An Adaptive Gas Cost Mechanism for Ethereum to Defend Against Under-Priced DoS Attacks

12/18/2017
by   Ting Chen, et al.
1

The gas mechanism in Ethereum charges the execution of every operation to ensure that smart contracts running in EVM (Ethereum Virtual Machine) will be eventually terminated. Failing to properly set the gas costs of EVM operations allows attackers to launch DoS attacks on Ethereum. Although Ethereum recently adjusted the gas costs of EVM operations to defend against known DoS attacks, it remains unknown whether the new setting is proper and how to configure it to defend against unknown DoS attacks. In this paper, we make the first step to address this challenging issue by first proposing an emulation-based framework to automatically measure the resource consumptions of EVM operations. The results reveal that Ethereum's new setting is still not proper. Moreover, we obtain an insight that there may always exist exploitable under-priced operations if the cost is fixed. Hence, we propose a novel gas cost mechanism, which dynamically adjusts the costs of EVM operations according to the number of executions, to thwart DoS attacks. This method punishes the operations that are executed much more frequently than before and lead to high gas costs. To make our solution flexible and secure and avoid frequent update of Ethereum client, we design a special smart contract that collaborates with the updated EVM for dynamic parameter adjustment. Experimental results demonstrate that our method can effectively thwart both known and unknown DoS attacks with flexible parameter settings. Moreover, our method only introduces negligible additional gas consumption for benign users.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/22/2018

GASTAP: A Gas Analyzer for Smart Contracts

Gas is a measurement unit of the computational effort that it will take ...
research
09/20/2023

Lazy Contracts: Alleviating High Gas Costs by Secure and Trustless Off-chain Execution of Smart Contracts

Smart contracts are programs that are executed on the blockchain and can...
research
08/12/2020

GasMet: Profiling Gas Leaks in the Deployment of Solidity Smart Contracts

Nowadays, blockchain technologies are increasingly adopted for different...
research
12/26/2019

GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts

We present the main concepts, components, and usage of GASOL, a Gas Anal...
research
10/06/2019

GasFuzz: Generating High Gas Consumption Inputs to Avoid Out-of-Gas Vulnerability

The out-of-gas error occurs when smart contract programs are provided wi...
research
05/02/2019

Empirically Analyzing Ethereum's Gas Mechanism

Ethereum's Gas mechanism attempts to set transaction fees in accordance ...
research
09/21/2023

Towards the Comprehensive Understanding of Mempool DoS Security in Ethereum (Work in Progress)

While awareness has been recently raised on Ethereum mempool security, t...

Please sign up or login with your details

Forgot password? Click here to reset