A Study on Intermediate Code Generation for Security Weakness Analysis of Smart Contract Chaincode

Abstract

The hyperledger fabric is a modular blockchain framework used by private companies to develop blockchain-based products, solutions, and applications using plug-and-play components. The smart contracts operating in this framework is created by implementing a chaincode. When implementing a chaincode, there may be a security weakness inside the code, which is the root cause of the security vulnerability. However, when the contract is completed and the block is created, the chaincode cannot be arbitrarily modified, so the security weakness must be analyzed before execution. This paper conducted a study on chaincode intermediate code generation for security weakness analysis of chaincode operating in hyperledger fabric blockchain framework. Analysis of security weaknesses at the source code level is not easy because the code logic is not clear and the complexity is high. On the other hand, security weakness analysis at the intermediate code level is easy to analyze because the code logic of the source code is clearly represented and the complexity is lower than that of the source code.