Method and system for supporting smart contracts in a blockchain network

The invention claimed is: 1 . A computer-implemented method for supporting smart contracts in a blockchain network, the method comprising: translating a source code of a smart contract into an abstract syntax tree model; generating a code property graph based on the abstract syntax tree model; performing an enrichment phase, wherein the code property graph is enriched with information that is inferable from the abstract syntax tree model; performing a vulnerability detection phase, wherein the code property graph is checked for one or more predetermined vulnerability patterns in order to detect one or more predetermined vulnerabilities, and wherein performing the vulnerability detection phase comprises: querying the code property graph for statements (s w ) that write state and a surrounding function (f); searching for external function calls (c e ) that, considering control flow of the surrounding function (f), transitively lead from the (c e ) to the (s w ); capturing a state variable (sv), which is manipulated by the (s w ); and querying the code property graph for all functions (f c ) that belong to the smart contract and that write to the (sv); and performing a vulnerability patching phase, wherein one or more patches are applied in order to fix the one or more predetermined vulnerabilities detected in the vulnerability detection phase, wherein the one or more patches are inserted into the code property graph such that a patched code property graph is generated. 2 . The computer-implemented method according to claim 1 , wherein the blockchain network is a distributed network comprising nodes, and wherein a blockchain enables the nodes to participate in transactions with each other through use of cryptographically secure signatures. 3 . The computer-implemented method according to claim 1 , wherein the smart contract is triggered whenever a transaction is sent to an address associated with the smart contract, and wherein the smart contract is executed in a virtual machine by nodes that verify and append transactions to a blockchain. 4 . The computer-implemented method according to claim 1 , wherein the code property graph includes a combined representation of a control flow graph, a data flow graph and/or a dominator tree. 5 . The computer-implemented method according to claim 1 , wherein performing the enrichment phase comprises a call-analysis, wherein the call-analysis comprises: iterating over function call expressions in the code property graph; and assigning a call label to each external function call. 6 . The computer-implemented method according to claim 1 , wherein performing the enrichment phase comprises a contains-call-analysis, wherein the contains-call-analysis comprises: analyzing sub-expressions of statements in the code property graph to find function calls; and assigning a call label to each statement having the external function call. 7 . The computer-implemented method according to claim 1 , wherein performing the enrichment phase comprises a write-state-analysis, wherein the write-state-analysis comprises: collecting statements that change state variables of the smart contract; assigning a first write-state-label to the collected statements and surrounding functions of the collected statements; collecting internal function calls calling functions that update/write state variables; assigning a second write-state-label to the collected internal function calls and surrounding functions of the collected internal function calls. 8 . The computer-implemented method according to claim 1 , wherein the one or more predetermined vulnerabilities include reentrancy, integer overflow bugs and/or integer underflow bugs. 9 . The computer-implemented method according to claim 1 , wherein the one or more predetermined vulnerability patterns is expressed in a form of a subgraph, and wherein performing the vulnerability detection phase further comprises searching for the subgraph within the code property graph of the smart contract. 10 . The computer-implemented method according to claim 1 , wherein performing the vulnerability detection phase further comprises: searching for constructor calls (c c ) that, considering control flow of the surrounding function (f), transitively lead from the (c c ) to the (s w ), and that call the external function calls (c e ). 11 . The computer-implemented method according to claim 10 , wherein performing the vulnerability patching phase further comprises: providing a lock variable (l sv ) for the (sv) as a state variable, generating assignment statements that set a state of the (l sv ), wherein a locking statement (lock_l sv ) sets a value to true, and an unlocking statement (unlock_l sv ) sets the value to false; and changing the control flow of the surrounding function (f) in such a way that the locking statement, the external function calls (c e ) or the constructor calls (c c ), and the unlocking statement directly follow each other as follows: lock_l sv →c e or c c →unlock_l sv . 12 . The computer-implemented method according to claim 1 , wherein the one or more patches are specifically crafted for the one or more vulnerability patterns. 13 . The computer-implemented method according to claim 1 , wherein the patched code property graph is traversed to generate a new source code for the smart contract that incorporates the one or more applied patches. 14 . A computer system for supporting smart contracts in a blockchain network, the system comprising memory and one or more processors, which, alone or in combination, are configured to provide for execution of a method comprising: translating a source code of a smart contract into an abstract syntax tree model; generating a code property graph based on the abstract syntax tree model; performing an enrichment phase, wherein the code property graph is enriched with information that is obtained from the abstract syntax tree model; performing a vulnerability detection phase, wherein the code property graph is analyzed for one or more predetermined vulnerability patterns in order to detect one or more predetermined vulnerabilities, and wherein performing the vulnerability detection phase comprises: querying the code property graph for statements (s w ) that write state and a surrounding function (f); searching for external function calls (c e ) that, considering control flow of the surrounding function (f), transitively lead from the (c e ) to the (s w ); capturing a state variable (sv), which is manipulated by the (s w ); and querying the code property graph for all functions (f c ) that belong to the smart contract and that write to the (sv); and performing a vulnerability patching phase, wherein one or more patches are applied in order to fix the one or more predetermined vulnerabilities detected in the vulnerability detection phase, wherein the one or more patches are inserted into the code property graph such that a patched code property graph is generated. 15 . A computer-implemented method for supporting smart contracts in a blockchain network, the method comprising: translating a source code of a smart contract into an abstract syntax tree model; generating a code property graph based on the abstract syntax tree model; performing an enrichment phase, wherein the code property graph is enriched with information that is inferable from the abstract syntax tree model; performing a vulnerability detection phase, wherein the code property graph is checked for one or more predetermined vulnerability patterns in order to detect one or more predetermined vu