CoBlock: a Domain-Specific Language for Compliance Checking on Smart Contract Execution Data

CoBlock is a Domain-Specific Language (DSL) for defining compliance rules in terms of blockchain characterizations, treated as first-class citizens.
The main advantage of the proposed DSL is that it allows auditors to focus on blockchain characterizations relevant to DApp auditing with compliance checking, addressing the expressiveness limitations of existing compliance rules languages.

This enables a framework for compliance checking on smart contract execution data.
The CoBlock language has been implemented as a grammar and enriched with a parser to compile the defined rules, which are then checked.

CoBlock repository

Getting Started

Installation with Docker

Prerequisites

– Docker installed on your system.

Commands

1. Build the Docker image:

docker build -t coblock .

2. Run the Docker container:

docker run -p 8000:8000 coblock

3. Open the local application instance at:

http://0.0.0.0:8000/

Manual installation

Prerequisites

– Node.js
– Python

Commands

Frontend stage:

1. Install all Node.js required packages:

./frontend npm i

2. Start the frontend:

./frontend npm run dev

Backend stage:

1. Install all Python requirements:

./backend pip install -r requirements.txt

2. Run the Pyhton backend via Uvicorn:

./backend uvicorn app:app --reload

3. Open the local application instance at:

http://localhost:5173/

Usage

1. First, the user must upload an Events Log and choose the mapping between the event log columns and blockchain elements

2a. Then the user can define the blockchain-based compliance rule

2b. If the defined blockchain-based compliance rule is not correct, the parser will display the error indicating the wrong part of the rule

3. By clicking the “Check rule over blockchain log” button, the BBCR will be applied to the blockchain log, and a preview of the compliant and non-compliant sets will be shown for a first inspection. The user can download the sets by clicking the “Download full JSON” links

Evaluation

Following are the instructions to replicate the PancakeSwap analysis evaluation

1. Upload the PancakeSwap log with faulty transaction injected, the log is available at https://bitbucket.org/proslabteam/coblock/src/main/data/Pancake_faulty.xes

2. The mapping must be defined as:

CA: contractAddress
B: blockNumber
S: sender
FUN: activity
G: gasUsed
SV: storageState
CALL: internalTxs
I: inputs
E: events

3. The blockchain-based compliance rules are defined as:

R6 = transOwnTX(function is transferOwnership is passed newOwner(= nil) is updated _owner(!= transOwnTX.inputs.newOwner) is emitted OwnershipTransferred(is contained previousOwner(!= transOwnTX.sender))) nocc

R7 = transTokTX(function is sendFrom is called STATICCALL(contract is not 00000000000000000000000066a71dcef29a0ffbdbe3c6a460a3b5bc225cd675)) nocc

4. One at the time, the blockchain-based compliance rule can be parsed and checked by clicking the “Check rule over blockchain log” button

5. The compliant and non-compliante traces are previewed in the dedicated box, and the full sets can be downloaded by clicking “Download full JSON”

For R6 there will be 50 faulty traces
For R7 there will be 48 faulty traces

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	session	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
ice.connection.contextpath	session	No description
ice.connection.lease	session	No description
ice.connection.running	session	No description
ice.push.browser	session	No description
ice.pushids	session	No description
ultp_view_2478	1 day	No description
ultp_view_2524	1 day	No description
ultp_view_2526	1 day	No description
ultp_view_2534	1 day	No description
ultp_view_2542	1 day	No description
ultp_view_2544	1 day	No description
ultp_view_2546	1 day	No description
ultp_view_2613	1 day	No description
ultp_view_2620	1 day	No description
ultp_view_2622	1 day	No description
ultp_view_2624	1 day	No description
ultp_view_2668	1 day	No description
ultp_view_2674	1 day	No description

Monitoring & Controlling / Tool / Uncategorized · March 9, 2025

Getting Started

Installation with Docker

Prerequisites

Commands

Manual installation

Prerequisites

Commands

Usage

Evaluation