Decentralized applications (dApps) consist of smart contracts that run on blockchains and clients that model collaborating parties. dApps are used to model financial and legal business functionality. Today, contracts and clients are written as separate programs -- in different programming languages -- communicating via send and receive operations. This makes distributed program flow awkward to express and reason about, increasing the potential for mismatches in the client-contract interface, which can be exploited by malicious clients, potentially leading to huge financial losses. In this paper, we present Prisma, a language for tierless decentralized applications, where the contract and its clients are defined in one unit and pairs of send and receive actions that "belong together" are encapsulated into a single direct-style operation, which is executed differently by sending and receiving parties. This enables expressing distributed program flow via standard control flow and renders mismatching communication impossible. We prove formally that our compiler preserves program behavior in presence of an attacker controlling the client code. We systematically compare Prisma with mainstream and advanced programming models for dApps and provide empirical evidence for its expressiveness and performance.

翻译：摘要：去中心化应用由运行在区块链上的智能合约和建模协作方的客户端组成，常用于模拟金融和法律业务功能。当前，合约和客户端被编写为独立程序（使用不同编程语言），通过发送和接收操作进行通信。这导致分布式程序流程难以表达和推理，增加了客户端-合约接口不匹配的可能性——恶意客户端可能利用此漏洞，进而造成巨额经济损失。本文提出Prisma，一种用于无分层去中心化应用的语言：合约及其客户端在同一单元中定义，且“属于同一对”的发送和接收操作被封装为单个直接风格的操作，由发送方和接收方以不同方式执行。这使得分布式程序流程可通过标准控制流表达，并从根本上杜绝通信不匹配问题。我们形式化证明了在攻击者控制客户端代码的场景下，编译器仍能保留程序行为。通过系统对比Prisma与主流及先进的dApp编程模型，我们提供了其表达能力和性能的实证证据。