Abstract
Smart contracts have extensive applications in various emerging domains such as IoT, 5G networks, and finance. In this regard, the Ethereum platform has provided the capability of running smart contracts on its distributed infrastructure. Smart contracts are small programs that describe a set of rules for supervising associated funds, often written in a Turing-complete programming language called Solidity. Furthermore, Ethereum is currently one of the most extensive cryptocurrencies next to Bitcoin. This provides an extraordinary opportunity for attackers to exploit potential zero-day vulnerabilities in this ecosystem that are tightly twisted with financial gain. Consequently, this paper introduces a practical framework called “EthFuzz” to identify vulnerabilities and generate concrete exploits for the Ethereum ecosystem. Our system works through a graph-based method in combination with dynamic symbolic execution. Moreover, our proposed framework can tackle the path explosion problem in its symbolic execution engine. To prove our approach’s usefulness, we could successfully identify and generate 26,015 exploits out of 207,412 exploitable paths, within 1,000,000 real-world smart contracts on the Ethereum live blockchain network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
We’re sorry, something doesn't seem to be working properly.
Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.
References
Bytecode to opcode disassembler – etherscan. https://etherscan.io/opcode-tool. Accessed 2 Feb 2020
Github - comaeio/porosity: *unmaintained* decompiler and security analysis tool for blockchain-based ethereum smart-contracts. https://github.com/comaeio/porosity. Accessed 7 May 2020
Openzeppelin/openzeppelin-contracts: Openzeppelin contracts is a library for secure smart contract development. https://github.com/OpenZeppelin/openzeppelin-contracts. Accessed 29 Jan 2021
Oyente. https://github.com/melonproject/oyente. Accessed 11 Aug 2019
Paritytech/parity-ethereum: The fast, light, and robust EVM and WASM client. https://github.com/paritytech/parity-ethereum. Accessed 2 July 2019
Ashouri, M.: Kaizen: a scalable concolic fuzzing tool for scala. In: Proceedings of the 11th ACM SIGPLAN International Symposium on Scala, pp. 25–32 (2020)
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Parity Authors. Ethereum rust client (2017)
Baldoni, R., Coppa, E., D’elia, D.C., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. (CSUR) 51(3), 1–39 (2018)
Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, FREENIX Track, vol. 41, p. 46 (2005)
Birrell, A.D., Nelson, B.J.: Implementing remote procedure calls. In: Proceedings of the Ninth ACM Symposium on Operating Systems Principles, p. 3 (1983)
Brent, L.: Vandal: a scalable security analysis framework for smart contracts. arXiv preprint arXiv:1809.03981 (2018)
Dannen, C.: Introducing Ethereum and Solidity. Apress, Berkeley (2017). https://doi.org/10.1007/978-1-4842-2535-6
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24
Grech, N., Kong, M., Jurisevic, A., Brent, L., Scholz, B., Smaragdakis, Y.: Madmax: surviving out-of-gas conditions in ethereum smart contracts. Proc. ACM Program. Lang. 2(OOPSLA), 116 (2018)
Huh, S., Cho, S., Kim, S.: Managing IoT devices using blockchain platform. In: 2017 19th International Conference on Advanced Communication Technology (ICACT), pp. 464–467. IEEE (2017)
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: Zeus: analyzing safety of smart contracts. In: NDSS, pp. 1–12 (2018)
Krupp, J., Rossow, C.: Teether: gnawing at ethereum to automatically exploit smart contracts. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 1317–1333 (2018)
Law, A.: Smart contracts and their application in supply chain management. Ph.D. thesis, Massachusetts Institute of Technology (2017)
Liu, C., et al.: ReGuard: finding reentrancy bugs in smart contracts. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceedings, pp. 65–68. ACM (2018)
Liu, H., Liu, C., Zhao, W., Jiang, Y., Sun, J.: S-gram: towards semantic-aware security auditing for ethereum smart contracts. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, pp. 814–819. ACM (2018)
Vivar, A.L., Castedo, A.T., Orozco, A.L.S., Villalba, L.J.G.: Smart contracts: a review of security threats alongside an analysis of existing solutions. Entropy 22(2), 203 (2020)
Nguyen, D.C., Pathirana, P.N., Ding, M., Seneviratne, A.: Blockchain for 5G and beyond networks: a state of the art survey. arXiv preprint arXiv:1912.05062 (2019)
Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 653–663 (2018)
Palladino, S.: The parity wallet hack explained, July 2017. https://blog.zeppelin.solutions
Perez, D., Livshits, B.: Smart contract vulnerabilities: does anyone care? arXiv preprint arXiv:1902.06710 (2019)
Qureshi, H.: A hacker stole 31 m of ether–how it happened, and what it means for ethereum. Freecodecamp.org, 20 July 2017
Sirer, E.G.: Thoughts on the DAO hack. Hacking 17 July 2016
Szabo, N.: Smart contracts: building blocks for digital markets. EXTROPY J. Transhumanist Thought 16, 18:2 (1996)
Tsankov, P., et al.: Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 67–82. ACM (2018)
Whaley, J., Avots, D., Carbin, M., Lam, M.S.: Using datalog with binary decision diagrams for program analysis. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 97–118. Springer, Heidelberg (2005). https://doi.org/10.1007/11575467_8
Yamaguchi, F., Golde, N., Arp, D., Rieck, K.: Modeling and discovering vulnerabilities with code property graphs. In: 2014 IEEE Symposium on Security and Privacy, pp. 590–604. IEEE (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix A
Re-Entrancy Attack
Ethereum Virtual Machine (EVM) establishes a machine language called EVM bytecode, which includes approximately 150 opcodes [13]. Unlike memory, storage perseveres beyond the execution history of a contract. Indeed it is stored as a part of the global blockchain state. The EVM also states specific instructions to access transactions’ fields, modify the contract’s private storage, examine the current blockchain state, and even create additional transactions. It should be highlighted that the original Ethereum paper [28] differentiates between transactions, which are signed by regular accounts, and messages, which are not. Note that the EVM only implements integer arithmetic and cannot handle floating-point values.
In addition to the persistent storage and 256-bit word stack, the EVM also executes a byte-addressable memory, which serves as an input and output buffer to different instructions. For instance, the SHA3 instruction, which calculates a Keccak-256 hash over variable-length data, reads its input from memory, where two stack arguments present both the memory location and length of the input. The memory content is not endured between contract executions, and it is invariably set to “zero” at the opening of each execution.
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ashouri, M. (2021). An Extensive Security Analysis on Ethereum Smart Contracts. In: Garcia-Alfaro, J., Li, S., Poovendran, R., Debar, H., Yung, M. (eds) Security and Privacy in Communication Networks. SecureComm 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 398. Springer, Cham. https://doi.org/10.1007/978-3-030-90019-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-90019-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90018-2
Online ISBN: 978-3-030-90019-9
eBook Packages: Computer ScienceComputer Science (R0)