corresponding first executable program includes: evmdis, porosity, ethersplay, etc.

The control relation refers to the sequence of execution sequences among instructions in the assembly execution sequence, and in the same execution sequence, the subsequently executed instructions depend on the previously executed instructions. The data relationship is the transfer of data between instructions, with instructions that use certain data being dependent on the instructions that define that data. The control relationships and data relationships are used to describe the current execution logic of the first executable program, and the control relationships and data relationships also include logical relationships that result from invoking resources of an external node. I.e. the currently executing logic contains logical relationships that are generated based on invoking resources of the external node. The present execution logic is described by way of block diagrams. For example, referring to FIG. 3, FIG. 3 is a block diagram of execution logic of a smart contract, where circles indicated by numerals represent instructions, solid lines represent control relationships between instructions, and dashed lines represent data relationships between instructions. The control relationships may be described by a control flow graph and the data relationships may be described by a data flow graph. The control flow graph is exemplified by a directed graph, e.g., graph g= (N, E, nenry, next). Where N is a set of nodes, each instruction of the assembly execution sequence corresponds to a node in the graph; edge set e= { (N1, N2) |n1, N2E N and N1 execution may be performed immediately after N2}; the nentry and nexit are the entry and exit nodes, respectively, that assemble the execution sequence. The data flow diagram refers to a logic flow and a logic transformation process of data in an assembly execution sequence from the data transmission perspective, and the data flow diagram can describe a storage mode, a reading mode and a processing mode of the assembly execution sequence on the data. In a specific embodiment, according to the order of the instructions in the assembly execution sequence obtained by disassembly, the functions of the instructions in the API and the like, the simulation comprises stopping executing the control relationship of the instructions in the assembly execution sequence, transferring the control relationship of the instructions in the assembly execution sequence, sequentially executing the control relationship of the instructions in the assembly execution sequence and the like, so as to obtain the control relationship describing the intelligent contract executing process. And simulating stack operation, memory operation and the like according to parameter definitions such as a data structure, global variables, local variables and the like in the disassembled assembly execution sequence so as to obtain a data relationship describing the intelligent contract execution process. The control relation of stopping execution is used for indicating the node equipment in the blockchain to stop executing the current execution sequence after the node equipment in the blockchain finishes executing the instruction. The control relationship of transfer execution is used for indicating that the node equipment in the blockchain transfers to execute the execution sequence from the target address after the node equipment in the blockchain executes the instruction. The control relation of the sequential execution is used for indicating the node equipment in the blockchain to sequentially execute the next instruction in the execution sequence after the node equipment in the blockchain finishes executing the instruction. Stack operations refer to the instruction pushing operands into the stack or popping operands from the stack. A memory operation refers to the instruction writing to or reading operands from memory. The operand includes the source of the data needed to execute the instruction, the operand is a field in the instruction of the assembly execution sequence, the operand itself can be put in the field of the operand in the instruction, the operation address can be put, and the calculation method of the operation address can be put. Typically an instruction contains both operators and operands. For example: in the compare instruction, the operator specifies the computer to perform the comparison operation, and the operand specifies the two values to be compared. Wherein the operand contains data provided from an external call resource. Such as funds data corresponding to the same user account information from other smart contracts invoked externally.

In another embodiment, the control and data relationships describing the smart contract execution process are obtained based on the assembly execution sequence using dynamic program analysis techniques in combination with the simulated execution described in the previous embodiments. The dynamic program analysis technology refers to obtaining a control relation and a data relation under the actual running condition of a program by observing the state of the program in the running process. After the control relationship and the data relationship of the intelligent contract are calculated based on the analysis method in the foregoing specific embodiment, each instruction of the intelligent contract may be actually executed based on the dynamic program analysis technology to obtain an instruction execution result, a memory use condition, a stack use condition, a function of the intelligent contract, and the like in the intelligent contract. The intelligent contract actually operated can be a first executable program or an assembly execution sequence obtained by disassembling the first executable program. And confirming and correcting the control relation and the data relation of the intelligent contract obtained through calculation based on the execution result of the instruction obtained by actually running the program, the use condition of a memory, the use condition of a stack, the function of the intelligent contract and the like.

The publishing platform device obtains the current execution logic of a first executable program by analyzing the first executable program to be published, and executes step S120 to repair security vulnerabilities in the execution logic based on preset security logic description rules so as to obtain a repaired second executable program. Wherein the security logic description rule includes security execution logic when executing the smart contract in accordance with invoking the resource of the external node. Wherein the calling the resources of the external node includes: the first executable program invokes the blockchain link point to execute the external smart contract and obtain its processing results, invokes data stored on the blockchain node, and the like.

Here, the security hole in the execution logic includes at least one of: the state variable change instruction is located after the external call instruction, in the absence of a check instruction for out-of-range operations, and in the absence of a check instruction for external calls.

