Abstract
Smart contracts on the Ethereum blockchain greatly benefit from cutting-edge analysis techniques and pose significant challenges. A primary challenge is the extremely low-level representation of deployed contracts. We present Elipmoc, a decompiler for the next generation of smart contract analyses. Elipmoc is an evolution of Gigahorse, the top research decompiler, dramatically improving over it and over other state-of-the-art tools, by employing several high-precision techniques and making them scalable. Among these techniques are a new kind of context sensitivity (termed “transactional sensitivity”) that provides a more effective static abstraction of distinct dynamic executions; a path-sensitive (yet scalable, through path merging) algorithm for inference of function arguments and returns; and a fully context sensitive private function reconstruction process. As a result, smart contract security analyses and reverse-engineering tools built on top of Elipmoc achieve high scalability, precision and completeness.
Elipmoc improves over all notable past decompilers, including its predecessor, Gigahorse, and the state-of-the-art industrial tool, Panoramix, integrated into the primary Ethereum blockchain explorer, Etherscan. Elipmoc produces decompiled contracts with fully resolved operands at a rate of 99.5% (compared to 62.8% for Gigahorse), and achieves much higher completeness in code decompilation than Panoramix—e.g., up to 67% more coverage of external call statements—while being over 5x faster. Elipmoc has been the enabler for recent (independent) discoveries of several exploitable vulnerabilities on popular protocols, over funds in the many millions of dollars.
- 2018. Online Solidity Decompiler. http://ethervm.io/decompileGoogle Scholar
- M. Ammar Ben Khadra, Dominik Stoffel, and Wolfgang Kunz. 2016. Speculative Disassembly of Binary Code. In Proceedings of the International Conference on Compilers, Architectures and Synthesis for Embedded Systems (Pittsburgh, Pennsylvania) (CASES ’16). Association for Computing Machinery, New York, NY, USA, Article 16, 10 pages. isbn:9781450344821 Google Scholar
Digital Library
- Lee Benfield. 2020. CFR - another java decompiler. https://www.benf.org/other/cfr/Google Scholar
- Lexi Brent, Neville Grech, Sifis Lagouvardos, Bernhard Scholz, and Yannis Smaragdakis. 2020. Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities. In Conf. on Programming Language Design and Implementation (PLDI). ACM.Google Scholar
- Lexi Brent, Anton Jurisevic, Michael Kong, Eric Liu, Francois Gauthier, Vincent Gramoli, Ralph Holz, and Bernhard Scholz. 2018. Vandal: A Scalable Security Analysis Framework for Smart Contracts. arxiv:1809.03981 [cs.PL]Google Scholar
- David Brumley, JongHyup Lee, Edward J. Schwartz, and Maverick Woo. 2013. Native x86 Decompilation Using Semantics-Preserving Structural Analysis and Iterative Control-Flow Structuring. In 22nd USENIX Security Symposium (USENIX Security 13). USENIX Association, Washington, D.C., 353–368. isbn:978-1-931971-03-4 https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/schwartzGoogle Scholar
- JP Morgan Chase. 2020. Quorum: A permissioned implementation of Ethereum supporting data privacy. https://github.com/jpmorganchase/quorumGoogle Scholar
- Ting Chen, Zihao Li, Xiapu Luo, Xiaofeng Wang, Ting Wang, Zheyuan He, Kezhao Fang, Yufei Zhang, Hang Zhu, Hongwei Li, Yan Cheng, and Xiao-song Zhang. 2021. SigRec: Automatic Recovery of Function Signatures in Smart Contracts. IEEE Transactions on Software Engineering (2021), 1–1. Google Scholar
Digital Library
- Cristina Cifuentes. 1994. Reverse compilation techniques. Ph. D. Dissertation. Queensland University of Technology. https://eprints.qut.edu.au/36820/ Presented to the School of Computing Science, Queensland University of Technology..Google Scholar
