RA: Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis

Yuchiro, Chinen; Yanai, Naoto; Cruz, Jason Paul; Okamura, Shingo

doi:10.1109/blockchain50366.2020.00048

Cited by 35 publications

(27 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In works related to code analysis, selected flaws in smart contract code (e.g., overflow and underflow [20] or reentrancy [22]) and their detection using formal methods have been researched (e.g., [132], [163], [164]). For automated detection of these flaws, software tools have been proposed that perform formal verification (e.g., [163], [165], [166]), dynamic code analysis (e.g., [132], [133], [152]), static code analysis (e.g., [23], [24], [167]- [169]), or machine learning using classifiers like XGBoost or AdaBoost (e.g., [25]). These tools are designed to support developers in improving their code by identifying recurring flaws in smart contract code (e.g., by using formalized patterns of code flaws).…”

Section: Related Workmentioning

confidence: 99%

“…These solutions can be largely distinguished into automated verification and coding support. For automated verification, existing research presents software tools (e.g., MadMax [14] or ReGuard [22]) for automatically identifying flaws in smart contract code (e.g., using static analysis [23], dynamic analysis [24], or machine learning [25]) and increasing code quality. Nevertheless, the applicability of automated verification to smart contract code is limited in terms of comprehensiveness because most formal verification tools apply static patterns with the Bitcoin documentation [3] and find Bitcoin's smart contract capabilities not Turing-complete.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Challenges and Common Solutions in Smart Contract Development

Kannengießer

Lins

Sander

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Smart contracts are a promising means of formalizing and reliably enforcing agreements between entities using distributed ledger technology (DLT). Research has revealed that a significant number of smart contracts are subject to programming flaws, making them vulnerable to attacks and leading to detrimental effects, such as asset loss. Researchers and developers call for a thorough analysis of challenges to identify their causes and propose solutions. To respond to these calls, we conducted two literature reviews and diverse expert interviews and synthesized scattered knowledge on challenges and solutions. We identified 29 challenges (e.g., code visibility, code updateability, and encapsulation) and 60 solutions (e.g., gas limit specification, off-ledger computations, and shadowing). Moreover, we developed 20 software design patterns (SDPs) in collaboration with smart contract developers. The SDPs help developers adjust their programming habits and thus support them in their daily development practices. Our results provide actionable knowledge for smart contract developers to overcome the identified challenges and offer support for comparing smart contract integration concepts across three fundamentally different DLT protocols (i.e., Ethereum, EOSIO, and Hyperledger Fabric). Moreover, we support developers in becoming aware of peculiarities in smart contract development and the resulting benefits and drawbacks.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Challenges and Common Solutions in Smart Contract Development

Kannengießer

Lins

Sander

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

show abstract

“…Finally, the current construction does not support inter-contract analysis where multiple contracts are interconnected. For instance, Rodler et al [37] presented a new kind of vulnerability by utilizing CALL and CREATE instructions, which requires inter-contract analysis [8,49]. Thus, the attacks by Rodler et al are out of the scope of Eth2Vec currently.…”

Section: Limitationsmentioning

confidence: 99%

“…To the best of our knowledge, symbolic execution [27] is the principal approach for analysis of Ethereum smart contracts. Since symbolic execution deals with unknown variables as symbolic variables, it is potentially suitable for analysis of smart contracts, which utilizes information outside codes [8], i.e., blockchain. Hence, many tools have been proposed so far [7,13,24,[32][33][34]46].…”

Section: Other Analysis Tools For Ethereummentioning

confidence: 99%

“…In other words, disassembled codes often need to be analyzed manually, consequently increasing the number of false positives and false negatives. Moreover, symbolic execution [8,27,46,49], which extracts control flow graphs (CFGs) from a target code, achieves high accuracy by automating the analysis, but the generation of CFGs needs to search all states such that the target code transits. Therefore, the analysis takes significant amounts of time [48].…”

Section: Introduction 1backgroundsmentioning

confidence: 99%

See 1 more Smart Citation

Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts

Ashizawa

Yanai

Cruz

et al. 2021

Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure

Self Cite

View full text Add to dashboard Cite

Ethereum smart contracts are programs that run on the Ethereum blockchain, and many smart contract vulnerabilities have been discovered in the past decade. Many security analysis tools have been created to detect such vulnerabilities, but their performance decreases drastically when codes to be analyzed are being rewritten. In this paper, we propose Eth2Vec, a machine-learning-based static analysis tool for vulnerability detection in smart contracts. It is also robust against code rewrites, i.e., it can detect vulnerabilities even in rewritten codes. Existing machine-learning-based static analysis tools for vulnerability detection need features, which analysts create manually, as inputs. In contrast, Eth2Vec automatically learns features of vulnerable Ethereum Virtual Machine (EVM) bytecodes with tacit knowledge through a neural network for natural language processing. Therefore, Eth2Vec can detect vulnerabilities in smart contracts by comparing the code similarity between target EVM bytecodes and the EVM bytecodes it already learned. We conducted experiments with existing open databases, such as Etherscan, and our results show that Eth2Vec outperforms a recent model based on support vector machine in terms of well-known metrics, i.e., precision, recall, and F1-score. CCS CONCEPTS• Security and privacy → Software security engineering; Software reverse engineering; Vulnerability management.

show abstract

SoliTester: Detecting exploitable external‐risky vulnerability in smart contracts using contract account triggering method

Hu,

Li,

et al. 2023

J Software Evolu Process

View full text Add to dashboard Cite

The vulnerability in smart contracts (SCs) on the blockchain system may lead to severe security compromises. The SC can be invoked from an externally owned account (EOA) or a contract account (CA). The account a user creates to receive or send ether is an EOA. A CA contains codes that can interact with SCs. In Solidity SC, some vulnerabilities can only be exploited by the interactions between CAs and vulnerable SCs, which can be named external‐risky vulnerabilities. Most state‐of‐the‐art (SOTA) detectors detect external‐risky vulnerabilities by executing contract codes as an EOA user, thus reporting many unexploitable vulnerabilities. Therefore, we propose a CA‐triggering method to identify exploitable external‐risky vulnerabilities in Solidity SCs. We first designed agent contracts to simulate CAs' interactions with the target SCs in the real blockchain environment. We then detect vulnerability exploitation by analyzing transaction logs between agent contracts and target SCs and identifying successful exploits. We implemented the CA‐triggering method in a tool named SoliTester and evaluated it using three benchmark datasets, which contain three types of external‐risky vulnerabilities, namely, Reentancy (RE), Unchecked Call (UcC), and TxOrigin (TO). The results show that SoliTester can efficiently detect exploitable external‐risky vulnerabilities with significantly better precisions and recalls than SOTA detectors.

show abstract

RA: Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis

Cited by 35 publications

References 21 publications

Challenges and Common Solutions in Smart Contract Development

Challenges and Common Solutions in Smart Contract Development

Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts

SoliTester: Detecting exploitable external‐risky vulnerability in smart contracts using contract account triggering method

Contact Info

Product

Resources

About