Foundations and Tools for the Static Analysis of Ethereum Smart Contracts

Defined as an agreement between multiple parties and systematically executed by a computer code, smart contracts enable trust-less execution without a third party. Despite the trusted implementations that smart contracts offer, including those based on standards, different security problems and vulnerabilities arise during their development and execution. To address these issues, multiple studies have proposed potential solutions, focusing particularly on the verification of smart contracts and considering the standard-based ones using formal verification techniques. However, the sheer amount of research makes it difficult to accurately articulate the state-of-the-art. To tackle this challenge, we propose a systematic literature review that deals with formal verification of ERC-based smart contracts. ERC (Ethereum Request for Comments) standards enable a range of functionalities, such as the creation and management of tokens. Thus, our review provides an overview of ERC standards and examines their related potential issues. Furthermore, we investigate existing solutions presented in 19 relevant studies published between 2019 and July 2023. We analyze and classify approaches to formal modeling, properties’ specification and techniques used in the verification of smart contracts. Finally, we discuss the research challenges and suggest some promising future directions to stir research efforts into this area.

A smart contract is an agreement between two or more parties, which is executed by the computer code. The code does the execution without giving either party the ability to back out, so it ensures the trustless execution. The smart contract is one of the most important features in blockchain applications, which implements trusted transactions without third parties. However, with the rapid development, blockchain smart contracts have also exposed many security problems, and some attacks caused by contract vulnerabilities have led to terrible losses. In order to better deal with such dilemma, making a comprehensive survey about the security verification of blockchain smart contracts from major scientific databases is quite indispensable. Even though the significance of studying security verification of blockchain smart contracts is evident, it is really fresh yet. The major contributions of our survey work come from three aspects. First, after retrieving all-sided research studies, we select 53 most related papers to show the state-of-the art of this topic, where 20 papers focus on dealing with security assurance of blockchain smart contracts, and 33 papers focus on the correctness verification of blockchain smart contracts. Second, we propose a taxonomy toward the topic of security verification of blockchain smart contracts and discuss the pros and cons of each category of related studies. Third, through in-depth analysis of these studies, we come to know that the correctness verification of smart contracts based on the formal method has already become the more significant and more effective method to validate whether a smart contract is credible and accurate. So, we further present representative studies of formal verification of smart contracts in detail to demonstrate that using a formal method to validate blockchain smart contracts must have a promising and meritorious future.

The rapid adoption of blockchain technologies and particularly smart contracts has been overshadowed by numerous security concerns. Over the past few years, a number of reports exposed smart contracts vulnerabilities and exploits, which mainly stem from the immaturity of the field, and consequently a lack of knowledge and tools for automated analysis and verification of smart contracts. The restricting properties of the blockchain environment, such as the immutability of deployed contracts, encumber the analysis and mitigation of vulnerabilities and bugs in deployed contracts. To address these challenges, we propose EtherProv, a novel provenance tracking system that leverages static and dynamic analysis synergy to enable detection and mitigation of known security issues in Ethereum smart contracts. EtherProv leverages Solidity source code static and dynamic analysis data through contract bytecode instrumentation. The collected data is transformed into a unified, high-level representation, which can be queried using concise and descriptive Datalog queries. Within the provenance framework, EtherProv is able to analyze contracts' execution flow over time, to detect vulnerabilities within a single contract execution flow and across multiple interacting contracts, and to mitigate new security threats in already deployed contracts. Our evaluation shows that EtherProv can efficiently and precisely identify vulnerable contracts with an average contract instrumentation gas overhead of 18.9%.

Verification of smart contracts: A survey

Smart contracts can automatically perform the contract terms according to the received information, and it is one of the most important research fields in digital society. The core of smart contracts is algorithm contract, that is, the parties reach an agreement on the contents of the contract and perform the contracts according to the behaviors written in certain computer algorithms. It not only needs to make sure about the correctness of smart contracts code, but also should provide a credible contract code execution environment. Blockchain provides a trusted execution and storage environment for smart contracts by the distributed secure storage, consistency verification and encryption technology. Current challenge is how to assure that smart contract can be executed as the parties' willingness. This paper introduces formal modeling and verification in formal methods to make smart contract model and verify the properties of smart contracts. Formal methods combined with smart contracts aim to reduce the potential errors and cost during contract development process. The description of a general and formal smart contract template is provided. The tool of model checking, SPIN, is used to verify the correctness and necessary properties for a smart contract template. The research shows model checking will be useful and necessary for smart contracts.

