Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Wang, Haijun; Liu, Ye; Li, Yang; Lin, Shang-Wei; Artho, Cyrille; Ма, Лей; Liu, Yang

doi:10.1109/tdsc.2020.3037332

Cited by 39 publications

(30 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It generates test input that conforms to the calling contract's call syntax, defines new test predictions, and uses EVM monitors smart contract execution information to detect vulnerabilities. ContraMaster [46] is a smart contract dynamic testing framework based on new test oracle. It guides the fuzzing process through data flow, control flow, and contract status analysis.…”

Section: Smart Contract Testingmentioning

confidence: 99%

Mutation testing for integer overflow in ethereum smart contracts

Sun

Huang

Zheng

et al. 2022

Tsinghua Sci. Technol.

View full text Add to dashboard Cite

Integer overflow is a common vulnerability in Ethereum Smart Contracts (ESCs) and often causes huge economic losses. Smart contracts cannot be changed once it is deployed on the blockchain and thus demand further testing. Mutation testing is a fault-based testing method that can effectively improve the sufficiency of a test for smart contracts. However, existing methods cannot efficiently perform mutation testing specifically for integer overflow in ESCs. Therefore, by analyzing integer overflow in ESCs, we propose five special mutation operators to address such vulnerability in terms of detecting sufficiency in ESC testing. An empirical study on 40 open-source ESCs is conducted to evaluate the effectiveness of the proposed mutation operators. Results show that (1) our proposed mutation operators can reproduce all 179 integer overflow vulnerabilities in 40 smart contracts, and the generated mutants have high compilation pass rate and integer overflow vulnerability generation rate; moreover, (2) the generated mutants can find the shortcomings of existing testing methods for integer overflow vulnerability, thereby providing effective support to improve the sufficiency of the test.

show abstract

Section: Smart Contract Testingmentioning

confidence: 99%

Mutation testing for integer overflow in ethereum smart contracts

Sun

Huang

Zheng

et al. 2022

Tsinghua Sci. Technol.

View full text Add to dashboard Cite

show abstract

“…Hajdu et al [28] proposed an approach that assesses the behavior of permissioned blockchain systems by injecting faults into smart contracts. Wang et al [52] invented ContraMaster, an oraclesupported fuzzing tool that detects exploitable vulnerabilities in smart contracts. Zhang et al [60] presented TxSpector, a generic and logic-driven framework for detecting attacks in Ethereum transactions at the bytecode level.…”

Section: Related Work a Blockchain Dependabilitymentioning

confidence: 99%

Chaos Engineering of Ethereum Blockchain Clients

Zhang¹,

Ron²,

Baudry³

et al. 2021

Preprint

View full text Add to dashboard Cite

The Ethereum blockchain is the operational backbone of major decentralized finance platforms. As such, it is expected to be exceptionally reliable. In this paper, we present CHAOSETH, a chaos engineering tool for resilience assessment of Ethereum clients. CHAOSETH operates in the following manner: First, it monitors Ethereum clients to determine their normal behavior. Then, it injects system call invocation errors into the Ethereum clients and observes the resulting behavior under perturbation. Finally, CHAOSETH compares the behavior recorded before, during, and after perturbation to assess the impact of the injected system call invocation errors. The experiments are performed on the two most popular Ethereum client implementations: GoEthereum and OpenEthereum. We experiment with 22 different types of system call invocation errors. We assess their impact on the Ethereum clients with respect to 15 applicationlevel metrics. Our results reveal a broad spectrum of resilience characteristics of Ethereum clients in the presence of system call invocation errors, ranging from direct crashes to full resilience. The experiments clearly demonstrate the feasibility of applying chaos engineering principles to blockchains.

show abstract

“…For example, an invariant proposed by Wang et al [200] ensures correctness for an account that receives funds from a smart contract: "the amount deducted from a contract's bookkeeping balances is always deposited into the recipient's account". To facilitate specification and verification of these invariants, several tools identify bookkeeping variables automatically [58,199] or provide support for a special sum function, that can be applied to mappings and/or arrays [98,162,183]. Invariants are also used to express that the value of tokenSupply is immutable, bounded, or does not decrease [15,37,128,162,197].…”

Section: Financementioning

confidence: 99%

“…Besides runtime verification, smart contracts can be dynamically verified via fuzzing and testing techniques to identify and exploit vulnerabilities [112,130,199]. To navigate a fuzzer towards higher path coverage, some authors combine fuzzing with taint analysis [219] and symbolic execution [102,116,192].…”

Section: Runtime Verification and Testingmentioning

confidence: 99%

A Survey of Smart Contract Formal Specification and Verification

Tolmach

Lin

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

A smart contract is a computer program which allows users to define and execute transactions automatically on top of the blockchain platform. Given the significance of smart contracts in supporting important activities across industry sectors including supply chain, finance, legal and medical services, there is a strong demand for verification and validation techniques. Yet, the vast majority of smart contracts lack any kind of formal specification, which is essential for establishing their correctness. In this survey, we investigate formal models and specifications of smart contracts presented in the literature and present a systematic overview in order to understand the common trends. We also discuss the current approaches used in verifying such property specifications and identify gaps with the hope to recognize promising directions for future work.

show abstract

Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Cited by 39 publications

References 34 publications

Mutation testing for integer overflow in ethereum smart contracts

Mutation testing for integer overflow in ethereum smart contracts

Chaos Engineering of Ethereum Blockchain Clients

A Survey of Smart Contract Formal Specification and Verification

Contact Info

Product

Resources

About