基于Smartcheck的智能合约漏洞分析及其改进策略

doi:10.3969/j.issn.0255-8297.2024.06.011

应用科学学报 ›› 2024, Vol. 42 ›› Issue (6): 1027-1039.doi: 10.3969/j.issn.0255-8297.2024.06.011

基于Smartcheck的智能合约漏洞分析及其改进策略

费佳佳¹, 赵相福¹, 陈霄汉¹, 张登记²

1. 烟台大学计算机控制与工程学院, 山东烟台 264005;
2. 浙江师范大学计算机系, 浙江金华 321004

收稿日期:2022-04-06 出版日期:2024-11-30 发布日期:2024-11-30
通信作者: 赵相福,教授,博导,研究方向为区块链、人工智能。E-mail:xiangfuzhao@gmail.com E-mail:xiangfuzhao@gmail.com
基金资助:
国家自然科学基金（No.61972360,No.62072392）资助

Smart Contract Vulnerability Analysis and Improvement Based on Smartcheck

FEI Jiajia¹, ZHAO Xiangfu¹, CHEN Xiaohan¹, ZHANG Dengji²

1. School of Computer and Control Engineering, Yantai University, Yantai 264005, Shandong, China;
2. Department of Computer, Zhejiang Normal University, Jinhua 321004, Zhejiang, China

Received:2022-04-06 Online:2024-11-30 Published:2024-11-30

摘要/Abstract

摘要： Smartcheck是以太坊智能合约的一个典型的静态分析工具，其将基于Solidity语言的智能合约源代码转换为基于XML的中间表示，并依据XPath模式进行检查。虽然Smartcheck能够有效地分析许多安全漏洞，但部分漏洞的分析并不完善且收录的漏洞也不够完整。针对该问题，本文通过对漏洞原理的深入分析，在时间戳依赖、整数溢出和delegatecall等典型漏洞方面进一步完善了Smartcheck，并实现了一个新的检测工具SmartETH。通过真实大数据集和5份具体合约验证表明，SmartETH能够更好地检测出相关的漏洞，同时减少了大量漏洞的误报和漏报问题。

关键词: 智能合约, 安全漏洞, Smartcheck, 以太坊, 区块链

Abstract: Smart contracts on blockchain operate on quantity of digital assets. Once deployed on blockchain, they are difficult to modify. Therefore, the analysis and detection of security vulnerabilities of smart contracts has become an important research topic. Smartcheck is a static analysis tool for Ethereum smart contracts that converts Solidity source code into an XML-based intermediate representation and checks it against XPath patterns. While Smartcheck can analyze most of the vulnerabilities, it has limitations in terms of coverage and accuracy. To address these issues, we developed a new tool, SmartETH, to further improve Smartcheck by analyzing typical vulnerabilities such as timestamp dependency, integer overflow and delegatecall vulnerabilities. The improved Smartcheck is tested on a large dataset and verified by five specific contracts, demonstrating improved accuracy in vulnerability detection. In addition, improvements have reduced false positives and missed positives for many vulnerabilities.

Key words: smart contract, security vulnerability, Smartcheck, Ethereum, blockchain

中图分类号:

TP31

费佳佳, 赵相福, 陈霄汉, 张登记. 基于Smartcheck的智能合约漏洞分析及其改进策略[J]. 应用科学学报, 2024, 42(6): 1027-1039.

FEI Jiajia, ZHAO Xiangfu, CHEN Xiaohan, ZHANG Dengji. Smart Contract Vulnerability Analysis and Improvement Based on Smartcheck[J]. Journal of Applied Sciences, 2024, 42(6): 1027-1039.

