DeepAI AI Chat
Log In Sign Up

Metamorphic Testing for Smart Contract Vulnerabilities Detection

by   Jiahao Li, et al.

Despite the rapid growth of smart contracts, they are suffering numerous security vulnerabilities due to the absence of reliable development and testing. In this article, we apply the metamorphic testing technique to detect smart contract vulnerabilities. Based on the anomalies we observed in vulnerable smart contracts, we define five metamorphic relations to detect abnormal gas consumption and account interaction inconsistency of the target smart contract. Through dynamically executing transactions and checking the final violation of metamorphic relations, we determine whether a smart contract is vulnerable. We evaluate our approach on a benchmark of 67 manually annotated smart contracts. The experimental results show that our approach achieves a higher detection rate (TPR, true positive rate) with a lower misreport rate (FDR, false discovery rate) than the other three state-of-the-art tools. These results further suggest that metamorphic testing is a promising method for detecting smart contract vulnerabilities.


page 1

page 2

page 3

page 4


Finding smart contract vulnerabilities with ConCert's property-based testing framework

We provide three detailed case studies of vulnerabilities in smart contr...

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities

In recent years we have witnessed a dramatic increase in the adoption an...

Machine Learning Guided Cross-Contract Fuzzing

Smart contract transactions are increasingly interleaved by cross-contra...

Smart Contract Vulnerabilities: Does Anyone Care?

In the last year we have seen a great deal of both academic and practica...

Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Despite the high stakes involved in smart contracts, they are often deve...

Consolidation of Ground Truth Sets for Weakness Detection in Smart Contracts

Smart contracts are small programs on the blockchain that often handle v...