Smart contracts are gaining popularity as a means to support transparent, traceable, and self-executing decentralized applications, which enable the exchange of value in a trustless environment. Developers of smart contracts rely on various libraries, such as OpenZeppelin for Solidity contracts, to improve application quality and reduce development costs. The API documentations of these libraries are important sources of information for developers who are unfamiliar with the APIs. Yet, maintaining high-quality documentations is non-trivial, and errors in documentations may place barriers for developers to learn the correct usages of APIs. In this paper, we propose a technique, DocCon, to detect inconsistencies between documentations and the corresponding code for Solidity smart contract libraries. Our fact-based approach allows inconsistencies of different severity levels to be queried, from a database containing precomputed facts about the API code and documentations. DocCon successfully detected high-priority API documentation errors in popular smart contract libraries, including mismatching parameters, missing requirements, outdated descriptions, etc. Our experiment result shows that DocCon achieves good precision and is applicable to different libraries: 29 and 22 out of our reported 40 errors have been confirmed and fixed by library developers so far.

Chenguang Zhu

The University of Texas at Austin

United States

Ye Liu

Nanyang Technological University

Xiuheng Wu

Nanyang Technological University, Singapore

Singapore

Yi Li

Nanyang Technological University, Singapore

Singapore

Many techniques have been proposed to mine knowledge from software artefacts and solve software evolution management tasks. To promote effective reusing of those knowledge, we propose a unified format, differential facts, to represent software changes across versions as well as various relations within each version, such as call graphs. Based on queryable formats, differential facts can be manipulated to implement complex evolution management tasks. Since facts once extracted can be shared among different tasks, the reusability brings improvements to oveall performance. We validate the technique and show its benefits of being efficient, flexible, and easy to implement, with several applications, including semantic history slicing, regression test selection, documentation error detection and client-specific usage patterns discovery.

Xiuheng Wu

Nanyang Technological University, Singapore

Singapore

Smart contracts are gaining popularity as a means to support transparent, traceable, and self-executing decentralized applications, which enable the exchange of value in a trustless environment. Developers of smart contracts rely on various libraries, such as OpenZeppelin for Solidity contracts, to improve application quality and reduce development costs. The API documentations of these libraries are important sources of information for developers who are unfamiliar with the APIs. Yet, maintaining high-quality documentations is non-trivial, and errors in documentations may place barriers for developers to learn the correct usages of APIs. In this paper, we propose a technique, DocCon, to detect inconsistencies between documentations and the corresponding code for Solidity smart contract libraries. Our fact-based approach allows inconsistencies of different severity levels to be queried, from a database containing precomputed facts about the API code and documentations. DocCon successfully detected high-priority API documentation errors in popular smart contract libraries, including mismatching parameters, missing requirements, outdated descriptions, etc. Our experiment result shows that DocCon achieves good precision and is applicable to different libraries: 29 and 22 out of our reported 40 errors have been confirmed and fixed by library developers so far.

Chenguang Zhu

The University of Texas at Austin

United States

Ye Liu

Nanyang Technological University

Xiuheng Wu

Nanyang Technological University, Singapore

Singapore

Yi Li

Nanyang Technological University, Singapore

Singapore