Wherein the security hole in which the state variable change instruction is located after the external call instruction means that there are an external call instruction and a state change instruction in the first executable program, and the state change instruction changes a state variable after the external call instruction, that is, an internal execution process of the first executable program depends on external execution of an intelligent contract on a blockchain; wherein the state variables include, but are not limited to, variables stored in memory (storage). For example, if the node device in the blockchain executes an instruction for calling an external DAO contract in the first execution program, when the execution result of the DAO contract is not received, the processing result of the DAO contract is tampered, so that the corresponding node device executes a subsequent state change instruction according to the received tampered processing result, which causes a security hole to occur in the execution of the smart contract.

The lack of the security hole of the checking instruction for the out-of-range operation refers to that the instruction in the first executable program is an arithmetic operation instruction, and the abnormal condition of executing the instruction comprises the instruction of the arithmetic operation whose calculation result generates the out-of-range but lacks checking. For example, the first executable program includes an instruction for performing arithmetic calculation by using data obtained by an external call resource, and when the instruction for calling the external resource is intercepted and a calculation result for causing calculation out of range is received, a corresponding security hole is generated. Examples of such security vulnerabilities include integer overflows and integer underflows. When the arithmetic calculation instruction is executed according to the acquired external resource in the first executable program, the obtained calculation result lacks an inspection instruction for out-of-range operation, and then the integer overflows. For example, a storage space for storing 8-bit integer data is opened in the memory in advance, and if the calculation result is greater than 255, an integer overflow is generated to cause erroneous storage to be 0, thus causing a security hole. For another example, a storage space for storing 8-bit integer data is opened in the memory in advance, and if the calculation result is smaller than-128, an integer underflow is generated to cause error storage as 127, thus causing security hole.

The security hole lacking the checking instruction for the external call refers to an instruction lacking data validity checking of a return value of the external call operation in the first executable program. For example, a security hole lacking a check instruction for an external call exists in the first executable program, and when the external call is abnormal, the first executable program does not detect the boolean value false returned by the external resource, but continues to execute the executable program of the current smart contract. That is, the first executable program continues to execute normally according to the external call without exception, thus resulting in a security hole.

Based on the security hole, the security hole is promoted to other security holes, and the security hole is reflected in the control relation and the data relation obtained through analysis. For example, in the parsed control flow graph, the control flow of the first execution program is represented by the control relationship described by the points and the directed edges. For another example, in the data flow diagram obtained by parsing, the data read-write flow of the first execution program is represented by using the data relationship described by the points and the directed edges. In order to facilitate rapid positioning of security vulnerabilities, a security logic description rule corresponding to the security vulnerabilities is preset in the publishing platform device, and is described as security execution logic when executing the intelligent contract according to the invocation of the resources of the external node. According to the instruction defect describing the security hole, the preset security logic description rule may include at least one of the following: the state variable change instruction is located before the external call instruction, adds a check instruction to the out-of-range operation, and adds a check instruction to the external call.

The security logic description rule corresponds to a description mode of the execution logic of the first execution program. Taking the publishing platform device to analyze the first execution program into a structural diagram as an example, the security logic description rule comprises a rule of a secure connection sequence and a secure connection mode of points and directed edge descriptions in the structural diagram. The publishing platform device utilizes the structural diagram rule provided by the security logic description rule and eliminating the security hole to check in the structural diagram of the constructed first execution program, and when the position which does not accord with the structural diagram rule is checked, the position of the security hole in the first execution program is determined. For example, checking the attribute of points in the constructed structure diagram of the first execution program according to the instruction rule in the security logic description rule, checking the attribute of the directed edges between the corresponding points in the corresponding structure diagram according to the instruction execution sequence in the security logic description rule, and determining the position of the security hole in the corresponding structure diagram when the non-compliance is checked, so as to obtain the position of the security hole of the first execution program.

When the release platform device determines the position of the security hole in the first executable program, the security hole in the intermediate code obtained by analyzing the first executable program is rewritten according to the security logic description rule, and the rewritten intermediate code is translated into the second executable program. Wherein the intermediate code is instruction code in the assembly execution sequence. The issuing platform device replaces security vulnerabilities in control relationships and data relationships for describing the first execution program according to the security logic description rules, and rewrites instruction codes of corresponding positions in the assembly execution sequence according to the replaced control relationships and the replaced positions of the data relationships. Examples of the overwriting operation include, but are not limited to: adjusting the execution order of the instruction codes, or adding corresponding checking instruction codes, etc. The publishing platform means translates the rewritten assembly execution sequence into a second executable program, thereby obtaining the second executable program for execution by the node device on the blockchain.

In some embodiments, the step S120 further includes a step (not shown) of updating the security logic description rule, where the updating operation refers to complementarily storing the corresponding security logic description rule in the publishing platform device according to the new security hole; and/or providing improved security logic description rules for existing security logic description rules to enable improved execution efficiency of the repaired executable program. For example, since each instruction consumes a certain amount of unit cost (gas) during execution of the smart contract, the unit cost (gas) is a unit that measures the amount of computation required to execute a certain instruction. The new security logic description rule received by the publishing platform device is a security logic description rule that replaces the original security logic description rule to consume less unit cost (gas).