Smart contracts are programs running on cryptocurrency (e.g., Ethereum) blockchains, whose popularity stem from the possibility to perform financial transactions, such as payments and auctions, in a distributed environment without need for any trusted third party. Given their financial nature, bugs or vulnerabilities in these programs may lead to catastrophic consequences, as witnessed by recent attacks. Unfortunately, programming smart contracts is a delicate task that requires strong expertise: Ethereum smart contracts are written in Solidity, a dedicated language resembling JavaScript, and shipped over the blockchain in the EVM bytecode format. In order to rigorously verify the security of smart contracts, it is of paramount importance to formalize their semantics as well as the security properties of interest, in particular at the level of the bytecode being executed. In this paper, we present the first complete small-step semantics of EVM bytecode, which we formalize in the F* proof assistant, obtaining executable code that we successfully validate against the official Ethereum test suite. Furthermore, we formally define for the first time a number of central security properties for smart contracts, such as call integrity, atomicity, and independence from miner controlled parameters. This formalization relies on a combination of hyper- and safety properties. Along this work, we identified various mistakes and imprecisions in existing semantics and verification tools for Ethereum smart contracts, thereby demonstrating once more the importance of rigorous semantic foundations for the design of security verification techniques.

Smart contracts are self-executing programs deployed on blockchain platforms that facilitateautomated and decentralized transactions. However, once deployed, they become immutable, makingthem vulnerable to catastrophic exploits, such as reentrancy, access control misconfiguration, integeroverflow, and front-running. The need for proof and verification is urgent, as evidenced by other highprofile,capital-draining incidents, such as the DAO attack and Parity wallet vulnerabilities. Abstract:We present ContractFuzzer, a systematic fuzzer for detecting vulnerabilities in Ethereum smartcontracts. Existing tools are based on static analysis, symbolic execution, or heuristic detection, andthus typically impose high false positives, low completeness, and limited formal verification. In thispaper, we introduce SmartScan, a formal verification framework that systematically checks smartcontract security by integrating FSM modeling and CTL-based model checking in nuXmv. Ourmethodology performs automatic parsing of Solidity code, automated generation of FSM and BIPmodels, conversion to the SMV format, and verification of CTL security properties. It responds todetected violations with automated counterexample generation to assist in debugging and iterative reverification.For validation, SmartScan will be tested on 10 different types of Solidity contracts thataddress 14 critical vulnerabilities. Our experimental results show 95.4% detection accuracy, 3.2% falsepositive rate, and 2.8% false negative rate, with 100% verification coverage, and average verificationtime of 3–7 seconds for each property, outperforming state-of-the-art tools in both coverage andprecision. SmartScan: SmartScan has a wide-ranging practical utility in discovering and diagnosingvulnerabilities such as reentrancy and access control issues, which it has been applied in, such as in acase study of a DeFi Lending contract. SmartScan provides a scalable, precise, and developer-centricapproach to improve the confidence and reliability of blockchain applications by combining exhaustiveformal verification of smart contracts with automated counterexample generation.

Smart contracts are programs stored on blockchains to execute transactions. When input constraints or security properties are violated at runtime, the transaction being executed by a smart contract needs to be reverted to avoid undesirable consequences. On Ethereum, the most popular blockchain that supports smart contracts, developers can choose among three transaction-reverting statements (i.e., require, if…revert, and if…throw) to handle anomalous transactions. While these transaction-reverting statements are vital for preventing smart contracts from exhibiting abnormal behaviors or suffering malicious attacks, there is limited understanding of how they are used in practice. In this work, we perform the first empirical study to characterize transaction-reverting statements in Ethereum smart contracts. We measured the prevalence of these statements in 3,866 verified smart contracts from popular dapps and built a taxonomy of their purposes via manually analyzing 557 transaction-reverting statements. We also compared template contracts and their corresponding custom contracts to understand how developers customize the use of transaction-reverting statements. Finally, we analyzed the security impact of transaction-reverting statements by removing them from smart contracts and comparing the mutated contracts against the original ones. Our study led to important findings. For example, we found that transaction-reverting statements are commonly used to perform seven types of authority verifications or validity checks, and missing such statements may compromise the security of smart contracts. We also found that current smart contract security analyzers cannot effectively handle transaction-reverting statements when detecting security vulnerabilities. Our findings can shed light on further research in the broad area of smart contract quality assurance and provide practical guidance to smart contract developers on the appropriate use of transaction-reverting statements.

Once deployed in blockchain, smart contracts become immutable: Attackers can exploit bugs and vulnerabilities in their code that cannot be replaced with a bug-free version. For this reason, the verification of smart contracts before they are deployed in blockchain is important. However, the development of verification tools is not easy, especially if one wants to obtain guarantees by using formal methods. This article describes the development, from scratch, of a static analyzer based on abstract interpretation for the verification of real-world Tezos smart contracts. The analyzer is generic with respect to the property under analysis. This article shows taint analysis as a concrete instantiation of the analyzer, at different levels of precision, to detect untrusted cross-contract invocations.

Smart contracts can be regarded as one of the most popular blockchain-based applications. The decentralized nature of blockchain introduces vulnerabilities absent in non-distributed programs. Furthermore, it is very difficult, if not impossible, to patch a smart contract after it is deployed. Therefore, smart contracts must be formally verified before they are deployed on the blockchain. In this work, we study the formal specification and verification of smart contracts.