- Filippo Contro, Marco Crosara, Mariano Ceccato, and Mila Dalla Preda. 2021. EtherSolve: Computing an Accurate Control-Flow Graph from Ethereum Bytecode. In 2021 IEEE/ACM 29th International Conference on Program Comprehension (ICPC). 127–137. Google Scholar
Cross Ref
- Dedaub. 2019. Rising Gas Prices are Threatening our Security (no, it’s not the Saudi attack). https://medium.com/dedaub/rising-gas-prices-are-threatening-our-security-no-its-not-the-saudi-attack-4b7aa4878e83Google Scholar
- Dedaub. 2021. EIP-3074 Impact Study. https://docs.google.com/document/d/1itvPn7BhZ9N8h27d1Ig5C86_FZpyG5_cdpsuPJYmb-o/edit?usp=sharingGoogle Scholar
- Dedaub. 2021. Ethereum Pawn Stars: ’$5.7M in hard assets? Best I can do is $2.3M’. https://medium.com/dedaub/ethereum-pawn-stars-5-7m-in-hard-assets-best-i-can-do-is-2-3m-b93604be503eGoogle Scholar
- Dedaub. 2021. Killing a Bad (Arbitrage) Bot ... to Save its Owners. https://medium.com/dedaub/killing-a-bad-arbitrage-bot-f29e7e808c7dGoogle Scholar
- Dedaub. 2021. Look Ma’, no source! Hacking a DeFi Service with No Source Code Available. https://medium.com/dedaub/look-ma-no-source-hacking-a-defi-service-with-no-source-code-available-c40a6583f28fGoogle Scholar
- Dedaub. 2021. Verkle Gas Cost Changes Insights. https://docs.google.com/document/d/1s3qqzbkQFPcNvhzKPdnxg3MlFbv0YjK1z02SxRtdMs8/edit#heading=h.slduooqtgkoqGoogle Scholar
- Dedaub. 2021. Yield Skimming: Forcing Bad Swaps on Yield Farming. https://medium.com/dedaub/yield-skimming-forcing-bad-swaps-on-yield-farming-397361fd7c72?source=friends_link&sk=d146b3640321f0a3ccc80540b54368ffGoogle Scholar
- E. Dupuy. 2020. Java Decompiler. http://java-decompiler.github.io/Google Scholar
- Nicolas Falliere. 2019. Ethereum Smart Contract Decompiler. https://www.pnfsoftware.com/blog/ethereum-smart-contract-decompiler/Google Scholar
- Antonio Flores-Montoya and Eric Schulte. 2019. Datalog Disassembly. arxiv:1906.03969 [cs.PL]Google Scholar
- Miguel Gómez-Zamalloa, Elvira Albert, and Germán Puebla. 2009. Decompilation of Java Bytecode to Prolog by Partial Evaluation. Inf. Softw. Technol. 51, 10 (Oct. 2009), 1409–1427. issn:0950-5849 Google Scholar
Digital Library
- Neville Grech, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2019. Gigahorse: Thorough, Declarative Decompilation of Smart Contracts. In Proceedings of the 41st International Conference on Software Engineering (Montreal, Quebec, Canada) (ICSE ’19). IEEE Press, Piscataway, NJ, USA, 1176–1186. Google Scholar
Digital Library
- Neville Grech, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2019. Gigahorse: Thorough, Declarative Decompilation of Smart Contracts. Research artifact corresponding to ICSE’19 technical paper "Gigahorse: Thorough, Declarative Decompilation of Smart Contracts". Google Scholar
Cross Ref
- Neville Grech, Michael Kong, Anton Jurisevic, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2018. MadMax: Surviving Out-of-Gas Conditions in Ethereum Smart Contracts. Proc. ACM Programming Languages 2, OOPSLA (Nov. 2018). Google Scholar
Digital Library
- James Hamilton and Sebastian Danicic. 2009. An Evaluation of Current Java Bytecode Decompilers. In Proceedings of the 2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM ’09). IEEE Computer Society, Washington, DC, USA, 129–136. isbn:978-0-7695-3793-1 Google Scholar
Digital Library
- Nicolas Harrand, C’esar Soto-Valero, Martin Monperrus, and Benoit Baudry. 2019. The Strengths and Behavioral Quirks of Java Bytecode Decompilers. In 2019 19th International Working Conference on Source Code Analysis and Manipulation (SCAM). IEEE, 92–102. https://arxiv.org/pdf/1908.06895.pdfGoogle Scholar