For easy understanding, in the following embodiments, the repair process corresponding to the security hole based on the preset security logic description rule is taken as an example of the smart contract source program.

In a specific embodiment, the step S120 includes: and checking a control relation between the external resource call and the state variable update in the current execution logic, and adjusting a control sequence between the external resource call and the state variable update based on a checking result and according to a corresponding safety logic description rule to obtain a repaired second executable program.

And the issuing platform device determines that the control relation is that the state variable updating instruction is executed after the external resource calling instruction in the first executable program is executed according to the checking result, and then the state variable updating instruction is adjusted to be executed before the external resource calling instruction according to the corresponding safety logic description rule. For convenience of description, taking a security hole in source code describing an intelligent contract as an example, in fact, the security hole in the following example is obtained based on resolved execution logic, the issuing platform device detects a description in a structure diagram of an instruction in the source code that invokes a widthwbaance function, and an instruction (call.value () function) that determines fund information provided by an external resource is executed prior to an instruction (userbance function) that updates a state variable:

the fifth line call value () function is an external resource call instruction for transmitting the fund information to the user who calls the widthawback. The userBalances function of the sixth line is a state variable update instruction that is used to update the balance in the user account. To this end, the execution logic parsed to correspond to the call.value () function in the smart contract preceding the userBalances function is a security hole in the present smart contract. If an attacker calls the withdrewBase function in the smart contract through a malicious smart contract, the smart contract executes a call.value () function to send funds information to the malicious smart contract and transfer control to the malicious smart contract. Although the present smart contract has sent funds information to the malicious smart contract, since the present smart contract is now waiting for the return of an external resource call instruction, the state variable update instruction has not yet been executed, the fallback function of the malicious smart contract will be automatically invoked, and the withdraw function will be invoked again in the fallback function. The malicious smart contract may implement a reentry attack to re-extract the funds information stored in the present smart contract using the security breach bypass fourth line of legitimacy check instructions.

To eliminate the above security vulnerabilities, the state variable update instruction may be executed before the external resource call instruction is adjusted based on the corresponding security logic description rules to obtain the repaired smart contract (source code) as follows:

in the actual operation process, the release platform device rewrites and translates the corresponding byte codes or intermediate codes according to the execution logic of the source codes so as to obtain the repaired second executable program.

In another specific embodiment, the step S120 includes: and checking a data relationship generated based on the external resource call in the current execution logic, and supplementing a data validity checking mechanism of the called external resource based on a checking result and according to a corresponding safety logic description rule so as to obtain a repaired second executable program. The data validity checking mechanism is used for checking whether an operation result of the arithmetic operation instruction has a boundary crossing operation result or not.

In this case, the issuing platform device determines, based on the inspection result, an instruction in the smart contract that does not inspect the operation result of the arithmetic operation instruction, possibly causing the arithmetic operation instruction of the present smart contract to generate an out-of-range result, and adds the inspection instruction to the arithmetic operation instruction that may generate the out-of-range result according to the corresponding security logic description rule. For convenience of description, taking a security hole in source code describing an intelligent contract as an example, in fact, the security hole in the following example is obtained based on resolved execution logic, the issue platform device detects the description of an instruction in the source code, which calls an incrustlocktime function, in a structure diagram, and determines that a variable required by an arithmetic operation instruction depends on a variable (timeToIncrease) provided by an external resource:

Wherein the check instruction (request () function) of the tenth line in the smart contract requires that the user can take out the fund information stored in the smart contract after one week. The variable (lockTime) is an unsigned integer variable, and if the user inputs a sufficiently large variable (timetoincrement) to cause the add instruction in the sixth row to generate an out-of-bounds result, the changed unsigned integer variable (lockTime) bypasses the check instruction in the tenth row, so that the fund information can be fetched in less than one week.

To eliminate the above security vulnerabilities, a check instruction may be added to the arithmetic operation instruction based on the corresponding security logic description rule to obtain a repaired smart contract (source code) as follows:

In another embodiment, the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program includes: checking a control relation and/or a data relation of an execution result of the called external resource in the current execution logic; based on the checking result and according to the corresponding safety logic description rule, supplementing an exception handling mechanism for the execution result to obtain a repaired second executable program.

For example, the issuing platform device determines that an external resource call instruction exists in the intelligent contract according to the checking result, determines whether the checking instruction for checking whether the result of the external resource call instruction is abnormal or not is absent in the execution logic according to the control relation of the external resource call instruction in the execution logic, supplements an abnormal processing mechanism for the execution result for the result of the external resource call instruction according to a corresponding safety logic description rule, and the abnormal processing mechanism comprises the step of adding the checking instruction to the execution result.

