Vandal: A Scalable Security Analysis Framework for Smart Contracts

Brent, Lexi; Jurisevic, Anton; Kong, Michael G.; Liu, Eric; Gauthier, François; Gramoli, Vincent; Holz, Ralph; Scholz, Bernhard

doi:10.48550/arxiv.1809.03981

Cited by 55 publications

(102 citation statements)

References 20 publications

Supporting

Mentioning

101

Contrasting

Order By: Relevance

“…We perform systematic path exploration to determine if the model (cf. Section III) satisfies the provided requirements, similar to other model checking systems [13], [16], [36], [43], [45], [48], [56], [57].…”

Section: A Choosing An Smt Solver For Defiposer-smtmentioning

confidence: 67%

On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols

Zhou

Qin

Cully

et al. 2021

Preprint

View full text Add to dashboard Cite

Decentralized Finance (DeFi) is a blockchain-assetenabled finance ecosystem with millions of daily USD transaction volume, billions of locked up USD, as well as a plethora of newly emerging protocols (for lending, staking, and exchanges). Because all transactions, user balances, and total value locked in DeFi are publicly readable, a natural question that arises is: how can we automatically craft profitable transactions across the intertwined DeFi platforms?In this paper, we investigate two methods that allow us to automatically create profitable DeFi trades, one well-suited to arbitrage and the other applicable to more complicated settings. We first adopt the Bellman-Ford-Moore algorithm with DEFIPOSER-ARB and then create logical DeFi protocol models for a theorem prover in DEFIPOSER-SMT. While DEFIPOSER-ARB focuses on DeFi transactions that form a cycle and performs very well for arbitrage, DEFIPOSER-SMT can detect more complicated profitable transactions. We estimate that DEFIPOSER-ARB and DEFIPOSER-SMT can generate an average weekly revenue of 191.48 ETH (76,592 USD) and 72.44 ETH (28,976 USD) respectively, with the highest transaction revenue being 81.31 ETH (32,524 USD) and 22.40 ETH (8,960 USD) respectively. We further show that DEFIPOSER-SMT finds the known economic bZx attack from February 2020, which yields 0.48M USD. Our forensic investigations show that this opportunity existed for 69 days and could have yielded more revenue if exploited one day earlier. Our evaluation spans 150 days, given 96 DeFi protocol actions, and 25 assets.Looking beyond the financial gains mentioned above, forks deteriorate the blockchain consensus security, as they increase the risks of double-spending and selfish mining. We explore the implications of DEFIPOSER-ARB and DEFIPOSER-SMT on blockchain consensus. Specifically, we show that the trades identified by our tools exceed the Ethereum block reward by up to 874×. Given optimal adversarial strategies provided by a Markov Decision Process (MDP), we quantify the value threshold at which a profitable transaction qualifies as Miner Extractable Value (MEV) and would incentivize MEV-aware miners to fork the blockchain. For instance, we find that on Ethereum, a miner with a hash rate of 10% would fork the blockchain if an MEV opportunity exceeds 4× the block reward.

show abstract

Section: A Choosing An Smt Solver For Defiposer-smtmentioning

confidence: 67%

On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols

Zhou

Qin

Cully

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Moreover, a recent analysis of 420 million Ethereum transactions by Zhou et al reveals an ongoing evolution of vulnerabilities and attacks in smart contracts [24]. To avoid devastating consequences of smart contract hacks, a number of security auditing tools have been developed to detect smart contract vulnerabilities [4,5,14,21], such as reentrancy, integer overflow, etc., most of which are smart contract code vulnerabilities. However, smart contracts are designed and implemented by human developers to interact with human users, in which the human is the central component of a smart contract ecosystem.…”

Section: Introductionmentioning

confidence: 99%

“…These smart contracts are considered to be the de-facto standardized implementations of popular smart contract code patterns. The OpenZeppelin project provides a rich codebase for ERC-20 token developers 4 . EIP-55 Checksums.…”

Section: Introductionmentioning

confidence: 99%

“…4 : All Ethereum accounts are equally secure as long as their private keys are random and secret. In Section 4.1.3, we show that a small portion of Ethereum accounts have a special property, making them more vulnerable to a specific social engineering attack.…”

mentioning

confidence: 99%

“…https://nick-ivanov.github.io/se-info/2 Each fungible token has the same value and does not possess any special characteristics compared with other tokens of the same type 3. https://eips.ethereum.org/EIPS/eip-204 https://openzeppelin.com/contracts/ 5 https://eips.ethereum.org/EIPS/eip-556 An implementation of this function, named generateAddress, can be found at https://github.com/ethereumjs/ethereumjs-util.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts

Иванов

Lou

Chen

et al. 2021

Preprint

View full text Add to dashboard Cite

Ethereum holds multiple billions of U.S. dollars in the form of Ether cryptocurrency and ERC-20 tokens, with millions of deployed smart contracts algorithmically operating these funds. Unsurprisingly, the security of Ethereum smart contracts has been under rigorous scrutiny. In recent years, numerous defense tools have been developed to detect different types of smart contract code vulnerabilities. When opportunities for exploiting code vulnerabilities diminish, the attackers start resorting to social engineering attacks, which aim to influence humans -often the weakest link in the system. The only known class of social engineering attacks in Ethereum are honeypots, which plant hidden traps for attackers attempting to exploit existing vulnerabilities, thereby targeting only a small population of potential victims.In this work, we explore the possibility and existence of new social engineering attacks beyond smart contract honeypots. We present two novel classes of Ethereum social engineering attacks -Address Manipulation and Homograph -and develop six zero-day social engineering attacks. To show how the attacks can be used in popular programming patterns, we conduct a case study of five popular smart contracts with combined market capitalization exceeding $29 billion, and integrate our attack patterns in their source codes without altering their existing functionality. Moreover, we show that these attacks remain dormant during the test phase but activate their malicious logic only at the final production deployment. We further analyze 85,656 open-source smart contracts, and discover that 1,027 of them can be used for the proposed social engineering attacks. We conduct a professional opinion survey with experts from seven smart contract auditing firms, corroborating that the exposed social engineering attacks bring a major threat to the smart contract systems. CCS CONCEPTS• Security and privacy → Domain-specific security and privacy architectures; Systems security.

show abstract

VeriSolid: Correct-by-Design Smart Contracts for Ethereum

Mavridou

Lászka

Stachtiari

et al. 2019

Lecture Notes in Computer Science

109

View full text Add to dashboard Cite

The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create self-enforcing smart contracts. However, the development of smart contracts has proven to be error-prone in practice, and as a result, contracts deployed on public platforms are often riddled with security vulnerabilities. This issue is exacerbated by the design of these platforms, which forbids updating contract code and rolling back malicious transactions. In light of this, it is crucial to ensure that a smart contract is secure before deploying it and trusting it with significant amounts of cryptocurrency. To this end, we introduce the VeriSolid framework for the formal verification of contracts that are specified using a transition-system based model with rigorous operational semantics. Our model-based approach allows developers to reason about and verify contract behavior at a high level of abstraction. VeriSolid allows the generation of Solidity code from the verified models, which enables the correct-by-design development of smart contracts.

show abstract

Vandal: A Scalable Security Analysis Framework for Smart Contracts

Cited by 55 publications

References 20 publications

On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols

On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols

Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts

VeriSolid: Correct-by-Design Smart Contracts for Ethereum

Contact Info

Product

Resources

About