research-article

Open access

Can advanced type systems be usable? An empirical study of ownership, assets, and typestate in Obsidian

Authors:

Michael Coblenz,

Jonathan Aldrich,

Brad A. Myers,

Joshua SunshineAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 4, Issue OOPSLA

Article No.: 132, Pages 1 - 28

https://doi.org/10.1145/3428200

Published: 13 November 2020 Publication History

PDF eReader

Abstract

Some blockchain programs (smart contracts) have included serious security vulnerabilities. Obsidian is a new typestate-oriented programming language that uses a strong type system to rule out some of these vulnerabilities. Although Obsidian was designed to promote usability to make it as easy as possible to write programs, strong type systems can cause a language to be difficult to use. In particular, ownership, typestate, and assets, which Obsidian uses to provide safety guarantees, have not seen broad adoption together in popular languages and result in significant usability challenges. We performed an empirical study with 20 participants comparing Obsidian to Solidity, which is the language most commonly used for writing smart contracts today. We observed that Obsidian participants were able to successfully complete more of the programming tasks than the Solidity participants. We also found that the Solidity participants commonly inserted asset-related bugs, which Obsidian detects at compile time.

Supplementary Material

Auxiliary Presentation Video (oopsla20main-p23-p-video.mp4)

This is a presentation video for our OOPSLA 2020 paper, "Can Advanced Type Systems Be Usable? An Empirical Study of Ownership, Assets, and Typestate in Obsidian." Some blockchain programs (smart contracts) have included serious security vulnerabilities. Obsidian is a new programming language that uses a strong type system to rule out some of these vulnerabilities. Ownership, typestate, and assets, which Obsidian uses to provide safety guarantees at compile time, have not seen broad adoption together in popular languages and may result in signifcant usability challenges. We performed an empirical study with 20 participants comparing Obsidian to Solidity, the language most commonly used for writing smart contracts today. Obsidian participants were able to successfully complete more of the programming tasks than the Solidity participants. We also found that asset-related bugs, which Obsidian detects at compile time, were commonly accidentally inserted by the Solidity participants.

Download
944.34 MB

References

[1]

Yasemin Acar, Christian Stransky, Dominik Wermke, Michelle L Mazurek, and Sascha Fahl. 2017. Security developer studies with GitHub users: Exploring a convenience sample. In Proceedings of the Thirteenth USENIX Conference on Usable Privacy and Security. 81-95.

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Obsidian: Typestate and Assets for Safer Blockchain Programming

Albert, An Intermediate Smart-Contract Language for the Tezos Blockchain

The Clara framework for hybrid typestate analysis

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Badges

Author Tags

Qualifiers

Funding Sources

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations