Abstract
Smart contracts bring Ethereum transactions great convenience, meanwhile, they can have potentially devastating financial consequences. Among the existing tools, few can handle bytecode detection tasks. To address the lack of bytecode security guarantee, we design a software-based detection system that can perform both source code and bytecode. Finally, we conduct preliminary experiments towards building a reliable vulnerability database and concise analysis is provided.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A famous contract data analyzer and service provider.
- 2.
For details of this attack please see https://www.coindesk.com/understanding-dao-hack-journalists.
References
Guo, Y., Liang, C.: Blockchain application and outlook in the banking industry. Financ. Innov. 2(1), 24 (2016). https://doi.org/10.1186/s40854-016-0034-9
Wu, J., Tran, N.: Application of blockchain technology in sustainable energy systems: an overview. Sustainability 10(9), 3067 (2018). https://doi.org/10.3390/su10093067
Zhao, X., Chen, Z., Chen, X., Wang, Y., Tang, C.: The DAO attack paradoxes in propositional logic (2017). https://doi.org/10.1109/icsai.2017.8248566
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (SoK) (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Bartoletti, M., Pompianu, L.: An empirical analysis of smart contracts: platforms, applications, and design patterns (2017). https://doi.org/10.1007/978-3-319-70278-0_31
Feist, J., Greico, G., Groce, A.: Slither: a static analysis framework for smart contracts. Paper presented at the WETSEB 2019 : 2nd international workshop on emerging trends in software engineering for blockchain (2019)
Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter (2016). https://doi.org/10.1145/2976749.2978309
Tsankov, P., Dan, A., Drachsler-Cohen, D., Gervais, A., Bünzli, F., Vechev, M.: Securify: practical security analysis of smart contracts (2018). https://doi.org/10.1145/3243734.3243780
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver (2008). https://doi.org/10.1007/978-3-540-78800-3_24
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: ZEUS: analyzing safety of smart contracts (2018). https://doi.org/10.14722/ndss.2018.23082
Meng, X., Miller, B.P.: Binary code is not easy (2016). https://doi.org/10.1145/2931037.2931047
Balakrishnan, G., Reps, T.: Divine: discovering variables in executables. https://doi.org/10.1007/978-3-540-69738-1_1
Lee, J., Avgerinos, T., Brumley, D.: TIE: principled reverse engineering of types in binary programs (2011)
Keivanloo, I., Roy, C.K., Rilling, J.: SeByte: A semantic clone detection tool for intermediate languages (2012). https://doi.org/10.1109/ICPC.2012.6240495
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Ye, J., Ma, M., Peng, T., Xue, Y. (2020). A Software Analysis Based Vulnerability Detection System For Smart Contracts. In: Jarzabek, S., Poniszewska-Marańda, A., Madeyski, L. (eds) Integrating Research and Practice in Software Engineering. Studies in Computational Intelligence, vol 851. Springer, Cham. https://doi.org/10.1007/978-3-030-26574-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-26574-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-26573-1
Online ISBN: 978-3-030-26574-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)