Lei Wu,Siwei Wu,Yajin Zhou,Runhuai Li,Zhi Wang,Xiapu Luo,Cong Wang,Kui Ren

DOI: https://doi.org/10.48550/arXiv.2005.08278

2020-10-23

Abstract:As one of the representative blockchain platforms, Ethereum has attracted lots of attacks. Due to the existed financial loss, there is a pressing need to perform timely investigation and detect more attack instances. Though multiple systems have been proposed, they suffer from the scalability issue due to the following reasons. First, the tight coupling between malicious contract detection and blockchain data importing makes them infeasible to repeatedly detect different attacks. Second, the coarse-grained archive data makes them inefficient to replay transactions. Third, the separation between malicious contract detection and runtime state recovery consumes lots of storage. In this paper, we present the design of a scalable attack detection framework on Ethereum. It overcomes the scalability issue by saving the Ethereum state into a database and providing an efficient way to locate suspicious transactions. The saved state is fine-grained to support the replay of arbitrary transactions. The state is well-designed to avoid saving unnecessary state to optimize the storage consumption. We implement a prototype named EthScope and solve three technical challenges, i.e., incomplete Ethereum state, scalability, and extensibility. The performance evaluation shows that our system can solve the scalability issue, i.e., efficiently performing a large-scale analysis on billions of transactions, and a speedup of around 2,300x when replaying transactions. It also has lower storage consumption compared with existing systems. The result with three different types of information as inputs shows that our system can help an analyst understand attack behaviors and further detect more attacks. To engage the community, we will release our system and the dataset of detected attacks.

Cryptography and Security

Siwei Wu,Lei Wu,Yajin Zhou,Runhuai Li,Zhi Wang,Xiapu Luo,Cong Wang,Kui Ren

DOI: https://doi.org/10.1145/3505263

IF: 3.685

2022-07-31

ACM Transactions on Software Engineering and Methodology

Abstract:Ethereum has been attracting lots of attacks, hence there is a pressing need to perform timely investigation and detect more attack instances. However, existing systems suffer from the scalability issue due to the following reasons. First, the tight coupling between malicious contract detection and blockchain data importing makes them infeasible to repeatedly detect different attacks. Second, the coarse-grained archive data makes them inefficient to replay transactions. Third, the separation between malicious contract detection and runtime state recovery consumes lots of storage. In this article, we propose a scalable attack detection framework named EthScope , which overcomes the scalability issue by neatly re-organizing the Ethereum state and efficiently locating suspicious transactions. It leverages the fine-grained state to support the replay of arbitrary transactions and proposes a well-designed schema to optimize the storage consumption. The performance evaluation shows that EthScope can solve the scalability issue, i.e., efficiently performing a large-scale analysis on billions of transactions, and a speedup of around \( \text{2,300}\times \) when replaying transactions. It also has lower storage consumption compared with existing systems. Further analysis shows that EthScope can help analysts understand attack behaviors and detect more attack instances.

computer science, software engineering

Bowen He,Yuan Chen,Zhuo Chen,Xiaohui Hu,Yufeng Hu,Lei Wu,Rui Chang,Haoyu Wang,Yajin Zhou

DOI: https://doi.org/10.1145/3576915.3623210

2023-01-01

Abstract:The prosperity of Ethereum attracts many users to send transactions and trade crypto assets. However, this has also given rise to a new form of transaction-based phishing scam, named TXPHISH. Specifically, tempted by high profits, users are tricked into visiting fake websites and signing transactions that enable scammers to steal their crypto assets. The past year has witnessed 11 large-scale TXPHISH incidents causing a total loss of more than $70 million. In this paper, we conduct the first empirical study of TXPHISH on Ethereum, encompassing the process of a TXPHISH campaign and details of phishing transactions. To detect TXPHISH websites and extract phishing accounts automatically, we present TxPhishScope, which dynamically visits the suspicious websites, triggers transactions, and simulates results. Between November 25, 2022, and July 31, 2023, we successfully detected and reported 26,333 TXPHISH websites and 3,486 phishing accounts. Among all of documented TXPHISH websites, 78.9% of them were first reported by us, making TxPhishScope the largest TXPHISH website detection system. Moreover, we provided criminal evidence of four phishing accounts and their fund flow totaling $1.5 million to aid in the recovery of funds for the victims. In addition, we identified bugs in six Ethereum projects and received appreciation. Based on the detection results, we perform a comprehensive study of TXPHISH websites and phishing accounts. Our study reveals that TXPHISH websites have a short lifespan, low cost, and fast update frequency. Besides, Our analysis of phishing fund flow demonstrates that 54.0% of phishing funds ($43.7 million) flowed into centralized exchanges, where the identity of owners could be traced. Our research can serve as a valuable reference for Ethereum service providers to safeguard their users against TXPHISH and assist in the recovery of victims' crypto assets.

Hou Xinrui,Cheng Zhen,Zhou Yajin,Li Jinku

2020-01-01

Abstract:The invention discloses a system and method for detecting Ethereum digital currency stealing attacks. The method comprises the steps: deploying an Ethereum honeypot, inducing a network attacker to quickly find a honeypot host, transmitting a detection request, and capturing a malicious request from the attacker; storing the malicious request from the attacker in a database; and analyzing the attack data, associating the malicious request, detecting an attack behavior, identifying an attack method used by an attacker, tracking the attacker, and generating a detection result. According to the method, the malicious request sent by the attacker is attracted and captured, and the attack technique used by the attacker is further recognized, and weak points of an existing system are effectively found, so that the Ethereum system is better protected.

Yufeng Hu,Yingshi Sun,Yuan Chen,Zhuo Chen,Bowen He,Lei Wu,Yajin Zhou,Rui Chang

DOI: https://doi.org/10.1109/tdsc.2024.3431011

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:With the prosperity of the blockchain and the DeFi ecosystem, money flow activities in the blockchains are becoming increasingly frequent, complex, and diverse. The Money Flow Graph (MFG) serves as the foundation for various behavioral analysis, malicious activity detection, and money flow tracing tasks. However, traditional graph databases face the issue of storage requirement and performance when analyzing large-scale MFGs. In this work, we present MFGSCOPE, a lightweight domain-specific framework designed for graph-based analysis on EVM-compatible blockchains, with extensive optimizations for storage efficiency and query performance. The prototype of MFGSCOPE for the Ethereum network achieves the storage of over 3 billion transfers and 1.7 billion relevant transactions in a single instance with less than 450 GB of disk usage. The evaluation shows that for common tasks, MFGSCOPE is more than 30 times faster and requires 78% less storage space than the commonly used graph database Neo4j. For the applications of MFGSCOPE, we present several use cases based on the MFG which cannot be performed efficiently using traditional graph databases and report interesting findings. To engage the community, the prototype of MFGSCOPE for the Ethereum blockchain with the complete dataset will be open source.

Peng Qian,Zhenguang Liu,Qinming He,Butian Huang,Duanzheng Tian,Xun Wang

DOI: https://doi.org/10.13328/j.cnki.jos.006375

2022-01-01

Journal of Software

Abstract: Smart contract, one of the most successful applications of blockchain, is taking the world by storm, playing an essential role in the blockchain ecosystem. However, frequent smart contract security incidents not only result in tremendous economic losses but also destroy the blockchain-based credit system. The security and reliability of smart contracts thus gain extensive attention from researchers worldwide. In this survey, we first summarize the common types and typical cases of smart contract vulnerabilities from three levels, i.e., Solidity code layer, EVM execution layer, and Block dependency layer. Further, we review the research progress of smart contract vulnerability detection and classify existing counterparts into five categories, i.e., formal verification, symbolic execution, fuzzing detection, intermediate representation, and deep learning. Empirically, we take 300 real-world smart contracts deployed on Ethereum as the test samples and compare the representative methods in terms of accuracy, F1-Score, and average detection time. Finally, we discuss the challenges in the field of smart contract vulnerability detection and combine with the deep learning technology to look forward to future research directions.

