Contract Vulnerabilities Research Articles

FlawCheck: Detecting Smart Contract Vulnerabilities Based on Symbolic Execution

ABSTRACTSmart contracts are turing‐complete computer programs running on blockchains. Like traditional programs, smart contracts are also vulnerable. However, unlike traditional programs, it is very difficult to modify smart contracts once they are deployed on the blockchain. Therefore, reducing potential vulnerabilities in contracts before deployment to the blockchain is very important. The existing smart contract detection tools mostly fail to fully consider the complex control flow relationships within smart contracts, leading to false positives and false negatives. To address these problems, we propose FlawCheck, a vulnerability detection tool based on symbolic execution. First, it compiles smart contract source code into bytecode. Then, it disassembles bytecode into an opcode sequence, building the dependencies of contract control flow. Next, it performs preliminary analysis on the information generated during the simulated execution on the Ethereum virtual machine to identify suspicious vulnerability paths. Finally, it detects these suspicious paths by using symbolic execution. We verified that FlawCheck can detect five types of smart contract vulnerabilities. Experimental results on a dataset of 13016 real contracts shows that FlawCheck has higher accuracy than other tools.

Contractsentry: a static analysis tool for smart contract vulnerability detection

Contractsentry: a static analysis tool for smart contract vulnerability detection

Isabelle/Solidity: A deep embedding of Solidity in Isabelle/HOL

Smart contracts are computer programs designed to automate legal agreements. They are usually developed in a high-level programming language, the most popular of which is Solidity. Every day, hundreds of thousands of new contracts are deployed managing millions of dollars’ worth of transactions. As for every computer program, smart contracts may contain bugs which can be exploited. However, since smart contracts are often used to automate financial transactions, such exploits may result in huge economic losses. In general, it is estimated that since 2019, more than $5B was stolen due to vulnerabilities in smart contracts. This paper addresses the issue of smart contract vulnerabilities by introducing an executable denotational semantics for Solidity within the Isabelle/HOL interactive theorem prover. This formal semantics serves as the basis for an interactive program verification environment for Solidity smart contracts. To evaluate our semantics, we integrate grammar-based fuzzing with symbolic execution to automatically test it against the Solidity reference implementation. The paper concludes by showcasing the formal verification of Solidity programs, exemplified through the verification of a basic Solidity token.

MVD-HG: multigranularity smart contract vulnerability detection method based on heterogeneous graphs

Smart contracts have significant losses due to various types of vulnerabilities. However, traditional vulnerability detection methods rely extensively on expert rules, resulting in low detection accuracy and poor adaptability to novel attacks. To address these problems, in this paper, deep learning methods are combined with smart contract vulnerability code detection approaches. syntax trees (ASTs), which are special isomorphic graph structures, are an important bridge between source code and graph neural networks. By learning the AST, the model can understand the semantics of the source code. Moreover, graph neural networks have an increasing ability to address complex heterogeneous graphs. Therefore, control flow graphs are fused with data flow graphs on the basis of the ASTs to build heterogeneous graphs with richer code semantics. Furthermore, multigranularity analysis of the vulnerability detection results is performed, including coarse-grained contract-level vulnerability detection and fine-grained line-level vulnerability detection. Through this multigranularity detection approach, vulnerabilities in contracts can be identified and analysed more comprehensively, providing a richer perspective and more solutions for vulnerability detection. The experimental results show that the proposed multigranularity vulnerability detection method based on heterogeneous graphs (MVD-HG) improves both the accuracy and range of the detected vulnerability types in contract-level vulnerability detection tasks; moreover, in the line-level vulnerability detection task, the MVD-HG model achieves significant results and addresses the shortcomings of existing methods. In addition, based on code generation methods used in related fields, a data enhancement method based on the source code is developed, which effectively expands the experimental dataset to address the reduced credibility of the results due to insufficient amounts of data.

Automated Repair of Smart Contract Vulnerabilities: A Systematic Literature Review

The substantial value held by smart contracts (SCs) makes them an enticing target for malicious attacks. The process of fixing vulnerabilities in SCs is intricate, primarily due to the immutability of blockchain technology. This research paper introduces a systematic literature review (SLR) that evaluates rectification systems designed to patch vulnerabilities in SCs. Following the guidelines set forth by the PRISMA statement, this SLR meticulously reviews a total of 31 papers. In this context, we classify recently published SC automated repair frameworks based on their methodologies for automatic program repair (APR), rewriting strategies, and tools for vulnerability detection. We argue that automated patching enhances the reliability and adoption of SCs, thereby allowing developers to promptly address identified vulnerabilities. Furthermore, existing automated repair tools are capable of addressing only a restricted range of vulnerabilities, and in some cases, patches may not be effective in preventing the targeted vulnerabilities. Another key point that should be taken into account is the simplicity of the patch and the gas consumption of the modified program. Alternatively, large language models (LLMs) have opened new avenues for automatic patch generation, and their performance can be improved by innovative methodologies.

FunFuzz: A Function-Oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency

FunFuzz: A Function-Oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and Efficiency

Survey on Quality Assurance of Smart Contracts

As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.

Smart Contract Vulnerability Detection Based on Automated Feature Extraction and Feature Interaction

Smart Contract Vulnerability Detection Based on Automated Feature Extraction and Feature Interaction

Unraveling the Potential of Decentralized Finance: A Comprehensive Analysis of Opportunities, Risks, and Future Trends

The financial sector is going through a major transformation and evolution with the emergence of Decentralized Finance (DeFi). It is a modern concept that is reshaping the traditional financial landscape and thus changing traditional financial structures. This research delves into the term “Decentralized Finance” by exploring its various advantages, associated challenges, and future patterns and trends. Leveraging blockchain technology, DeFi offers new financial services without intermediaries that in turn enhance financial inclusion, autonomy, and economic empowerment of individuals, though this also entails enormous risks and challenges, including vulnerability to smart contract vulnerabilities, regulatory uncertainty, and market volatility. This research also attempts, through a systematic literature review, to identify the most significant opportunities for DeFi, such as democratized access to financial services, lower transaction fees, and increased liquidity. Additionally, this research highlights the key challenges facing the development of DeFi, such as limitations on its ability to handle large transactions, concerns about user data protection, and the need to adhere to regulatory standards. The paper concludes with a view and insights into the future of DeFi, emphasizing the importance of regulatory clarity, technological innovation, and community governance in shaping the trajectory of DeFi. This analysis contributes to gaining a deeper understanding of the potential and capabilities of DeFi, and provides stakeholders with indispensable insights to navigate the dynamics of DeFi.

Vulnerability detection techniques for smart contracts: A systematic literature review

The number of applications supported by blockchain smart contracts has been greatly increasing in recent years, with smart contracts now being used across several domains, such as the music industry, finance, and retail, to name a few. Despite being used in business-critical contexts, the number of security vulnerabilities in smart contracts has also been increasing, with many of them being exploited and resulting in huge financial and reputation losses. This is despite the enormous effort that is being placed into the research and development of vulnerability detection tools and techniques, which have also greatly increased in number and type in the last few years. Motivated by the recent increase in both vulnerabilities and vulnerability detection techniques, this paper reviews the latest research in smart contract vulnerability detection, emphasizing the techniques being used, the vulnerabilities targeted, and the characteristics of the dataset used for evaluating the technique. We mapped the vulnerabilities against two common vulnerability classification schemes (DASP and SWC) and performed a consolidated analysis. We identified the current research trends and gaps in each technique and highlighted future research opportunities in the field.