The general public is becoming increasingly familiar with blockchain technology. Numerous new applications are made possible by this technology's unique features, which include transparency, strong security via cryptography, and distribution. These applications need certain programming tools and interfaces to be implemented. This is made feasible by smart contracts. If the prerequisites are satisfied, smart contracts are carried out automatically. Any mistake in smart contract coding, particularly security-related ones, might have an impact on the project as a whole, available funds, and important data. The current paper discusses the flaws of the Ethereum smart contract in this respect. By examining publically accessible scientific sources, this work aims to present thorough information about vulnerabilities, examples, and current security solutions. Additionally, a substantial collection of current Ethereum (ETH) smart contracts has undergone a static code examination to conduct the vulnerability-finding procedure. The output has undergone assessments and statistical analysis. The study's conclusions demonstrate that smart contracts have several distinct flaws, including arithmetic flaws, that developers should be more aware of. These vulnerabilities and the solutions that can be used to address them are also included.

Blockchain technology's (BT) Ethereum Smart Contracts allows programmable transactions that involve the transfer of monetary assets among peers on a BT network independent of a central authorizing agency. Ethereum Smart Contracts are programs that are deployed as decentralized applications, having the building blocks of the blockchain consensus protocol. This technology enables consumers to make agreements in a transparent and conflict-free environment. However, the security vulnerabilities within these smart contracts are a potential threat to the applications and their consumers and have shown in the past to cause huge financial losses. In this paper, we propose a framework that combines static and dynamic analysis to detect Denial of Service (DoS) vulnerability due to an unexpected revert in Ethereum Smart Contracts. Our framework, SmartScan, statically scans smart contracts under test (SCUTs) to identify patterns that are potentially vulnerable in these SCUTs and then uses dynamic analysis to precisely confirm their exploitability of the DoS-Unexpected Revert vulnerability, thus achieving increased performance and more precise results. We evaluated SmartScan on a set of 500 smart contracts collected from the Etherscan. Our approach shows an improvement in precision and recall when compared to available state of the art techniques.

While smart contracts are becoming widely recognized as the most successful application of the blockchain technology that could be applied into various industries and for different purposes such as e-commerce, energy tradings, assets management, and healthcare services, their implementation has posed several challenges insofar that they could handle large amount of money and digital assets in addition to their ability to manipulate critical data and transactions related information which makes them attractive targets of security threats and attacks that could lead to significant problems like money losses, privacy leakage and data breach. To better deal with such issues, reasoning about the correctness, the safety and the functional accuracy of smart contracts before their deployment on the blockchain network is critical and no important than ever. In this context model checking tools are well adopted for the formal verification of smart contracts in order to assure their execution as parties’ willingness as well as their reliable and secure interaction with users. In this direction, this paper uses Event-B formal verification method to formally model solidity written smart contracts in order to verify and validate their safety, correctness and functional accuracy in addition to their compliance with their specification for given behaviors. The verification is conducted using a model checking tool along which expected safety properties are formalized, validated and judged to be satisfied or unsatisfied. To illustrate the proposed approach, its application to a realistic industrial use case is described.

Ethereum smart contracts are computer programs that are deployed and executed on the Ethereum blockchain to enforce agreements among untrusting parties. Being the most prominent platform that supports smart contracts, Ethereum has been targeted by many attacks and plagued by security incidents. Consequently, many smart contract vulnerabilities have been discovered in the past decade. To detect and prevent such vulnerabilities, different security analysis tools, including static and dynamic analysis tools, have been created, but their performance decreases drastically when codes to be analyzed are constantly being rewritten. In this paper, we propose Eth2Vec, a machine-learning-based static analysis tool that detects smart contract vulnerabilities. Eth2Vec maintains its robustness against code rewrites; i.e., it can detect vulnerabilities even in rewritten codes. Other machine-learning-based static analysis tools require features, which analysts create manually, as inputs. In contrast, Eth2Vec uses a neural network for language processing to automatically learn the features of vulnerable contracts. In doing so, Eth2Vec can detect vulnerabilities in smart contracts by comparing the similarities between the codes of a target contract and those of the learned contracts. We performed experiments with existing open databases, such as Etherscan, and Eth2Vec was able to outperform a recent model based on support vector machine in terms of well-known metrics, i.e., precision, recall, and F1-score.

The goal of this thesis is to verify smart contracts in Blockchain. In particular, we focus on smart contracts in Bitcoin and Solidity. In order to specify the correctness of smart contracts, we use weakest preconditions. For this, we develop a model of smart contracts in the interactive theorem prover and dependent type programming language Agda and prove the correctness of smart contracts in it. In the context of Bitcoin, our verification of Bitcoin scripts consists of non-conditional and conditional scripts. For Solidity, we refer to programs using object-oriented features of Solidity, such as calling of other contracts, full recursion, and the use of gas in order to guarantee termination while having a Turing-complete language. We have developed a simulator for Solidity-style smart contracts. As a main example, we executed a reentrancy attack in our model. We have verified smart contracts in Bitcoin and Solidity using weakest precondition in Agda. Furthermore, Agda, combined with the fact that it is a theorem prover and programming language, allows the writing of verified programs, where the verification takes place in the same language in which the program is written, avoiding the problem of translation from one language to another (with possible translation mistakes).