Shunfan Zhou,Zhemin Yang,Jie Xiang,Yinzhi Cao,Min Yang,Yuan Zhang

2020-01-01

Abstract:Smart contract security has drawn much attention due to many severe incidents with huge ether and token losses. As a consequence, researchers have proposed to detect smart contract vulnerabilities via code analysis. However, code analysis only shows what contracts can be attacked, but not what have been attacked, and more importantly, what attacks have been prevented in the real world. In this paper, we present the first comprehensive measurement study to analyze real-world attacks and defenses adopted in the wild based on the transaction logs produced by uninstrumented Ethereum Virtual Machine (EVM). Specifically, our study decouples two important factors of an adversarial transaction--i.e., (i) an adversarial action exploiting the vulnerable contract and (ii) an adversarial consequence like ether or token transfers resulted from the action--for the analysis of attacks and defenses. The results of our study reveal a huge volume of attacks beyond what have been studied in the literature, e.g., those targeting new vulnerability types like airdrop hunting and those targeting zero-day variants of known vulnerabilities. Besides successful attacks, our study also shows attempted attacks that are prevented due to the deployments of defenses. As the nature of cyber-security, those defenses have also been evaded, mainly due to incomplete defense deployments. To summarize it, we believe that this is an ever-evolving game between adversaries obtaining illegal profits and defenders shielding their own contracts.

Tran Viet Khoa,Do Hai Son,Chi-Hieu Nguyen,Dinh Thai Hoang,Diep N. Nguyen,Tran Thi Thuy Quynh,Trong-Minh Hoang,Nguyen Viet Ha,Eryk Dutkiewicz,Abu Alsheikh,Nguyen Linh Trung

2024-08-10

Abstract:With the escalating prevalence of malicious activities exploiting vulnerabilities in blockchain systems, there is an urgent requirement for robust attack detection mechanisms. To address this challenge, this paper presents a novel collaborative learning framework designed to detect attacks in blockchain transactions and smart contracts by analyzing transaction features. Our framework exhibits the capability to classify various types of blockchain attacks, including intricate attacks at the machine code level (e.g., injecting malicious codes to withdraw coins from users unlawfully), which typically necessitate significant time and security expertise to detect. To achieve that, the proposed framework incorporates a unique tool that transforms transaction features into visual representations, facilitating efficient analysis and classification of low-level machine codes. Furthermore, we propose an advanced collaborative learning model to enable real-time detection of diverse attack types at distributed mining nodes. Our model can efficiently detect attacks in smart contracts and transactions for blockchain systems without the need to gather all data from mining nodes into a centralized server. In order to evaluate the performance of our proposed framework, we deploy a pilot system based on a private Ethereum network and conduct multiple attack scenarios to generate a novel dataset. To the best of our knowledge, our dataset is the most comprehensive and diverse collection of transactions and smart contracts synthesized in a laboratory for cyberattack detection in blockchain systems. Our framework achieves a detection accuracy of approximately 94% through extensive simulations and 91% in real-time experiments with a throughput of over 2,150 transactions per second.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Teng Hu,Xiaolei Liu,Ting Chen,Xiaosong Zhang,Xiaoming Huang,Weina Niu,Jiazhong Lu,Kun Zhou,Yuan Liu