For another example, the issuing platform device determines that an external resource call instruction exists in the intelligent contract according to the checking result, and determines that the checking instruction for checking whether the result of the external resource call instruction is abnormal or not is absent in the execution logic according to the control relation of the external resource call instruction in the execution logic and the data relation of the execution result of the called external resource instruction in the current execution logic, and the execution result of the first executable program depends on the execution result of the called external resource. And supplementing an exception handling mechanism for the execution result to the result of the external resource call instruction according to the corresponding safety logic description rule, wherein the exception handling mechanism comprises the step of adding a check instruction to the execution result.

For another example, the issuing platform device determines that an external resource call instruction exists in the intelligent contract according to the checking result, and determines that the checking instruction for checking whether the result of the external resource call instruction is abnormal or not is absent in the execution logic according to the control relation of the external resource call instruction in the execution logic and the data relation of the execution result of the called external resource instruction in the current execution logic, and the execution result of the first executable program is independent of the execution result of the called external resource. And supplementing an exception handling mechanism for the execution result to the result of the external resource call instruction according to the corresponding safety logic description rule, wherein the exception handling mechanism comprises the step of adding a check instruction to the execution result.

For convenience of description, taking a security hole in source code describing an intelligent contract as an example, in fact, the security hole in the following example is obtained based on resolved execution logic, and the issuing platform device detects the description of an instruction in the source code, which calls a sendfowinner function, in a structure diagram, and determines whether an exception exists in an execution result of an instruction (send () function) for providing funding information for an external resource, and does not have a corresponding checking instruction:

The send () function in the seventh row is used for sending the fund information to the winner, and the send () function is the bottom function, which does not transfer the exception of the execution result to the current contract, and also does not restore the program or data to the correct state last time, but returns the boolean value false, and the present smart contract defaults to treat the external resource calling instruction as successful execution, and does not perform data validity check on the execution result of the send () function.

In order to eliminate the security hole, a check instruction may be added to the external resource call instruction based on the corresponding security logic description rule, so as to obtain a repaired intelligent contract (source code) as follows:

in the actual operation process, the release platform device rewrites and translates the corresponding byte codes or intermediate codes according to the execution logic of the source codes so as to obtain the repaired second executable program. It should be noted that, the repair manner provided by each of the above examples may be used in combination, for example, the control relationship and the data relationship of the first executable program to be issued are checked and repaired one by one according to a plurality of preset security logic description rules.

Based on the repairing method described above, a second executable program of the repaired intelligent contract can be obtained, step S130 is executed after the second executable program is obtained, and the second executable program is issued to the blockchain network.

The publishing platform device sends the repaired second executable program to a plurality of corresponding node devices according to the configuration of the node devices in the prior blockchain network, so that each node device executes the second executable program based on a common recognition mechanism and the like to fulfill the intelligent contract.

The block chain network is a decentralised network, and comprises a plurality of node devices, wherein each node device provides network services together. The node devices in the blockchain network may be located on a single computer device, or on physical or virtual devices used in a cloud architecture-based service system, or the like. The single computer device may be located in a private machine room or in some leased location in a public machine room. The form and the set geographical location of the physical device or the virtual device are not limited. For example, multiple node devices may be located on different virtual devices of the same physical server and managed individually by management rights. The service system of the cloud architecture comprises a public cloud service end and a private cloud service end, wherein the public or private cloud service end comprises SaaS, paaS, iaS and the like. The private cloud service end is, for example, an Arian cloud computing service platform, an Amazon cloud computing service platform, a hundred degree cloud computing platform, a Tencent cloud computing platform and the like. The virtual device may be one of devices that the entity server virtualizes an exclusive device into a plurality of logical devices through a virtual technology for simultaneous use by a plurality of user processes.

To ensure that known security vulnerabilities are eliminated from the issued second executable program and that no new security vulnerabilities or logic errors have occurred after repair, the method may further include, prior to performing step S130, a step of verifying the second executable program based on trusted portions of the current execution logic in the first executable program.

Wherein the trusted portion is a portion of the first executable program that implements the smart contract functionality and does not include the security breach. The verification step may be performed before the translation step or after the translation step. For example, the control relationship and the data relationship of the smart contract function implemented in the first executable program are used to verify the control relationship and the data relationship of the smart contract function implemented in the second executable program, and when the verification is passed, step S130 is executed, i.e. the repaired second executable program is issued to the blockchain. For another example, the rewritten intermediate code is verified based on the trusted portion in the current execution logic before the translating step is performed, and if the portion of the function of the smart contract implemented in the rewritten intermediate code matches the portion of the function of the smart contract implemented in the intermediate code of the first executable program, step S130 is performed.

Referring to fig. 4, fig. 4 is a schematic structural diagram of an issuing system of the smart contract according to the present application, and as shown in the drawing, the issuing system 20 includes: an analysis module 21, a repair module 22 and a release module 23. The parsing module 21 is configured to parse a first executable program of an intelligent contract to be issued, so as to obtain current execution logic of the first executable program.

Here, the parsing module 21 obtains a first executable program of an intelligent contract to be issued, and parses the obtained first executable program to facilitate logic of an internal execution process in the first executable program, logic of calling an external resource, and a data processing process generated when the external resource is called. The external resource call includes, but is not limited to, at least one of: invoking processing results of the external smart contract, invoking data stored by the external contract, invoking the external smart contract, and the like.

