Abstract
The original intention of smart contract design is to execute every transaction in the blockchain spontaneously, efficiently and fairly, meanwhile, smart contract plays an important role in the blockchain activities. With the development of blockchain, the vulnerability of smart contract becomes more and more obvious. The security vulnerability detection of smart contract is very important. This paper proposes M-A-R, a dynamic symbol execution method focusing on efficient detection for reentry vulnerability, realizes the security detection of the source code of smart contract, optimizes the design of its implementation method, then compares it with the existing related tools. The results show that M-A-R approach can detect the reentry vulnerability efficiently and has good universality and scalability.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Grishchenko, I., Maffei, M., Schneidewind, C.: A semantic framework for the security analysis of ethereum smart contracts. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 243–269. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_10
Crytic. Slither (2018).https://github.com/crytic/slither
Bhargavan, K., Delignat-Lavaud, A., Fournet, C., et al.: Formal verification of smart contracts: short paper. In: The 2016 ACM Workshop on Programming Languages and Analysis for Security, pp. 91–96 (2016)
Ferreira, C.O.: (2018). https://github.com/christoftorres/Osiris
ConsenSys. Mythril (2017). https://github.com/ConsenSys/mythril-classic
Manticore. https://github.com/trailofbits/manticore
SmartDec. SmartCheck (2017). https://github.com/smartdec/smartcheck
SRI Lab. Securify (2018). https://github.com/eth-sri/securify
Hirai, Y., et al.: Defining the ethereum virtual machine for interactive theorem provers. In: Brenner, M. (ed.) FC 2017. LNCS, vol. 10323, pp. 520–535. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_33
Hirai, Y.: Formal verification of deed contract in ethereum name service. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6 (2019)
SeaHorn \( | \) A Verification Framework. https://seahorn.github.io/
Hildenbrandt, E., Saxena, M., Rodrigues, N., et al.: KEVM: a complete formal semantics of the ethereum virtual machine. In: 2018 IEEE 31st Computer Security Foundations Symposium (CSF), 9–12 July 2018, pp. 204–217. IEEE, Oxford (2018)
Kalra, S., Goel, S., Dhawan, M., et al.: ZEUS: analyzing safety of smart contracts. In: Network and Distributed System Security Symposium, pp. 26–35 (2018)
Tsankov, P., Dan, A., Cohen, D.D., et al.: Securify: practical security analysis of smart contracts (2018). ArXiv180601143 Cs
Angr/angr. GitHub. https://github.com/angr/angr
Luu, L., Chu, D.-H., et al.: Making smart contracts smarter, pp. 254–269 (2016)
Acknowledgements
This research has been supported by the Natural Science Foundation of Hainan Province (No. 620RC605) and Postgraduates’ Innovative Research Projects of Hainan Province (No. Hys2020-332).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Wang, Z., Wen, B., Luo, Z., Liu, S. (2021). M-A-R: A Dynamic Symbol Execution Detection Method for Smart Contract Reentry Vulnerability. In: Dai, HN., Liu, X., Luo, D.X., Xiao, J., Chen, X. (eds) Blockchain and Trustworthy Systems. BlockSys 2021. Communications in Computer and Information Science, vol 1490. Springer, Singapore. https://doi.org/10.1007/978-981-16-7993-3_32
Download citation
DOI: https://doi.org/10.1007/978-981-16-7993-3_32
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7992-6
Online ISBN: 978-981-16-7993-3
eBook Packages: Computer ScienceComputer Science (R0)