Consolidation of Ground Truth Sets for Weakness Detection in Smart Contracts

04/23/2023
by   Monika di Angelo, et al.
0

Smart contracts are small programs on the blockchain that often handle valuable assets. Vulnerabilities in smart contracts can be costly, as time has shown over and over again. Countermeasures are high in demand and include best practice recommendations as well as tools supporting development, program verification, and post-deployment analysis. Many tools focus on detecting the absence or presence of a subset of the known vulnerabilities, delivering results of varying quality. Most comparative tool evaluations resort to selecting a handful of tools and testing them against each other. In the best case, the evaluation is based on a smallish ground truth. For Ethereum, there are commendable efforts by several author groups to manually classify contracts. However, a comprehensive ground truth is still lacking. In this work, we construct a ground truth based on publicly available benchmark sets for Ethereum smart contracts with manually checked ground truth data. We develop a method to unify these sets. Additionally, we devise strategies for matching entries that pertain to the same contract, such that we can determine overlaps and disagreements between the sets and consolidate the disagreements. Finally, we assess the quality of the included ground truth sets. Our work reduces inconsistencies, redundancies, and incompleteness while increasing the number of data points and heterogeneity.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/14/2021

A Survey of Security Vulnerabilities in Ethereum Smart Contracts

Ethereum Smart Contracts based on Blockchain Technology (BT)enables mone...
research
04/18/2020

sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts

Smart contracts are Turing-complete programs that execute on the infrast...
research
06/12/2019

SAFEVM: A Safety Verifier for Ethereum Smart Contracts

Ethereum smart contracts are public, immutable and distributed and, as s...
research
03/28/2022

A Fly in the Ointment: An Empirical Study on the Characteristics of Ethereum Smart Contracts Code Weaknesses and Vulnerabilities

Context: Smart contracts are computer programs that are automatically ex...
research
10/23/2019

Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts

Over the last few years, there has been substantial research on automate...
research
03/18/2023

Evolution of Automated Weakness Detection in Ethereum Bytecode: a Comprehensive Study

Blockchain programs manage valuable assets like crypto-currencies and to...
research
06/01/2021

SoK: Oracles from the Ground Truth to Market Manipulation

One fundamental limitation of blockchain-based smart contracts is that t...

Please sign up or login with your details

Forgot password? Click here to reset