参考文献

[1] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system [EB/OL]. 2008[2022-04-15]. https://bitcoin.org/en/bitcoin-paper.
[2] Buterin V. A next-generation smart contract and decentralized application platform [EB/OL]. 2014[2022-04-15]. https://ethereum.org/en/whitepaper/.
[3] Szabo N. Formalizing and securing relationships on public networks [EB/OL]. 1997[2022-04- 15]. https://firstmonday.org/ojs/index.php/fm/article/view/548.
[4] 贺海武, 延安, 陈泽华. 基于区块链的智能合约技术与应用综述[J]. 计算机研究与发展, 2018, 55(11): 2452-2466. He H W, Yan A, Chen Z H. Survey of smart contract technology and application based on blockchain [J]. Journal of Computer Research and Development, 2018, 55(11): 2452-2466. (in Chinese)
[5] 袁勇, 王飞跃. 区块链技术发展现状与展望[J]. 自动化学报, 2016, 42(4): 481-494. Yuan Y, Wang F Y. Blockchain: the state of the art and future trends [J]. Acta Automatica Sinica, 2016, 42(4): 481-494. (in Chinese)
[6] Ang M, Xiao P. A survey of the basic technology and application of block chain [J]. Journal of Information Security Research, 2017, 3(11): 968-980.
[7] 林诗意, 张磊, 刘德胜. 基于区块链智能合约的应用研究综述[J]. 计算机应用研究, 2021, 38(9): 2570-2581. Lin S Y, Zhang L, Liu D S. Survey of application research based on blockchain-smart-contract [J]. Application Research of Computers, 2021, 38(9): 2570-2581. (in Chinese)
[8] 刘志勇, 朱峰, 吴东升, 等. 区块链智能合约安全漏洞问题研究[C]//第九届中国指挥控制大会论文集, 2021: 558-563.
[9] Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter [C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016: 254-269.
[10] De Moura L, Bjørner N. Z3: an efficient SMT solver [C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Berlin, Heidelberg: Springer, 2008: 337-340.
[11] Feist J, Grieco G, Groce A. Slither: a static analysis framework for smart contracts [C]//2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2019: 8-15.
[12] Kalra S, Goel S, Dhawan M, et al. ZEUS: analyzing safety of smart contracts [C]//Network and Distributed System Security Symposium, 2018: 23092.
[13] Tikhomirov S, Voskresenskaya E, Ivanitskiy I, et al. SmartCheck: static analysis of ethereum smart contracts [C]//2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2018: 9-16.
[14] 张登记, 赵相福, 陈中育, 等. 基于Ethereum智能合约的安全策略分析[J]. 应用科学学报, 2021, 39(1): 151-163. Zhang D J, Zhao X F, Chen Z Y, et al. Analysis of security strategies for smart contracts based on ethereum [J]. Journal of Applied Sciences, 2021, 39(1): 151-163. (in Chinese)
[15] Giordano F, Bachfischer A, Carder G, et al. OpenZeppelin is a library for secure smart contract development [EB/OL]. 2022[2022-04-15]. https://github.com/OpenZeppelin/openzeppelin-contracts.
[16] Gao J B, Liu H, Liu C, et al. EASYFLOW: keep ethereum away from overflow [C]//2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), 2019: 23-26.
[17] 郑忠斌, 王朝栋, 蔡佳浩. 智能合约的安全研究现状与检测方法分析综述[J]. 信息安全与通信保密, 2020, 18(7): 93-105. Zheng Z B, Wang C D, Cai J H. Analysis of the current status of smart contract security research and detection methods [J]. Information Security and Communications Privacy, 2020, 18(7): 93-105. (in Chinese)
[18] Palladino S. The parity wallet hack explained [EB/OL]. 2017[2022-04-15]. https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7.
[19] 田国华, 胡云瀚, 陈晓峰. 区块链系统攻击与防御技术研究进展[J]. 软件学报, 2021, 32(5): 1495- 1525. Tian G H, Hu Y H, Chen X F. Research progress on attack and defense techniques in block-chain system [J]. Journal of Software, 2021, 32(5): 1495-1525. (in Chinese)
[20] 沈鑫, 裴庆祺, 刘雪峰. 区块链技术综述[J]. 网络与信息安全学报, 2016, 2(11): 11-20. Shen X, Pei Q Q, Liu X F. Survey of block chain [J]. Chinese Journal of Network and Information Security, 2016, 2(11): 11-20. (in Chinese)
[21] 倪远东, 张超, 殷婷婷. 智能合约安全漏洞研究综述[J]. 信息安全学报, 2020, 5(3): 78-99. Ni Y D, Zhang C, Yin T T. A survey of smart contract vulnerability research [J]. Journal of Cyber Security, 2020, 5(3): 78-99. (in Chinese)
[22] Atzei N, Bartoletti M, Cimoli T. A survey of attacks on ethereum smart contracts (SoK) [C]//International Conference on Principles of Security and Trust. Berlin, Heidelberg: Springer, 2017: 164-186.
[23] 孙家泽, 余盼盼, 王小银, 等. 智能合约漏洞检测技术研究综述[J]. 西安邮电大学学报, 2020, 25(5): 1-9, 32. Sun J Z, Yu P P, Wang X Y, et al. Research overview on smart contract vulnerability detection technology [J]. Journal of Xi’an University of Posts and Telecommunications, 2020, 25(5): 1-9, 32. (in Chinese)

