research-article

Making Smart Contracts Smarter

Authors:

Hrishi Olickel,

Prateek Saxena,

Aquinas HoborAuthors Info & Claims

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Pages 254 - 269

https://doi.org/10.1145/2976749.2978309

Published: 24 October 2016 Publication History

Abstract

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins.

In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.

References

[1]

Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. bitcoin.org, 2009.

[2]

Ethereum Foundation. Ethereum's white paper. https://github.com/ethereum/wiki/wiki/White-Paper, 2014.

[3]

A Miller, A Juels, E Shi, B Parno, and J Katz. Permacoin: Repurposing Bitcoin work for long-term data preservation. IEEE Security and Privacy, 2014.

Digital Library

[4]

Use case for factom: The world's first blockchain operating system (bos). http://kencode.de/projects/ePlug/Factom-Linux-Whitepaper.pdf, Feb 2015.

[5]

Nick Szabo. The idea of smart contracts. http://szabo.best.vwh.net/smart_contracts_idea.html, 1997.

[6]

Loi Luu, Jason Teutsch, Raghav Kulkarni, and Prateek Saxena. Demystifying incentives in the consensus computer. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 706--719. ACM, 2015.

Digital Library

[7]

EtherDice smart contract is down for maintenance. https://www.reddit.com/r/ethereum/comments/47f028/etherdice_is_down_for_maintenance_we_are_having/.

[8]

RSK Labs. Rootstock: Smart contracts platform powered by Bitcoin. http://www.rootstock.io/, 2015.

[9]

Counterparty platform. http://counterparty.io/, 2015.

[10]

James C. Corbett, Jeffrey Dean, Michael Epstein, Andrew Fikes, Christopher Frost, J. J. Furman, Sanjay Ghemawat, Andrey Gubarev, Christopher Heiser, Peter Hochschild, Wilson Hsieh, Sebastian Kanthak, Eugene Kogan, Hongyi Li, Alexander Lloyd, Sergey Melnik, David Mwaura, David Nagle, Sean Quinlan, Rajesh Rao, Lindsay Rolig, Yasushi Saito, Michal Szymaniak, Christopher Taylor, Ruth Wang, and Dale Woodford. Spanner: Google's globally distributed database. ACM Trans. Comput. Syst., aug 2013.

Digital Library

[11]

Jason Baker, Chris Bond, James C. Corbett, JJ Furman, Andrey Khorlin, James Larson, Jean-Michel Leon, Yawei Li, Alexander Lloyd, and Vadim Yushprakh. Megastore: Providing scalable, highly available storage for interactive services. In Proceedings of the Conference on Innovative Data system Research (CIDR), pages 223--234, 2011.

[12]

KingOfTheEtherThrone smart contract. https://github.com/kieranelby/KingOfTheEtherThrone/blob/v0.4.0/contracts/KingOfTheEtherThrone.sol.

[13]

GovernMental's 1100 ETH payout is stuck because it uses too much gas. https://www.reddit.com/r/ethereum/comments/4ghzhv/governmentals_1100_eth_jackpot_payout_is_stuck/.

[14]

Kevin Delmolino, Mitchell Arnett, Ahmed Kosba, Andrew Miller, and Elaine Shi. Step by step towards creating a safe smart contract: Lessons and insights from a cryptocurrency lab. Cryptology ePrint Archive, Report 2015/460, 2015. http://eprint.iacr.org/.

[15]

Gavin Wood. Ethereum: A secure decentralised generalised transaction ledger. http://gavwood.com/paper.pdf, 2014.

[16]

Ethereum Foundation. The solidity contract-oriented programming language. https://github.com/ethereum/solidity.

[17]

Ethereum Foundation. The serpent contract-oriented programming language. https://github.com/ethereum/serpent.

[18]

Oyente project page. https://www.comp.nus.edu.sg/ loiluu/oyente.html.

[19]

TheDAO smart contract. http://etherscan.io/address/0xbb9bc244d798123fde783fcc1c72d3bb8c189413#code.

[20]

EtherEx: A fully decentralized cryptocurrency exchange. https://etherex.org/.

[21]

EtherOpt: A decentralized options exchange. http://etheropt.github.io/.

[22]

The Run smart contract. https://etherscan.io/address/0xcac337492149bdb66b088bf5914bedfbf78ccc18.

[23]

Ethereum Foundation. Block validation algorithm. https://github.com/ethereum/wiki/wiki/Block-Protocol-2.0#block-validation-algorithm.

[24]

Andrew Miller, Brian Warner, and Nathan Wilcox. Gas economics. https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md.

[25]

Protect The Castle Contract. http://protect-the-castle.ether-contract.org/.

[26]

GovernMental Smart Contract. http://governmental.github.io/GovernMental/.

[27]

Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In Proceedings of the 2016 IEEE Symposium on Security and Privacy, SP '16. IEEE Computer Society, 2016.

[28]

Lottopolo smart contract. https://etherchain.org/account/0x0155ce35fe73249fa5d6a29f3b4b7b98732eb2ed.

