Abstract:As decentralized applications (DApps) proliferate, the increased complexity and usage of smart contracts have heightened their susceptibility to security incidents and financial losses. Although various vulnerability detection tools have been developed to mitigate these issues, they often suffer poor performance in detecting vulnerabilities, as they either rely on simplistic and general-purpose oracles that may be inadequate for vulnerability detection, or require user-specified oracles, which are labor-intensive to create. In this paper, we introduce SmartOracle, a dynamic invariant detector that automatically generates fine-grained invariants as application-specific oracles for vulnerability detection. From historical transactions, SmartOracle uses pattern-based detection and advanced inference to construct comprehensive properties, and mines multi-layer likely invariants to accommodate the complicated contract functionalities. After that, SmartOracle identifies smart contract vulnerabilities by hunting the violated invariants in new transactions. In the field of invariant detection, SmartOracle detects 50% more ERC20 invariants than existing dynamic invariant detection and achieves 96% precision rate. Furthermore, we build a dataset that contains vulnerable contracts from real-world security incidents. SmartOracle successfully detects 466 abnormal transactions with an acceptable precision rate 96%, involving 31 vulnerable contracts. The experimental results demonstrate its effectiveness in detecting smart contract vulnerabilities, especially those related to complicated contract functionalities.

What problem does this paper attempt to address?

This paper attempts to solve the problem of detecting security vulnerabilities caused by complex functions in smart contracts. Specifically, existing tools are not effective in detecting complex vulnerabilities in smart contracts, mainly because: 1. **Existing tools use overly simplified general - purpose oracles**: These oracles cannot effectively reveal many complex vulnerabilities, because analyzing them usually requires application - specific oracles. 2. **User - defined oracles are time - consuming and require professional knowledge**: Although some tools allow users to design custom oracles to detect vulnerabilities, these oracles require expert knowledge and are costly to develop based on the user's understanding of the contract. To solve these problems, the paper proposes a new method named SmartOracle, which automatically generates application - specific oracles through fine - grained dynamic invariant detection to detect complex vulnerabilities in smart contracts. ### Main contributions 1. **Propose SmartOracle**: This is a fine - grained dynamic invariant detector for smart contracts, which can mine fine - grained invariants and use them as application - specific oracles to detect complex vulnerabilities. 2. **Improve invariant detection ability**: Compared with existing dynamic invariant detectors, SmartOracle can detect 50% more ERC20 invariants and achieve 96% precision. 3. **Construct a benchmark dataset**: It contains 65 vulnerable contracts from real - world security incidents, most of which involve complex vulnerabilities. SmartOracle successfully reveals 31 vulnerabilities and 466 related abnormal transactions. 4. **Open - source code and dataset**: The code of SmartOracle and related datasets have been published on GitHub for more researchers and developers to use. ### Method overview The working process of SmartOracle includes three main components: - **Transaction Parser**: Parse the historical transactions of the target contract and extract its execution trajectory. - **Invariant Miner**: Mine multi - level invariants (contract - level, function - level, and branch - level) from historical transactions and keep them as potential invariants. - **Invariant Checker**: Detect violations of the mined invariants in new transactions, thereby identifying vulnerabilities in the contract. Through this method, SmartOracle can effectively detect complex vulnerabilities in smart contracts in practical applications, especially when dealing with contracts with complex functions.

SmartOracle: Generating Smart Contract Oracle via Fine-Grained Invariant Detection

Midas: Mining Profitable Exploits in On-Chain Smart Contracts Via Feedback-Driven Fuzzing and Differential Analysis

Smart Contract Vulnerability Detection Technique: A Survey

SmartInv: Multimodal Learning for Smart Contract Invariant Inference

Demystifying Invariant Effectiveness for Securing Smart Contracts

Automated Invariant Generation for Solidity Smart Contracts

Oracle-Supported Dynamic Exploit Generation for Smart Contracts

Safeguarding DeFi Smart Contracts against Oracle Deviations

Detecting Standard Violation Errors in Smart Contracts

Artemis: An Improved Smart Contract Verification Tool for Vulnerability Detection

A Survey of Ethereum Smart Contract Security: Attacks and Detection

Smart Contract Vulnerability Detection based on Static Analysis and Multi-Objective Search

SmartDagger: a Bytecode-Based Static Analysis Approach for Detecting Cross-Contract Vulnerability

OC-Detector: Detecting Smart Contract Vulnerabilities Based on Clustering Opcode Instructions

A New Smart Contract Anomaly Detection Method by Fusing Opcode and Source Code Features for Blockchain Services

Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios

ConvMHSA-SCVD: Enhancing Smart Contract Vulnerability Detection Through a Knowledge-Driven and Data-Driven Framework

Detecting Buggy Contracts via Smart Testing

Contractsentry: a static analysis tool for smart contract vulnerability detection

Siguard: Detecting Signature-Related Vulnerabilities in Smart Contracts.

A Smart Contract Vulnerability Detection Method Based on Program Dependency Graph