Smartcheck是以太坊智能合约的一个典型的静态分析工具,其将基于Solidity语言的智能合约源代码转换为基于XML的中间表示,并依据XPath模式进行检查。虽然Smartcheck能够有效地分析许多安全漏洞,但部分漏洞的分析并不完善且收录的漏洞也不够完整。针对该问题,本文通过对漏洞原理的深入分析,在时间戳依赖、整数溢出和delegatecall等典型漏洞方面进一步完善了Smartcheck,并实现了一个新的检测工具SmartETH。通过真实大数据集和5份具体合约验证表明,SmartETH能够更好地检测出相关的漏洞,同时减少了大量漏洞的误报和漏报问题。
Smart contracts on blockchain operate on quantity of digital assets. Once deployed on blockchain, they are difficult to modify. Therefore, the analysis and detection of security vulnerabilities of smart contracts has become an important research topic. Smartcheck is a static analysis tool for Ethereum smart contracts that converts Solidity source code into an XML-based intermediate representation and checks it against XPath patterns. While Smartcheck can analyze most of the vulnerabilities, it has limitations in terms of coverage and accuracy. To address these issues, we developed a new tool, SmartETH, to further improve Smartcheck by analyzing typical vulnerabilities such as timestamp dependency, integer overflow and delegatecall vulnerabilities. The improved Smartcheck is tested on a large dataset and verified by five specific contracts, demonstrating improved accuracy in vulnerability detection. In addition, improvements have reduced false positives and missed positives for many vulnerabilities.
[1] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system [EB/OL]. 2008[2022-04-15]. https://bitcoin.org/en/bitcoin-paper.
[2] Buterin V. A next-generation smart contract and decentralized application platform [EB/OL]. 2014[2022-04-15]. https://ethereum.org/en/whitepaper/.
[3] Szabo N. Formalizing and securing relationships on public networks [EB/OL]. 1997[2022-04- 15]. https://firstmonday.org/ojs/index.php/fm/article/view/548.
[4] 贺海武, 延安, 陈泽华. 基于区块链的智能合约技术与应用综述[J]. 计算机研究与发展, 2018, 55(11): 2452-2466. He H W, Yan A, Chen Z H. Survey of smart contract technology and application based on blockchain [J]. Journal of Computer Research and Development, 2018, 55(11): 2452-2466. (in Chinese)
[5] 袁勇, 王飞跃. 区块链技术发展现状与展望[J]. 自动化学报, 2016, 42(4): 481-494. Yuan Y, Wang F Y. Blockchain: the state of the art and future trends [J]. Acta Automatica Sinica, 2016, 42(4): 481-494. (in Chinese)
[6] Ang M, Xiao P. A survey of the basic technology and application of block chain [J]. Journal of Information Security Research, 2017, 3(11): 968-980.
[7] 林诗意, 张磊, 刘德胜. 基于区块链智能合约的应用研究综述[J]. 计算机应用研究, 2021, 38(9): 2570-2581. Lin S Y, Zhang L, Liu D S. Survey of application research based on blockchain-smart-contract [J]. Application Research of Computers, 2021, 38(9): 2570-2581. (in Chinese)
[8] 刘志勇, 朱峰, 吴东升, 等. 区块链智能合约安全漏洞问题研究[C]//第九届中国指挥控制大会论文集, 2021: 558-563.
[9] Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter [C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016: 254-269.
[10] De Moura L, Bjørner N. Z3: an efficient SMT solver [C]//International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Berlin, Heidelberg: Springer, 2008: 337-340.
[11] Feist J, Grieco G, Groce A. Slither: a static analysis framework for smart contracts [C]//2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2019: 8-15.
[12] Kalra S, Goel S, Dhawan M, et al. ZEUS: analyzing safety of smart contracts [C]//Network and Distributed System Security Symposium, 2018: 23092.
[13] Tikhomirov S, Voskresenskaya E, Ivanitskiy I, et al. SmartCheck: static analysis of ethereum smart contracts [C]//2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), 2018: 9-16.
[14] 张登记, 赵相福, 陈中育, 等. 基于Ethereum智能合约的安全策略分析[J]. 应用科学学报, 2021, 39(1): 151-163. Zhang D J, Zhao X F, Chen Z Y, et al. Analysis of security strategies for smart contracts based on ethereum [J]. Journal of Applied Sciences, 2021, 39(1): 151-163. (in Chinese)
[15] Giordano F, Bachfischer A, Carder G, et al. OpenZeppelin is a library for secure smart contract development [EB/OL]. 2022[2022-04-15]. https://github.com/OpenZeppelin/openzeppelin-contracts.
[16] Gao J B, Liu H, Liu C, et al. EASYFLOW: keep ethereum away from overflow [C]//2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion), 2019: 23-26.
[17] 郑忠斌, 王朝栋, 蔡佳浩. 智能合约的安全研究现状与检测方法分析综述[J]. 信息安全与通信保密, 2020, 18(7): 93-105. Zheng Z B, Wang C D, Cai J H. Analysis of the current status of smart contract security research and detection methods [J]. Information Security and Communications Privacy, 2020, 18(7): 93-105. (in Chinese)
[18] Palladino S. The parity wallet hack explained [EB/OL]. 2017[2022-04-15]. https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7.
[19] 田国华, 胡云瀚, 陈晓峰. 区块链系统攻击与防御技术研究进展[J]. 软件学报, 2021, 32(5): 1495- 1525. Tian G H, Hu Y H, Chen X F. Research progress on attack and defense techniques in block-chain system [J]. Journal of Software, 2021, 32(5): 1495-1525. (in Chinese)
[20] 沈鑫, 裴庆祺, 刘雪峰. 区块链技术综述[J]. 网络与信息安全学报, 2016, 2(11): 11-20. Shen X, Pei Q Q, Liu X F. Survey of block chain [J]. Chinese Journal of Network and Information Security, 2016, 2(11): 11-20. (in Chinese)
[21] 倪远东, 张超, 殷婷婷. 智能合约安全漏洞研究综述[J]. 信息安全学报, 2020, 5(3): 78-99. Ni Y D, Zhang C, Yin T T. A survey of smart contract vulnerability research [J]. Journal of Cyber Security, 2020, 5(3): 78-99. (in Chinese)
[22] Atzei N, Bartoletti M, Cimoli T. A survey of attacks on ethereum smart contracts (SoK) [C]//International Conference on Principles of Security and Trust. Berlin, Heidelberg: Springer, 2017: 164-186.
[23] 孙家泽, 余盼盼, 王小银, 等. 智能合约漏洞检测技术研究综述[J]. 西安邮电大学学报, 2020, 25(5): 1-9, 32. Sun J Z, Yu P P, Wang X Y, et al. Research overview on smart contract vulnerability detection technology [J]. Journal of Xi’an University of Posts and Telecommunications, 2020, 25(5): 1-9, 32. (in Chinese)