- Immunefi. 2021. Harvest Finance Uninitialized Proxies Bug Fix Postmortem. https://medium.com/immunefi/harvest-finance-uninitialized-proxies-bug-fix-postmortem-ea5c0f7af96bGoogle Scholar
- Sehun Jeong, Minseok Jeon, Sungdeok Cha, and Hakjoo Oh. 2017. Data-Driven Context-Sensitivity for Points-to Analysis. Proc. ACM Program. Lang. 1, OOPSLA, Article 100 (Oct. 2017), 28 pages. Google Scholar
Digital Library
- D. S. Katz, J. Ruchti, and E. Schulte. 2018. Using recurrent neural networks for decompilation. In 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER). 346–356.Google Scholar
- Tomasz Kolinko and Palkeo. 2020. Panoramix – Decompiler at the heart of eveem.org. https://github.com/palkeo/panoramixGoogle Scholar
- Christopher Kruegel, William Robertson, Fredrik Valeur, and Giovanni Vigna. 2004. Static Disassembly of Obfuscated Binaries. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 (San Diego, CA) (SSYM’04). USENIX Association, USA, 18.Google Scholar
Digital Library
- Sifis Lagouvardos, Neville Grech, Ilias Tsatiris, and Yannis Smaragdakis. 2020. Precise Static Modelling of Ethereum “Memory”. Proceedings of the ACM in Programming Languages (OOPSLA) 4, OOPSLA (2020).Google Scholar
- Michales, Jonah. 2021. Inside the War Room That Saved Primitive Finance. https://medium.com/immunefi/inside-the-war-room-that-saved-primitive-finance-6509e2188c86Google Scholar
- Jerome Miecznikowski and Laurie J. Hendren. 2002. Decompiling Java Bytecode: Problems, Traps and Pitfalls. In Proceedings of the 11th International Conference on Compiler Construction (CC ’02). Springer-Verlag, London, UK, UK, 111–127. isbn:3-540-43369-4 http://dl.acm.org/citation.cfm?id=647478.727938Google Scholar
- Ana Milanova, Atanas Rountev, and Barbara G. Ryder. 2005. Parameterized object sensitivity for points-to analysis for Java. ACM Trans. Softw. Eng. Methodol. 14, 1 (2005), 1–41.Google Scholar
Digital Library
- Primitive Finance. 2021. PrimitiveFi post-mortem analysis. https://primitivefinance.medium.com/postmortem-on-the-primitive-finance-whitehack-of-february-21st-2021-17446c0f3122Google Scholar
- Todd A. Proebsting and Scott A. Watterson. 1997. Krakatoa: Decompilation in Java (Does Bytecode Reveal Source?). In Proceedings of the 3rd Conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3 (Portland, Oregon) (COOTS’97). USENIX Association, Berkeley, CA, USA, 14–14. http://dl.acm.org/citation.cfm?id=1268028.1268042Google Scholar
- Edward J. Schwartz, Cory F. Cohen, Michael Duggan, Jeffrey Gennari, Jeffrey S. Havrilla, and Charles Hines. 2018. Using Logic Programming to Recover C++ Classes and Methods from Compiled Executables. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (Toronto, Canada) (CCS ’18). Association for Computing Machinery, New York, NY, USA, 426–441. isbn:9781450356930 Google Scholar
Digital Library
- Olin Shivers. 1991. Control-flow analysis of higher-order languages. Ph. D. Dissertation. Carnegie Mellon University.Google Scholar
- Yannis Smaragdakis, Martin Bravenboer, and Ondrej Lhoták. 2011. Pick Your Contexts Well: Understanding Object-Sensitivity. SIGPLAN Not. 46, 1 (Jan. 2011), 17–30. issn:0362-1340 Google Scholar
Digital Library
- Yannis Smaragdakis, Neville Grech, Sifis Lagouvardos, Konstantinos Triantafyllou, and Ilias Tsatiris. 2021. Symbolic Value-Flow Static Analysis: Deep, Precise, Complete Modeling of Ethereum Smart Contracts. Proc. ACM Program. Lang. 5, OOPSLA, Article 163 (oct 2021), 30 pages. Google Scholar
Digital Library
- Mike Strobel. 2020. Procyon. https://bitbucket.org/mstrobel/procyon/wiki/JavaGoogle Scholar
- Rei Thiessen and Ondřej Lhoták. 2017. Context Transformations for Pointer Analysis. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (Barcelona, Spain) (PLDI 2017). Association for Computing Machinery, New York, NY, USA, 263–277. isbn:9781450349888 Google Scholar
