Skip to main content
SpringerLink
Log in

Not All Code are Create2 Equal

  • Conference paper
  • First Online:
Financial Cryptography and Data Security. FC 2022 International Workshops (FC 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13412))

Included in the following conference series:

  • 341 Accesses

Abstract

We describe the impact and measure the adoption of the CREATE2 instruction introduced to the Ethereum Virtual Machine in the Constantinople upgrade. This change to Ethereum’s execution environment is fundamental because it enables to modify the program stored on a given address after deployment, making it much harder to reason about the immutability of smart contracts. We enumerate six use cases and novel attack vectors, and present empirical evidence from all 32 million code accounts created between March 2019 and July 2021. The data shows that the main beneficiaries of the upgrade are wallet contracts, which can now use predictable addresses. But they do not require the more risky feature of mutable smart contracts. So far, the only applications that use the latter are front-running bots and gas tokens.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    2019-02-28 20:52:04 GMT+2.

  2. 2.

    Ethereum Classic activated the Constatinople changes in January 2020 [23].

  3. 3.

    We use upgrade to refer to changes of the platform and update for the possibility to alter code on the platform.

  4. 4.

    The odds are one in \(2^{80}\) accounts, following from the birthday problem.

  5. 5.

    Effective since 2017-10-16 07:22:11 GMT+2.

  6. 6.

    Using simple heuristics derived from the EIPS we found 223 873 following EIP-897, 0 following EIP-1167, 22 238 following EIP-1822, and 31 432 following EIP-1967.

  7. 7.

    Deactivation and the resurrection cannot take place in the same transaction because the use of SELFDESTRUCT resets the account and its nonce at the very end of the transaction. But it is possible within the same block.

  8. 8.

    We prefer pseudo-code over Solidity because Solidity does not offer a way to encode explicit returns in constructors without the use of inline EVM assembly.

  9. 9.

    Block: 12817905 (2021-07-13 11:07:50 GMT+2).

  10. 10.

    We make an exception for access to the value of a transaction, since popular compilers add checks to avoid accidental value transfer.

  11. 11.

    of total deployments after Constantinople.

  12. 12.

    Table 3 lists the accounts that had morphing resurrections along with selected statistics. Table 4 documents our investigations regarding the purpose of these accounts. Both tables are in the appendix.

  13. 13.

    442/12 466/29 865/38 076/279 202 (\({\text {min}}\)/\(25\%\)/\(50\%\)/\(75\%\)/\({\text {max}}\)).

  14. 14.

    https://github.com/counterfactual/monorepo, accessed: 15th Oct 21.

  15. 15.

    In total we have seen 731 268 pre-funded accounts after Constantinople. As expected, almost all of them (729 577) were deployed via CREATE2.

  16. 16.

    0x0000000000ffe8b47b3e2130213b802212439497.

  17. 17.

    To reduce the bias by contracts created towards the end of our observation period, we only considered code account until two month before the end of our measurement period. Without this, cutoff we find 3 158 545 matching code accounts.

  18. 18.

    The in-degree distribution is binary since every code account has exactly one deployer. Only externally owned accounts have no deployer.

References

  1. EVM - implement EIP 1014: Skinny CREATE2 #1165. https://github.com/trailofbits/manticore/issues/1165. Accessed 28 Oct 2021

  2. 0age: Metamorphic. https://github.com/0age/metamorphic. Accessed 07 April 2021

  3. 0age: On Efficient Ethereum Addresses (2018). https://medium.com/coinmonks/on-efficient-ethereum-addresses-3fef0596e263. Accessed 20 May 2021

  4. 0age: Etherscan CREATE2SafeDeploy (2019). https://etherscan.io/address/0x5df4c8e56fe3a95f98ce3d1935abd1b187525915/. Accessed 07 Apr 2021

  5. 0age: On Efficient Ethereum Storage (2019). https://medium.com/coinmonks/on-efficient-ethereum-storage-c76869591add. Accessed 25 May 2021

  6. Anderson, R., et al.: Measuring the changing cost of cybercrime. In: Workshop on the Economics of Information Security (WEIS). Harvard University, Cambridge (2019)

    Google Scholar 

  7. Azzopardi, S., Ellul, J., Pace, G.J.: Monitoring smart contracts: ContractLarva and open challenges beyond. In: Colombo, C., Leucker, M. (eds.) RV 2018. LNCS, vol. 11237, pp. 113–137. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03769-7_8

    Chapter  Google Scholar 

  8. Böhme, R., Eckey, L., Moore, T., Narula, N., Ruffing, T., Zohar, A.: Responsible vulnerability disclosure in cryptocurrencies. Commun. ACM 63(10), 62–71 (2020). https://doi.org/10.1145/3372115

    Article  Google Scholar 

  9. Buterin, V.: Prevent overwriting contracts #684 (2017). https://github.com/ethereum/EIPs/issues/684. Accessed 07 Apr 2021

  10. Buterin, V.: EIP 1014: Skinny Create2 (2018). https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1014.md. Accessed 07 Apr 2021

