DeepAI AI Chat
Log In Sign Up

Precise Attack Synthesis for Smart Contracts

by   Yu Feng, et al.
The Regents of the University of California
University of Washington

Smart contracts are programs running on top of blockchain platforms. They interact with each other through well-defined interfaces to perform financial transactions in a distributed system with no trusted third parties. But these interfaces also provide a favorable setting for attackers, who can exploit security vulnerabilities in smart contracts to achieve financial gain. This paper presents SmartScopy, a system for automatic synthesis of adversarial contracts that identify and exploit vulnerabilities in a victim smart contract. Our tool explores the space of attack programs based on the Application Binary Interface (ABI) specification of a victim smart contract in the Ethereum ecosystem. To make the synthesis tractable, we introduce summary-based symbolic evaluation, which significantly reduces the number of instructions that our synthesizer needs to evaluate symbolically, without compromising the precision of the vulnerability query. Building on the summary-based symbolic evaluation, SmartScopy further introduces a novel approach for partitioning the synthesis search space for parallel exploration, as well as a lightweight deduction technique that can prune infeasible candidates earlier. We encoded common vulnerabilities of smart contracts in our query language, and evaluated SmartScopy on the entire data set from etherscan with >25K smart contracts. Our experiments demonstrate the benefits of summary-based symbolic evaluation and show that SmartScopy outperforms two state-of-the-art smart contracts analyzers, Oyente and Contractfuzz, in terms of running time, precision, and soundness. Furthermore, running on recent popular smart contracts, SmartScopy uncovers 20 vulnerable smart contracts that contain the recent BatchOverflow vulnerability and cannot be precisely detected by existing tools.


page 1

page 2

page 3

page 4


WANA: Symbolic Execution of Wasm Bytecode for Cross-Platform Smart Contract Vulnerability Detection

Many popular blockchain platforms are supporting smart contracts for bui...

Reentrancy Vulnerability Identification in Ethereum Smart Contracts

Ethereum Smart contracts use blockchain to transfer values among peers o...

sGUARD: Towards Fixing Vulnerable Smart Contracts Automatically

Smart contracts are distributed, self-enforcing programs executing on to...

Towards Safer Smart Contracts: A Sequence Learning Approach to Detecting Vulnerabilities

Symbolic analysis of security exploits in smart contracts has demonstrat...

ESBMC-Solidity: An SMT-Based Model Checker for Solidity Smart Contracts

Smart contracts written in Solidity are programs used in blockchain netw...

Front-Running Attack Benchmark Construction and Vulnerability Detection Technique Evaluation

Front-running attacks have been a major concern on the blockchain. Attac...