research-article

Finding The Greedy, Prodigal, and Suicidal Contracts at Scale

Authors:

Ivica Nikolić,

Aashish Kolluri,

Prateek Saxena,

Aquinas HoborAuthors Info & Claims

ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference

Pages 653 - 663

https://doi.org/10.1145/3274694.3274743

Published: 03 December 2018 Publication History

Abstract

Smart contracts---stateful executable objects hosted on blockchains like Ethereum---carry billions of dollars worth of coins and cannot be updated once deployed. We present a new systematic characterization of a class of trace vulnerabilities, which result from analyzing multiple invocations of a contract over its lifetime. We focus attention on three example properties of such trace vulnerabilities: finding contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone. We implemented Maian, the first tool for specifying and reasoning about trace properties, which employs interprocedural symbolic analysis and concrete validator for exhibiting real exploits. Our analysis of nearly one million contracts flags 34, 200 (2, 365 distinct) contracts vulnerable, in 10 seconds per contract. On a subset of 3, 759 contracts which we sampled for concrete validation and manual analysis, we reproduce real exploits at a true positive rate of 89%, yielding exploits for 3, 686 contracts. Our tool finds exploits for the infamous Parity bug that indirectly locked $200 million US worth in Ether, which previous analyses failed to capture.

References

[1]

Anthony Akentiev. 2018. Parity Multisig Github. https://github.com/paritytech/parity/issues/6995

[2]

JD Alois. 2017. Ethereum Parity Hack May Impact ETH 500,000 or $146 Million.

[3]

Sidney Amani, Myriam Bégel, Maksym Bortin, and Mark Staples. 2018. Towards Verifying Ethereum Smart Contract Bytecode in Isabelle/HOL. In CPP. ACM, 66--77.

Digital Library

[4]

Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli. 2017. A Survey of Attacks on Ethereum Smart Contracts (SoK). In POST (LNCS), Vol. 10204. Springer, 164--186.

Digital Library

[5]

Massimo Bartoletti, Salvatore Carta, Tiziana Cimoli, and Roberto Saia. 2017. Dissecting Ponzi schemes on Ethereum: identification, analysis, and impact. CoRR abs/1703.03779 (2017).

[6]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi, Thomas Sibut-Pinote, Nikhil Swamy, and Santiago Zanella-Béguelin. 2016. Formal Verification of Smart Contracts: Short Paper. In PLAS. ACM, 91--96.

Digital Library

[7]

Ting Chen, Xiaoqi Li, Xiapu Luo, and Xiaosong Zhang. 2017. Under-optimized smart contracts devour your money. In IEEE 24th International Conference on Software Analysis, Evolution and Reengineering, SANER. 442--446.

[8]

ConsenSys Diligence. 2018. Ethereum Smart Contract Security Best Practices. https://consensys.github.io/smart-contract-best-practices

[9]

Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In TACAS (LNCS), Vol. 4963. Springer, 337--340.

Digital Library

[10]

Michael del Castillo. June 17, 2016. The DAO Attacked: Code Issue Leads to $60 Million Ether Theft.

[11]

Kevin Delmolino, Mitchell Arnett, Ahmed E. Kosba, Andrew Miller, and Elaine Shi. 2016. Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab. In FC 2016 International Workshops (LNCS), Vol. 9604. Springer, 79--94.

[12]

Etherscan 2018. https://etherscan.io/

[13]

Etherscan verified source codes 2018. Etherscan verified source codes. https://etherscan.io/contractsVerified

[14]

Jean-Christophe Filliâtre and Andrei Paskevich. 2013. Why3 - Where Programs Meet Provers. In ESOP (LNCS), Vol. 7792. Springer, 125--128.

Digital Library

[15]

Go-ethereum 2018. https://github.com/ethereum/go-ethereum

[16]

Patrice Godefroid. 2011. Higher-order Test Generation. In PLDI. ACM, 258--269.

Digital Library

[17]

Governmental bug 2018. GovernMental's 1100ETH jackpot payout is stuck because it uses too much gas. https://www.reddit.com/r/ethereum/comments/4ghzhv/

[18]

Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018. A Semantic Framework for the Security Analysis of Ethereum Smart Contracts. In POST (LNCS), Vol. 10804. Springer, 243--269.

