MadMax: surviving out-of-gas conditions in Ethereum smart contracts

Grech, Neville; Kong, Michael; Jurisevic, Anton; Brent, Lexi; Scholz, Bernhard; Smaragdakis, Yannis

doi:10.1145/3276486

Cited by 273 publications

(265 citation statements)

References 28 publications

Supporting

Mentioning

265

Contrasting

Order By: Relevance

“…Verification of Ethereum smart contracts for potential safety and security vulnerabilities is becoming a popular research topic with numerous tools being developed, among them, we have tools based on symbolic execution [18,13,20,17,15,21], tools based on SMT solving [19,16], and other tools based on certified programming [7,12,5]. There are some tools also that aim at detecting, analyzing and verifying non-functional properties of smart contracts, e.g., those focused on reasoning about the gas consumption [4,10,11,19].…”

Section: Discussionmentioning

confidence: 99%

SAFEVM: a safety verifier for Ethereum smart contracts

Albert

Fernández

Gordillo

et al. 2019

Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

View full text Add to dashboard Cite

Ethereum smart contracts are public, immutable and distributed and, as such, they are prone to vulnerabilities sourcing from programming mistakes of developers. This paper presents SAFEVM, a verification tool for Ethereum smart contracts that makes use of stateof-the-art verification engines for C programs. SAFEVM takes as input an Ethereum smart contract (provided either in Solidity source code, or in compiled EVM bytecode), optionally with assert and require verification annotations, and produces in the output a report with the verification results. Besides general safety annotations, SAFEVM handles the verification of array accesses: it automatically generates SV-COMP verification assertions such that C verification engines can prove safety of array accesses. Our experimental evaluation has been undertaken on all contracts pulled from etherscan.io (more than 24,000) by using as back-end verifiers CPAchecker, SeaHorn and VeryMax.

show abstract

Section: Discussionmentioning

confidence: 99%

SAFEVM: a safety verifier for Ethereum smart contracts

Albert

Fernández

Gordillo

et al. 2019

Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

View full text Add to dashboard Cite

show abstract

“…Liu et al [40] proposed to perform the fuzz testing on smart contracts by iteratively generating random but diverse transactions to detect reentrancy bugs. 1) Readability • Human readable code [34], [35] • Human readable execution [36], [37] • Re-entrancy [38], [39], [40] 2) Functional issues • Block randness [41], [42], [43] • Overcharging [44], [45] Deployment • Bytecode analysis [46], [47], [48], [49], [50], [51], [52], [53] 1) Contract correctness • Source code analysis [54], [55], [56], [57] • Machine learning based analysis [58], [59], [60] • Graph based analysis [61], [62] 2) Dynamic control flow • Path-searching [63] • Execution environment [64] Execution 1) Trustworthy oracle • Third-party involved [65] • Decentralized [66], [67] 2) Transaction-ordering dependence • Sequential execution [68] • Predefining contract [69] 3) Execution efficiency • Execution serialization [70], [71], [72] • Inspection of contract [73] Completion 1) Privacy and Security • Privacy [74],…”

Section: Recent Advances For Functional Issuesmentioning

confidence: 99%

An overview on smart contracts: Challenges, advances and platforms

Zheng

Xie

Dai

et al. 2020

Future Generation Computer Systems

741

245

View full text Add to dashboard Cite

Smart contract technology is reshaping conventional industry and business processes. Being embedded in blockchains, smart contracts enable the contractual terms of an agreement to be enforced automatically without the intervention of a trusted third party. As a result, smart contracts can cut down administration and save services costs, improve the efficiency of business processes and reduce the risks. Although smart contracts are promising to drive the new wave of innovation in business processes, there are a number of challenges to be tackled. This paper presents a survey on smart contracts. We first introduce blockchains and smart contracts. We then present the challenges in smart contracts as well as recent technical advances. We also compare typical smart contract platforms and give a categorization of smart contract applications along with some representative examples.

show abstract

“…The purpose of the Gasper and MadMax tools is precisely the detection of gas related vulnerabilities. MadMax [13] focuses on identifying control-and data-flow patterns inherent for the gas-related vulnerabilities, thus, it works as a bug-finder, rather than as a gas analyzer like Gasol.…”

Section: Related Tools and Conclusionmentioning

confidence: 99%

GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts

Albert

Fernández

Gordillo

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We present the main concepts, components, and usage of Gasol, a Gas AnalysiS and Optimization tooL for Ethereum smart contracts. Gasol offers a wide variety of cost models that allow inferring the gas consumption associated to selected types of EVM instructions and/or inferring the number of times that such types of bytecode instructions are executed. Among others, we have cost models to measure only storage opcodes, to measure a selected family of gas-consumption opcodes following the Ethereum's classification, to estimate the cost of a selected program line, etc. After choosing the desired cost model and the function of interest, Gasol returns to the user an upper bound of the cost for this function. As the gas consumption is often dominated by the instructions that access the storage, Gasol uses the gas analysis to detect under-optimized storage patterns, and includes an (optional) automatic optimization of the selected function. Our tool can be used within an Eclipse plugin for Solidity which displays the gas and instructions bounds and, when applicable, the gas-optimized Solidity function.

show abstract

MadMax: surviving out-of-gas conditions in Ethereum smart contracts

Cited by 273 publications

References 28 publications

SAFEVM: a safety verifier for Ethereum smart contracts

SAFEVM: a safety verifier for Ethereum smart contracts

An overview on smart contracts: Challenges, advances and platforms

GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts

Contact Info

Product

Resources

About