Efficiently Detecting Reentrancy Vulnerabilities in Complex Smart Contracts

Reentrancy vulnerability as one of the most notorious vulnerabilities, has been a prominent topic in smart contract security research. Research shows that existing vulnerability detection presents a range of challenges, especially as smart contracts continue to increase in complexity. Existing tools perform poorly in terms of efficiency and successful detection rates for vulnerabilities in complex contracts. To effectively detect reentrancy vulnerabilities in contracts with complex logic, we propose a tool named SliSE. SliSE’s detection process consists of two stages: Warning Search and Symbolic Execution Verification . In Stage 1, SliSE utilizes program slicing to analyze the Inter-contract Program Dependency Graph (I-PDG) of the contract, and collects suspicious vulnerability information as warnings. In Stage 2, symbolic execution is employed to verify the reachability of these warnings, thereby enhancing vulnerability detection accuracy. SliSE obtained the best performance compared with eight state-of-the-art detection tools. It achieved an F1 score of 78.65%, surpassing the highest score recorded by an existing tool of 9.26%. Additionally, it attained a recall rate exceeding 90% for detection of contracts on Ethereum. Overall, SliSE provides a robust and efficient method for detection of Reentrancy vulnerabilities for complex contracts.

Smart contract vulnerabilities detection with bidirectional encoder representations from transformers and control flow graph

Smart contract vulnerabilities detection with bidirectional encoder representations from transformers and control flow graph

Smart contract vulnerability detection using wide and deep neural network

Smart contracts, integral to blockchain technology, automate agreements without intermediaries, ensuring transparency and security across various sectors. However, the immutable nature of blockchain exposes deployed contracts to potential risks if they contain vulnerabilities. Current approaches, including symbolic execution and graph-based machine learning, aim to ensure smart contract security. However, these methods suffer from limitations such as high false positive rates, heavy reliance on trained data, and over-generalization.The goal of this paper is to investigate the application of Wide and Deep Neural Networks in identifying vulnerabilities within smart contracts. We introduce WIDENNET, a method based on deep neural networks, designed to detect reentrancy and timestamp dependence vulnerabilities in smart contracts. Our approach involves extracting bytecodes from the contracts and converting them into Operational Codes (OPCODES), which are then transformed into distinct vector representations. These vectors are subsequently fed into the neural network to extract both complex and simple patterns for vulnerability detection. Testing on real-world datasets yielded an average accuracy of 83.07% and a precision of 83.13%. Our method offers a potential solution to mitigate vulnerabilities in blockchain applications.

OpenSCV: an open hierarchical taxonomy for smart contract vulnerabilities

Smart contracts are nowadays at the core of most blockchain systems. Like all computer programs, smart contracts are subject to the presence of residual faults, including severe security vulnerabilities. However, the key distinction lies in how these vulnerabilities are addressed. In smart contracts, when a vulnerability is identified, the affected contract must be terminated within the blockchain, as due to the immutable nature of blockchains, it is impossible to patch a contract once deployed. In this context, research efforts have been focused on proactively preventing the deployment of smart contracts containing vulnerabilities, mainly through the development of vulnerability detection tools. Along with these efforts, several heterogeneous vulnerability classification schemes appeared (e.g., most notably DASP and SWC). At the time of writing, these are mostly outdated initiatives, even though new smart contract vulnerabilities are consistently uncovered. In this paper, we propose OpenSCV, a new and Open hierarchical taxonomy for Smart Contract vulnerabilities, which is open to community contributions and matches the current state of the practice while being prepared to handle future modifications and evolution. The taxonomy was built based on the analysis of the existing research on vulnerability classification, community-maintained classification schemes, and research on smart contract vulnerability detection. We show how OpenSCV covers the announced detection ability of the current vulnerability detection tools and highlight its usefulness in smart contract vulnerability research. To validate OpenSCV, we performed an expert-based analysis wherein we invited multiple experts engaged in smart contract security research to participate in a questionnaire. The feedback from these experts indicated that the categories in OpenSCV are representative, clear, easily understandable, comprehensive, and highly useful. Regarding the vulnerabilities, the experts confirmed that they are easily understandable.