DOI: https://doi.org/10.1016/j.ipm.2020.102462

2021-03-01

Abstract:<p>Blockchain technology brings innovation to various industries. Ethereum is currently the second blockchain platform by market capitalization, it's also the largest smart contract blockchain platform. Smart contracts can simplify and accelerate the development of various applications, but they also bring some problems. For example, smart contracts are used to commit fraud, vulnerability contracts are deliberately developed to undermine fairness, and there are numerous duplicative contracts that waste performance with no actual purpose. In this paper, we propose a transaction-based classification and detection approach for Ethereum smart contract to address these issues. We collected over 10,000 smart contracts from Ethereum and focused on the data behavior generated by smart contracts and users. We identified four behavior patterns from the transactions by manual analysis, which can be used to distinguish the difference between different types of contracts. Then 14 basic features of a smart contract are constructed from these. To construct the experimental dataset, we propose a data slicing algorithm for slicing the collected smart contracts. After that, we use an LSTM network to train and test our datasets. The extensive experimental results show that our approach can distinguish different types of contracts and can be applied to anomaly detection and malicious contract identification with satisfactory precision, recall, and f1-score.</p>

computer science, information systems,information science & library science

Jiajun Zhou,Xuanze Chen,Shengbo Gong,Chenkai Hu,Chengxiang Jin,Shanqing Yu,Qi Xuan

2024-07-02

Abstract:Ethereum has become one of the primary global platforms for cryptocurrency, playing an important role in promoting the diversification of the financial ecosystem. However, the relative lag in regulation has led to a proliferation of malicious activities in Ethereum, posing a serious threat to fund security. Existing regulatory methods usually detect malicious accounts through feature engineering or large-scale transaction graph mining. However, due to the immense scale of transaction data and malicious attacks, these methods suffer from inefficiency and low robustness during data processing and anomaly detection. In this regard, we propose an Ethereum Transaction Graph Compression method named TGC4Eth, which assists malicious account detection by lightweighting both features and topology of the transaction graph. At the feature level, we select transaction features based on their low importance to improve the robustness of the subsequent detection models against feature evasion attacks; at the topology level, we employ focusing and coarsening processes to compress the structure of the transaction graph, thereby improving both data processing and inference efficiency of detection models. Extensive experiments demonstrate that TGC4Eth significantly improves the computational efficiency of existing detection models while preserving the connectivity of the transaction graph. Furthermore, TGC4Eth enables existing detection models to maintain stable performance and exhibit high robustness against feature evasion attacks.

Cryptography and Security,Social and Information Networks

Xiaoli Zhang,Wenxiang Sun,Zhicheng Xu,Hongbing Cheng,Chengjun Cai,Helei Cui,Qi Li

DOI: https://doi.org/10.1109/tifs.2024.3349852

IF: 7.231

2024-02-02

IEEE Transactions on Information Forensics and Security

Abstract:Recently, smart contracts have been widely applied in security-sensitive fields yet are fragile to various vulnerabilities and attacks. Regarding this, existing research efforts either statically scrutinize smart contracts' code or detect suspicious transaction execution flows. However, they either fail to timely protect contracts or only handle a small subset of well-known vulnerabilities. In the paper, we propose - that secures vulnerable smart contracts in real-time via fine-grained access control over sensitive states. The behind rationale is most of attacks aim to manipulate money-related states (e.g., tokens) for profits. Specifically, transaction-level state access control policies are first defined by developers and then translated into EVM-level policies with contract-aware function-level state access permissions. In policy enforcement, - introduces a hybrid storage analyzer to accurately identify (dynamic-allocated) storage locations for policy-involved states and a multi-stage cache based filter to fast revert bad transactions with unexpected state access behaviors. Finally, we conduct thorough experiments using 12 types of real-world contract vulnerabilities and all open-source smart contracts on the first blocks of Ethereum. The results demonstrate that - outperforms two state-of-the-art runtime analysis tools in terms of attack detection. Extensive performance evaluations with real-world transactions show that - can block 100% unexpected state accesses at the cost of 8% throughput degradation (compared with the native EVM).

computer science, theory & methods,engineering, electrical & electronic

Fuchen Ma,Ying Fu,Meng Ren,Mingzhe Wang,Yu Jiang,Kaixiang Zhang,Huizhong Li,Xiang Shi

