nach oben

Empirical Software Engineering

Erschienen in:

01.12.2022

SmartFast: an accurate and robust formal analysis tool for Ethereum smart contracts

verfasst von: Zhaoxuan Li, Siqi Lu, Rui Zhang, Rui Xue, Wenqiu Ma, Rujin Liang, Ziming Zhao, Sheng Gao

Erschienen in: Empirical Software Engineering | Ausgabe 7/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recently, although state-of-the-art (SOTA) tools were designed and developed to analyze the vulnerabilities of smart contracts on Ethereum, security incidents caused by these vulnerabilities are still widespread. This can be attributed to the fact that each tool has various standards for judging the severity of vulnerabilities. More importantly, tools fail to identify all the vulnerabilities accurately and comprehensively as the evolution of vulnerabilities. To this end, we first propose a vulnerability assessment model to unify the vulnerability measurement standards. Next, we design a static analysis tool called SmartFast, which expresses the contract source code as a novel intermediate representation named SmartIR. Using preset rules and taint tracking technology, SmartFast matches SmartIR to locate the vulnerability code. Furthermore, SmartFast can recommend the optimization of the contract code automatically. Finally, we implement a prototype of SmartFast with 25K lines of code and compare it with 7 SOTA tools on three datasets (a total of 13,687 public contracts). The results indicate that SmartFast is efficient (only took a few seconds per contract) and robust (0.4% failure rate and resistance to the general code confusion methods). Besides, compared with other tools, SmartFast can detect more kinds of vulnerabilities (119) with a higher precision rate (98.43%) and a recall rate (85.12%), which confirms the conclusion of the theoretical analysis in the paper.

Vorheriger Artikel A large scale analysis of mHealth app user reviews

Nächster Artikel A large-scale empirical study of commit message generation: models, datasets and evaluation

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

The vulnerabilities are detailed in https://github.com/SmartContractTools/SmartFast/blob/main/VulnerabilityDescription.xlsx.

The code of patterns is detailed in https://github.com/SmartContractTools/SmartFast/tree/main/smartfast/smartfast/detectors.

SmartFast is available at https://github.com/SmartContractTools/SmartFast/tree/main/smartfast.

Examples of analysis reports is available on https://github.com/SmartContractTools/SmartFast/tree/main/Report.

The source code and execution result of contracts are available on https://github.com/SmartContractTools/SmartFast/tree/main/Dataset1.

For details on vulnerability detection of each tool, please refer to https://github.com/SmartContractTools/SmartFast/tree/main/VulnerabilityMapping.

The code is available on https://github.com/SmartContractTools/SmartFast/tree/main/Obfuscation.

See https://pypi.org/project/oscillo/ for details.

The contract code is detailed in https://github.com/SmartContractTools/SmartFast/tree/main/VulnerabilityIncidents.

Beosin (2020) Beosin: Blockchain security one-stop service. [EB/OL]. https://beosin.com/#/. Accessed 1 May 2021

Blockchain C (2018) Bamboo: a morphing smart contract language. [EB/OL]. https://github.com/cornellblockchain/bamboo. Accessed 1 May 2021

Bocek T, Stiller B (2018) Smart contracts–blockchains in the wings. In: Digital marketplaces unleashed. Springer, pp 169–184

Chen T, Cao R, Li T, Luo X, Gu G, Zhang Y, Liao Z, Zhu H, Chen G, He Z, Tang Y, Lin X, Zhang X (2020) SODA: a generic online detection framework for smart contracts. In: NDSS. The Internet Society

Choi J, Kim D, Kim S, Grieco G, Groce A, Cha S K (2021) SMARTIAN: enhancing smart contract fuzzing with static and dynamic data-flow analyses. In: ASE. IEEE, pp 227–239

Corporation M (2020) The z3 theorem prover. [EB/OL]. https://github.com/Z3Prover/z3. Accessed 1 May 2021

DappHub (2019) Formal verification of multicollateral dai in the k framework. [EB/OL]. https://github.com/dapphub/k-dss/. 1 Accessed May 2021

Durieux T, Ferreira J F, Abreu R, Cruz P (2020) Empirical review of automated analysis tools on 47, 587 ethereum smart contracts. In: ICSE. ACM, pp 530–541

Etherscan (2017) Contracts with verified source codes only. [EB/OL]. https://etherscan.io/contractsVerified. Accessed 1 May 2021

Feist J, Grieco G, Groce A (2019) Slither: a static analysis framework for smart contracts. In: WETSEB@ICSE. IEEE/ACM, pp 8–15

Foundation E (2020) The solidity contract-oriented programming language. [EB/OL]. https://github.com/ethereum/solidity. Accessed 1 May 2021

Frank J, Aschermann C, Holz T (2020) ETHBMC: a bounded model checker for smart contracts. In: USENIX Security symposium. USENIX Association, pp 2757–2774

Grishchenko I, Maffei M, Schneidewind C (2018a) Ethertrust: sound static analysis of ethereum bytecode. Technische Universität Wien. Tech Rep

Grishchenko I, Maffei M, Schneidewind C (2018b) Foundations and tools for the static analysis of ethereum smart contracts. In: CAV (1), vol 10981. Springer. Lecture Notes in Computer Science, pp 51–78

Grishchenko I, Maffei M, Schneidewind C (2018c) A semantic framework for the security analysis of ethereum smart contracts. In: POST. Lecture Notes in Computer Science, vol 10804. Springer, pp 243–269