[19]

Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2018. Online detection of effectively callback free objects with applications to smart contracts. PACMPL 2, POPL (2018), 48:1--48:28.

Digital Library

[20]

Arie Gurfinkel, Temesghen Kahsai, Anvesh Komuravelli, and Jorge A. Navas. 2015. The SeaHorn Verification Framework. In CAV, Part I (LNCS), Vol. 9206. Springer, 343--361.

[21]

Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Daejun Park, Yi Zhang, Brandon Moore, and Grigore Rosu. 2018. KEVM: A Complete Semantics of the Ethereum Virtual Machine. In CSF. IEEE. To appear.

[22]

Yoichi Hirai. 2017. Defining the Ethereum Virtual Machine for Interactive Theorem Provers. In 1st Workshop on Trusted Smart Contracts (LNCS), Vol. 10323. Springer, 520--535.

[23]

Yoichi Hirai. 2017. Ethereum Virtual Machine for Coq (v0.0.2). Published online on 5 March 2017. https://goo.gl/DxYFwK

[24]

Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. Zeus: Analyzing Safety of Smart Contracts. In NDSS. To appear.

[25]

Johannes Krupp and Christian Rossow. 2018. teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 1317--1333. https://www.usenix.org/conference/usenixsecurity18/presentation/krupp

Digital Library

[26]

Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making Smart Contracts Smarter. In CCS. ACM, 254--269.

Digital Library

[27]

Manticore 2018. https://github.com/trailofbits/manticore

[28]

Kenneth L. McMillan. 2007. Interpolants and Symbolic Model Checking. In VMCAI (LNCS), Vol. 4349. Springer, 89--90.

Digital Library

[29]

Mortal 2018. Contract mortal. https://etherscan.io/address/0x4671ebe586199456ca28ac050cc9473cbac829eb#code

[30]

Bernhard Mueller. January 2018. How Formal Verification Can Ensure Flawless Smart Contracts. https://goo.gl/9wUFE1

[31]

Mythril 2018. https://github.com/b-mueller/mythril/

[32]

Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf

[33]

Oyente 2018. Oyente: An Analysis Tool for Smart Contracts. https://github.com/melonproject/oyente

[34]

Parity bug 2018. The guy who blew up Parity didn't know what he was doing. https://www.reddit.com/r/CryptoCurrency/comments/7beos3/

[35]

Jack Pettersson and Robert Edström. 2016. Safer Smart Contracts through Type-Driven Development. Master's thesis. Chalmers University of Technology, Sweden.

[36]

George Pîrlea and Ilya Sergey. 2018. Mechanising blockchain consensus. In CPP. ACM, 78--90.

Digital Library

[37]

Christian Reitwiessner. 2015. Formal Verification for Solidity Contracts. https://forum.ethereum.org/discussion/3779/formal-verification-for-solidity-contracts

[38]

Grigore Rosu. December 2017. ERC20-K: Formal Executable Specification of ERC20. https://runtimeverification.com/blog/?p=496

[39]

Securify 2018. Securify: Formal Verification of Ethereum Smart Contracts. http://securify.ch/

[40]

Ilya Sergey and Aquinas Hobor. 2017. A Concurrent Perspective on Smart Contracts. In 1st Workshop on Trusted Smart Contracts (LNCS), Vol. 10323. Springer, 478--493.

[41]

Emin Gün Sirer. 2016. Reentrancy Woes in Smart Contracts. http://hackingdistributed.com/2016/07/13/reentrancy-woes/

[42]

Solidity 2018. Solidity: High-Level Language for Implementing Smart Contracts. http://solidity.readthedocs.io/

[43]

Gavin Wood. 2014. Ethereum: A Secure Decentralised Generalised Transaction Ledger. https://ethereum.github.io/yellowpaper/paper.pdf

Cited By

Alsunaidi SAljamaan HHammoudeh M(2024)MultiTagging: A Vulnerable Smart Contract Labeling and Evaluation FrameworkElectronics10.3390/electronics1323461613:23(4616)Online publication date: 22-Nov-2024
https://doi.org/10.3390/electronics13234616
Mustafa IMcGibney ARea S(2024)Smart contract life-cycle management: an engineering framework for the generation of robust and verifiable smart contractsFrontiers in Blockchain10.3389/fbloc.2023.12762336Online publication date: 8-Jan-2024
https://doi.org/10.3389/fbloc.2023.1276233
Elciyar KSatılmış N(2024)Development and Validation of a Blockchain Literacy ScaleActa Informatica Pragensia10.18267/j.aip.251Online publication date: 3-Nov-2024
https://doi.org/10.18267/j.aip.251
Show More Cited By

Recommendations

ContractFuzzer: fuzzing smart contracts for vulnerability detection
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering

Decentralized cryptocurrencies feature the use of blockchain to transfer values among peers on networks without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreements while ...
From Contracts to E-Contracts: Modeling and Enactment

Contracts are complex to understand, represent and process electronically. Usually, contracts involve various entities such as parties, activities and clauses. An e-contract is a contract modeled, specified, executed and enacted (controlled and ...
Security Vulnerabilities in Ethereum Smart Contracts
iiWAS2018: Proceedings of the 20th International Conference on Information Integration and Web-based Applications & Services

Smart contracts (SC) are one of the most appealing features of blockchain technologies facilitating, executing, and enforcing predefined terms of coded contracts without intermediaries. The steady adoption of smart contracts on the Ethereum blockchain ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference

December 2018

766 pages

ISBN:9781450365697

DOI:10.1145/3274694

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 December 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Conference

ACSAC '18

ACSAC '18: 2018 Annual Computer Security Applications Conference

December 3 - 7, 2018

PR, San Juan, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

362
Total Citations
View Citations
1,478
Total Downloads

Downloads (Last 12 months)224
Downloads (Last 6 weeks)23

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Alsunaidi SAljamaan HHammoudeh M(2024)MultiTagging: A Vulnerable Smart Contract Labeling and Evaluation FrameworkElectronics10.3390/electronics1323461613:23(4616)Online publication date: 22-Nov-2024
https://doi.org/10.3390/electronics13234616
Mustafa IMcGibney ARea S(2024)Smart contract life-cycle management: an engineering framework for the generation of robust and verifiable smart contractsFrontiers in Blockchain10.3389/fbloc.2023.12762336Online publication date: 8-Jan-2024
https://doi.org/10.3389/fbloc.2023.1276233
Elciyar KSatılmış N(2024)Development and Validation of a Blockchain Literacy ScaleActa Informatica Pragensia10.18267/j.aip.251Online publication date: 3-Nov-2024
https://doi.org/10.18267/j.aip.251
Xu JWang TLv MChen TZhu TJi B(2024)MVD-HG: multigranularity smart contract vulnerability detection method based on heterogeneous graphsCybersecurity10.1186/s42400-024-00245-57:1Online publication date: 11-Oct-2024
https://doi.org/10.1186/s42400-024-00245-5
Wei ZSun JZhang ZZhang XYang XZhu L(2024)Survey on Quality Assurance of Smart ContractsACM Computing Surveys10.1145/369586457:2(1-36)Online publication date: 10-Oct-2024
https://dl.acm.org/doi/10.1145/3695864
Wu CChen JWang ZLiang RDu RFilkov VRay BZhou M(2024)Semantic Sleuth: Identifying Ponzi Contracts via Large Language ModelsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695055(582-593)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695055
Grossman SToman JBakst AArora SSagiv MNandi C(2024)Practical Verification of Smart Contracts using Memory SplittingProceedings of the ACM on Programming Languages10.1145/36897968:OOPSLA2(2402-2433)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689796
Kado CYanai NCruz JYamashita KOkamura S(2024)Empirical Study of Impact of Solidity Compiler Updates on Vulnerabilities in Ethereum Smart ContractsDistributed Ledger Technologies: Research and Practice10.1145/3688812Online publication date: 22-Aug-2024
https://doi.org/10.1145/3688812
Ye MNan YDai HYang SLuo XZheng Z(2024)FunFuzz: A Function-Oriented Fuzzer for Smart Contract Vulnerability Detection with High Effectiveness and EfficiencyACM Transactions on Software Engineering and Methodology10.1145/367472533:7(1-20)Online publication date: 28-Jun-2024
https://dl.acm.org/doi/10.1145/3674725
Chen ZLiu YBeillahi SLi YLong F(2024)Demystifying Invariant Effectiveness for Securing Smart ContractsProceedings of the ACM on Software Engineering10.1145/36607861:FSE(1772-1795)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3660786
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents