ACM Digital Library home
ACM home
Advanced Search
10.1145/2976749.2978309acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedings
research-article

Making Smart Contracts Smarter

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityOctober 2016 Pages 254–269https://doi.org/10.1145/2976749.2978309
Published:24 October 2016
  • 511citation
  • 9,472
    • Downloads
Metrics
Total Citations511
Total Downloads9,472
Last 12 Months1,401
Last 6 weeks164

ABSTRACT

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins.

In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.

References

  1. Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. bitcoin.org, 2009.Google ScholarGoogle Scholar
  2. Ethereum Foundation. Ethereum's white paper. https://github.com/ethereum/wiki/wiki/White-Paper, 2014.Google ScholarGoogle Scholar
  3. A Miller, A Juels, E Shi, B Parno, and J Katz. Permacoin: Repurposing Bitcoin work for long-term data preservation. IEEE Security and Privacy, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Use case for factom: The world's first blockchain operating system (bos). http://kencode.de/projects/ePlug/Factom-Linux-Whitepaper.pdf, Feb 2015.Google ScholarGoogle Scholar
  5. Nick Szabo. The idea of smart contracts. http://szabo.best.vwh.net/smart_contracts_idea.html, 1997.Google ScholarGoogle Scholar
  6. Loi Luu, Jason Teutsch, Raghav Kulkarni, and Prateek Saxena. Demystifying incentives in the consensus computer. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 706--719. ACM, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. EtherDice smart contract is down for maintenance. https://www.reddit.com/r/ethereum/comments/47f028/etherdice_is_down_for_maintenance_we_are_having/.Google ScholarGoogle Scholar
  8. RSK Labs. Rootstock: Smart contracts platform powered by Bitcoin. http://www.rootstock.io/, 2015.Google ScholarGoogle Scholar
  9. Counterparty platform. http://counterparty.io/, 2015.Google ScholarGoogle Scholar
  10. James C. Corbett, Jeffrey Dean, Michael Epstein, Andrew Fikes, Christopher Frost, J. J. Furman, Sanjay Ghemawat, Andrey Gubarev, Christopher Heiser, Peter Hochschild, Wilson Hsieh, Sebastian Kanthak, Eugene Kogan, Hongyi Li, Alexander Lloyd, Sergey Melnik, David Mwaura, David Nagle, Sean Quinlan, Rajesh Rao, Lindsay Rolig, Yasushi Saito, Michal Szymaniak, Christopher Taylor, Ruth Wang, and Dale Woodford. Spanner: Google's globally distributed database. ACM Trans. Comput. Syst., aug 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Jason Baker, Chris Bond, James C. Corbett, JJ Furman, Andrey Khorlin, James Larson, Jean-Michel Leon, Yawei Li, Alexander Lloyd, and Vadim Yushprakh. Megastore: Providing scalable, highly available storage for interactive services. In Proceedings of the Conference on Innovative Data system Research (CIDR), pages 223--234, 2011.Google ScholarGoogle Scholar
  12. KingOfTheEtherThrone smart contract. https://github.com/kieranelby/KingOfTheEtherThrone/blob/v0.4.0/contracts/KingOfTheEtherThrone.sol.Google ScholarGoogle Scholar
  13. GovernMental's 1100 ETH payout is stuck because it uses too much gas. https://www.reddit.com/r/ethereum/comments/4ghzhv/governmentals_1100_eth_jackpot_payout_is_stuck/.Google ScholarGoogle Scholar
  14. Kevin Delmolino, Mitchell Arnett, Ahmed Kosba, Andrew Miller, and Elaine Shi. Step by step towards creating a safe smart contract: Lessons and insights from a cryptocurrency lab. Cryptology ePrint Archive, Report 2015/460, 2015. http://eprint.iacr.org/.Google ScholarGoogle Scholar
  15. Gavin Wood. Ethereum: A secure decentralised generalised transaction ledger. http://gavwood.com/paper.pdf, 2014.Google ScholarGoogle Scholar
  16. Ethereum Foundation. The solidity contract-oriented programming language. https://github.com/ethereum/solidity.Google ScholarGoogle Scholar
  17. Ethereum Foundation. The serpent contract-oriented programming language. https://github.com/ethereum/serpent.Google ScholarGoogle Scholar
  18. Oyente project page. https://www.comp.nus.edu.sg/ loiluu/oyente.html.Google ScholarGoogle Scholar
  19. TheDAO smart contract. http://etherscan.io/address/0xbb9bc244d798123fde783fcc1c72d3bb8c189413#code.Google ScholarGoogle Scholar
  20. EtherEx: A fully decentralized cryptocurrency exchange. https://etherex.org/.Google ScholarGoogle Scholar
