Smart Contract Defect Detection Based on Parallel Symbolic Execution

Abstract

There are more than 1 million smart contracts in Ethereum and the number of ethers managed by smart contracts has exceeded 100 million, but the security vulnerabilities in smart contracts seriously jeopardize the financial security of Ethereum users. Existing method for defect detection of smart contract bytecode using symbolic execution does not take care of the accuracy and detection realtime at same time. In this paper a smart contract bytecode defect detection algorithm based on parallel symbolic execution is proposed. We split a smart contract in units of functions by analyzing the smart contract function selection process. A symbolic execution tree is constructed for each function to predict the function execution path. Then we partition the symbolic execution tree into multiple sub-trees evenly. Finally, a process pool is used to perform parallel symbolic execution on those sub-trees to reduce the analysis time of smart contract defect detection. Experimental data shows our method has a significant improvement in detection efficiency compared with existing symbolic execution method. The speedup ratio is up to 3.1x in a 4-core computer. Besides, it does not introduce false positives or false negatives.