ABSTRACT
Motivated by the success of Bitcoin, lots of cryptocurrencies have been created, the majority of which were implemented as smart contracts running on Ethereum and called tokens. To regulate the interaction between these tokens and users as well as third-party tools (e.g., wallets, exchange markets, etc.), several standards have been proposed for the implementation of token contracts. Although existing tokens involve lots of money, little is known whether or not their behaviors are consistent with the standards. Inconsistent behaviors can lead to user confusion and financial loss, because users/third-party tools interact with token contracts by invoking standard interfaces and listening to standard events. In this work, we take the first step to investigate such inconsistent token behaviors with regard to ERC-20, the most popular token standard. We propose a novel approach to automatically detect such inconsistency by contrasting the behaviors derived from three different sources, including the manipulations of core data structures recording the token holders and their shares, the actions indicated by standard interfaces, and the behaviors suggested by standard events. We implement our approach in a new tool named TokenScope and use it to inspect all transactions sent to the deployed tokens. We detected 3,259,001 transactions that trigger inconsistent behaviors, and these behaviors resulted from 7,472 tokens. By manually examining all (2,353) open-source tokens having inconsistent behaviors, we found that the precision of TokenScope is above 99.9%. Moreover, we revealed 11 major reasons behind the inconsistency, e.g., flawed tokens, standard methods missing, lack of standard events, etc. In particular, we discovered 50 unreported flawed tokens.
Supplemental Material
- Sidney Amani, Myriam Bégel, Maksym Bortin, and Mark Staples. 2018. Towards verifying ethereum smart contract bytecode in Isabelle/HOL. In ACM SIGPLAN International Conference on Certified Programs and Proofs.Google ScholarDigital Library
- Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi, Thomas Sibut-Pinote, Nkhil Swamy, and Santiago Zanella-Béguelin. 2016. Formal verification of smart contracts: Short paper. In ACM Workshop on Programming Languages and Analysis for Security.Google ScholarDigital Library
- Lexi Brent, Anton Jurisevic, Michael Kong, Eric Liu, Francois Gauthier, Vincent Gramoli, Ralph Holz, and Bernhard Scholz. 2018. Vandal: A Scalable Security Analysis Framework for Smart Contracts. https://arxiv.org/pdf/1809.03981.pdf. (2018).Google Scholar
- Jialiang Chang, Bo Gao, Hao Xiao, Jun Sun, and Zijiang Yang. 2018. sCompile: Critical Path Identification and Analysis for Smart Contracts. https://arxiv.org/pdf/1808.00624.pdf. (2018).Google Scholar
- Krishnendu Chatterjee, Amir Kafshdar Goharshady, and Yaron Velner. 2018. Quantitative Analysis of Smart Contracts. In European Symposium on Programming.Google Scholar
- Ting Chen, Xiaoqi Li, Xiapu Luo, and Xiaosong Zhang. 2017. Under-optimized smart contracts devour your money. International Conference on Software Analysis, Evolution and Reengineering.Google ScholarCross Ref
- Curvegrid. 2018. toy-block-explorer. https://github.com/curvegrid/toy-block-explorer. (2018).Google Scholar
- enkrypt. 2018. EthVM: Open Source Ethereum Blockchain Explorer. https://github.com/enKryptIO/ethvm. (2018).Google Scholar
- EtherDelta. 2018. EtherDelta. https://etherdelta.com/. (2018).Google Scholar
- Ethereum. 2017a. ERC223 token standard. https://github.com/ethereum/EIPs/issues/223. (2017).Google Scholar
- Ethereum. 2017b. Management APIs. https://github.com/ethereum/go-ethereum/wiki/Management-APIs. (2017).Google Scholar
- Ethereum. 2017c. Token Standard Extension for Increasing & Decreasing Supply. https://github.com/ethereum/EIPs/pull/621. (2017).Google Scholar
- Ethereum. 2018a. ETCExplorer. https://github.com/ethereumclassic/explorer. (2018).Google Scholar
- Ethereum. 2018b. Etherscan -- The Ethereum Block Explorer. https://etherscan.io/. (2018).Google Scholar
- EtherEx. 2018. EthEx: Decentralized exchange built on Ethereum. https://github.com/etherex/etherex. (2018).Google Scholar
- Etherscan. 2018. Token Tracker. https://etherscan.io/tokens. (2018).Google Scholar
- Etherscan. 2019. Decentralized Exchange Order Tracker. https://etherscan.io/dextracker. (2019).Google Scholar
- Etherwall. 2018. Etherwall: The first Ethereum desktop wallet. https://www.etherwall.com/. (2018).Google Scholar
- Michael Fröwis and Rainer Böhme. 2017. In Code We Trust? Measuring the Control Flow Immutability of All Smart Contracts Deployed on Ethereum. In International Workshops on Data Privacy Management, Cryptocurrencies and Blockchain Technology.Google ScholarCross Ref
- Michael Fröwis, Andreas Fuchs, and Rainer Böhme. 2018. Detecting Token Systems on Ethereum. https://arxiv.org/pdf/1811.11645.pdf. (2018).Google Scholar
- FunFairTech. 2017. Funfair token contract update. https://www.reddit.com/r/FunfairTech/comments/6nadvm/funfair_token_contract_update/. (2017).Google Scholar
- Google. 2019. Ethereum ETL. https://github.com/blockchain-etl/ethereum-etl. (2019).Google Scholar
- N. Grech, M. Kong, A. Jurisevic, L. Brent, B. Scholz, and Y. Smaragdakis. 2018. MadMax: Surviving Out-of-Gas Conditions in Ethereum Smart Contracts. In ACM international conference on Object-oriented Programming, Systems, Languages, and Applications.Google Scholar
- Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018a. EtherTrust: Sound Static Analysis of Ethereum bytecode. https://www.netidee.at/sites/default/files/2018-07/staticanalysis.pdf. (2018).Google Scholar
- Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018b. A Semantic Framework for the Security Analysis of Ethereum smart contracts. In International Conference on Principles of Security and Trust.Google ScholarCross Ref
- Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2017. Online detection of effectively callback free objects with applications to smart contracts. In ACM SIGPLAN Symposium on Principles of Programming Languages.Google ScholarDigital Library
- Everett Hildenbrandt, Manasvi Saxena, Xiaoran Zhu, Nishant Rodrigues, Philip Daian, Dwight Guth,, and Grigore Rosu. 2017. KEVM: A Complete Semantics of the Ethereum Virtual Machine. https://www.ideals.illinois.edu/bitstream/handle/2142/97207/hildenbrandt-saxena-zhu-rodrigues-guth-daian-rosu-2017-tr.pdf'sequence=2. (2017).Google Scholar
- Yoichi Hirai. 2017. Defining the ethereum virtual machine for interactive theorem provers. In International Conference on Financial Cryptography and Data Security.Google ScholarCross Ref
- TonTon Hsien-De Huang. 2018. Hunting the Ethereum Smart Contract: Color-inspired Inspection of Potential Attacks. https://arxiv.org/pdf/1807.01868.pdf. (2018).Google Scholar
- Bo Jiang, Ye Liu, and W. K. Chan. 2018. ContractFuzzer: fuzzing smart contracts for vulnerability detection. In ACM/IEEE International Conference on Automated Software Engineering.Google Scholar
- Jiao Jiao, Shuanglong Kan, Shang-Wei Lin, David Sanan, Yang Liu, and Jun Sun. 2018. Executable Operational Semantics of Solidity. https://arxiv.org/pdf/1804.01295.pdf. (2018).Google Scholar
- Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. Zeus: Analyzing safety of smart contracts. In The Network and Distributed System Security Symposium.Google ScholarCross Ref
- Kaustav. 2018. The Effects of the ERC20 Batch Overflow Bug. https://globalcoinreport.com/the-effects-of-the-erc20-batch-overflow-bug/. (2018).Google Scholar
- Aashish Kolluri, Ivica Nikolic, Ilya Sergey, Aquinas Hobor, and Prateek Saxena. 2018. Exploiting The Laws of Order in Smart Contracts. https://arxiv.org/pdf/1810.11605.pdf. (2018).Google Scholar
- Johannes Krupp and Christian Rossow. 2018. teEther: Gnawing at ethereum to automatically exploit smart contracts. In USENIX Security Symposium.Google Scholar
- Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making smart contracts smarter. In ACM SIGSAC Conference on Computer and Communications Security.Google ScholarDigital Library
- METAMASK. 2018. METAMASK -- Brings Ethereum to your browser. https://metamask.io/. (2018).Google Scholar
- MyEtherWallet. 2018. MyEtherWallet. https://www.myetherwallet.com/. (2018).Google Scholar
- Mythril. 2018. Mythril Platform enables a secure and thriving ecosystem of Ethereum dapps & smarts contracts. https://mythril.ai/. (2018).Google Scholar
- OKCoin. 2018. OKEx Safe from USDT "Fake Deposit" Issue. https://support.okex.com/hc/en-us/articles/360006305532-OKEx-Safe-from-USDT-Fake-Deposit-Issue. (2018).Google Scholar
- openANX. 2017. openANX: Decentralised Exchange Token Sale Smart Contract. https://github.com/openanx/OpenANXToken. (2017).Google Scholar
- OpenZeppelin. 2019. SafeMath Library. https://github.com/OpenZeppelin/openzeppelin-solidity/blob/master/contracts/math/SafeMath.sol. (2019).Google Scholar
- Reza M. Parizi, Ali Dehghantanha, Kim-Kwang Raymond Choo, and Amritraj Singh. 2018. Empirical Vulnerability Analysis of Automated Smart Contracts Security Testing on Blockchains. In Annual International Conference on Computer Science and Software Engineering.Google Scholar
- peckchield. 2018. New proxyOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018--10376). https://blog.peckshield.com/2018/04/25/proxyOverflow/. (2018).Google Scholar
- PeckShield. 2018. New proxyOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018--10376). https://blog.peckshield.com/2018/04/25/proxyOverflow/. (2018).Google Scholar
- Plutocracy. 2019. Krown whitepaper. https://plutocracy.co/resources/pdf/Plutocracy_Whitepaper.pdf. (2019).Google Scholar
- POA. 2018. BlockScout, Blockchain Explorer for inspecting and analyzing EVM Chains. https://github.com/poanetwork/blockscout. (2018).Google Scholar
- Michael Rodler, Wenting Li, Ghassan O. Karame, and Lucas Davi. 2019. Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. In The Network and Distributed System Security Symposium.Google Scholar
- Grigore Rosu. 2017. K: A Semantic Framework for Programming Languages and Formal Analysis Tools.Google Scholar
- Grigore Rosu. 2018. Formal Design, Implementation and Verification of Blockchain Languages (Invited Talk). In Leibniz International Proceedings in Informatics.Google Scholar
- Amitabha Sanyal, Bageshri Sathe, and Uday Khedker. 2009. Data flow analysis: theory and practice. CRC Press, 2009. CRC Press.Google Scholar
- SECBIT. 2018. bad_tokens..csv. https://github.com/sec-bit/awesome-buggy-erc20-tokens/blob/master/bad_tokens..csv. (2018).Google Scholar
- Oguz Serdar. 2018. Ethereum bug causes integer overflow in numerous ERC20 smart contracts [Update]. https://thenextweb.com/hardfork/2018/04/25/ethereum-smart-contract-integer-overflow/. (2018).Google Scholar
- Matthew De Silva. 2017. Ethereum Improvement Proposal 20 Finalized, Formally Establishes ERC20 Standard. https://www.ethnews.com/ethereum-improvement-proposal-20-finalized-formally-establishes-erc20-standard. (2017).Google Scholar
- Remon Sinnema. 2013. eXtensible Access Control Markup Language (XACML) XML Media Type. https://tools.ietf.org/html/rfc7061. (2013).Google Scholar
- Shahar Somin, Goren Gordon, and Yaniv Altshuler. 2018. Network Analysis of ERC20 Tokens Trading on Ethereum Blockchain. In International Conference on Complex Systems.Google Scholar
- Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, and Yaroslav Alexandrov. 2016. SmartCheck: Static Analysis of Ethereum Smart Contracts. In IEEE/ACM International Workshop on Emerging Trends in Software Engineering for Blockchain.Google Scholar
- Christof Ferreira Torres, Julian Schütte, and Radu State. 2018. Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts. In Annual Computer Security Applications Conference.Google Scholar
- Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In ACM SIGSAC Conference on Computer and Communications Security.Google ScholarDigital Library
- Haijun Wang, Yi Li, Shangwei Lin, Lei May, and Yang Liu. 2019. VULTRON: Catching Vulnerable Smart Contracts Once and for All. In International Conference on Software Engineering -- NIER.Google Scholar
- Tielei Wang, Tao Wei, Zhiqiang Lin, and Wei Zou. 2009. IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution. In The Network and Distributed System Security Symposium.Google Scholar
- WIKI. 2018. ERC20 Token Standard. https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md. (2018).Google Scholar
- Gavin Wood. 2018. Ethereum: A Secure Decentralised Generalised Transaction Ledger. https://ethereum.github.io/yellowpaper/paper.pdf. (2018).Google Scholar
- ZeusTrade. 2018. Topic: there was a coin out of my wallet that I did not even get what it is. https://bitcointalk.org/index.php?topic=5023796.0. (2018).Google Scholar
Index Terms
- TokenScope: Automatically Detecting Inconsistent Behaviors of Cryptocurrency Tokens in Ethereum
Recommendations
DAppHunter: Identifying Inconsistent Behaviors of Blockchain-Based Decentralized Applications
ICSE-SEIP '23: Proceedings of the 45th International Conference on Software Engineering: Software Engineering in PracticeA blockchain-based decentralized application (DApp) refers to an application typically using web pages or mobile applications as the front-end and smart contracts as the back-end. The front-end of the DApp helps users generate transactions and send ...
Fungible and non-fungible tokens with snapshots in Java
AbstractMany blockchain applications exchange tokens, such as bitcoin and ether, or implement them through smart contracts. A trend in blockchain is to apply standards for token interoperability, unchanged, from platform to platform, easing the design ...
TokenAware: Accurate and Efficient Bookkeeping Recognition for Token Smart Contracts
Tokens have become an essential part of blockchain ecosystem, so recognizing token transfer behaviors is crucial for applications depending on blockchain. Unfortunately, existing solutions cannot recognize token transfer behaviors accurately and ...
Comments