Proceedings 2019 Network and Distributed System Security Symposium 2019
DOI: 10.14722/ndss.2019.23413
|View full text |Cite
|
Sign up to set email alerts
|

Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks

Abstract: Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this paper, we address this problem in the context of re-entrancy exploits and propose a novel smart contract securit… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
192
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 166 publications
(192 citation statements)
references
References 17 publications
0
192
0
Order By: Relevance
“…This research aims to present a practical tool to detect bugs from online contracts in bytecode format. Our tool roots the same assumption with previous techniques [Luu et al 2016;Nikolić et al 2018;Rodler et al 2018;Tsankov et al 2018] that aim to find bugs rather than rigorous verification, which would come with its own set of challenges, such as the typical lack of nontrivial and complete contract-specific properties.…”
Section: Soundness and Completenessmentioning
confidence: 83%
See 4 more Smart Citations
“…This research aims to present a practical tool to detect bugs from online contracts in bytecode format. Our tool roots the same assumption with previous techniques [Luu et al 2016;Nikolić et al 2018;Rodler et al 2018;Tsankov et al 2018] that aim to find bugs rather than rigorous verification, which would come with its own set of challenges, such as the typical lack of nontrivial and complete contract-specific properties.…”
Section: Soundness and Completenessmentioning
confidence: 83%
“…Some other research, including MADMAX, which focuses on a set of gas-focused vulnerabilities associated with denial-of-service attack [Grech et al 2018], and TeEther [Krupp and Rossow 2018], which synthesizes exploitation towards online contracts, is orthogonal to our work. In addition, some runtime monitoring techniques enforce data-flow integrity to defeat reentrancy attacks [Rodler et al 2018]. We also notice a line of research work verifying smart contracts with formal methods [Amani et al 2018;Bhargavan et al 2016;Grishchenko et al 2018;Hildenbrandt et al 2018;Hirai 2017].…”
Section: Related Workmentioning
confidence: 97%
See 3 more Smart Citations