This work presents ContractChecker, a Blockchain-based security protocol for verifying the storage consistency between mutually distrusting cloud provider and clients. Unlike existing protocols, the ContractChecker uniquely delegates log auditing to the Blockchain, and has the advantages in reducing client cost and lowering requirements on client availability, lending itself to modern scenarios with mobile and web clients. The ContractChecker collects the logs from both clients and cloud server, and verifies the consistency by cross-checking the logs. By this means, it does not only detect the attacks from malicious clients and server forging their logs, but also is able to mitigate those attacks and recover the system from them. In addition, we design new attacks against ContractChecker exploiting various limits in real Blockchain systems (e.g., write unavailability, Blockchain forks, contract race conditions). We analyze and harden the security of ContractChecker protocols under these proposed new attacks. We implement a functional prototype of the ContractChecker on Ethereum/Solidity. By experiments on private and public Ethereum testnets, we extensively evaluate the cost of the ContractChecker in comparison with that of existing client-based log auditing works. The result shows the ContractChecker can scale to hundreds of clients and save client costs by more than one order of magnitude. The evaluation result verifies our design motivation of delegating log auditing to the Blockchain in ContractChecker.