Xing Hu,Zhipeng Gao,Xin Xia,David Lo,Xiaohu Yang

DOI: https://doi.org/10.1109/ase51524.2021.9678552

2021-01-01

Abstract:Smart contracts have obtained much attention and are crucial for automatic financial and business transactions. For end-users who have never seen the source code, they can read the user notice shown in end-user client to understand what a transaction does of a smart contract function. However, due to time constraints or lack of motivation, user notice is often missing during the development of smart contracts. For end-users who lack the information of the user notices, there is no easy way for them to check the code semantics of the smart contracts. Thus, in this paper, we propose a new approach SMARTDOC to generate user notice for smart contract functions automatically. Our tool can help end-users better understand the smart contract and aware of the financial risks, improving the users' confidence on the reliability of the smart contracts. SMARTDOC exploits the Transformer to learn the representation of source code and generates natural language descriptions from the learned representation. We also integrate the Pointer mechanism to copy words from the input source code instead of generating words during the prediction process. We extract 7,878 (function, notice) pairs from 54,739 smart contracts written in Solidity. Due to the limited amount of collected smart contract functions (i.e., 7,878 functions), we exploit a transfer learning technique to utilize the learned knowledge to improve the performance of SMARTDOC. The learned knowledge obtained by the pre-training on a corpus of Java code, that has similar characteristics as Solidity code. The experimental results show that our approach can effectively generate user notice given the source code and significantly outperform the state-of-the-art approaches. To investigate human perspectives on our generated user notice, we also conduct a human evaluation and ask participants to score user notice generated by different approaches. Results show that SMARTDOC outperforms baselines from three aspects, naturalness, informativeness, and similarity.

Lantian Li,Yejian Liang,Zhihao Liu,Zhongxing Yu

2023-08-24

Abstract:Writing logging messages is a well-established conventional programming practice, and it is of vital importance for a wide variety of software development activities. The logging mechanism in Solidity programming is enabled by the high-level event feature, but up to now there lacks study for understanding Solidity event logging practices in the wild. To fill this gap, we in this paper provide the first quantitative characteristic study of the current Solidity event logging practices using 2,915 popular Solidity projects hosted on GitHub. The study methodically explores the pervasiveness of event logging, the goodness of current event logging practices, and in particular the reasons for event logging code evolution, and delivers 8 original and important findings. The findings notably include the existence of a large percentage of independent event logging code modifications, and the underlying reasons for different categories of independent event logging code modifications are diverse (for instance, bug fixing and gas saving). We additionally give the implications of our findings, and these implications can enlighten developers, researchers, tool builders, and language designers to improve the event logging practices. To illustrate the potential benefits of our study, we develop a proof-of-concept checker on top of one of our findings and the checker effectively detects problematic event logging code that consumes extra gas in 35 popular GitHub projects and 9 project owners have already confirmed the detected issues.

Software Engineering

Yilin Wang,Xiangping Chen,Yuan Huang,Hao-Nan Zhu,Jing Bian,Zibin Zheng

DOI: https://doi.org/10.1016/j.jss.2023.111787

2022-01-01

SSRN Electronic Journal

Abstract:Smart contracts are pieces of code that reside inside the blockchains and can be triggered to execute any transaction when specifically predefined conditions are satisfied. Being commonly used for commercial transactions in blockchain makes the security of smart contracts particularly important. Over the last few years, we have seen a great deal of academic and practical interest in detecting and fixing the bugs in smart contracts written by Solidity. But little is known about the real bug fixes in Solidity smart contract projects. To understand the bug fixes and enrich the knowledge of bug fixes in real-world projects, we conduct an empirical study on historical bug fixes from 46 real-world Solidity smart contract projects in this paper. We provide a multi-faceted discussion and mainly explore the following four questions: File Type and Amount, Fix Complexity, Bug distribution, and Fix Patches. We distill four findings during the process to explore these four questions. Finally, based on these findings, we provide actionable implications to improve the current approaches to fixing bugs in Solidity smart contracts from three aspects: Automatic repair techniques, Analysis tools, and Solidity developers.

Zhiyuan Wei,Jing Sun,Zijian Zhang,Xianhao Zhang,Meng Li,Liehuang Zhu

2023-11-02

Abstract:Blockchain smart contracts have emerged as a transformative force in the digital realm, spawning a diverse range of compelling applications. Since solidity smart contracts across various domains manage trillions of dollars in virtual coins, they become a prime target for attacks. One of the primary challenges is keeping abreast of the latest techniques and tools for developing secure smart contracts and examining those already deployed. In this paper, we seek to address these challenges from four aspects: (1) We begin by examining ten automatic tools, specifically focusing on their methodologies and their ability to identify vulnerabilities in solidity smart contracts. (2) We propose a novel criterion for evaluating these tools, based on the ISO/IEC 25010 standard. (3) To facilitate the evaluation of the selected tools, we construct a benchmark that encompasses two distinct datasets: a collection of 389 labelled smart contracts and a scaled set of 20,000 unique cases from real-world contracts. (4) We provide a comparison of the selected tools, offering insights into their strengths and weaknesses and highlighting areas where further improvements are needed. Through this evaluation, we hope to provide developers and researchers with valuable guidance on selecting and using smart contract analysis tools and contribute to the ongoing efforts to improve the security and reliability of smart contracts.

Distributed, Parallel, and Cluster Computing

Charalambos Mitropoulos,Maria Kechagia,Chrysostomos Maschas,Sotiris Ioannidis,Federica Sarro,Dimitris Mitropoulos

2024-02-06

Abstract:The usage of error handling in Solidity smart contracts is vital because smart contracts perform transactions that should be verified. Transactions that are not carefully handled, may lead to program crashes and vulnerabilities, implying financial loss and legal consequences. While Solidity designers attempt to constantly update the language with new features, including error-handling (EH) features, it is necessary for developers to promptly absorb how to use them. We conduct a large-scale empirical study on 283K unique open-source smart contracts to identify patterns regarding the usage of Solidity EH features over time. Overall, the usage of most EH features is limited. However, we observe an upward trend (> 60%) in the usage of a Solidity-tailored EH feature, i.e., require. This indicates that designers of modern programming languages may consider making error handling more tailored to the purposes of each language. Our analysis on 102 versions of the Solidity documentation indicates the volatile nature of Solidity, as the language changes frequently, i.e., there are changes on EH features once or twice a year. Such frequent releases may confuse smart contract developers, discouraging them to carefully read the Solidity documentation, and correctly adopt EH features. Furthermore, our findings reveal that nearly 70% of the examined smart contracts are exposed to potential failures due to missing error handing, e.g., unchecked external calls. Therefore, the use of EH features should be further supported via a more informative documentation containing (1) representative and meaningful examples and (2) details about the impact of potential EH misuses.

Software Engineering

Haoyang Ma,Wuqi Zhang,Qingchao Shen,Yongqiang Tian,Junjie Chen,Shing-Chi Cheung

DOI: https://doi.org/10.1145/3650212.3680362

2024-08-09

Abstract:Solidity compiler plays a key role in enabling the development of smart contract applications on Ethereum by governing the syntax of a domain-specific language called Solidity and performing compilation and optimization of Solidity code. The correctness of Solidity compiler is critical in fostering transparency, efficiency, and trust in industries reliant on smart contracts. However, like other software systems, Solidity compiler is prone to bugs, which may produce incorrect bytecodes on blockchain platforms, resulting in severe security concerns. As a domain-specific compiler for smart contracts, Solidity compiler differs from other compilers in many perspectives, posing unique challenges to detect its bugs. To understand the bugs in Solidity compiler and benefit future research, in this paper, we present the first systematic study on 533 Solidity compiler bugs. We carefully examined their characteristics (including symptoms, root causes, and distribution), and their triggering test cases. Our study leads to seven bug-revealing takeaways for Solidity compiler. Moreover, to study the limitations of Solidity compiler fuzzers and bring our findings into practical scenarios, we evaluate three Solidity compiler fuzzers on our constructed benchmark. The results show that these fuzzers are inefficient in detecting Solidity compiler bugs. The inefficiency arises from their failure to consider the interesting bug-inducing features, bug-related compilation flags, and test oracles

Software Engineering

Beibei Wang,Lin Chen,Wanwangying Ma,Zhifei Chen,Baowen Xu

DOI: https://doi.org/10.18293/seke2015-97

2015-01-01

Abstract:The dynamic features of programming languages are useful constructs that bring developers convenience and flexibility, but they are also perceived to lead to difficulties in software maintenance.Figuring out whether the use of dynamic features affects maintenance is significant for both researchers and practitioners, yet little work has been done to investigate it.In this paper, we conduct an empirical study to explore whether program source code files using dynamic features are more change-prone and whether particular categories of dynamic features are more correlated to change-proneness than others.To this end, we statically analyze historical data from 4 to 7 years of the development of seven open-source systems.We employ Fisher and Mann-Whitney hypothetical test methods, along with logistic regression model to solve three research questions.The results show that: (1) files with dynamic features are more change-prone, (2) files with a higher number of dynamic features are more change-prone, and (3) Introspection is shown to be more correlated to change-proneness than the other three categories in most systems.This innovative work can give some inspirations and references to researchers who are always focusing their eyes on how and why the dynamic features are used.For practitioners, we suggest them to be wary of files with dynamic features because they are more likely to be the subject of their maintenance effort.

Xuetao Wei,Can Lu,Fatma Rana Ozcan,Ting Chen,Boyang Wang,Di Wu,Qiang Tang

DOI: https://doi.org/10.1007/978-3-030-37231-6_13

2019-01-01

Abstract:The inception of blockchain techniques has been revolutionizing various domains, e.g., Internet of Things, supply chain and health-care. Ethereum smart contracts emerge as the promising blockchain application, which could enable distrustful parties to participate in the automatic and trustful transactions. Given the increasing importance of Ethereum smart contracts, understanding them becomes imperative. However, prior work only studied smart contracts with general high-level patterns, and one critical question has not been answered yet: how do smart contracts behave individually? In this paper, we present a behavior-aware profiling of individual smart contract from a multi-party perspective, which improves the visibility of the smart contract ecosystem. We conduct a detailed study of the behavior of individual smart contract on two real-world datasets, and our profiling reveals interesting and surprising observations. For example, a few contract completion chains have more than 50 contracts and all of them belong to the Finance category. We also discuss the implications that lead to recommendations to improve the security and performance of the smart contract ecosystem. Overall, our work effectively complements previous work towards generating a comprehensive understanding of smart contracts.

Jiao Jiao,Shuanglong Kan,Shang-Wei Lin,David Sanan,Yang Liu,Jun Sun

DOI: https://doi.org/10.48550/arXiv.1804.01295

2018-04-04

Abstract:Bitcoin has attracted everyone's attention and interest recently. Ethereum (ETH), a second generation cryptocurrency, extends Bitcoin's design by offering a Turing-complete programming language called Solidity to develop smart contracts. Smart contracts allow creditable execution of contracts on EVM (Ethereum Virtual Machine) without third parties. Developing correct smart contracts is challenging due to its decentralized computation nature. Buggy smart contracts may lead to huge financial loss. Furthermore, smart contracts are very hard, if not impossible, to patch once they are deployed. Thus, there is a recent surge of interest on analyzing/verifying smart contracts. While existing work focuses on EVM opcode, we argue that it is equally important to understand and define the semantics of Solidity since programmers program and reason about smart contracts at the level of source code. In this work, we develop the structural operational semantics for Solidity, which allows us to identify multiple design issues which underlines many problematic smart contracts. Furthermore, our semantics is executable in the K framework, which allows us to verify/falsify contracts automatically.

