DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In response to the preliminary amendment filed on August 20, 2021, claims 1-4, 6-8 and 10 are pending for consideration. 

Claim Objections
Claims 1, 4, 6, 10 are objected to because of the following informalities: 
In line 3 of Claim 1, it is recommended that “a list of past transaction” read as “a list of past transactions”.
In line 10 of Claim 1, it is recommended that ”outputs data relative to said selected one or more attacks along with an intended baseline path” be amended to clarify that the output consists of two separate items, the baseline path and the data related to the selected attacks, as opposed to the data being related to both the selected attacks and the baseline path. This interpretation is understood in light of the specification (Page 6, Par. 2, This module 102 outputs the details of the above attack, along with the intended baseline path).
In line 1 of Claim 4, it is recommended that “the list of past transactions are retrieved” read as “the list of past transactions is retrieved”.
In lines 8-9 of Claim 6, it is recommended that ”outputting data relative to said attack along with said detected base path” be amended to clarify the output consists of two separate items for the same reason as argued previously in the objection to Claim 1.
In lines 9-10 of Claim 10, it is recommended that “and outputting data relative to said attack along with said detected base path” be amended to clarify the output consists of two separate items for the same reason as argued previously in the objection to Claim 1.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 7 and 8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 7 and 8 recite “a method according to claim 5”, but Claim 5 is a canceled claim. For this reason, Claims 7 and 8 are indefinite since the subject matter is not distinctly claimed. For the purposes of compact prosecution, Claims 7 and 8 will hereinafter be treated as if they depend on Claim 6. 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 10 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 10 recites “a processor-readable storage medium”. The broadest reasonable interpretation of “processor-readable storage medium” encompasses non-statutory transitory forms of signal transmission, such as a propagating electrical or electromagnetic signal per se. See In re Nuijten, 500 F.3d 1346, 84 USPQ2d 1495 (Fed. Cir. 2007). Therefore, it is recommended that Claim 10 be amended such that the medium is directed towards non-transitory computer readable media. 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6-8, 10 are rejected under 35 U.S.C. 103 as being unpatentable over Cook et al. (“DappGuard : Active Monitoring and Defense for Solidity Smart Contracts”) hereinafter referred to as “Cook”, and further in view of Hay et al. (U.S. Pub. No. 2014/0373158 A1) hereinafter referred to as “Hay”.
Regarding Claim 1:
	Cook discloses the following limitations:
	A system for predicting and finding issues in a smart contract code based on historical behavior of said smart contract, comprising (Page 8, Col. 1, Par. 2, The goals of DappGuard are relatively simple:
1. Classify known attacks from transaction data (A system for predicting and finding issues in a smart contract code based on historical behavior of said smart contract, comprising ) 2. Protect smart contracts from known attacks). The system of Cook uses historical transaction data to detect vulnerabilities.
	a) a base paths detector module, which receives a list of past transaction (Page 8, Col. 1, Par. 4, The EWM stores information about transaction histories for the contract (a base paths detector module, which receives a list of past transaction)). The system of Cook takes in historical data for analysis of vulnerabilities, such as in the form of transaction receipts of the contract (Page 5, Col. 2, Par. 4).
	and a smart contract code (Page 4, Col. 1, Par. 1, Oyente is able to, given the Ethereum global
state and a contract’s bytecode (and a smart contract code); Page 8, Col. 1, Par. 3, Oyente Validator). The system of Cook uses Oyente, which takes in a smart contract code as input. Thus, Cook teaches receiving a smart contract code. 
	and accordingly detects at least one base path which are baseline flows through said smart contract code that indicate how the blockchain-based system worked in the past, wherein each baseline consists of an ordered list of instructions that were executed and the data used in these instructions (Page 9, Col. 1, Par. 1, This would include gathering a complete blockchain transaction history and analysis, and updates to any known vulnerabilities or risk indicators used by the Rules Engine. Any post-mordem analysis of missed attacks would be one example (which are baseline flows through said smart contract code that indicate how the blockchain-based system worked in the past, wherein each baseline consists of an ordered list of instructions that were executed and the data used in these instructions); Page 7, Col. 2, Par. 3, These clients have managment APIs that allow execution tracing (and accordingly detects at least one base path)). The system of Cook discloses analyzing historical data in order to detect missed vulnerabilities. Furthermore, in order to detect vulnerabilities, the system of Cook further teaches tracing the execution of the smart contract. Therefore, under the broadest reasonable interpretation, Cook teaches detecting a base path, i.e. tracing an execution, through historical data of the smart contract. 
	(taught by Hay below)
	(taught by Hay below)
	(taught by Hay below)
	and c) a back tracking and impact analysis module which evaluates what input could cause a potential issue in said smart contract code in accordance with a specific instruction when running a transaction that was used as the base path, analyzes the potential impact of such a potential issue, and outputs a predicted list of issues in accordance with deviation in said smart contract code (Page 4, Col. 1, Par. 1, Oyente (and c) a back tracking and impact analysis module which evaluates what input could cause a potential issue in said smart contract code in accordance with a specific instruction when running a transaction that was used as the base path) is able to, given the Ethereum global
state and a contract’s bytecode, whether the contract’s execution has feasible paths to the bug and with what input and path constraints (and outputs a predicted list of issues in accordance with deviation in said smart contract code). Oyente’s design also utilizes a black box validator to identify
and remove false positives (analyzes the potential impact of such a potential issue)). The system of Cook uses Oyente to find issues in the smart contract related to “security risks associated with TOD, exception disorders, and timestamp dependencies” (Page 8, Col. 2, Par. 5). Oyente performs this function by finding “with what input and path constraints” are need to create the issue (Page 4, Col. 1, Par. 1). Regarding the analysis of the impact of a potential issue, Cook teaches that Oyente uses a black box validator in order to confirm whether a potential issue is a false positive, i.e. whether its potential impact is truly a deviation. Under the broadest reasonable interpretation, this constitutes an analysis of its potential impact. Alternatively, the detection of TOD vulnerabilities through Oyente, as shown by reference Luu, is performed through analyzing the ether flow of different paths (Page 263, Col. 2, Par. 2, Explorer returns a set of traces and the corresponding Ether flow for each trace. Our analysis thus checks if two different traces have different Ether flows. If a contract has such pairs of traces, Oyente reports it as a TOD contract). As Oyente as disclosed by reference Cook finds the inputs/constraints necessary to produce a bug and is used to check for several types of bugs, this teaches outputting a list of predicted issues. For future note, the direct relationship between the attack simulator module and the back tracking and impact analysis module is not clearly established within the claim, so under the broadest reasonable interpretation, these modules may act independently as claimed here.

