EVMFuzz: Differential Fuzz Testing of Ethereum Virtual Machine

03/20/2019
by   Ying Fu, et al.
0

Ethereum Virtual Machine (EVM) is the run-time environment for smart contracts and its vulnerabilities may lead to serious problems to the Ethereum ecology. With lots of techniques being developed for the validation of smart contracts, the security problems of EVM have not been well-studied. In this paper, we propose EVMFuzz, aiming to detect vulnerabilities of EVMs with differential fuzz testing. The core idea of EVMFuzz is to continuously generate seed contracts for different EVMs' execution, so as to find as many inconsistencies among execution results as possible, eventually discover vulnerabilities with output cross-referencing. First, we present the evaluation metric for the internal inconsistency indicator, such as the opcode sequence executed and gas used. Then, we construct seed contracts via a set of predefined mutators and employ dynamic priority scheduling algorithm to guide seed contracts selection and maximize the inconsistency. Finally, we leverage different EVMs as crossreferencing oracles to avoid manual checking of the execution output. For evaluation, we conducted large-scale mutation on 36,295 real-world smart contracts and generated 253,153 smart contracts. Among them, 66.2 triggered inconsistent output among EVMs. Accompanied by manual root cause analysis, we found 5 previously unknown security bugs in four widely used EVMs, and all had been included in Common Vulnerabilities and Exposures (CVE) database.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
10/18/2021

An Empirical Study of Protocols in Smart Contracts

Smart contracts are programs that are executed on a blockhain. They have...
research
09/11/2018

Vandal: A Scalable Security Analysis Framework for Smart Contracts

The rise of modern blockchains has facilitated the emergence of smart co...
research
07/08/2020

SmartBugs: A Framework to Analyze Solidity Smart Contracts

Over the last few years, there has been substantial research on automate...
research
11/24/2019

ContractGuard: Defend Ethereum Smart Contracts with Embedded Intrusion Detection

Ethereum smart contracts are programs that can be collectively executed ...
research
10/06/2019

GasFuzz: Generating High Gas Consumption Inputs to Avoid Out-of-Gas Vulnerability

The out-of-gas error occurs when smart contract programs are provided wi...
research
05/14/2021

Revizor: Testing Black-box CPUs against Speculation Contracts

Speculative vulnerabilities such as Spectre and Meltdown expose speculat...
research
01/12/2018

Online Detection of Effectively Callback Free Objects with Applications to Smart Contracts

Callbacks are essential in many programming environments, but drasticall...

Please sign up or login with your details

Forgot password? Click here to reset