He J, Balunovic M, Ambroladze N, Tsankov P, Vechev M T (2019) Learning to fuzz from symbolic execution with application to smart contracts. In: CCS. ACM, pp 531–548

Hildenbrandt E, Saxena M, Rodrigues N, Zhu X, Daian P, Guth D, Moore B M, Park D, Zhang Y, Stefanescu A, Rosu G (2018) KEVM: a complete formal semantics of the ethereum virtual machine. In: CSF. IEEE Computer Society, pp 204–217

Jiao J, Kan S, Lin S, Sanán D, Liu Y, Sun J (2020) Semantic understanding of smart contracts: Executable operational semantics of solidity. In: IEEE S&P. IEEE, pp 1695–1712

Kalra S, Goel S, Dhawan M, Sharma S (2018) ZEUS: analyzing safety of smart contracts. In: NDSS. The Internet Society

Kasampalis T, Guth D, Moore B, Serbanuta T, Serbanuta V, Filaretti D, Rosu G, Johnson R (2018) Iele: an intermediate-level blockchain language designed and implemented using formal semantics. Tech. rep.

Krupp J, Rossow C (2018) Teether: gnawing at ethereum to automatically exploit smart contracts. In: USENIX security symposium. USENIX Association, pp 1317–1333

Liu C, Liu H, Cao Z, Chen Z, Chen B, Roscoe B (2018) Reguard: finding reentrancy bugs in smart contracts. In: ICSE. ACM, pp 65–68

Lu N, Wang B, Zhang Y, Shi W, Esposito C (2019) Neucheck: a more practical ethereum smart contract security analysis tool. Softw: Pract Exp

Luu L, Chu D, Olickel H, Saxena P, Hobor A (2016) Making smart contracts smarter. In: CCS. ACM, pp 254–269

Nguyen T D, Pham L H, Sun J, Lin Y, Minh QT (2020) sfuzz: an efficient adaptive fuzzer for solidity smart contracts. In: ICSE. ACM, pp 778–788

Nipkow T, Paulson L C, Wenzel M (2283) Isabelle/HOL—a proof assistant for higher-order logic. In: Lecture Notes in Computer Science. Springer

Permenev A, Dimitrov D, Tsankov P, Drachsler-Cohen D, Vechev MT (2020) Verx: safety verification of smart contracts. In: IEEE symposium on security and privacy. IEEE, pp 1661–1677

Reis J S, Crocker P A, de Sousa S M (2020) Tezla, an intermediate representation for static analysis of michelson smart contracts. In: FMBC@CAV, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, OASIcs, vol 84, pp 4:1–4:12

Rodler M, Li W, Karame G O, Davi L (2019) Sereum: protecting existing smart contracts against re-entrancy attacks. In: NDSS. The Internet Society

Schneidewind C, Grishchenko I, Scherer M, Maffei M (2020) Ethor: practical and provably sound static analysis of ethereum smart contracts. In: CCS. ACM, pp 621–640

Sergey I, Hobor A (2017) A concurrent perspective on smart contracts. In: Financial cryptography workshops. Lecture Notes In Computer Science, vol 10323. Springer, pp 478–493

Sergey I, Kumar A, Hobor A (2018) Scilla: a smart contract intermediate-level language. CoRR. arXiv:1801.00687

Software C (2020) Security analysis tool for evm bytecode. [EB/OL]. https://github.com/ConsenSys/mythril. Accessed 1 May 2021

Solidity (2020) Solidity v0.5.0 breaking changes. [EB/OL]. https://docs.soliditylang.org/en/v0.5.0/050-breaking-changes.html. Accessed 1 May 2021

SRI Lab E Z (2020) Securify v2.0. [EB/OL]. https://github.com/eth-sri/securify2. Accessed 1 May 2021

Team V (2020) Vyper documentation. [EB/OL]. https://vyper.readthedocs.io/en/latest/. Accessed 1 May 2021

Tezos (2020) Michelson: the language of smart contracts in dune. [EB/OL]. https://www.liquidity-lang.org/doc/reference/michelson.html. Accessed 1 May 2021

Tikhomirov S, Voskresenskaya E, Ivanitskiy I, Takhaviev R, Marchenko E, Alexandrov Y (2018) Smartcheck: static analysis of ethereum smart contracts. In: WETSEB@ICSE. ACM, pp 9–16

Torres C F, Schütte J, State R (2018) Osiris: hunting for integer bugs in ethereum smart contracts. In: ACSAC. ACM, pp 664–676

Tsankov P, Dan A M, Drachsler-Cohen D, Gervais A, Bünzli F, Vechev M T (2018) Securify: practical security analysis of smart contracts. In: CCS. ACM, pp 67–82

Wood G, et al. (2014) Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014):1–32

Titel: SmartFast: an accurate and robust formal analysis tool for Ethereum smart contracts
verfasst von: Zhaoxuan Li
Siqi Lu
Rui Zhang
Rui Xue
Wenqiu Ma
Rujin Liang
Ziming Zhao
Sheng Gao
Publikationsdatum: 01.12.2022
Verlag: Springer US
Erschienen in: Empirical Software Engineering / Ausgabe 7/2022
Print ISSN: 1382-3256
Elektronische ISSN: 1573-7616
DOI: https://doi.org/10.1007/s10664-022-10218-2

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 7/2022

TestEvoViz: visualizing genetically-based test coverage evolution

Static test flakiness prediction: How Far Can We Go?

Sources of software development task friction

The role of bug report evolution in reliable fixing estimation

Using Screenshot Attachments in Issue Reports for Triaging

Test smells 20 years later: detectability, validity, and reliability

Premium Partner