  11. Chen, T., Li, X., Luo, X., Zhang, X.: Under-optimized smart contracts devour your money. In: 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 442–446. IEEE (2017). https://doi.org/10.1109/SANER.2017.7884650

  12. Chen, T., et al.: An adaptive gas cost mechanism for ethereum to defend against under-priced DoS attacks. In: Liu, J.K., Samarati, P. (eds.) ISPEC 2017. LNCS, vol. 10701, pp. 3–24. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72359-4_1

    Chapter  Google Scholar 

  13. Coleman, J., Horne, L., Xuanji, L.: Counterfactual: Generalized State Channels (2018). https://l4.ventures/papers/statechannels.pdf. Accessed 07 Apr 2021

  14. Colombo, C., Ellul, J., Pace, G.J.: Contracts over smart contracts: recovering from violations dynamically. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11247, pp. 300–315. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03427-6_23

    Chapter  Google Scholar 

  15. Di Angelo, M., Salzer, G.: A survey of tools for analyzing ethereum smart contracts. In: 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), pp. 69–78. IEEE (2019). https://doi.org/10.1109/DAPPCON.2019.00018

  16. Di Angelo, M., Salzer, G.: Collateral use of deployment code for smart contracts in ethereum. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5. IEEE (2019). https://doi.org/10.1109/NTMS.2019.8763828

  17. Di Angelo, M., Salzer, G.: Characteristics of wallet contracts on ethereum. In: 2020 2nd Conference on Blockchain Research and Applications for Innovative Networks and Services (BRAINS), pp. 232–239. IEEE (2020). https://doi.org/10.1109/BRAINS49436.2020.9223287

  18. Dickerson, T., Gazzillo, P., Herlihy, M., Saraph, V., Koskinen, E.: Proof-carrying smart contracts. In: Zohar, A., et al. (eds.) Financial Cryptography and Data Security, WTSC Workshop. Lecture Notes in Computer Science, vol. 10958, pp. 325–338. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-662-58820-8_22

    Chapter  Google Scholar 

  19. Fröwis, M., Böhme, R.: In code we trust? Measuring the control flow immutability of all smart contracts deployed on ethereum. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds.) ESORICS/DPM/CBT -2017. LNCS, vol. 10436, pp. 357–372. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67816-0_20

    Chapter  Google Scholar 

  20. Barros, G., Gallagher, P.: EIP-1822: Universal Upgradeable Proxy Standard (UUPS) (2019). https://eips.ethereum.org/EIPS/eip-1822. Accessed 07 Apr 2021

  21. Grishchenko, I., Maffei, M., Schneidewind, C.: Foundations and tools for the static analysis of ethereum smart contracts. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10981, pp. 51–78. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96145-3_4

    Chapter  Google Scholar 

  22. Hertig, A.: So, Ethereum’s Blockchain is Still Under Attack.... (2016). https://www.coindesk.com/so-ethereums-blockchain-is-still-under-attack/. Accessed 18 June 2017

  23. Ardis, I., Tang, W.: ECIP 1056: Agharta EVM and Protocol Upgrades (2020). https://ethereumclassic.org/blog/2020-01-11-agharta-hard-fork-upgrade. Accessed 25 May 2021

  24. Jameson, H.: FAQ: Upcoming Ethereum Hard Fork (2016). https://blog.ethereum.org/2016/10/18/faq-upcoming-ethereum-hard-fork/ Accessed 18 June 2017

  25. Izquierdo, J., Araoz, M.: EIP-897: ERC DelegateProxy (2018). https://eips.ethereum.org/EIPS/eip-897. Accessed 07 Apr 2021

  26. Joveski, B.: USDC payment processing in Coinbase Commerce (2019). https://blog.coinbase.com/usdc-payment-processing-in-coinbase-commerce-b1af1c82fb0. Accessed 18 Nov 2021

  27. Breidenbach, L., Daian, P, Tramèr, F.: GasToken.io - Cheaper Ethereum transactions, today. https://gastoken.io/#GST2. Accessed 19 Oct 2021

  28. Maurelian: Newsletter 16 - CREATE2 FAQ (2019). https://consensys.net/diligence/blog/2019/02/smart-contract-security-newsletter-16-create2-faq/. Accessed 08 May 2021

  29. Mossberg, M., et al.: Manticore: a user-friendly symbolic execution framework for binaries and smart contracts. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 1186–1189. IEEE (2019). https://doi.org/10.1109/ASE.2019.00133

  30. 1inch Network: 1inch introduces Chi Gastoken. https://blog.1inch.io/1inch-introduces-chi-gastoken-d0bd5bb0f92b. Accessed 05 May 2021

  31. OpenZeppelin: OpenZeppelin Proxy Contract Implementations. https://docs.openzeppelin.com/contracts/4.x/api/proxy. Accessed 07 Nov 2021

  32. Palladino, S.: EIP-1967: Standard Proxy Storage Slots (2019). https://eips.ethereum.org/EIPS/eip-1967. Accessed 07 Apr 2021

