SoliAudit: Smart Contract Vulnerability Assessment Based on Machine Learning and Fuzz Testing

Abstract

Blockchain has flourished in recent years. As a decentralized system architecture, smart contracts give the blockchain a user-defined logical concept. The smart contract is an executable program that can be used for automatic transactions on the Ethereum blockchain. In 2016, the DAO attack resulted in the theft of 60M USD due to unsafe smart contracts. Smart contracts are vulnerable to hacking because they are difficult to patch and there is a lack of assessment standards for ensuring their quality. Hackers can exploit the vulnerabilities in smart contracts when they have been published on Ethereum. Thus, this study presents SoliAudit (Solidity Audit), which uses machine learning and fuzz testing for smart contract vulnerability assessment. SoliAudit employs machine learning technology using Solidity machine code as learning features to verify 13 kinds of vulnerabilities, which have been listed as Top 10 threats by an open security organization. We also created a gray-box fuzz testing mechanism, which consists of a fuzzer contract and a simulated blockchain environment for on-line transaction verification. Different from previous research systems, SoliAudit can detect vulnerabilities without expert knowledge or predefined patterns. We subjected SoliAudit to real-world evaluation by using near 18k smart contracts from the Ethereum blockchain and Capture-the-Flag samples. The results show that the accuracy of SoliAudit can reach to 90% and the fuzzing can help identify potential weaknesses, including reentrancy and arithmetic overflow problems.