	Hay discloses the following limitations not taught by Cook:
	b) an attack simulator module, which receives a detected base path from said base paths detector module, selects one or more attack to simulate for said detected base path (Par. [0023], One or more predefined attack specifications are selected (selects one or more attack to simulate for said detected base path), preferably using any of the information gathered about the software applications (which receives a detected base path from said base paths detector module)). Reference Cook simulates transactions on a testnet for verification but does not teach selection of an attack to simulate. Reference Hay however teaches that testing software, i.e. code such as smart contracts, through selecting an attack to simulate. Hay further teaches that such a selection based on gathered data allows for adaptation of attacks to those which are relevant to the software (Par. [0020], For example, if application observer 108 observes that a software application receives only integer values for a given type of input, application tester 110 may configure a test payload with only integer values).
	and outputs data relative to said selected one or more attacks (Par. [0023], configuring a test payload for use with a selected attack specification and adapting a selected attack specification and/or its payload using any of the information (and outputs data relative to said selected one or more attacks)). Reference Hay further teaches outputting a payload corresponding to the selected attack, i.e. data relative to the selected attacks.
	along with an intended baseline path (Par. [0021], security analyzer 112 may identify such post-attack conditions by comparing the behavior of a software application after an attack with the behavior of the software application that was observed by application observer 108 before the attack (along with an intended baseline path) and identifying differences in such behavior). Reference Hay further teaches comparing the software behavior with the non-attacked software behavior, i.e. outputting the intended baseline path, for the purpose of determining vulnerabilities.  

	References Cook and Hay are considered to be analogous art because they relate to identifying vulnerabilities in code. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the smart contract verification system of Cook with the attack simulation of Hay in order to gain the benefit of testing attacks which are adapted and relevant to the smart contract.