DOI: https://doi.org/10.1109/saner.2019.8668038

2019-01-01

Abstract:Attacks on transactions of Ethereum could be dangerous because they could lead to a big loss of money. There are many tools detecting vulnerabilities in smart contracts trying to avoid potential attacks. However, we found that there are still many missed vulnerabilities in contracts. Motivated by this, we propose a methodology to reinforce EVM to stop dangerous transactions in real time even when the smart contract contains vulnerabilities. Basically, the methodology consists of three steps: monitoring strategy definition, opcode-structure maintenance and EVM instrumentation. Monitoring strategy definition refers to the specific rule to test whether there is a dangerous operation during transaction execution. Opcode-structure maintenance is to maintain a structure to store the rule related opcodes and analyze it before an operation execution. EVM instrumentation inserts the monitoring strategy, interrupting mechanism and the opcode-structure operations in EVM source code. For evaluation, we implement EVM* on js-evm, a widely-used EVM platform written in javascript. We collect 10 contracts online with known bugs and use each contract to execute a dangerous transaction, all of them have been interrupted by our reinforced EVM*, while the original EVM permits all attack transactions. For the time overhead, the reinforced EVM* is slower than the original one by 20-30%, which is tolerable for the financial critical applications.

Wei Wang,Jingjing Song,Guangquan Xu,Yidong Li,Hao Wang,Chunhua Su

DOI: https://doi.org/10.1109/tnse.2020.2968505

IF: 6.6

2021-04-01

IEEE Transactions on Network Science and Engineering

Abstract:Smart contracts are decentralized applications running on Blockchain. A very large number of smart contracts has been deployed on Ethereum. Meanwhile, security flaws of contracts have led to huge pecuniary losses and destroyed the ecological stability of contract layer on Blockchain. It is thus an emerging yet crucial issue to effectively and efficiently detect vulnerabilities in contracts. Existing detection methods like Oyente and Securify are mainly based on symbolic execution or analysis. These methods are very time-consuming, as the symbolic execution requires the exploration of all executable paths or the analysis of dependency graphs in a contract. In this work, we propose ContractWard to detect vulnerabilities in smart contracts with machine learning techniques. First, we extract bigram features from simplified operation codes of smart contracts. Second, we employ five machine learning algorithms and two sampling algorithms to build the models. ContractWard is evaluated with 49502 real-world smart contracts running on Ethereum. The experimental results demonstrate the effectiveness and efficiency of ContractWard. The predictive Micro-F1 and Macro-F1 of ContractWard are over 96% and the average detection time is 4 seconds on each smart contract when we use XGBoost for training the models and SMOTETomek for balancing the training sets.

engineering, multidisciplinary,mathematics, interdisciplinary applications

Christof Ferreira Torres,Antonio Ken Iannillo,Arthur Gervais,Radu State

DOI: https://doi.org/10.48550/arXiv.2101.06204

2021-01-16

Abstract:In recent years, Ethereum gained tremendously in popularity, growing from a daily transaction average of 10K in January 2016 to an average of 500K in January 2020. Similarly, smart contracts began to carry more value, making them appealing targets for attackers. As a result, they started to become victims of attacks, costing millions of dollars. In response to these attacks, both academia and industry proposed a plethora of tools to scan smart contracts for vulnerabilities before deploying them on the blockchain. However, most of these tools solely focus on detecting vulnerabilities and not attacks, let alone quantifying or tracing the number of stolen assets. In this paper, we present Horus, a framework that empowers the automated detection and investigation of smart contract attacks based on logic-driven and graph-driven analysis of transactions. Horus provides quick means to quantify and trace the flow of stolen assets across the Ethereum blockchain. We perform a large-scale analysis of all the smart contracts deployed on Ethereum until May 2020. We identified 1,888 attacked smart contracts and 8,095 adversarial transactions in the wild. Our investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant. Finally, we also demonstrate the practicality of our framework via an in-depth analysis on the recent Uniswap and <a class="link-external link-http" href="http://Lendf.me" rel="external noopener nofollow">this http URL</a> attacks.

