What problem does this paper attempt to address?

The problem that this paper attempts to solve is the address verification vulnerabilities in smart contracts. Specifically, the author focuses on the security issues in the common practice of verifying the validity of passed - in addresses in Solidity smart contracts on Ethereum. These issues may lead to serious security risks, and there have been some sporadic evidence reports in the community about these issues. However, this type of vulnerability has not been fully studied yet, and existing tools are unable to detect this type of vulnerability. ### Main contributions of the paper 1. **Detect address verification vulnerabilities for the first time**: The author designed and implemented a lightweight static taint - analysis framework named AVV ERIFIER for efficiently and effectively identifying address verification vulnerabilities. 2. **Large - scale practical application**: By analyzing more than 5 million deployed Ethereum smart contracts, AVV ERIFIER discovered 812 vulnerable smart contracts that had not been disclosed by the community before, among which 348 open - source smart contracts involve a total locked - in value of more than $11.2 billion. 3. **Superior performance**: Compared with existing tools (such as Mythril, Ethainter, Jackal and ETHBMC), AVV ERIFIER has improved its efficiency by 2 to 5 times while maintaining a precision of 94.3% and a recall rate of 100%. 4. **Real - time detection and deployment**: AVV ERIFIER has been deployed as a real - time detection tool on Ethereum and Binance Smart Chain (BSC), which can issue warnings in a timely manner after contract deployment to prevent attacks from occurring. ### Characteristics of address verification vulnerabilities - **P1**: The vulnerable function receives an address as a parameter and performs insufficient authorization checks on this address. Attackers can pass in self - deployed unauthorized contracts through this address. - **P2**: This address is used as the target of an external call. Through the external call, the control flow is transferred to the attackers, who can fully control the behavior of the external call, including the return value. - **P3**: The on - chain state that depends on the return value mentioned in P2 is updated. Through unauthorized control flow, attackers can profit by indirectly manipulating the on - chain state (such as initiating external calls or updating balances). ### Challenges - **Lack of semantic information**: Since the bytecode format is difficult to read and lacks semantic information, it is difficult to accurately determine whether an address has been fully verified. - **Inter - procedural analysis**: It is necessary to accurately extract control - flow and data - flow dependency relationships. Especially when dealing with external calls, the propagation path of address parameters must be traced. - **Limitations of existing tools**: Dynamic analysis methods are resource - intensive and time - consuming; symbolic execution and model checking have the path/state explosion problem; existing taint - analysis tools cannot be directly applied to detect this type of vulnerability. ### Solutions AVV ERIFIER adopts a static EVM - simulation - based taint - analysis method and gradually eliminates false positives and false negatives through a three - stage detection strategy. It also designs a key - value - pair model of abstract sparse linear memory to overcome the complexity of the EVM memory model. In addition, AVV ERIFIER simulates the stack and memory through a self - implemented EVM simulator to ensure the efficient propagation of non - dynamic data, while conservatively handling dynamic memory parameters to avoid the negative impact of enumerating all possible values. Through these innovations, AVV ERIFIER can effectively detect and prevent address verification vulnerabilities in smart contracts and ensure the security of blockchain systems.