Regarding Claim 2:
	The combination of references Cook/Hay disclose Claim 1.	Cook further discloses the following limitation:
	wherein the attack comprises an executed instruction whose behavior is to be altered (Page 5, Col. 1, Par. 3, Atzei, Bartoletti, and Cimoli identified a second possible of attack on the DAO contract that relies on an integer underflow to allow a malicious contract to withdraw more ether than it deposited (wherein the attack comprises an executed instruction whose behavior is to be altered)). Reference Cook teaches an integer underflow/overflow attack as an attack for smart contracts. According to the specification, this constitutes an executed instruction whose behavior is to be altered (Page 6, Par. 2, An attack would possibly select a single executed instruction whose behavior is to be altered, such as an arithmetic operation that should be overflown). As such, when combined with Hay, this interpretation applies to the selected attack. The reasons for motivation/combination of references remain the same as argued in the rejection of Claim 1. 

Regarding Claim 3:
	The combination of references Cook/Hay disclose Claim 1.
	Cook further discloses the following limitation:
	(taught by Hay below)
	wherein each attack simulation selects a single executed instruction whose behavior is to be altered (Page 2, Col. 2, Par. 4, They defined 12 vulnerabilities among these components that pose risks to the contract owners (wherein each attack simulation selects a single executed instruction whose behavior is to be altered)). Reference Cook teaches a list of possible vulnerabilities/attacks previously identified. 

	Hay further discloses the following limitation not taught by Cook:
	wherein the one or more attacks are selected from a set of known possible attacks that are relevant to each specific baseline flow (Par. [0020], Application tester 110 is preferably configured to select, using any of the information gathered by application observer 108, one or more attack specifications from a set 114 of predefined attack specifications). Reference Hay teaches selecting attacks from a set of pre-determined, i.e. known, attacks. These are considered relevant to the baseline flow as they are specified by the gathered data, as argued previously in the rejection of Claim 1. In combination with the list of vulnerabilities which correspond to the altered behavior of an executed instruction taught by Cook, Hay teaches selecting an attack from a set of attacks corresponding to the altered behavior of an executed instruction. The reasons for motivation/combination of references remain the same as argued in the rejection of Claim 1. 

Regarding Claim 4:
	The combination of references Cook/Hay disclose Claim 1.
	Cook further discloses the following limitation:
	wherein the list of past transactions are retrieved from a ledger of a blockchain-based system (Page 7, Col. 2, Par. 3, In order to collect data from the blockchain (wherein the list of past transactions are retrieved from a ledger of a blockchain-based system)). Reference Cook teaches that its system retrieves data from the blockchain. As the system has been previously shown in the rejection of Claim 1 to retrieve transaction histories, this constitutes retrieving the list of past transaction from a blockchain-based system. 

Regarding Claim 6:
	Cook discloses the following limitations:
	A method for predicting and finding issues in a smart contract code based on historical behavior of said smart contract, comprising the steps of (Page 8, Col. 1, Par. 2). This limitation was argued to be taught by Cook in the rejection of Claim 1.	a) receiving a list of past transactions and a smart contract code for detecting at least one base path in said smart contract code, wherein each detected base path comprises an ordered list of instructions that were executed and the data used in said instructions (Page 8, Col. 1, Par. 4; Page 4, Col. 1, Par. 1; Page 8, Col. 1, Par. 3; Page 9, Col. 1, Par. 1). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	(taught by Hay below)
	(taught by Hay below)
	c) evaluating an input data that may cause a potential issue in said smart contract code in accordance with said attack when running a transaction used with the detected base path (Page 4, Col. 1, Par. 1). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	and d) analyzing an impact of said potential issue (Page 4, Col. 1, Par. 1). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	and outputting a corresponding alert (Page 8, Col. 2, Par. 6, the Responder module reacts to dangerous transactions as determined by the contract. This might send a notification to the contract owner (and outputting a corresponding alert)). Reference Cook teaches notifying the user of vulnerabilities, i.e. outputting a corresponding alert. 