In one embodiment, the parsing module 21 parses a first executable program of a smart contract to be issued by disassembling the first executable program to obtain a control relationship and a data relationship describing the execution process of the smart contract. The disassembly is the process of converting machine language into assembly language code, i.e., the disassembly may convert the first executable program into an assembly execution sequence. The manner and/or tools for disassembling the first executable program may also be different for intelligent contracts written in different types of high-level programming languages. For example, the high-level programming language is a stability, and the disassembly tool used in disassembling the corresponding first executable program includes: evmdis, porosity, ethersplay, etc.

The control relation refers to the sequence of execution sequences among instructions in the assembly execution sequence, and in the same execution sequence, the subsequently executed instructions depend on the previously executed instructions. The data relationship is the transfer of data between instructions, with instructions that use certain data being dependent on the instructions that define that data. The control relationships and data relationships are used to describe the current execution logic of the first executable program, and the control relationships and data relationships also include logical relationships that result from invoking resources of an external node. I.e. the currently executing logic contains logical relationships that are generated based on invoking resources of the external node. The present execution logic is described by way of block diagrams. For example, the block diagram of execution logic of a smart contract is shown in FIG. 3, where solid lines represent control relationships between instructions and dashed lines represent data relationships between instructions. The control relationships may be described by a control flow graph and the data relationships may be described by a data flow graph. The control flow graph is exemplified by a directed graph, e.g., graph g= (N, E, nenry, next). Where N is a set of nodes, each instruction of the assembly execution sequence corresponds to a node in the graph; edge set e= { (N1, N2) |n1, N2E N and N1 execution may be performed immediately after N2}; the nentry and nexit are the entry and exit nodes, respectively, that assemble the execution sequence. The data flow diagram refers to a logic flow and a logic transformation process of data in an assembly execution sequence from the data transmission perspective, and the data flow diagram can describe a storage mode, a reading mode and a processing mode of the assembly execution sequence on the data. In a specific embodiment, the parsing module 21 simulates a control relationship including stopping execution of the instructions in the assembly execution sequence, transferring the control relationship of executing the instructions in the assembly execution sequence, sequentially executing the control relationship of the instructions in the assembly execution sequence, and the like according to the order of the instructions in the assembly execution sequence obtained by disassembly, the functions of the instructions in the API, and the like, so as to obtain the control relationship describing the execution process of the intelligent contract. The parsing module 21 simulates stack operations, memory operations, and the like according to parameter definitions such as data structures, global variables, local variables, and the like in the disassembled assembly execution sequence, so as to obtain data relationships describing the intelligent contract execution process. The control relation of stopping execution is used for indicating the node equipment in the blockchain to stop executing the current execution sequence after the node equipment in the blockchain finishes executing the instruction. The control relationship of transfer execution is used for indicating that the node equipment in the blockchain transfers to execute the execution sequence from the target address after the node equipment in the blockchain executes the instruction. The control relation of the sequential execution is used for indicating the node equipment in the blockchain to sequentially execute the next in the execution sequence after the node equipment in the blockchain executes the instruction. Stack operations refer to the instruction pushing operands into the stack or popping operands from the stack. A memory operation refers to the instruction writing to or reading operands from memory. The operand includes the source of the data needed to execute the instruction, the operand is a field in the instruction of the assembly execution sequence, the operand itself can be put in the field of the operand in the instruction, the operation address can be put, and the calculation method of the operation address can be put. Typically an instruction contains both operators and operands. For example: in the compare instruction, the operator specifies the computer to perform the comparison operation, and the operand specifies the two values to be compared. Wherein the operand contains data provided from an external call resource. Such as funds data corresponding to the same user account information from other smart contracts invoked externally.

In another embodiment, the parsing module 21 obtains control relationships and data relationships describing the smart contract execution process based on the assembly execution sequence using a dynamic program analysis technique in combination with the simulation execution described in the previous embodiments. The dynamic program analysis technology refers to obtaining a control relation and a data relation under the actual running condition of a program by observing the state of the program in the running process. After calculating the control relationship and the data relationship of the intelligent contract based on the analysis method in the foregoing embodiment, the analysis module 21 may actually run each instruction of the intelligent contract based on the dynamic program analysis technology to obtain the instruction execution result, the memory usage condition, the stack usage condition, the function of the intelligent contract, and the like in the intelligent contract. The intelligent contract actually operated can be a first executable program or an assembly execution sequence obtained by disassembling the first executable program. And confirming and correcting the control relation and the data relation of the intelligent contract obtained through calculation based on the execution result of the instruction obtained by actually running the program, the use condition of a memory, the use condition of a stack, the function of the intelligent contract and the like.

