ECE 398 SC: Smart Contracts and Blockchain Security, Spring 2018 (2nd half)

Instructor Andrew Miller soc1024@illinois.edu Location ECEB 3081 Lecture Times

Tuesday and Thursday, 12:30pm - 1:50pm

Office CSL 461

Office Hours

Thursdays 2:30pm-3:30pm

Piazza [piazza] Course registration is totally full! This is a HALF-SEMESTER course, the second half of Spring 2018. It is worth 2 credits.

Smart Contracts and Blockchains are an important emerging programming model, where a secure publicly-shared database (“the blockchain”) is used as the cornerstone for distributed systems involving parties that do not trust each other. Smart contracts are deployed today on cryptocurrencies like Bitcoin and Ethereum, where real money is already put at stake (e.g., a billion dollar ecosystem of smart-contract based crowdfunding has recently emerged). Smart contracts are also central to the emerging industry trends (from companies like IBM, Microsoft, and many others) on using blockchains in various industry sectors, such as finance and supply chains.

Security is a foremost concern when designing smart contract applications, since they are targets for adversarial behavior. Poorly designed and implemented smart contracts have already been exploited for tens of millions of dollars. Smart contracts therefore provide a timely viewpoint for learning fundamental concepts in computer security, such as adversarial thinking and defensive programming. Furthermore, smart contracts provide a natural platform for using cryptographic techniques, such as digital signatures and hash functions.

By the end of this course, students will be able to use cryptographic tools (digital signatures, hash functions, authenticated data structures) to design secure smart contract applications. They will be able to apply adversarial thinking to blockchain and smart contract applications in order to find and prevent vulnerabilities. They will have completed several smart contract programming assignments, and completed a final project involving the design and implementation of an Auction application on top of the Ethereum smart contract platform.

Topics:

Practical use of cryptocurrency and best practices

The security mindset, "thinking like an adversary"

Spotting and preventing vulnerabilities

Hash functions and authenticated data structures

Digital signatures

Uses of randomness and pseudorandomness

Amortization and optimistic protocols

Consensus protocols and permissioned vs. permissionless blockchains

Intended audience: This course is designed to appeal to undergraduates with a computer engineering / computer science background.

Prerequisites: This course involves several programming assignments in the Solidity smart contract programming language. No prior experience with Solidity is expected. However, introductory programming course or prior experience with programming (with any of: Python, Java, Javascript, C/C++, or others) is a prerequisite.

- ECE 220 or - CS 125

Texts, resources

Bitcoin and Cryptocurrency Technologies [website] [pdf]

Solidity documentation [website]

Calendar

Grading

Programming Project (Solidity Auction House) (40% of grade)

Quizzes and short programming assignments (30% of grade)

Final Exam (20% of grade)

Attendance / Participation (10% of grade)

Academic Integrity

Ethics statement