A Transpilation-Based Approach to Writing Secure Access Control Smart Contracts

In blockchain space, access control is a crucial aspect of smart contract development, as it guarantees that only authorized users can execute specific functions within a contract. The growing interest in employing smart contracts for access control mechanisms stems from their ability to provide reliable, secure and efficient enforcement of access control policies. However, Solidity, the most popular smart contract language, was not designed explicitly for writing access control policies, unlike specialized languages such as Alfa or XACML. The differences between these languages leads to a difficulty for those who wish to use smart contracts as access control mechanisms but lack the knowledge of Solidity or the ability to evaluate their code's security. To bridge this gap, we introduce ASAC, an Alfa to Solidity transpiler that translates Alfa policies into secure Solidity contracts. Our transpiler leverages the ANTLR (ANother Tool for Language Recognition) parser generator and translate complex Alfa policies into smart contracts. We showcase the effectiveness of our transpiler through a set of case studies and offer an evaluation of its performance.