基于Smartcheck的智能合约漏洞分析及其改进策略

Smart Contract Vulnerability Analysis and Improvement Based on Smartcheck

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	王娜, 朱会娟, 宋香梅, 冯霞. 一种基于领域自适应的智能合约安全分析框架[J]. 应用科学学报, 2024, 42(4): 585-597.
[2]	刘少杰, 赵鸿伯, 刘浛. 基于领域编程模型的可信区块链自动化协议[J]. 应用科学学报, 2024, 42(4): 569-584.
[3]	施智罡, 黄建华, 李天琪. 一种面向车联网的区块链模型[J]. 应用科学学报, 2024, 42(4): 549-568.
[4]	吴勐, 戚湧. 零知识证明下可审计追溯区块链隐私保护模型[J]. 应用科学学报, 2024, 42(4): 598-612.
[5]	夏晓亮, 秦智, 万武南, 张仕斌, 张金全. 基于区块链的医疗数据分类加密共享方案[J]. 应用科学学报, 2024, 42(4): 613-628.
[6]	雷鸣, 林怡静, 高志鹏. 价值驱动的以太坊交易追踪排名方法[J]. 应用科学学报, 2024, 42(4): 629-641.
[7]	刘凯, 王佳鑫, 毛谦昂, 陈煜菲, 颜嘉麒. 区块链游戏生态的角色动态识别与演化分析——以Axie Infinity为例[J]. 应用科学学报, 2024, 42(4): 642-658.
[8]	王泽旭, 文斌. 关键路径预搜索的符号执行智能合约漏洞检测[J]. 应用科学学报, 2024, 42(2): 364-374.
[9]	巫光福, 杨子, 黄宝珠. 基于信誉和聚类的动态拜占庭容错算法[J]. 应用科学学报, 2023, 41(6): 1046-1057.
[10]	张勇, 姚中原, 王超, 郭尚坤, 郭晓涵, 斯雪明. 面向复杂应用场景的联盟链多链协同方案[J]. 应用科学学报, 2023, 41(4): 601-613.
[11]	潘亮, 陈彬, 代明军, 王滔滔, 张胜利. 基于区块链智能合约的动态频谱共享[J]. 应用科学学报, 2023, 41(4): 590-600.
[12]	王微渊, 毕远伟, 陈霄汉, 李传彪. 一种面向联盟链优化的PBFT共识算法[J]. 应用科学学报, 2023, 41(4): 577-589.
[13]	曹浩浩, 刘扬, 李向阳, 刘鑫磊, 王耀启, 张元. 基于多链融合的粮食供应链溯源系统[J]. 应用科学学报, 2023, 41(4): 563-576.
[14]	刘红, 张靖宇, 雷梦婷, 肖云鹏. 基于区块链的公平和可验证电子投票智能合约[J]. 应用科学学报, 2023, 41(4): 541-562.
[15]	王锋, 刘琳琳, 刘扬, 白浩, 张强. 基于区块链的高校校际联盟图书资源共享系统[J]. 应用科学学报, 2023, 41(3): 515-526.