摘要:The gas mechanism in Ethereum charges the execution of ev- ery operation to ensure that smart contracts running in EVM (Ethereum Virtual Machine) will be eventually terminated. Failing to properly set the gas costs of EVM operations allows attackers to launch DoS at- tacks on Ethereum. Although Ethereum recently adjusted the gas costs of EVM operations to defend against known DoS attacks, it remains unknown whether the new setting is proper and how to configure it to defend against unknown DoS attacks. In this paper, we make the first step to address this challenging issue by first proposing an emulation- based framework to automatically measure the resource consumptions of EVM operations. The results reveal that Ethereum’s new setting is still not proper. Moreover, we obtain an insight that there may always exist exploitable under-priced operations if the cost is fixed. Hence, we pro- pose a novel gas cost mechanism, which dynamically adjusts the costs of EVM operations according to the number of executions, to thwart DoS attacks. This method punishes the operations that are executed much more frequently than before and lead to high gas costs. To make our so- lution flexible and secure and avoid frequent update of Ethereum client, we design a special smart contract that collaborates with the updated EVM for dynamic parameter adjustment. Experimental results demon- strate that our method can effectively thwart both known and unknown DoS attacks with flexible parameter settings. Moreover, our method only introduces negligible additional gas consumption for benign users.

摘要:Background: Millions of smart contracts have been deployed to Ethereum for providing various applications. Recent studies discovered many severe security and performance issues in smart contracts by applying static program analysis techniques to them. Given a smart contract, the majority of these analysis techniques need to first construct its control flow graph, which connects basic blocks through control flow transfers (CFTs), before conducting further analysis. Aims: The objective of this work is to understand the capabilities of static program analysis techniques to identify CFTs, and to investigate how static program analysis techniques can be improved if the CFTs are complemented. Method: We perform a comprehensive empirical study on six widely-used tools for smart contract analysis by using all deployed smart contracts to understand their capabilities to recognize CFTs. We capture all execution traces of all smart contracts to evaluate the number of CFTs covered by traces that are not found by those tools. We enhance a state-of-the-art tool, OYENTE for discovering vulnerabilities in smart contracts with the CFTs covered by traces to investigate how the tool is improved. Results: These studied tools fail to identify all CFTs due to several reasons, e.g., incomplete code patterns. Execution traces effectively complement these tool in recognizing CFTs. By including the CFTs covered by traces, the false negative rate of OYENTE can be reduced by up to 30%. Conclusions: Our study underlines the ineffectiveness of static analysis techniques due to the incapabilities of CFT identification.

摘要:Modern cryptocurrencies exploit decentralised blockchains to record a public and unalterable history of transactions. Be- sides transactions, further information is stored for different, and often undisclosed, purposes, making the blockchains a rich and increasingly growing source of valuable informa- tion, in part of difficult interpretation. Many data analytics have been developed, mostly based on specifically designed and ad-hoc engineered approaches. We propose a general- purpose framework, seamlessly supporting data analytics on both Bitcoin and Ethereum — currently the two most prominent cryptocurrencies. Such a framework allows us to integrate relevant blockchain data with data from other sources, and to organise them in a database, either SQL or NoSQL. Our framework is released as an open-source Scala library. We illustrate the distinguishing features of our ap- proach on a set of significant use cases, which allow us to empirically compare ours to other competing proposals, and evaluate the impact of the database choice on scalability.

摘要:Ethereum provides an open, global computing platform, that allows the exchange of value, automated and enforced workflows, and the development of general purpose applica- tions and libraries. Smart contracts present a foundation for the computational capabilities of the Ethereum network. Moti- vated by the known security breaches and recurring financial losses due to smart contracts vulnerabilities, we review the field of security of smart contract programming and provide a comprehensive taxonomy of all known security issues. We achieve that by a thorough review of known vulnerabilities. In this work we also review the security code analysis tools used to identify known vulnerabilities. We conduct the investigation of security code analysis tools on Ethereum by assessing their effectiveness and accuracy on known issues on a representative sample of vulnerable contracts. We have used 21 clean, and 24 vulnerable contracts and four security tools: Oyente, Securify, Remix, and SmartCheck, to assess the quality of contemporary security analysis tools specific to Ethereum. The results indicate that there are overall inconsistencies between the tools in respect to different security properties. SmartCheck outper- formed the other tools in terms of effectiveness, whereas Oyente performed the best in terms of accuracy. Furthermore, based on the limitations we identified, we propose improvements within the user interfaces, interpretation of results, and, most importantly, an enhanced list for vulnerability checks.

摘要:Blockchain offers unprecedented opportunities for innovation in financial transactions. A whole new world of opportunities for banking, lending, insurance, money transfer, investments, and stock markets awaits. However, the potential for wide-scale adoption of blockchain is hindered with cybersecurity and privacy issues. We provide an overview of the risks and security requirements and give an outlook for future research that could be helpful in solving some of the challenges. We also present an approach for policy specification and verification of financial transactions based on smart contracts.

摘要:A developing field of interest for the distributed systems and applied cryptography communities is that of smart contracts: self-executing financial instruments that synchronize their state, often through a blockchain. One such smart contract system that has seen widespread practical adoption is Ethereum, which has grown to a market capacity of 100 billion USD and clears an excess of 500,000 daily transactions. Unfortunately, the rise of these technologies has been marred by a series of costly bugs and exploits. Increasingly, the Ethereum community has turned to formal methods and rigorous program analysis tools. This trend holds great promise due to the relative simplicity of smart contracts and bounded-time deterministic execution inherent to the Ethereum Virtual Machine (EVM). Here we present KEVM, an executable formal specification of the EVM’s bytecode stack-based language built with the K Framework, designed to serve as a solid foundation for further formal analyses. We empirically evaluate the correctness and performance of KEVM using the official Ethereum test suite [1]. To demonstrate the usability, several extensions of the semantics are presented and two different-language implementations of the ERC20 Standard Token are verified against the ERC20 specification. These results are encouraging for the executable semantics approach to language prototyping and specification.

摘要:Ethereum Virtual Machine (EVM) is the run-time environment for smart contracts and its vulnerabilities may lead to serious problems to the Ethereum ecology. With lots of techniques being continu- ously developed for the validation of smart contracts, the testing of EVM remains challenging because of the special test input format and the absence of oracles. In this paper, we propose EVMFuzzer, the first tool that uses differential fuzzing technique to detect vul- nerabilities of EVM. The core idea is to continuously generate seed contracts and feed them to the target EVM and the benchmark EVMs, so as to find as many inconsistencies among execution re- sults as possible, eventually discover vulnerabilities with output cross-referencing. Given a target EVM and its APIs, EVMFuzzer generates seed contracts via a set of predefined mutators, and then employs dynamic priority scheduling algorithm to guide seed con- tracts selection and maximize the inconsistency. Finally, EVMFuzzer leverages benchmark EVMs as cross-referencing oracles to avoid manual checking. With EVMFuzzer, we have found several previ- ously unknown security bugs in four widely used EVMs, and 5 of which had been included in Common Vulnerabilities and Exposures (CVE) IDs in U.S. National Vulnerability Database. The video is presented at https://youtu.be/9Lejgf2GSOk.

摘要:Attacks on transactions of Ethereum could be dan- gerous because they could lead to a big loss of money. There are many tools detecting vulnerabilities in smart contracts trying to avoid potential attacks. However, we found that there are still many missed vulnerabilities in contracts. Motivated by this, we propose a methodology to reinforce EVM to stop dangerous transactions in real time even when the smart contract contains vulnerabilities. Basically, the methodology consists of three steps: monitoring strategy definition, opcode-structure maintenance and EVM instrumentation. Monitoring strategy definition refers to the specific rule to test whether there is a dangerous operation during transaction execution. Opcode-structure maintenance is to maintain a structure to store the rule related opcodes and analyze it before an operation execution. EVM instrumentation inserts the monitoring strategy, interrupting mechanism and the opcode-structure operations in EVM source code. For evaluation, we implement EVM* on js-evm, a widely-used EVM platform written in javascript. We collect 10 contracts online with known bugs and use each contract to execute a dangerous transaction, all of them have been interrupted by our reinforced EVM*, while the original EVM permits all attack transactions. For the time overhead, the reinforced EVM* is slower than the original one by 20-30%, which is tolerable for the financial critical applications.

摘要:When a Solidity smart contract has a problem in calling a function of another contract, the “fallback function” of the contract is supposed to be executed automatically. However, in many cases, a fallback function is arbitrarily created and called, with their behaviors unknown to developers, so that its execution is vulnerable to exploits by attackers. To reduce these risks, this paper proposes a method that provides developers with new keywords by modifying existing Solidity compiler and Ethereum Virtual Machine (EVM). Developers mark their intention using the newly introduced keywords, and the modified existing Solidity compiler and EVM uses flags and conditional statements to prevent calls of fallback functions to reduce the risk of calls to fallback functions.

摘要:分析和研究以太坊上的区块、交易、账户和智能合约数据具有巨大价值，但是以太坊数据量大、数据种类多、存储结构 各异，当前数据获取方法的获取速度慢而且获取的数据不全，因此充分利用这些数据非常困难。文中提出了基于区块并行的以 太坊数据快速导出工具Ｇｅｔｈ－ｑｕｅｒｙ，通过分析以太坊内部机制，利用区块世界状态快照消除区块之间的依赖关系，优化本机资 源利用效率并行重放区块，实现了快速而全面地提取以太坊链上数据。实验证明，Ｇｅｔｈ－ｑｕｅｒｙ提取的数据种类丰富，数据导出 速度相比传统方法提升了１０倍左右。为了使用方便，文中同时对导出的数据进行存储优化，并在前端页面进行数据展示，从而 为分析和研究以太坊提供了数据基础。

摘要:With the rapid development of blockchain technology, blockchain becomes a good platform for execution of smart contracts. However, since smart contracts still have a low performance of transaction processing on blockchain. It can’t satisfy real-time requirements in some situations. This paper proposes a parallel smart contract model on blockchain which has a better performance in transaction processing. The challenges with the proposed approach are the implementation of the parallel mode and the solution of synchronization problem of the proposed model. This paper uses multi-thread technology to implement the proposed model where transactions are executed in parallel. Then we propose a transaction splitting algorithm to resolve the synchronization problem. Finally, experimental analysis proves that this parallel model exactly makes a remarkable development of performance in transaction processing.

摘要:Smart contracts have been widely used on Ethereum to enable business services across various application domains. However, they are prone to different forms of security attacks due to the dynamic and non-deterministic blockchain runtime environment. In this work, we highlighted a general miner- side type of exploit, called concurrency exploit, which attacks smart contracts via generating malicious transaction sequences. Moreover, we designed a systematic algorithm to automatically detect such exploits. In our preliminary evaluation, our approach managed to identify real vulnerabilities that cannot be detected by other tools in the literature.

摘要:Business processes are often related to operational processes, contracts, and regulations. Modeling such processes needs to address regulation monitoring and enforcement, and maintain a reliable history of data for evidence. This paper proposes modeling business processes as smart contracts (SCs) on permissioned blockchains (BCs). The challenges with the proposed approach are state synchronizations among distributed nodes (called authnodes), and real-time requirements. This paper separates the executions of SCs from the state managements on multi-BCs, and proposes a pipeline model to verify and create blocks in parallel.

摘要:Smart contract transactions demonstrate issues of performance and correctness that application programmers must work around. Although the blockchain consensus mechanism approaches ACID compliance, use cases that rely on frequent state changes are impractical due to the block publishing inter- val of O(101) seconds. The effective isolation level is READ- COMMITTED, only revealing state transitions at the end of the block interval. Values read may be stale and not match program order, causing many transactions to fail when a block is committed. This paper perceives the blockchain as a transactional data structure, using this analogy in the development of a new algorithm, Hash-Mark-Set (HMS), that improves transaction throughput by providing a READ-UNCOMMITTED view of state variables. HMS creates a directed acyclic graph (DAG) from the pending transaction pool. The transaction order derived from the DAG is used to provide a READ-UNCOMMITTED view of the data for new transactions, which enter the DAG as they are received. An implementation of HMS is provided, interoperable with Ethereum and ready for use in smart contracts. Over a wide range of transaction mixes, HMS is demonstrated to improve throughput. A side product of the implementation is a new technique, Runtime Argument Augmentation (RAA), that allows smart contracts to communicate with external data services before submitting a transaction. RAA has use cases beyond HMS and can serve as a lightweight replacement for blockchain oracles.

摘要:Blockchain platforms such as Ethereum and several others execute complex transactions in blocks through user- defined scripts known as smart contracts. Normally, a block of the chain consists of multiple transactions of smart contracts which are added by a miner. To append a correct block into the blockchain, miners execute these transactions of smart contracts sequentially. Later the validators serially re-execute the smart contract transactions of the block. If the validators agree with the final state of the block as recorded by the miner, then the block is said to be validated. It is then added to the blockchain using a consensus protocol. In Ethereum and other blockchains that support cryptocurrencies, a miner gets an incentive every time such a valid block successfully added to the blockchain. In most of the current day blockchains the miners and validators execute the smart contract transactions serially. In the current era of multi-core processors, by employing the serial execution of the transactions, the miners and validators fail to utilize the cores properly and as a result, have poor throughput. By adding concurrency to smart contracts execution, we can achieve better efficiency and higher throughput. In this paper, we develop an efficient framework to execute the smart contract transactions concurrently using optimistic Software Transactional Memory systems (STMs). Miners execute smart contract transactions concurrently us- ing multi-threading to generate the final state of blockchain. STM is used to take care of synchronization issues among the transactions and ensure atomicity. Now when the validators also execute the transactions (as a part of validation) concurrently using multi-threading, then the validators may get a different final state depending on the order of execution of conflicting transactions. To avoid this, the miners also generate a block graph of the transactions during the concurrent execution and store it in the block. This graph captures the conflict relations among the transactions and is generated concurrently as the transactions are executed by different threads. The miner proposes a block which consists of set of transac- tions, block graph, hash of the previous block, and final state of each shared data-objects. Later, the validators re-execute the same smart contract transactions concurrently and deterministi- cally with the help of block graph given by the miner to verify the final state. If the validation is successful then proposed block appended into the blockchain and miner gets incentive otherwise discard the proposed block. We execute the smart contract transactions concurrently using Basic Time stamp Ordering (BTO) and Multi-Version Time stamp Ordering (MVTO) protocols as optimistic STMs. BTO and MVTO miner achieves 3.6x and 3.7x average speedups over serial miner respectively. Along with, BTO and MVTO validator outperform average 40.8x and 47.1x than serial validator respec- tively.