Randomness invalidates criminal smart contracts.

A smart contract enforces specific performance on anonymous users without centralization. It facilitates payment equity in commerce by providing irreversible transactions. Smart contracts are also used for illegal activities such as money laundering and ransomware. Such contracts include criminal smart contracts (CSCs), proposed in CCS’16, that can be efficiently implemented in existing scripting languages. This aggravates concerns about the dangers of CSCs. However, PublicLeaks, a CSC for leaking private data, is conditionally implemented as it is influenced by various factors. For example, PublicLeaks does not necessarily reach a desirable terminal state for a criminal leaking private information, and other possible terminal states may invalidate the CSC. In this study, we propose a CSC based on PublicLeaks by formulating random factors such as the donation ratio. Our contract forks into five terminal states, including a unique one in PublicLeaks due to randomness. We simulated the maximal probabilities of these terminal states and found that the desirable terminal state in PublicLeaks is reachable with low probabilities (lower than 25%). The terminal state where the criminal fails to leak private information is attained with relatively high probabilities (over 65%). Therefore, our simulations show that CSCs are not always as powerful as expected, and the risk posed by them can be mitigated.