Programming Languages

Majd Soud,Grischa Liebel,Mohammad Hamdaqa

DOI: https://doi.org/10.48550/arXiv.2203.14850

2022-03-28

Cryptography and Security

Abstract:Context: Smart contracts are computer programs that are automatically executed on the blockchain. Vulnerabilities in their implementation have led to severe loss of cryptocurrency. Smart contracts become immutable when deployed to the Ethereum blockchain. Therefore, it is essential to understand the nature of vulnerabilities in Ethereum smart contracts to prevent them in the future. Existing classifications exist, but are limited in several ways. Objective: We aim to characterize vulnerabilities in Ethereum smart contracts written in Solidity, and unify existing classifications schemes. Method: We extracted 2143 vulnerabilities from public coding platforms and popular vulnerability databases and categorized them using a card sorting approach. We targeted the Ethereum blockchain in this paper, as it is the first and most popular blockchain to support the deployment of smart contracts, and Solidity as the most widely used language to implement smart contracts. We devised a classification scheme of smart contract vulnerabilities according to their error source and impact. Afterwards, we mapped existing classification schemes to our classification. Results: The resulting classification consists of 11 categories describing the error source of a vulnerability and 13 categories describing potential impacts. Our findings show that the language specific coding and the structural data flow categories are the dominant categories, but that the frequency of occurrence differs substantially between the data sources. Conclusions: Our findings enable researchers to better understand smart contract vulnerabilities by defining various dimensions of the problem and supporting our classification with mappings with literature-based classifications and frequency distributions of the defined categories.

João F. Ferreira,Pedro Cruz,Thomas Durieux,Rui Abreu

DOI: https://doi.org/10.48550/arXiv.2007.04771

2020-07-10

Abstract:Over the last few years, there has been substantial research on automated analysis, testing, and debugging of Ethereum smart contracts. However, it is not trivial to compare and reproduce that research. To address this, we present SmartBugs, an extensible and easy-to-use execution framework that simplifies the execution of analysis tools on smart contracts written in Solidity, the primary language used in Ethereum. SmartBugs is currently distributed with support for 10 tools and two datasets of Solidity contracts. The first dataset can be used to evaluate the precision of analysis tools, as it contains 143 annotated vulnerable contracts with 208 tagged vulnerabilities. The second dataset contains 47,518 unique contracts collected through Etherscan. We discuss how SmartBugs supported the largest experimental setup to date both in the number of tools and in execution time. Moreover, we show how it enables easy integration and comparison of analysis tools by presenting a new extension to the tool SmartCheck that improves substantially the detection of vulnerabilities related to the DASP10 categories Bad Randomness, Time Manipulation, and Access Control (identified vulnerabilities increased from 11% to 24%).

Software Engineering,Cryptography and Security

Zhou Liao,Shuwei Song,Hang Zhu,Xiapu Luo,Zheyuan He,Renkai Jiang,Ting Chen,Jiachi Chen,Tao Zhang,Xiaosong Zhang

DOI: https://doi.org/10.1109/TSE.2022.3163614

IF: 7.4

2023-01-01

IEEE Transactions on Software Engineering

Abstract:Being the most popular programming language for developing Ethereum smart contracts, Solidity allows using inline assembly to gain fine-grained control. Although many empirical studies on smart contracts have been conducted, to the best of our knowledge, none has examined inline assembly in smart contracts. To fill the gap, in this paper, we conduct the first large-scale empirical study of inline assembly on more than 7.6 million open-source Ethereum smart contracts from three aspects, namely, source code, bytecode, and transactions after designing new approaches to tackle several technical challenges. Through a thorough quantitative and qualitative analysis of the collected data, we obtain many new observations and insights. Moreover, by conducting a questionnaire survey on using inline assembly in smart contracts, we draw new insights from the valuable feedback. This work sheds light on the development of smart contracts as well as the evolution of Solidity and its compilers.

Meng Ren,Fuchen Ma,Zijing Yin,Ying Fu,Huizhong Li,Wanli Chang,Yu Jiang

DOI: https://doi.org/10.1145/3468264.3473929

2021-01-01

Abstract:With the rapid development of distributed applications, smart contracts have attracted more and more developers' attentions. However, developers or domain experts have different levels of familiarity with specific programming languages, like Solidity, and those vulnerabilities hidden in the code would be exploited and result in huge property losses. Existing auxiliary tools lack security considerations. Most of them only provide word completion based on fuzzy search and detection services for limited types of vulnerabilities, which results in the manpower waste during coding and potential vulnerability threats after deployment. In this work, we propose an integrated framework to enhance security in the two stages of recommendation and validation, assisting developers to implement more secure contracts more quickly. First, we reinforce original smart contracts with general patch patterns and secure programming standards for training, and design a real-time code suggestion algorithm to predict secure words for selection. Then, we integrate multiple widely-used testing tools to provide validation services. For evaluation, we collected 47,398 real-world contracts, and the result shows that it outperforms existing platforms and tools, improving the average word suggestion accuracy by 30%-60% and helping detect about 25%-61% more vulnerabilities. In most cases, our framework can correctly predict next words with the probability up to 82%-97% within top ten candidates. Compared with professional vulnerability mining tools, it can find more vulnerabilities and provide targeted modification suggestions without frivolous configurations. Currently, this framework has been used as the official development tool of WeBank and integrated as the recommended platform by FISCO-BCOS community.

Weiqin Zou,David Lo,Pavneet Singh Kochhar,Xuan-Bach Dinh Le,Xin Xia,Yang Feng,Zhenyu Chen,Baowen Xu

DOI: https://doi.org/10.1109/tse.2019.2942301

IF: 7.4

2021-10-01

IEEE Transactions on Software Engineering

Abstract:Smart contract, a term which was originally coined to refer to the automation of legal contracts in general, has recently seen much interest due to the advent of blockchain technology. Recently, the term is popularly used to refer to low-level code scripts running on a blockchain platform. Our study focuses exclusively on this subset of smart contracts. Such smart contracts have increasingly been gaining ground, finding numerous important applications (e.g., crowdfunding) in the real world. Despite the increasing popularity, smart contract development still remains somewhat a mystery to many developers largely due to its special design and applications. Are there any differences between smart contract development and traditional software development? What kind of challenges are faced by developers during smart contract development? Questions like these are important but have not been explored by researchers yet. In this paper, we performed an exploratory study to understand the current state and potential challenges developers are facing in developing smart contracts on blockchains, with a focus on Ethereum (the most popular public blockchain platform for smart contracts). Toward this end, we conducted this study in two phases. In the first phase, we conducted semi-structured interviews with 20 developers from GitHub and industry professionals who are working on smart contracts. In the second phase, we performed a survey on 232 practitioners to validate the findings from the interviews. Our interview and survey results revealed several major challenges developers are facing during smart contract development: (1) there is no effective way to guarantee the security of smart contract code; (2) existing tools for development are still very basic; (3) the programming languages and the virtual machines still have a number of limitations; (4) performance problems are hard to handle under resource constrained running environment; and (5) online resources (including advanced/updated documents and community support) are still limited. Our study suggests several directions that researchers and practitioners can work on to help improve developers experience on developing high-quality smart contracts.

engineering, electrical & electronic,computer science, software engineering

Jinan Jiang,Zihao Li,Haoran Qin,Muhui Jiang,Xiapu Luo,Xiaoming Wu,Haoyu Wang,Yutian Tang,Chenxiong Qian,Ting Chen

