Method and system for securing smart contracts in blockchains

What is claimed is: 1. A computer-implemented method for securing a blockchain, maintained by a blockchain network, against software exploits, the method comprising: automatically receiving, by a blockchain node of the blockchain network, blockchain data comprising: (i) a control flow graph (CFG) and (ii) a machine-executable application code, the CFG defining a set of pre-defined execution flows of the machine-executable application code; deriving, at run-time, valid execution flows from the machine-executable application code; automatically verifying, at run-time, the blockchain data by verifying a digital signature of a creator of the machine-executable application code and verifying that the CFG itself is correct by confirming that the set of pre-defined execution flows defined by the CFG corresponds to the valid execution flows derived from the machine-executable application code; and based on verifying the blockchain data, automatically including the verified blockchain data in a block of the blockchain. 2. The method according to claim 1 , further comprising: receiving subsequent blockchain data invoking at least one function of the machine-executable application code of the blockchain data previously verified and included in the blockchain; determining a currently invoked execution path of the machine-executable application code invoked by the subsequent blockchain data; and comparing the currently invoked execution path of the machine-executable application code to the set of pre-defined execution flows defined by the CFG, and based thereon, performing one of the following steps: validating a blockchain transaction, which is at least partially defined by the subsequent blockchain data, where the comparison results in a determination that the currently invoked execution path matches at least one of the set of pre-defined execution flows defined by the CFG, the validated blockchain transaction being then incorporated into another block of the blockchain; and broadcasting a proof of malicious transaction to the blockchain network where the comparison results in a determination that the currently invoked execution path does not match with any of the set of pre-defined execution flows defined by the CFG. 3. The method according to claim 2 , wherein the machine-executable application code corresponds to a quasi-Turing-complete program in Ethereum Virtual Machine code, and wherein the CFG, the machine-executable application code and a state of execution of the quasi-Turing-complete program are stored in the block of the blockchain. 4. The method according to claim 3 , further comprising updating the state after the execution of the quasi-Turing-complete program upon validating the blockchain transaction. 5. The method of claim 1 , wherein the CFG comprises a plurality of basic building blocks (BBLs) and each BBL includes a single entry instruction and a single exit instruction enabling a transition from a respective BBL to another one of the BBLs. 6. The method according to claim 1 , further comprising generating, by the creator of the smart contract, the CFG based on the machine-executable application code given a dynamic input and state. 7. A system for securing a blockchain, maintained by a blockchain network, against software exploits, the system comprising one or more processors which, alone or in combination, are configured to provide for execution of the following steps: automatically receiving, by a blockchain node of the blockchain network, blockchain data comprising (i) a control flow graph (CFG) and (ii) a machine-executable application code, the CFG defining a set of pre-defined execution flows of the machine-executable application code; deriving, at run-time, valid execution flows from the machine-executable application code; automatically verifying, at run-time, the blockchain data by verifying a digital signature of a creator of the machine-executable application code and verifying that the CFG itself is correct by confirming that the set of pre-defined execution flows defined by the CFG corresponds to the valid execution flows derived from the machine-executable application code; and based on verifying the blockchain data, automatically including the blockchain data in a block of the blockchain. 8. The system according to claim 7 , being further configured to provide for execution of the steps of: receiving subsequent blockchain data invoking at least one function of the machine-executable application code of the blockchain data previously verified and included in the blockchain; determining a currently invoked execution path of the machine-executable application code invoked by the subsequent blockchain data; and comparing the currently invoked execution path of the machine-executable application code to the set of pre-defined execution flows defined by CFG, and based thereon, performing one of the following steps: validating a blockchain transaction, which is at least partially defined by the subsequent blockchain data, where the comparison results in a determination that the currently invoked execution path matches at least one of the set of pre-defined execution flows defined by the CFG, the validated blockchain transaction being then incorporated into another block of the blockchain; and broadcasting a proof of malicious transaction to the blockchain network where the comparison results in a determination that the currently invoked execution path does not match with any of the set of pre-defined execution flows defined by the CFG. 9. The system according to claim 8 , wherein the machine-executable application code corresponds to a quasi-Turing complete program in Ethereum Virtual Machine code, and wherein the system is further configured to provide for execution of the step of storing the CFG, the machine-executable application code and a state of execution of the quasi-Turing complete program in the block of blockchain. 10. The system according to 9 , being further configured to provide for execution of the step of updating the state after execution of the quasi-Turing complete program upon validating the blockchain transaction. 11. A tangible, non-transitory computer-readable medium having instructions thereon which, when executed by one or more processors, cause execution of a method for blockchain, maintained by a blockchain network, against software exploits, the method comprising: automatically receiving, by a blockchain node of the blockchain network, blockchain data comprising: (i) a control flow graph (CFG) and (ii) machine-executable application code, the CFG defining a set of pre-defined execution flows of the machine-executable application code; deriving, at run-time, valid execution flows from the machine-executable application code; automatically verifying, at run-time, the blockchain data by verifying a digital signature of a creator of the machine-executable application code and verifying that the CFG itself is correct by confirming that the set of pre-defined execution flows defined by the CFG corresponds to the valid execution flows derived from the machine-executable application code; and based on verifying the blockchain data, automatically including the verified blockchain data in a block of the blockchain. 12. The computer-readable medium according to claim 11 , having instructions thereon which, when executed by the one or more processors, cause execution of the following additional steps: receiving subsequent blockchain data invoking at least one function of the machine-executable application code of the blockchain data previously verified and included in the blockchain; determining a currently invoke