ACM Digital Library Logo
ACM Logo
Advanced Search
article
Open Access

Detecting nondeterministic payment bugs in Ethereum smart contracts

Publication: Proceedings of the ACM on Programming LanguagesOctober 2019 Article No.: 189 https://doi.org/10.1145/3360615
  • 0
  • 336
Metrics
Total Citations0
Total Downloads336
Last 12 Months336
Last 6 weeks47

Abstract

The term “smart contracts” has become ubiquitous to describe an enormous number of programs uploaded to the popular Ethereum blockchain system. Despite rapid growth of the smart contract ecosystem, errors and exploitations have been constantly reported from online contract systems, which has put financial stability at risk with losses totaling millions of US dollars. Most existing research focuses on pinpointing specific types of vulnerabilities using known patterns. However, due to the lack of awareness of the inherent nondeterminism in the Ethereum blockchain system and how it affects the funds transfer of smart contracts, there can be unknown vulnerabilities that may be exploited by attackers to access numerous online smart contracts.

In this paper, we introduce a methodical approach to understanding the inherent nondeterminism in the Ethereum blockchain system and its (unwanted) influence on contract payments. We show that our new focus on nondeterminism-related smart contract payment bugs captures the root causes of many common vulnerabilities without relying on any known patterns and also encompasses recently disclosed issues that are not handled by existing research. To do so, we introduce techniques to systematically model components in the contract execution context and to expose various nondeterministic factors that are not yet fully understood. We further study how these nondeterministic factors impact contract funds transfer using information flow tracking. The technical challenge of detecting nondeterministic payments lies in discovering the contract global variables subtly affected by read-write hazards because of unpredictable transaction scheduling and external callee behavior. We show how to augment and instrument a contract program into a representation that simulates the execution of a large subset of the contract behavior. The instrumented code is then analyzed to flag nondeterministic global variables using off-the-shelf model checkers.

We implement the proposed techniques as a practical tool named NPChecker (Nondeterministic Payment Checker) and evaluate it on 30K online contracts (3,075 distinct) collected from the Ethereum mainnet. NPChecker has successfully detected nondeterministic payments in 1,111 online contracts with reasonable cost. Further investigation reports high precision of NPChecker (only four false positives in a manual study of 50 contracts). We also show that NPChecker unveils contracts vulnerable to recently-disclosed attack vectors. NPChecker can identify all six new vulnerabilities or variants of common smart contract vulnerabilities that are missed by existing research relying on a “contract vulnerability checklist.”