  33. Murray, P., Welch, N., Messerman, J.: EIP-1167: Minimal Proxy Contract (2018). https://eips.ethereum.org/EIPS/eip-1167. Accessed 07 Apr 2021

  34. Pérez, D., Livshits, B.: Broken metre: attacking resource metering in EVM. In: 27th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society (2020)

    Google Scholar 

  35. rajeevgopalakrishna: Potential security implications of CREATE2? (EIP-1014) (2019). https://ethereum-magicians.org/t/potential-security-implications-of-create2-eip-1014/2614. Accessed 08 Apr 2021

  36. Reijsbergen, D., Sridhar, S., Monnot, B., Leonardos, S., Skoulakis, S., Piliouras, G.: Transaction Fees on a Honeymoon: Ethereum’s EIP-1559 One Month Later. arXiv preprint arXiv:2110.04753 (2021)

  37. Rodler, M., Li, W., Karame, G.O., Davi, L.: EVMPatch: timely and automated patching of ethereum smart contracts. In: 30th USENIX Security Symposium. USENIX Association (2021)

    Google Scholar 

  38. (((Swende))), M.H.: Testing awareness levels here. After Constantinople, can contracts that you interact suddenly change code, in-place? (2019). https://twitter.com/mhswende/status/1093596010545336320. Accessed 06 Oct 2021

  39. Torres, C.F., Steichen, M., et al.: The art of the scam: demystifying honeypots in ethereum smart contracts. In: 28th USENIX Security Symposium, pp. 1591–1607. USENIX Association (2019)

    Google Scholar 

  40. Wood, G.: Ethereum: A Secure Decentralised Generalised Transaction Ledger (Petersburg revision) (2021). https://ethereum.github.io/yellowpaper/paper.pdf. Accessed 07 Apr 2021

  41. Zhou, Y., Kumar, D., Bakshi, S., Mason, J., Miller, A., Bailey, M.: Erays: reverse engineering ethereum’s opaque smart contracts. In: 27th USENIX Security Symposium, pp. 1371–1385. USENIX Association (2018)

    Google Scholar 

Download references

Acknowledgments

We would like to thank Patrik Keller and Bernhard Haslhofer for their valuable feedback. This work has received funding from the Austrian Research Promotion Agency (FFG) and the Austrian Security Research Programme (KIRAS).

Author information

Authors and Affiliations

  1. Department of Computer Science, Universität Innsbruck, Innsbruck, Austria

    Michael Fröwis & Rainer Böhme

Authors
  1. Michael Fröwis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rainer Böhme
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Fröwis .

Editor information

Editors and Affiliations

  1. Georgetown University, Washington, DC, USA

    Shin'ichiro Matsuo

  2. Imperial College London, London, UK

    Lewis Gudgeon

  3. Cornell University, Ithaca, NY, USA

    Ariah Klages-Mundt

  4. Imperial College London, London, UK

    Daniel Perez Hernandez

  5. Imperial College London, London, UK

    Sam Werner

  6. The Australian National University, Canberra, ACT, Australia

    Thomas Haines

  7. Western University, London, ON, Canada

    Aleksander Essex

  8. University of Stirling, Stirling, UK

    Andrea Bracciali

  9. University of Trento, Trento, Trento, Italy

    Massimiliano Sala

A Supplemental Figures and Tables

A Supplemental Figures and Tables

Fig. 7.
figure 7

New potentially resurrectable code accounts per day (Color figure online)

Full size image
Fig. 8.
figure 8

Bytecode instances used in resurrections; redeployment of identical code (left) and morphing resurrections (right). (Color figure online)

Full size image

Figure 9 shows the cumulative distribution of out-degrees of the deployer-relation.Footnote 18 Only 189 919 (0.41%) accounts in our relation have no deployer. These result from deployments from externally owned accounts. Hence, almost all code accounts were created by another code account.

Fig. 9.
figure 9

The Ethereum deployer relation. Only 5 code accounts deployed more than 1 million other code accounts. The biggest contributors are the Chi-Gas-Token (\(\approx \) 10 m), Gas Token.io: GST2 (\(\approx \) 6.4 m), MevBot (\(\approx \) 1.6 m), Bitrex: Controller (\(\approx \) 1.6 m), MMM BSC (\(\approx \) 1 m). MevBot is one of the contracts that have seen morphing resurrections.

Full size image
Table 1. Distribution of actual resurrections per account
Full size table
Table 2. Dataset summary
Full size table
Table 3. Accounts with morphing resurrection until mid Jul 2021. USD values based on current ETH Price (Coinbase midpoint price 5th Oct 21).
Full size table
Table 4. Analysis of morphing accounts; Balances from Etherscan on 5th October 21.
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Fröwis, M., Böhme, R. (2023). Not All Code are Create2 Equal. In: Matsuo, S., et al. Financial Cryptography and Data Security. FC 2022 International Workshops. FC 2022. Lecture Notes in Computer Science, vol 13412. Springer, Cham. https://doi.org/10.1007/978-3-031-32415-4_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-32415-4_32

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-32414-7

  • Online ISBN: 978-3-031-32415-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation