Title | ||
---|---|---|
SmartDagger : A Bytecode-based Static Analysis Approach for Detecting Cross-contract Vulnerability |
Abstract | ||
---|---|---|
With the increasing popularity of blockchain, automatically detecting vulnerabilities in smart contracts is becoming a significant problem. Prior research mainly identifies smart contract vulnerabilities without considering the interactions between multiple contracts. Due to the lack of analyzing the fine-grained contextual information during cross-contract invocations, existing approaches often produced a large number of false positives and false negatives. This paper proposes SmartDagger, a new framework for detecting cross-contract vulnerability through static analysis at the bytecode level. SmartDagger integrates a set of novel mechanisms to ensure its effectiveness and efficiency for cross-contract vulnerability detection. Particularly, SmartDagger effectively recovers the contract attribute information from the smart contract bytecode, which is critical for accurately identifying cross-contract vulnerabilities. Besides, instead of performing the typical whole-program analysis which is heavy-weight and time-consuming, SmartDagger selectively analyzes a subset of functions and reuses the data-flow results, which helps to improve its efficiency. Our further evaluation over a manually labelled dataset showed that SmartDagger significantly outperforms other state-of-the-art tools (i.e., Oyente, Slither, Osiris, and Mythril) for detecting cross-contract vulnerabilities. In addition, running SmartDagger over a randomly selected dataset of 250 smart contracts in the real-world, SmartDagger detects 11 cross-contract vulnerabilities, all of which are missed by prior tools. |
Year | DOI | Venue |
---|---|---|
2022 | 10.1145/3533767.3534222 | ISSTA 2022: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis |
DocType | Citations | PageRank |
Conference | 0 | 0.34 |
References | Authors | |
21 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
[issta]: zeqin liao | 1 | 0 | 0.34 |
Zibin Zheng | 2 | 3731 | 199.37 |
Xi Chen | 3 | 333 | 70.76 |
yuhong nan | 4 | 0 | 0.34 |