The parsing module 21 parses a first executable program to be released to obtain a current execution logic of the first executable program, so that the repairing module 22 repairs a security hole in the execution logic based on a preset security logic description rule, so as to obtain a repaired second executable program. Wherein the security logic description rule includes security execution logic when executing the smart contract in accordance with invoking the resource of the external node. Wherein the calling the resources of the external node includes: the first executable program invokes the blockchain link point to execute the external smart contract and obtain its processing results, invokes data stored on the blockchain node, and the like.

Based on the security hole, the security hole is promoted to other security holes, and the security hole is reflected in the control relation and the data relation obtained through analysis. For example, in the control structure diagram obtained by analysis, the control flow of the first execution program is represented by a control relationship described by points and directed edges. For another example, in the data structure diagram obtained by parsing, the data read-write flow of the first execution program is represented by a data relationship described by points and directed edges. In order to facilitate rapid positioning of security vulnerabilities, a security logic description rule corresponding to the security vulnerabilities is preset in the publishing platform device, and is described as security execution logic when executing the intelligent contract according to the invocation of the resources of the external node. According to the instruction defect describing the security hole, the preset security logic description rule may include at least one of the following: the state variable change instruction is located before the external call instruction, adds a check instruction to the out-of-range operation, and adds a check instruction to the external call. The security logic description rule corresponds to a description mode of the execution logic of the first execution program. Taking the publishing platform device to analyze the first execution program into a structural diagram as an example, the security logic description rule comprises a rule of a secure connection sequence and a secure connection mode of points and directed edge descriptions in the structural diagram. The publishing platform device utilizes the structural diagram rule provided by the security logic description rule and eliminating the security hole to check in the structural diagram of the constructed first execution program, and when the position which does not accord with the structural diagram rule is checked, the position of the security hole in the first execution program is determined. For example, checking the attribute of points in the constructed structure diagram of the first execution program according to the instruction rule in the security logic description rule, checking the attribute of the directed edges between the corresponding points in the corresponding structure diagram according to the instruction execution sequence in the security logic description rule, and determining the position of the security hole in the corresponding structure diagram when the non-compliance is checked, so as to obtain the position of the security hole of the first execution program.

When the fix module 22 determines the location of the security hole in the first executable program, the fix module rewrites the security hole in the intermediate code obtained by parsing the first executable program according to the security logic description rule, and translates the rewritten intermediate code into the second executable program. Wherein the intermediate code is instruction code in the assembly execution sequence. Here, the repair module 22 replaces the security hole in the control relationship and the data relationship for describing the first execution program according to the security logic description rule, and rewrites the instruction code of the corresponding position in the assembly execution sequence according to the replaced control relationship and the replaced position of the data relationship. Examples of the overwriting operation include, but are not limited to: adjusting the execution order of the instruction codes, or adding corresponding checking instruction codes, etc. The publishing platform means translates the rewritten assembly execution sequence into a second executable program, thereby obtaining the second executable program for execution by the node device on the blockchain.

In some embodiments, the repair module 22 may further update the security logic description rule, where the update operation refers to complementarily storing the corresponding security logic description rule in the publishing platform device according to the new security hole; and/or providing improved security logic description rules for existing security logic description rules to enable improved execution efficiency of the repaired executable program. For example, since each instruction consumes a certain amount of unit cost (gas) during execution of the smart contract, the unit cost (gas) is a unit that measures the amount of computation required to execute a certain instruction, and is used to calculate the amount of fee that needs to be paid to the network in order to execute a certain instruction. The new security logic description rules received by the repair module 22 are security logic description rules that replace the original security logic description rules to consume less cost of units (gas).

In a specific embodiment, the repair module 22 checks the control relationship between the external resource call and the state variable update in the current execution logic, and adjusts the control sequence between the external resource call and the state variable update according to the corresponding security logic description rule based on the check result, so as to obtain the repaired second executable program.

The repair module 22 determines, according to the checking result, that the control relationship is executed after the external resource calling instruction in the first executable program is executed, and then adjusts the state variable updating instruction to be executed before the external resource calling instruction according to the corresponding security logic description rule. For ease of description, taking the security hole in the source code describing the smart contract as an example, in fact, the security hole in the following example is obtained based on the parsed execution logic, the repair module 22 detects the description in the block diagram of the instruction in the source code that invokes the widthwbaance function, and determines that the instruction (call.value () function) of the fund information provided by the external resource is executed prior to the instruction (userbance function) of the state variable update:

/>

in actual operation, the repair module 22 rewrites and translates the corresponding bytecode or intermediate code according to the execution logic of the source code to obtain a repaired second executable program.

In another embodiment, the repair module 22 examines the data relationship generated based on the external resource call in the current execution logic, and supplements a data validity check mechanism for the called external resource based on the examination result and according to the corresponding security logic description rule, so as to obtain a repaired second executable program. The data validity checking mechanism is used for checking whether an operation result of the arithmetic operation instruction has a boundary crossing operation result or not.

