sGUARD: Towards Fixing Vulnerable Smart Contracts Automatically

01/06/2021
by   Tai D. Nguyen, et al.
0

Smart contracts are distributed, self-enforcing programs executing on top of blockchain networks. They have the potential to revolutionize many industries such as financial institutes and supply chains. However, smart contracts are subject to code-based vulnerabilities, which casts a shadow on its applications. As smart contracts are unpatchable (due to the immutability of blockchain), it is essential that smart contracts are guaranteed to be free of vulnerabilities. Unfortunately, smart contract languages such as Solidity are Turing-complete, which implies that verifying them statically is infeasible. Thus, alternative approaches must be developed to provide the guarantee. In this work, we develop an approach which automatically transforms smart contracts so that they are provably free of 4 common kinds of vulnerabilities. The key idea is to apply runtime verification in an efficient and provably correct manner. Experiment results with 5000 smart contracts show that our approach incurs minor run-time overhead in terms of time (i.e., 14.79 (i.e., 0.79

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 12

07/29/2020

EOSFuzzer: Fuzzing EOSIO Smart Contracts for Vulnerability Detection

EOSIO is one typical public blockchain platform. It is scalable in terms...
08/02/2018

sCompile: Critical Path Identification and Analysis for Smart Contracts

Smart contracts are an innovation built on top of the blockchain technol...
11/25/2021

ESBMC-Solidity: An SMT-Based Model Checker for Solidity Smart Contracts

Smart contracts written in Solidity are programs used in blockchain netw...
02/21/2019

Probabilistic Smart Contracts: Secure Randomness on the Blockchain

In today's programmable blockchains, smart contracts are limited to bein...
03/15/2021

Compositional Security for Reentrant Applications

The disastrous vulnerabilities in smart contracts sharply remind us of o...
04/26/2021

Vulnerabilities and Open Issues of Smart Contracts: A Systematic Mapping

Smart Contracts (SCs) are programs stored in a Blockchain to ensure agre...
04/20/2022

Distributed Runtime Verification of Metric Temporal Properties for Cross-Chain Protocols

Transactions involving multiple blockchains are implemented by cross-cha...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.