Log In Sign Up

Reentrancy Vulnerability Identification in Ethereum Smart Contracts

by   Noama Fatima Samreen, et al.

Ethereum Smart contracts use blockchain to transfer values among peers on networks without central agency. These programs are deployed on decentralized applications running on top of the blockchain consensus protocol to enable people to make agreements in a transparent and conflict-free environment. The security vulnerabilities within those smart contracts are a potential threat to the applications and have caused huge financial losses to their users. In this paper, we present a framework that combines static and dynamic analysis to detect Reentrancy vulnerabilities in Ethereum smart contracts. This framework generates an attacker contract based on the ABI specifications of smart contracts under test and analyzes the contract interaction to precisely report Reentrancy vulnerability. We conducted a preliminary evaluation of our proposed framework on 5 modified smart contracts from Etherscan and our framework was able to detect the Reentrancy vulnerability in all our modified contracts. Our framework analyzes smart contracts statically to identify potentially vulnerable functions and then uses dynamic analysis to precisely confirm Reentrancy vulnerability, thus achieving increased performance and reduced false positives.


page 1

page 2

page 3

page 4


SmartScan: An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts

Blockchain technology (BT) Ethereum Smart Contracts allows programmable ...

ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection

Decentralized cryptocurrencies feature the use of blockchain technology ...

Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis

Ethereum smart contracts are programs that are deployed and executed in ...

Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Despite the high stakes involved in smart contracts, they are often deve...

Eclipsing Ethereum Peers with False Friends

Ethereum is a decentralized Blockchain system that supports the executio...

Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks

Recently, a number of existing blockchain systems have witnessed major b...

Precise Attack Synthesis for Smart Contracts

Smart contracts are programs running on top of blockchain platforms. The...