DOI: https://doi.org/10.1109/tse.2024.3491578

IF: 7.4

2024-01-01

IEEE Transactions on Software Engineering

Abstract:Smart contracts are automated programs stored on a blockchain, featuring unique attributes such as permissionlessness, trustlessness, immutability, and transparency. These properties underpin an array of unprecedented decentralized services. Compiled into bytecodes, Ethereum smart contracts are executed within the Ethereum Virtual Machine (EVM). Ethereum’s distinct gas mechanism assigns a price to each bytecode execution, incentivizing resource-efficient computing. However, a disconnect exists between conventional coding practices and the less intuitive gas consumption computation mechanism, resulting in inadvertent gas wastage. Gas-wasting code smells at the source code level have been studied in various related works; however, the task of manually identifying such code smells by reading through codes and reasoning about them is both time-consuming and economically inefficient. In this work, we propose to leverage Large Language Models (LLMs), which have seen a surge in popularity recently, to facilitate undertaking the labor-intensive part of the code-smell-finding pipeline. In particular, we focus on Solidity, the predominant programming language for Ethereum smart contracts. Overall, we identified 26 gas-wasting code smells, out of which 13 were not presented in previous papers. On average, applying these code smells led to a reduction of approximately 10.534% in deployment costs and 21.528% in message call costs across our test codes. We further make a report on each of the identified code smells with associated example contracts sourced from either previous literature or recently deployed contracts.

Massimo Bartoletti,Fabio Fioravanti,Giulia Matricardi,Roberto Pettinau,Franco Sainas

2024-02-16

Abstract:Formal verification of smart contracts has become a hot topic in academic and industrial research, given the growing value of assets managed by decentralized applications and the consequent incentive for adversaries to tamper with them. Most of the current research on the verification of contracts revolves around Solidity, the main high-level language supported by Ethereum and other leading blockchains. Although bug detection tools for Solidity have been proliferating almost since the inception of Ethereum, only in the last few years we have seen verification tools capable of proving that a contract respects some desirable properties. An open issue is how to evaluate and compare the effectiveness of these tools: indeed, the existing benchmarks for general-purpose programming languages cannot be adapted to Solidity, given substantial differences in the programming model and in the desirable properties. We address this problem by proposing an open benchmark for Solidity verification tools. By exploiting our benchmark, we compare two leading tools, SolCMC and Certora, discussing their completeness, soundness and expressiveness limitations.

Logic in Computer Science

Zhenzhou Tian,Fanfan Wang,Yanping Chen,Lingwei Chen

DOI: https://doi.org/10.1007/s11219-024-09673-5

2024-04-25

Software Quality Journal

Abstract:Solidity, the language utilized for developing smart contracts, has been gaining increased importance in blockchain system. Ensuring bug-free of its accompanying language compiler, which converts the contract source codes into executables finally deployed on the blockchain, is thus of paramount importance. This study presents DeSCDT, a Deep learning-based Solidity Compiler Differential Testing approach, to explore possible defects in Solidity compiler. At the core lies a well-behaving deep contract generator following the Transformer architecture and learnt with diverse contract code. From an initial seed pool of contracts carefully picked through semantic encoding and clustering, the generator is capable of stably producing highly syntactic-valid and functional-rich smart contracts, with three meticulously formulated generation strategies and a set of mutation operations. Subsequently, in the meantime of compiling these generated contracts to trigger compiler crashes, a differential testing environment is set up to explore misoptimization bugs, by observing the inconsistencies between the outcomes and the aspects including opcode size of the optimized and non-optimized bytecodes. For the experiments, the syntactic validity and diversity of the contracts generated with DeSCDT, as well as its ability in discovering compiler defects, are investigated. The findings indicate that DeSCDT can effectively generate syntactically correct contracts with a pass rate of 90.8% alongside high diversity. Among the contracts tested for a 24-h running of DeSCDT, 37.4% of them expose inconsistencies across the optimized and non-optimized version of the same contract. Six bugs that could trigger direct crashing of the compiler have also been detected.

