Paper 2018/192

SoK: unraveling Bitcoin smart contracts

Nicola Atzei, Massimo Bartoletti, Tiziana Cimoli, Stefano Lande, and Roberto Zunino


Albeit the primary usage of Bitcoin is to exchange currency, its blockchain and consensus mechanism can also be exploited to securely execute some forms of smart contracts. These are agreements among mutually distrusting parties, which can be automatically enforced without resorting to a trusted intermediary. Over the last few years a variety of smart contracts for Bitcoin have been proposed, both by the academic community and by that of developers. However, the heterogeneity in their treatment, the informal (often incomplete or imprecise) descriptions, and the use of poorly documented Bitcoin features, pose obstacles to the research. In this paper we present a comprehensive survey of smart contracts on Bitcoin, in a uniform framework. Our treatment is based on a new formal specification language for smart contracts, which also helps us to highlight some subtleties in existing informal descriptions, making a step towards automatic verification. We discuss some obstacles to the diffusion of smart contracts on Bitcoin, and we identify the most promising open research challenges.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.Principles of Security and Trust, 2018
Contact author(s)
bart @ unica it
2018-02-20: received
Short URL
Creative Commons Attribution


      author = {Nicola Atzei and Massimo Bartoletti and Tiziana Cimoli and Stefano Lande and Roberto Zunino},
      title = {SoK: unraveling Bitcoin smart contracts},
      howpublished = {Cryptology ePrint Archive, Paper 2018/192},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.