Here, the repair module 22 determines, according to the checking result, an instruction in the smart contract that does not check the operation result of the arithmetic operation instruction, and may cause the arithmetic operation instruction of the smart contract to generate the out-of-range result, and adds the checking instruction to the arithmetic operation instruction that may generate the out-of-range result according to the corresponding security logic description rule. For ease of description, taking the security hole in the source code describing the smart contract as an example, in fact, the security hole in the following example is obtained based on the parsed execution logic, the repair module 22 detects the description in the block diagram of the instruction in the source code that invokes the incleaselocktime function, and determines that the variables required for the arithmetic operation instruction depend on the external resource provided variable (timeToIncrease):

In yet another embodiment, the repair module 22 checks the control relationship and/or data relationship of the execution result of the invoked external resource in the current execution logic; based on the checking result and according to the corresponding safety logic description rule, supplementing an exception handling mechanism for the execution result to obtain a repaired second executable program.

For example, the repair module 22 determines that an external resource call instruction exists in the intelligent contract according to the checking result and determines whether the checking instruction for checking whether the result of the external resource call instruction is abnormal exists in the execution logic according to the control relation of the external resource call instruction in the execution logic, and supplements an abnormal processing mechanism for the execution result to the result of the external resource call instruction according to the corresponding safety logic description rule, wherein the abnormal processing mechanism comprises adding the checking instruction to the execution result.

As another example, the repair module 22 determines that an external resource call instruction exists in the smart contract according to the checking result and determines that the checking instruction for checking whether an exception exists in the result of the external resource call instruction is absent in the execution logic and the execution result of the first executable program depends on the execution result of the called external resource according to the control relationship of the external resource call instruction in the execution logic and the data relationship of the execution result of the called external resource instruction in the current execution logic. And supplementing an exception handling mechanism for the execution result to the result of the external resource call instruction according to the corresponding safety logic description rule, wherein the exception handling mechanism comprises the step of adding a check instruction to the execution result.

For another example, the repair module 22 determines that an external resource call instruction exists in the smart contract according to the checking result, and determines that the checking instruction for checking whether the result of the external resource call instruction is abnormal is absent in the execution logic and the execution result of the first executable program is independent of the execution result of the called external resource according to the control relationship of the external resource call instruction in the execution logic and the data relationship of the execution result of the called external resource instruction in the current execution logic. And supplementing an exception handling mechanism for the execution result to the result of the external resource call instruction according to the corresponding safety logic description rule, wherein the exception handling mechanism comprises the step of adding a check instruction to the execution result.

For convenience of description, taking a security hole in the source code describing the smart contract as an example, in fact, the security hole in the following example is obtained based on the parsed execution logic, the repair module 22 detects the description of the instruction in the source code that invokes the sendfowinner function in the structure diagram, and determines whether there is an exception with respect to the execution result of the instruction (send () function) that provides funding information for the external resource, and there is no corresponding check instruction:

To eliminate the security vulnerabilities described above, the repair module 22 may add a check instruction to the external resource call instruction based on the corresponding security logic description rules to obtain a repaired smart contract (source code) as follows:

in actual operation, the repair module 22 rewrites and translates the corresponding bytecode or intermediate code according to the execution logic of the source code to obtain a repaired second executable program. It should be noted that, the repair manner provided by each of the above examples may be used in combination, for example, the control relationship and the data relationship of the first executable program to be issued are checked and repaired one by one according to a plurality of preset security logic description rules.

The second executable program of the repaired smart contract may be obtained based on the repair method performed by the previous repair module 22. The publishing module 23 is configured to publish the second executable program to a blockchain network.

Here, the distribution system 20 of the smart contract transmits the repaired second executable program to the corresponding plurality of node devices according to the configuration of the node devices in the predetermined blockchain network, so that each node device executes the second executable program based on, for example, a consensus mechanism or the like to fulfill the smart contract.

Referring to fig. 5, fig. 5 is a schematic diagram of a network architecture of the intelligent contract issuing system and the blockchain network according to the present application, and the execution process of the issuing method is as follows, using the network architecture provided in fig. 5: the publishing system obtains a first executable program submitted by the client. For example, the publishing system obtains a first executable program uploaded by a user through a WEB browser. And the analysis module of the release system analyzes the acquired first executable program to obtain the current execution logic of the first executable program. And the repairing module repairs the security holes in the execution logic based on a preset security logic description rule so as to obtain a repaired second executable program. And after the repaired second executable program is obtained, the repairing module verifies the second executable program based on the trusted part in the current execution logic in the first executable program. The publishing module publishes the repaired second executable program to each node device of the blockchain network so that each node device can jointly provide network services based on the second executable program.

The application also discloses a computer readable storage medium storing at least one computer program which, when invoked, participates in executing the publishing method. The distribution method is the same as or similar to the aforementioned distribution method, and will not be described in detail herein. It should be further noted that, from the above description of the embodiments, it will be apparent to those skilled in the art that part or all of the present application may be implemented by means of software in combination with a necessary general hardware platform. Based on such an understanding, the solution of the application may be embodied essentially or in part in the form of a software product that contributes to the state of the art.