computer science, software engineering

Chihiro Kado,Naoto Yanai,Jason Paul Cruz,Kyosuke Yamashita,Shingo Okamura

2023-06-07

Abstract:Vulnerabilities of Ethereum smart contracts often cause serious financial damage. Whereas the Solidity compiler has been updated to prevent vulnerabilities, its effectiveness has not been revealed so far, to the best of our knowledge. In this paper, we shed light on the impact of compiler versions of vulnerabilities of Ethereum smart contracts. To this end, we collected 503,572 contracts with Solidity source codes in the Ethereum blockchain and then analyzed their vulnerabilities. For three vulnerabilities with high severity, i.e., Locked Money, Using tx.origin, and Unchecked Call, we show that their appearance rates are decreased by virtue of major updates of the Solidity compiler. We then found the following four key insights. First, after the release of version 0.6, the appearance rate for Locked Money has decreased. Second, regardless of compiler updates, the appearance rate for Using tx.origin is significantly low. Third, although the appearance rate for Unchecked Call has decreased in version 0.8, it still remains high due to various factors, including code clones. Fourth, through analysis of code clones, our promising results show that the appearance rate for Unchecked Call can be further decreased by removing the code clones.

Cryptography and Security,Software Engineering

Pengcheng Zhang,Feng Xiao,Xiapu Luo

DOI: https://doi.org/10.48550/arXiv.2009.02066

2020-09-04

Abstract:Ethereum is the largest blockchain platform that supports smart contracts. Users deploy smart contracts by publishing the smart contract's bytecode to the blockchain. Since the data in the blockchain cannot be modified, even if these contracts contain bugs, it is not possible to patch deployed smart contracts with code updates. Moreover, there is currently neither a comprehensive classification framework for Ethereum smart contract bugs, nor detailed criteria for detecting bugs in smart contracts, making it difficult for developers to fully understand the negative effects of bugs and design new approaches to detect bugs. In this paper, to fill the gap, we first collect as many smart contract bugs as possible from multiple sources and divide these bugs into 9 categories by extending the IEEE Standard Classification for Software Anomalies. Then, we design the criteria for detecting each kind of bugs, and construct a dataset of smart contracts covering all kinds of bugs. With our framework and dataset, developers can learn smart contract bugs and develop new tools to detect and locate bugs in smart contracts. Moreover, we evaluate the state-of-the-art tools for smart contract analysis with our dataset and obtain some interesting findings: 1) Mythril, Slither and Remix are the most worthwhile combination of analysis tools. 2) There are still 10 kinds of bugs that cannot be detected by any analysis tool.

Software Engineering

Xia Liu,Baojian Hua,Yang Wang,Zhizhong Pan

DOI: https://doi.org/10.1109/saner56733.2023.00011

2023-01-01

Abstract:Smart contract decompilers, converting smart contract bytecode into smart contract source code, have been used extensively in many scenarios such as binary code analysis, reverse engineering, and security studies. However, existing studies, as well as industrial engineering practices, all assumed that smart contract decompilers are reliable and trustworthy, to generate correct and semantically equivalent source code from binaries. Unfortunately, whether such an assumption truly holds in practice is still unknown.In this paper, we conduct, to the best of our knowledge, the first and most comprehensive large-scale empirical study of smart contract decompilers, to gain an understanding of the reliability, limitations, and remaining research challenges of state-of-the-art smart contract decompilation tools. We first designed and implemented a software prototype SOLINSIGHT, then used it to study 5 state-of-the-art smart contract decompilers. We obtained important findings and insights from empirical results, such as: 1) we proposed 3 root causes leading to decompiler failures; 2) we revealed 2 reasons hurting performance; 3) we identified 3 root causes affecting decompilation effectiveness; 4) we proposed a measurement metric for completeness; and 5) we investigated the resilience of contract decompilers against program transformations. We suggest that: 1) decompiler builders should enhance decompilers in terms of effectiveness, performance, and completeness; and 2) security researchers should select appropriate decompilers based on the suggestions in this study. We believe these findings and suggestions will help decompiler builders, contract developers, and security researchers, by providing better guidelines for contract decompiler studies.