  21. EtherOpt: A decentralized options exchange. http://etheropt.github.io/.Google ScholarGoogle Scholar
  22. The Run smart contract. https://etherscan.io/address/0xcac337492149bdb66b088bf5914bedfbf78ccc18.Google ScholarGoogle Scholar
  23. Ethereum Foundation. Block validation algorithm. https://github.com/ethereum/wiki/wiki/Block-Protocol-2.0#block-validation-algorithm.Google ScholarGoogle Scholar
  24. Andrew Miller, Brian Warner, and Nathan Wilcox. Gas economics. https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md.Google ScholarGoogle Scholar
  25. Protect The Castle Contract. http://protect-the-castle.ether-contract.org/.Google ScholarGoogle Scholar
  26. GovernMental Smart Contract. http://governmental.github.io/GovernMental/.Google ScholarGoogle Scholar
  27. Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In Proceedings of the 2016 IEEE Symposium on Security and Privacy, SP '16. IEEE Computer Society, 2016.Google ScholarGoogle ScholarCross RefCross Ref
  28. Lottopolo smart contract. https://etherchain.org/account/0x0155ce35fe73249fa5d6a29f3b4b7b98732eb2ed.Google ScholarGoogle Scholar
  29. Random number generator contract. https://github.com/randao/randao.Google ScholarGoogle Scholar
  30. Joseph Bonneau, Jeremy Clark, and Steven Goldfeder. On Bitcoin as a public randomness source. Cryptology ePrint Archive, Report 2015/1015, 2015. http://eprint.iacr.org/.Google ScholarGoogle Scholar
  31. James C. King. Symbolic execution and program testing. Commun. ACM, 19(7):385--394. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pages 238--252, New York, NY, USA, 1977. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Microsoft Corporation. The Z3 theorem prover. https://github.com/Z3Prover/z3.Google ScholarGoogle Scholar
  34. The Ethereum block explorer. https://etherscan.io/.Google ScholarGoogle Scholar
  35. The Ethereum network stats. https://etherchain.org/.Google ScholarGoogle Scholar
  36. Peter Borah. Tokenwith invariants - vulnerable contracts in ethereum. https://github.com/PeterBorah/smart-contract-security-examples/blob/7d7ef27b12f15318871c44512b70737176d23c5f/contracts/TokenWithInvariants.sol.Google ScholarGoogle Scholar
  37. Peter Vessenes. More ethereum attacks: Race-to-empty is the real deal. http://vessenes.com/more-ethereum-attacks-race-to-empty-is-the-real-deal/.Google ScholarGoogle Scholar
  38. Alexandre Naverniouk. EtherID: Ethereum name registrar. http://etherid.org/.Google ScholarGoogle Scholar
  39. Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. Town crier: An authenticated data feed for smart contracts. Cryptology ePrint Archive, Report 2016/168, 2016. http://eprint.iacr.org/.Google ScholarGoogle Scholar
  40. Ari Juels, Ahmed Kosba, and Elaine Shi. The ring of Gyges: Investigating the future of criminal smart contracts. Cryptology ePrint Archive, Report 2016/358, 2016. http://eprint.iacr.org/.Google ScholarGoogle Scholar
  41. Philip A. Bernstein and Nathan Goodman. Concurrency control in distributed database systems. ACM Comput. Surv., 13(2):185--221, June 1981. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Friedemann Mattern. Virtual time and global states of distributed systems. In Parallel and Distributed Algorithms, pages 215--226. North-Holland, 1989.Google ScholarGoogle Scholar
  43. C. J. Fidge. Timestamps in message-passing systems that preserve the partial ordering. Proceedings of the 11th Australian Computer Science Conference, 10(1):56--66, 1988.Google ScholarGoogle Scholar
  44. Leslie Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, pages 558--565, July 1978. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Andrew Koening and Bjarne Stroustrup. Exception handling for CGoogle ScholarGoogle Scholar
  46. . Journal of Object-Oriented Programming, 3(2):16--33, 1990.Google ScholarGoogle Scholar
  47. Robin Milner, Mads Tofte, and David MacQueen. The Definition of Standard ML. MIT Press, Cambridge, MA, USA, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Making Smart Contracts Smarter

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        Get this Publication

        • Article Metrics

          • Downloads (Last 12 months)1,401
          • Downloads (Last 6 weeks)164

          Other Metrics

          View Author Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        View Table of Contents
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!