In the embodiments provided herein, the computer-readable storage medium may include read-only memory, random-access memory, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, U-disk, removable hard disk, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. In addition, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. It should be understood, however, that computer-readable and data storage media do not include connections, carrier waves, signals, or other transitory media, but are intended to be directed to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.

The distribution method of the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The steps of the disclosed methods may be embodied in a processor-executable software module, which may be located on a tangible, non-transitory computer-readable and writable storage medium. Tangible, non-transitory computer readable and writable storage media may be any available media that can be accessed by a computer.

The above embodiments are merely illustrative of the principles of the present application and its effectiveness, and are not intended to limit the application. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the application. Accordingly, it is intended that all equivalent modifications and variations of the application be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.

Claims

1. A method for publishing an intelligent contract, comprising the steps of:

Analyzing a first executable program of an intelligent contract to be issued to obtain current execution logic of the first executable program; the step of parsing a first executable program of an intelligent contract to be issued to obtain current execution logic of the first executable program includes: disassembling the first executable program to obtain control relationships and data relationships describing the smart contract execution process; wherein the control relationships and data relationships are used to describe the currently executing logic and include logic relationships generated based on invoking resources of external nodes;

repairing the security hole in the execution logic based on a preset security logic description rule to obtain a repaired second executable program; wherein the security logic description rule comprises security execution logic when executing an intelligent contract according to a resource of an external node; the preset security logic description rule comprises at least one of the following: the state variable change instruction is located before the external call instruction, adds a check instruction to the out-of-range operation, and adds a check instruction to the external call;

issuing the second executable program into a blockchain network; wherein the second executable program is also verified based on the trusted portion of the current execution logic prior to executing the publishing step.

2. The method of claim 1, wherein the current execution logic is described by a block diagram.

3. The method of claim 1, wherein the security vulnerabilities include at least one of: the state variable change instruction is located after the external call instruction, in the absence of a check instruction for out-of-range operations, and in the absence of a check instruction for external calls.

4. The method for publishing an intelligent contract according to claim 1, wherein the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program comprises:

checking a control relation between external resource call and state variable update in the current execution logic;

and adjusting the control sequence between the external resource call and the state variable update based on the checking result and according to the corresponding safety logic description rule so as to obtain the repaired second executable program.

5. The method for publishing an intelligent contract according to claim 1, wherein the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program comprises:

Checking a data relationship generated based on external resource calls in the current execution logic;

based on the checking result and according to the corresponding safety logic description rule, supplementing a data validity checking mechanism of the called external resource to obtain a repaired second executable program.

6. The method for publishing an intelligent contract according to claim 1, wherein the step of repairing the security hole in the current execution logic based on the preset security logic description rule to obtain the repaired second executable program comprises:

checking a control relation and/or a data relation of an execution result of the called external resource in the current execution logic;

based on the checking result and according to the corresponding safety logic description rule, supplementing an exception handling mechanism for the execution result to obtain a repaired second executable program.

7. The method for publishing an intelligent contract according to any one of claims 1-6, wherein the step of repairing the security hole in the current execution logic based on a preset security logic description rule to obtain a repaired second executable program includes:

rewriting security vulnerabilities in intermediate codes obtained by analyzing the first executable program according to the security logic description rules;

The rewritten intermediate code is translated into a second executable program.

8. The smart contract issuing method according to claim 7, characterized by further comprising, before the execution of the translating step, the steps of: and verifying the rewritten intermediate code based on the trusted part in the current execution logic.

9. The method of claim 1, further comprising: updating the security logic description rule.

10. An intelligent contract issuing platform device, comprising:

the interface device is used for receiving a first executable program of the intelligent contract and issuing a second executable program repaired by the first executable program into the blockchain network;

a storage device for storing at least one program;

processing means, connected to said storage means and to said interface means, for invoking and executing said at least one program to coordinate said interface means and storage means to perform the method of issuing a smart contract according to any of claims 1-9.

11. A computer-readable storage medium storing at least one program that, when called, performs the method of issuing a smart contract according to any one of claims 1-9.

12. A smart contract issuing system, comprising:

the analyzing module is used for analyzing a first executable program of an intelligent contract to be issued so as to obtain the current execution logic of the first executable program; the step of the parsing module parsing a first executable program of an intelligent contract to be issued to obtain current execution logic of the first executable program includes: the parsing module disassembles the first executable program to obtain control relationships and data relationships describing the smart contract execution process; wherein the control relationships and data relationships are used to describe the currently executing logic and include logic relationships generated based on invoking resources of external nodes;

the repair module is used for repairing the security holes in the execution logic based on a preset security logic description rule so as to obtain a repaired second executable program; wherein the security logic description rule comprises security execution logic when executing an intelligent contract according to a resource of an external node; the preset security logic description rule comprises at least one of the following: the state variable change instruction is located before the external call instruction, adds a check instruction to the out-of-range operation, and adds a check instruction to the external call;

The release module is used for releasing the second executable program into a blockchain network; wherein the publishing module verifies the second executable program by the repair module based on the trusted portion of the current execution logic prior to performing the publishing step.