Cryptography and Security

Xuan Chen,Xincan Zhang,Zhaohan Wang,Kerun Yu,Wong Kam-Kwai,Haoyun Guo,Siming Chen

DOI: https://doi.org/10.1007/s12650-024-00969-z

IF: 1.7

2024-03-20

Journal of Visualization

Abstract:The Ethereum consensus layer provides the Proof of Stake (PoS) consensus algorithm with the beacon chain for the Ethereum blockchain network. However, the beacon chain is proved vulnerable to consensus-targeted attacks, which are difficult to detect. To address this issue, blockchain developers require an interactive tool to identify and mitigate potential security threats. Currently, most blockchain visualization solutions only display client logs or transaction records, making responding quickly to security threats challenging. This paper introduces the first visual analytics solution for security threat awareness on the Ethereum consensus layer. We cooperate with blockchain experts and investigate a top-down exploration approach, providing an overview of the general security level, as well as detailed consensus achievements in each slot. Our visual system lets users discover specific outcomes of the consensus execution and identify anomalies in the beacon chain historical data. Furthermore, the system includes two case studies of actual attacks to help developers better understand and mitigate potential security threats.

computer science, interdisciplinary applications,imaging science & photographic technology

Kaihua Qin,Zhe Ye,Zhun Wang,Weilin Li,Liyi Zhou,Chao Zhang,Dawn Song,Arthur Gervais

DOI: https://doi.org/10.48550/arxiv.2305.14046

2023-01-01

Abstract:Identifying and mitigating vulnerabilities in smart contracts is crucial, especially considering the rapid growth and increasing complexity of Decentralized Finance (DeFi) platforms. To address the challenges associated with securing these contracts, we introduce a versatile dynamic analysis framework specifically designed for the Ethereum Virtual Machine (EVM). This comprehensive framework focuses on tracking contract executions, capturing valuable runtime information, while introducing and employing the Execution Property Graph (EPG) to propose a unique graph traversal technique that swiftly detects potential smart contract attacks. Our approach showcases its efficacy with rapid average graph traversal time per transaction and high true positive rates. The successful identification of a zero-day vulnerability affecting Uniswap highlights the framework's potential to effectively uncover smart contract vulnerabilities in complex DeFi systems.

Jingjing Yang,Wenjia Yu,Jiajing Wu,Dan Lin,Zhiying Wu,Zibin Zheng

DOI: https://doi.org/10.1109/tifs.2024.3484296

IF: 7.231

2024-11-02

IEEE Transactions on Information Forensics and Security

Abstract:In recent years, phishing scams have emerged as one of the most serious crimes on Ethereum. Existing phishing scam detection methods typically model public transaction records on the blockchain as a graph, and then identify phishing addresses through manual feature extraction or graph learning frameworks. Meanwhile, these methods model transactions within a period as a static network for analysis. Therefore, these methods lack the ability to capture fine-grained time dynamics, and on the other hand, they cannot handle the large-scale and continuously growing transaction data on the Ethereum blockchain, resulting in lower scalability and efficiency. In this paper, we propose a two-dimensional streaming framework 2DynEthNet for Ethereum phishing scam detection. First, we cast the transaction series into 6 slices according to block numbers, treating each as a separate task. In the first dimension, we treat transaction features as edge features instead of node features within one task, allowing each transaction to be streamed in 2DynEthNet, aiming to capture the evolutionary features of the Ethereum transaction network at a fine-grained level in continuous time. In the second dimension, we adopt the strategy of incremental information training between tasks, which utilizes meta-learning to quickly update the model parameters under new slices, thus effectively improving the scalability of the model. Finally, experimental results on large-scale real Ethereum phishing scam datasets show that our 2DynEthNet outperforms the state-of-the-art methods with 28.44% average Recall and achieves the most efficient training speed, proving the effectiveness of both temporal edge representation and meta-learning. In addition, we provide an Ethereum large-scale dynamic graph transaction dataset, ETGraph, which aligns with the data distribution in real transaction scenarios without sampling and filtering unlabeled accounts.