	Hay discloses the following limitations not taught by Cook: 
	b) simulating at least one attack for a detected base path that attempts to change the real- world operation of the selected base path that caused said base path, in a way that would cause said attack (Par. [0020], Application tester 110 then preferably attacks any of the software applications (simulating at least one attack for a detected base path) on computing device 110, or one or more specific software applications such as may be preselected for testing, with one or more attacks in accordance with any of the selected attack specifications and using any known attack technique, such as using black-box or glass-box testing techniques (that attempts to change the real- world operation of the selected base path that caused said base path, in a way that would cause said attack)). Reference Cook simulates transactions on a testnet for verification but does not teach outputting data to simulate an attack. Reference Hay discloses using glass-box testing techniques to simulate attacks against software, i.e. altering the behavior of the base path of the smart contract with knowledge of the code. Reference Hay further teaches that this allows for adaptation of attacks to those which are relevant to the software (Par. [0020], For example, if application observer 108 observes that a software application receives only integer values for a given type of input, application tester 110 may configure a test payload with only integer values).
	and outputting data relative to said attack along with said detected base path (Par. [0023], Par. [0021]). This limitation was argued to be taught by Hay in the rejection of Claim 1.

	References Cook and Hay are considered to be analogous art because they relate to identifying vulnerabilities in code. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the smart contract verification system of Cook with the attack simulation of Hay in order to gain the benefit of testing attacks which are adapted and relevant to the smart contract.

Regarding Claim 7:
	The combination of references Cook/Hay disclose Claim 6.
Cook further discloses the following limitation:
wherein the simulating comprising an executed instruction whose behavior is to be altered (Page 5, Col. 1, Par. 3). This limitation was argued to be taught by Cook in the rejection of Claim 2. The reasons for motivation/combination of references remain the same as argued in the rejection of Claim 6. 

Regarding Claim 8:
	The combination of references Cook/Hay disclose Claim 6.
	Cook further discloses the following limitation:
	(taught by Hay below)
	wherein each attack simulation selects a single executed instruction whose behavior is to be altered (Page 2, Col. 2, Par. 4). This limitation was argued to be taught by Cook in the rejection of Claim 3.

	Hay further discloses the following limitation not taught by Cook: 
	wherein the one or more attacks are selected from a set of known possible attacks that are relevant to each specific baseline flow (Par. [0020]). This limitation was argued to be taught by Hay in the rejection of Claim 3. The reasons for motivation/combination of references remain the same as argued in the rejection of Claim 6.

Regarding Claim 10:
	Cook discloses the following limitations:
	(taught by Hay below)
	receiving a list of past transactions and a smart contract code (Page 8, Col. 1, Par. 4; Page 4, Col. 1, Par. 1; Page 8, Col. 1, Par. 3). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	detecting at least one base path in said smart contract code, wherein each detected base path comprises an ordered list of instructions that were executed and the data used in said instructions (Page 9, Col. 1, Par. 1). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	(taught by Hay below)
	(taught by Hay below)
	evaluating an input data that may cause a potential issue in said smart contract code in accordance with said attack while using a specific instruction whose behavior is to be altered when running a past transaction used with the detected base path (Page 4, Col. 1, Par. 1; Page 5, Col. 1, Par. 3). This limitation was argued to be taught by Cook in the rejections of Claim 1 and Claim 2.
	and analyzing an impact of said potential issue (Page 4, Col. 1, Par. 1). This limitation was argued to be taught by Cook in the rejection of Claim 1.
	and outputting a corresponding alert (Page 8, Col. 2, Par. 6). This limitation was argued to be taught by Cook in the rejection of Claim 6.

	Hay discloses the following limitations not taught by Cook: 
	A processor-readable storage medium having stored thereon process-executable code that, upon execution by at least one processor, enables actions, comprising (Par. [0010], aspects of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon). Hay explicitly discloses the structure of a processor-readable storage medium claimed. 
	simulating one or more attacks for each detected base path that attempts to change the real-world operation of the selected base path that caused said base path, in a way that would cause said attack (Par. [0020]). This limitation was argued to be taught by Hay in the rejection of Claim 6.
	and outputting data relative to said attack along with said detected base path (Par. [0023], Par. [0021]). This limitation was argued to be taught by Hay in the rejection of Claim 1.

	References Cook and Hay are considered to be analogous art because they relate to identifying vulnerabilities in code. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the smart contract verification system of Cook with the attack simulation of Hay in order to gain the benefit of testing attacks which are adapted and relevant to the smart contract.

Related Art
	The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure: 
Nikolić et al. (“Finding The Greedy, Prodigal, and Suicidal Contracts at Scale”) – Includes methods of verifying the security of a smart contract by examining execution traces

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETHAN V VO whose telephone number is (571)272-2505. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/E.V.V./Examiner, Art Unit 2431                                                                                                                                                                                                        /LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431