Digital Library
- TrustLook. 2019. Smart Contract Guardian - Trustlook SECaaS. https://www.trustlook.com/services/smart.htmlGoogle Scholar
- Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (Toronto, Canada) (CCS ’18). ACM, New York, NY, USA, 67–82. isbn:978-1-4503-5693-0 Google Scholar
Digital Library
- Raja Vallée-Rai, Phong Co, Etienne Gagnon, Laurie Hendren, Patrick Lam, and Vijay Sundaresan. 1999. Soot - a Java Bytecode Optimization Framework. In Proceedings of the 1999 Conference of the Centre for Advanced Studies on Collaborative Research (Mississauga, Ontario, Canada) (CASCON ’99). IBM Press, 13–. http://dl.acm.org/citation.cfm?id=781995.782008Google Scholar
Digital Library
- Michael Van Emmerik. 2007. Static Single Assignment for Decompilation. Ph. D. Dissertation.Google Scholar
- Various. 2017. GitHub - vyperlang/vyper: Pythonic Smart Contract Language for the EVM. https://github.com/ethereum/solidityGoogle Scholar
- Various. 2018. GitHub - ethereum/solidity: The Solidity Contract-Oriented Programming Language. https://github.com/ethereum/solidityGoogle Scholar
- Various. 2018. GitHub - OpenZeppelin/openzeppelin-contracts: OpenZeppelin Contracts is a library for secure smart contract development. https://github.com/OpenZeppelin/openzeppelin-contractsGoogle Scholar
- Various. 2018. Porosity – a decompiler for EVM bytecode into readable Solidity-syntax contracts. https://github.com/comaeio/porosityGoogle Scholar
- Various. 2020. Fernflower. https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engineGoogle Scholar
- Gavin Wood. 2014. Ethereum: A secure decentralised generalised transaction ledger. http://gavwood.com/paper.pdf.Google Scholar
- K. Yakdan, S. Dechand, E. Gerhards-Padilla, and M. Smith. 2016. Helping Johnny to Analyze Malware: A Usability-Optimized Decompiler and Malware Analysis User Study. In 2016 IEEE Symposium on Security and Privacy (SP). 158–177.Google Scholar
- Khaled Yakdan, Sebastian Eschweiler, Elmar Gerhards-Padilla, and Matthew Smith. 2015. No More Gotos: Decompilation Using Pattern-Independent Control-Flow Structuring and Semantics-Preserving Transformations. Google Scholar
Cross Ref
- Yi Zhou, Deepak Kumar, Surya Bakshi, Joshua Mason, Andrew Miller, and Michael Bailey. 2018. Erays: Reverse Engineering Ethereums Opaque Smart Contracts. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 1371–1385. isbn:978-1-939133-04-5 https://www.usenix.org/conference/usenixsecurity18/presentation/zhouGoogle Scholar
Index Terms
Elipmoc: advanced decompilation of Ethereum smart contracts
Recommendations
Code cloning in smart contracts: a case study on verified contracts from the Ethereum blockchain platform
AbstractEthereum is a blockchain platform that hosts and executes smart contracts. Smart contracts have been used to implement cryptocurrencies and crowdfunding initiatives (ICOs). A major concern in Ethereum is the security of smart contracts. Different ...
A security framework for Ethereum smart contracts
AbstractThe use of blockchain and smart contracts have not stopped growing in recent years. Like all software that begins to expand its use, it is also beginning to be targeted by hackers who will try to exploit vulnerabilities in both the ...
Security Vulnerabilities in Ethereum Smart Contracts
iiWAS2018: Proceedings of the 20th International Conference on Information Integration and Web-based Applications & ServicesSmart contracts (SC) are one of the most appealing features of blockchain technologies facilitating, executing, and enforcing predefined terms of coded contracts without intermediaries. The steady adoption of smart contracts on the Ethereum blockchain ...






Comments