computer science, theory & methods,engineering, electrical & electronic

Wesley Joon-Wie Tann,Xing Jie Han,Sourav Sen Gupta,Yew-Soon Ong

DOI: https://doi.org/10.48550/arXiv.1811.06632

2019-06-07

Abstract:Symbolic analysis of security exploits in smart contracts has demonstrated to be valuable for analyzing predefined vulnerability properties. While some symbolic tools perform complex analysis steps, they require a predetermined invocation depth to search vulnerable execution paths, and the search time increases with depth. The number of contracts on blockchains like Ethereum has increased 176 fold since December 2015. If these symbolic tools fail to analyze the increasingly large number of contracts in time, entire classes of exploits could cause irrevocable damage. In this paper, we aim to have safer smart contracts against emerging threats. We propose the approach of sequential learning of smart contract weaknesses using machine learning---long-short term memory (LSTM)---that allows us to be able to detect new attack trends relatively quickly, leading to safer smart contracts. Our experimental studies on 620,000 smart contracts prove that our model can easily scale to analyze a massive amount of contracts; that is, the LSTM maintains near constant analysis time as contracts increase in complexity. In addition, our approach achieves $99\%$ test accuracy and correctly analyzes contracts that were false positive (FP) errors made by a symbolic tool.

Cryptography and Security

Shipeng Li,Jingwei Li,Yuxing Tang,Xiapu Luo,Zheyuan He,Zihao Li,Xi Cheng,Yang Bai,Ting Chen,Yuzhe Tang,Zhe Liu,Xiaosong Zhang

DOI: https://doi.org/10.1109/tc.2023.3248280

IF: 3.183

2023-01-01

IEEE Transactions on Computers

Abstract:Today&#x27;s blockchain systems store detailed runtime information in the format of transactions and blocks, which are valuable not only to understand the finance of blockchain-based ecosystems but also to audit the security of on-chain applications. However, exploring this blockchain “big data” is challenging due to data heterogeneity and the huge amount. Existing blockchain exploration techniques are either incomplete or inefficient, making them inapt in time-sensitive applications. This paper presents ${sf BlockExplorer}$, an efficient and flexible blockchain exploration system for Ethereum. ${sf BlockExplorer}$ builds on a master-slave architecture, where the master partitions all blocks into multiple non-overlapped sets and each slave simultaneously processes Ethereum big data based on a set of blocks. ${sf BlockExplorer}$ implements a transaction-based partitioning approach to address load balance among slaves, and a code instrumentation approach to acquire complete Ethereum big data. The evaluation shows that ${sf BlockExplorer}$ accelerates the data acquisition performance of the state-of-the-art by 4.1×, while the workload difference among slaves is up to 18%. To demonstrate the application of ${sf BlockExplorer}$, we develop three apps upon ${sf BlockExplorer}$ to detect real-life attacks against Ethereum and show that our apps can detect attacks in a large range of blocks (e.g., ten million) within a short time (e.g., multiple hours).

engineering, electrical & electronic,computer science, hardware & architecture

Tengyun Jiao,Zhiyu Xu,Minfeng Qi,Sheng Wen,Yang Xiang,Gary Nan

DOI: https://doi.org/10.1145/3643895

2024-02-12

Abstract:A smart contract is a computerised transaction agreement that carries out predefined terms without human involvement or third-party intermediaries. It serves as a trust intermediary in several industries, including finance, insurance, and supply chain management, in the blockchain 2.0 era. With the increasing interest in smart contracts, security has become a serious problem. Examining typical vulnerability types and vulnerability detection methodologies is of special importance. In this research, a comprehensive evaluation of common smart contract security vulnerabilities is conducted, and a three-tier threat model is then provided to classify the vulnerabilities. In addition, we examine fourteen existing smart contract analysis tools for finding vulnerabilities and classify them according to the main technique they apply. This paper is designed to serve as a reference for people who wish to analyse deployed code and enhance existing detection techniques. At the conclusion, open issues and future research paths regarding smart contract vulnerability detection are presented.