References

  1. 2018. Etherscan.IO. https://etherscan.io .Google ScholarGoogle Scholar
  2. 2018a. EVMJIT. https://github.com/ethereum/evmjit .Google ScholarGoogle Scholar
  3. 2018b. Known Attacks of Ethereum Smart Contract. https://consensys.github.io/smart-contract-best-practices/known_ attacks/ .Google ScholarGoogle Scholar
  4. 2019. Provable: Provable T M Random Number Generator. http://provable.xyz/ .Google ScholarGoogle Scholar
  5. 2019. RANDAO: A DAO working as RNG of Ethereum. https://github.com/randao/randao/blob/master/README.md .Google ScholarGoogle Scholar
  6. 2019. Securify Git Issues. https://github.com/eth-sri/securify/issues/98 .Google ScholarGoogle Scholar
  7. Sidney Amani, Myriam Bégel, Maksym Bortin, and Mark Staples. 2018. Towards verifying ethereum smart contract bytecode in Isabelle/HOL. In Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs. ACM, 66–77.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi, Thomas Sibut-Pinote, Nikhil Swamy, et al. 2016. Formal verification of smart contracts: Short paper. In Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security. ACM, 91–96.Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. ChainSecurity. 2019. Constantinople enables new Reentrancy Attack. https://medium.com/chainsecurity/constantinopleenables-new-reentrancy-attack-ace4088297d9 .Google ScholarGoogle Scholar
  10. Code4Block. 2018. CVE List Found by Team Code4Block. https://github.com/TEAM-C4B/CVE-LIST .Google ScholarGoogle Scholar
  11. ConsenSys. 2018. Mythril Classic. https://github.com/ConsenSys/mythril-classic .Google ScholarGoogle Scholar
  12. Yu Feng, Emina Torlak, and Rastislav Bodik. 2019. Precise Attack Synthesis for Smart Contracts. arXiv: cs.CR/1902.06067Google ScholarGoogle Scholar
  13. Geth. 2018. Go Ethereum. https://geth.ethereum.org/downloads/ .Google ScholarGoogle Scholar
  14. Neville Grech, Michael Kong, Anton Jurisevic, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2018. MadMax: Surviving Out-of-gas Conditions in Ethereum Smart Contracts. Proc. ACM Program. Lang. 2, OOPSLA, Article 116 (Oct. 2018), 27 pages.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018. A semantic framework for the security analysis of ethereum smart contracts. In International Conference on Principles of Security and Trust. Springer, 243–269.Google ScholarGoogle ScholarCross RefCross Ref
  16. Arvind Haran, Montgomery Carter, Michael Emmi, Akash Lal, Shaz Qadeer, and Zvonimir Rakamarić. 2015. SMACK+Corral: A Modular Verifier (Competition Contribution). In Proceedings of the 21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) (Lecture Notes in Computer Science), Christel Baier and Cesare Tinelli (Eds.), Vol. 9035. Springer, 450–453.Google ScholarGoogle Scholar
  17. Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Brandon Moore, Daejun Park, Yi Zhang, Andrei Stefanescu, et al. 2018. Kevm: A complete formal semantics of the ethereum virtual machine. In 2018 IEEE 31st Computer Security Foundations Symposium (CSF). IEEE, 204–217.Google ScholarGoogle ScholarCross RefCross Ref
  18. Yoichi Hirai. 2017. Defining the ethereum virtual machine for interactive theorem provers. In International Conference on Financial Cryptography and Data Security. Springer, 520–535.Google ScholarGoogle ScholarCross RefCross Ref
  19. Bo Jiang, Ye Liu, and W. K. Chan. 2018. ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE 2018). 259–269.Google ScholarGoogle Scholar
  20. Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. ZEUS: Analyzing Safety of Smart Contracts. In Proceedings of the 2018 Network and Distributed Systems Security (NDSS) Symposium (NDSS ’18).Google ScholarGoogle ScholarCross RefCross Ref
  21. Aashish Kolluri, Ivica Nikolic, Ilya Sergey, Aquinas Hobor, and Prateek Saxena. 2018. Exploiting The Laws of Order in Smart Contracts. arXiv: cs.CR/1810.11605Google ScholarGoogle Scholar
  22. Johannes Krupp and Christian Rossow. 2018. teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, 1317–1333.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Shuvendu K. Lahiri, Shaz Qadeer, and Zvonimir Rakamarić. 2009. Static and Precise Detection of Concurrency Errors in Systems Code Using SMT Solvers. In Proceedings of the 21st International Conference on Computer Aided Verification (CAV ’09). 509–524.Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making Smart Contracts Smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS ’16). ACM, 254–269.Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Anastasia Mavridou and Aron Laszka. 2018. Tool demonstration: FSolidM for designing secure Ethereum smart contracts. In International Conference on Principles of Security and Trust. Springer, 270–277.Google ScholarGoogle ScholarCross RefCross Ref
  26. Satoshi Nakamoto et al. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).Google ScholarGoogle Scholar
  27. Ivica Nikolić, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor. 2018. Finding the greedy, prodigal, and suicidal contracts at scale. In Proceedings of the 34th Annual Computer Security Applications Conference. ACM, 653–663.Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Daniel Perez and Benjamin Livshits. 2019. Smart Contract Vulnerabilities: Does Anyone Care? arXiv: cs.CR/1902.06710Google ScholarGoogle Scholar
  29. PNF. 2018. JEB Decompiler. https://www.pnfsoftware.com/ .Google ScholarGoogle Scholar
  30. Shaz Qadeer and Dinghao Wu. 2004. KISS: Keep It Simple and Sequential. In Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation (PLDI ’04). ACM, 14–24.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Zvonimir Rakamarić and Michael Emmi. 2014. SMACK: Decoupling Source Language Details from Verifier Implementations. In Computer Aided Verification, Armin Biere and Roderick Bloem (Eds.). 106–113.Google ScholarGoogle Scholar
  32. Michael Rodler, Wenting Li, Ghassan O. Karame, and Lucas Davi. 2018. Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. CoRR abs/1812.05934 (2018).Google ScholarGoogle Scholar
  33. SECBIT. 2018. Awesome Buggy ERC20 Tokens. https://github.com/sec-bit/awesome-buggy-erc20-tokens .Google ScholarGoogle Scholar
  34. Ilya Sergey and Aquinas Hobor. 2017. A Concurrent Perspective on Smart Contracts. In Proceedings of the 1st Workshop on Trusted Smart Contracts.Google ScholarGoogle ScholarCross RefCross Ref
  35. David Siegel. 2016. Understanding The DAO Attack. https://www.coindesk.com/understanding-dao-hack-journalists .Google ScholarGoogle Scholar
  36. Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). 67–82.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. D. Wood. 2014. Ethereum: a secure decentralised generalised transaction ledger.Google ScholarGoogle Scholar

Index Terms

  1. Detecting nondeterministic payment bugs in Ethereum smart contracts

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    Get this Article

    • Article Metrics

      • Downloads (Last 12 months)336
      • Downloads (Last 6 weeks)47

      Other Metrics

      View Author Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    View Issue’s Table of Contents
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!