A vulnerability detection framework by focusing on critical execution paths

Context:Vulnerability detection is critical to ensure software security, and detecting vulnerabilities in smart contract code is currently gaining massive attention. Existing deep learning-based vulnerability detection methods represent the code as a code structure graph and eliminate vulnerability-irrelevant nodes. Then, they learn vulnerability-related code features from the simplified graph for vulnerability detection. However, this simplified graph struggles to represent relatively complete structural information of code, which may affect the performance of existing vulnerability detection methods. Objective:In this paper, we present a novel Vulnerability Detection framework based on Critical Execution Paths (VDCEP), which aims to improve smart contract vulnerability detection. Method:Firstly, given a code structure graph, we deconstruct it into multiple execution paths that reflect rich structural information of code. To reduce irrelevant code information, a path selection strategy is employed to identify critical execution paths that may contain vulnerable code information. Secondly, a feature extraction module is adopted to learn feature representations of critical paths. Finally, we feed all path feature representations into a classifier for vulnerability detection. Also, the feature weights of paths are provided to measure their importance in vulnerability detection. Results:We evaluate VDCEP on a large dataset with four types of smart contract vulnerabilities. Results show that VDCEP outperforms 14 representative vulnerability detection methods by 5.34%–60.88% in F1-score. The ablation studies analyze the effects of our path selection strategy and feature extraction module on VDCEP. Moreover, VDCEP still outperforms ChatGPT by 34.46% in F1-score. Conclusion:Compared to existing vulnerability detection methods, VDCEP is more effective in detecting smart contract vulnerabilities by utilizing critical execution paths. Besides, we can provide interpretable details about vulnerability detection by analyzing the path feature weights.

An interpretable model for large-scale smart contract vulnerability detection

Smart contracts hold billions of dollars in digital currency, and their security vulnerabilities have drawn a lot of attention in recent years. Traditional methods for detecting smart contract vulnerabilities rely primarily on symbol execution, which makes them time-consuming with high false positive rates. Recently, deep learning approaches have alleviated these issues but still face several major limitations, such as lack of interpretability and susceptibility to evasion techniques. In this paper, we propose a feature selection method for uplifting modeling. The fundamental concept of this method is a feature selection algorithm, utilizing interpretation outcomes to select critical features, thereby reducing the scales of features. The learning process could be accelerated significantly because of the reduction of the feature size. The experiment shows that our proposed model performs well in six types of vulnerability detection. The accuracy of each type is higher than 93% and the average detection time of each smart contract is less than 1 ms. Notably, through our proposed feature selection algorithm, the training time of each type of vulnerability is reduced by nearly 80% compared with that of its original.

SGuard+: Machine Learning Guided Rule-Based Automated Vulnerability Repair on Smart Contracts

Smart contracts are becoming appealing targets for hackers because of the vast amount of cryptocurrencies under their control. Asset loss due to the exploitation of smart contract codes has increased significantly in recent years. To guarantee that smart contracts are vulnerability-free, there are many works to detect the vulnerabilities of smart contracts, but only a few vulnerability repair works have been proposed. Repairing smart contract vulnerabilities at the source code level is attractive as it is transparent to users, whereas existing repair tools, such as SCRepair and sGuard , suffer from many limitations: (1) ignoring the code of vulnerability prevention; (2) possibly applying the repair to the wrong statements and changing the original business logic of smart contracts; and (3) showing poor performance in terms of time and gas overhead. In this work, we propose machine learning guided rule-based automated vulnerability repair on smart contracts to improve the effectiveness and efficiency of sGuard . To address the limitations mentioned above, we design the features that characterize both the symptoms of vulnerabilities and the methods of vulnerability prevention to learn various vulnerability patterns and reduce false positives. Additionally, a fine-grained localization algorithm is designed by traversing the nodes of the abstract syntax tree, and we refine and extend the repair rules of sGuard to preserve the original business logic of smart contracts and support new vulnerability types. Our tool, named sGuard+ , reduces time overhead based on machine learning models, and reduces gas overhead by fewer code changes and precise patching. In our experiment, we collect a publicly available vulnerability dataset from CVE, SWC, and SmartBugs Curated as a ground truth for evaluations. Overall, sGuard+ repairs more vulnerabilities with less time and gas overhead than state-of-the-art tools. Furthermore, we reproduce about 9,000 historical transactions for regression testing. It is shown that sGuard+ has no impact on the original business logic of smart contracts.

A vulnerability detection framework with enhanced graph feature learning

Vulnerability detection in smart contracts is critical to secure blockchain systems. Existing methods represent the bytecode as a graph structure and leverage graph neural networks to learn graph features for vulnerability detection. However, these methods are limited to handling the long-range dependencies between nodes. This means that they might focus on learning local node feature while ignoring global node information. In this paper, we propose a novel vulnerability detection framework with Enhanced Graph Feature Learning (EGFL), which aims to extract the global node information and utilize it to improve vulnerability detection in smart contracts. Specifically, we first represent the bytecode as a Control Flow Graph (CFG). To extract global node information, EGFL constructs a linear node feature matrix from CFG, and uses the feature-aware and relationship-aware modules to handle long-range dependencies between nodes. Meanwhile, a graph neural network is adopted to extract the local node feature from CFG. Subsequently, we fuse the global node information and local node feature to generate an enhanced graph feature for capturing more vulnerability features. We evaluate EGFL on the benchmark dataset with six types of smart contract vulnerabilities. Results show that EGFL outperforms fourteen state-of-the-art vulnerability detection methods by 10.83%–60.28% in F1 score.

Smart Contract Vulnerability Detection: The Role of Large Language Model (LLM)

Smart contracts are susceptible to various vulnerabilities that can lead to significant financial losses. The usage of tools for vulnerabilities is reducing the threats but presents some limitations related to the approach used by the tool itself. This paper presents a novel approach to smart contract vulnerability detection utilizing Large Language Models (LLMs), as a tool to detect all the vulnerabilities at once. Our proposed tool leverages the advanced natural language processing capabilities of LLMs to analyze smart contract code and identify potential security flaws. By training the LLM on a diverse dataset of known smart contract vulnerabilities and secure coding practices, we enhance its ability to recognize subtle and complex vulnerabilities that traditional static analysis tools might miss. The evaluation of our tool demonstrates its effectiveness in detecting a wide range of vulnerabilities with satisfaction and accuracy, providing developers with a robust mechanism to improve the security of their smart contracts before deployment. This approach signifies a significant advancement in the application of artificial intelligence for blockchain security, highlighting the potential of LLMs to enhance the reliability and safety of decentralized applications.

Implementation of Multi Extension in Blockchain-Based IoT Platform for Industrial IoT Devices

The rise of the Internet of Things (IoT) has led to the creation of technologies to improve human life. IoT involves integrating the Internet with the physical world, spanning applications like smart homes, industries, supply chains, academia, and more. By the end of 2020, around 212 billion IoT devices were globally deployed, presenting substantial opportunities for manufacturers and diverse applications. There have been numerous implementations of IoT across various fields, including Blockchain IoT (B-IoT), Artificial Intelligence of Things (AIoT), Digital Twin, and new communication protocols like the Matter protocol. We conducted a comprehensive testing of the blockchain (B-IoT) extension system on various bandwidths and scenarios, such as blockchain API execution time, speed, retention performance, and smart contract vulnerability testing. Our testing has been successful, and several messaging systems were used. Kafka was recommended to overcome the pending transaction problem caused by unprocessed messages. Our smart contract exhibited high severity. The Artificial Intelligence of Things extension, tested on real environments for person and vehicle counters, has shown successful results. Digital Twin, integrated into the IoT platform to perform and control 3D assets such as the postgraduate PENS building, has demonstrated efficient performance. Matter protocol achieved an average task execution speed of 0.48 tasks per second. Matter P2P communication was also successfully tested in this research by implementing the Access Control List (ACL) command.