[29]

Random number generator contract. https://github.com/randao/randao.

[30]

Joseph Bonneau, Jeremy Clark, and Steven Goldfeder. On Bitcoin as a public randomness source. Cryptology ePrint Archive, Report 2015/1015, 2015. http://eprint.iacr.org/.

[31]

James C. King. Symbolic execution and program testing. Commun. ACM, 19(7):385--394.

Digital Library

[32]

Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pages 238--252, New York, NY, USA, 1977. ACM.

Digital Library

[33]

Microsoft Corporation. The Z3 theorem prover. https://github.com/Z3Prover/z3.

[34]

The Ethereum block explorer. https://etherscan.io/.

[35]

The Ethereum network stats. https://etherchain.org/.

[36]

Peter Borah. Tokenwith invariants - vulnerable contracts in ethereum. https://github.com/PeterBorah/smart-contract-security-examples/blob/7d7ef27b12f15318871c44512b70737176d23c5f/contracts/TokenWithInvariants.sol.

[37]

Peter Vessenes. More ethereum attacks: Race-to-empty is the real deal. http://vessenes.com/more-ethereum-attacks-race-to-empty-is-the-real-deal/.

[38]

Alexandre Naverniouk. EtherID: Ethereum name registrar. http://etherid.org/.

[39]

Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. Town crier: An authenticated data feed for smart contracts. Cryptology ePrint Archive, Report 2016/168, 2016. http://eprint.iacr.org/.

[40]

Ari Juels, Ahmed Kosba, and Elaine Shi. The ring of Gyges: Investigating the future of criminal smart contracts. Cryptology ePrint Archive, Report 2016/358, 2016. http://eprint.iacr.org/.

[41]

Philip A. Bernstein and Nathan Goodman. Concurrency control in distributed database systems. ACM Comput. Surv., 13(2):185--221, June 1981.

Digital Library

[42]

Friedemann Mattern. Virtual time and global states of distributed systems. In Parallel and Distributed Algorithms, pages 215--226. North-Holland, 1989.

[43]

C. J. Fidge. Timestamps in message-passing systems that preserve the partial ordering. Proceedings of the 11th Australian Computer Science Conference, 10(1):56--66, 1988.

[44]

Leslie Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, pages 558--565, July 1978.

Digital Library

[45]

Andrew Koening and Bjarne Stroustrup. Exception handling for C

[46]

. Journal of Object-Oriented Programming, 3(2):16--33, 1990.

[47]

Robin Milner, Mads Tofte, and David MacQueen. The Definition of Standard ML. MIT Press, Cambridge, MA, USA, 1997.

Cited By

Pathan MJ RV Suresh C(2025)An Efficient Consensus Protocol for Blockchain Technology in Smart Grid ContractsJournal of Machine and Computing10.53759/7669/jmc202505003(030-044)Online publication date: 5-Jan-2025
https://doi.org/10.53759/7669/jmc202505003
Szrajber BAlon ILevy S(2025)Systematic Analysis of Decentralized FinanceJournal of Global Information Management10.4018/JGIM.36781033:1(1-29)Online publication date: 17-Jan-2025
https://doi.org/10.4018/JGIM.367810
Upendar Reddy Gade (2025)Blockchain Technology: Revolutionizing Financial Operations through Transparency and SecurityInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology10.32628/CSEIT25111224011:1(2295-2303)Online publication date: 10-Feb-2025
https://doi.org/10.32628/CSEIT251112240
Show More Cited By

Index Terms

Making Smart Contracts Smarter
1. Security and privacy
  1. Formal methods and theory of security
    1. Logic and verification
  2. Software and application security
    1. Domain-specific security and privacy architectures
    2. Software security engineering

Recommendations

ContractFuzzer: fuzzing smart contracts for vulnerability detection
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering

Decentralized cryptocurrencies feature the use of blockchain to transfer values among peers on networks without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreements while ...
A Survey on Formal Verification for Solidity Smart Contracts
ACSW '21: Proceedings of the 2021 Australasian Computer Science Week Multiconference

One of the 21st century’s hottest topics in the world of IT has been the emergence of what some predict to be the foundation stone for a new era of internet (web 3.0): Blockchain technology. Besides being the backbone of what we come to know as ...
Blockchain and Smart Contracts
ICSIE '19: Proceedings of the 8th International Conference on Software and Information Engineering

This paper presents an introduction to the current state of art of the Blockchain and Smart Contract technologies. Blockchain is a fast-disruptive technology becoming a key instrument in share economy. The Blockchain-based Smart Contract aim to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

October 2016

1924 pages

ISBN:9781450341394

DOI:10.1145/2976749

General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
TU Darmstadt, CYSEC, Germany
,
Program Chairs:
Christopher Kruegel
University of California, Santa Barbara, USA
,
Andrew Myers
Cornell University, USA
,
Shai Halevi
IBM Research, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'16

Sponsor:

SIGSAC

CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security

October 24 - 28, 2016

Vienna, Austria

Acceptance Rates

CCS '16 Paper Acceptance Rate 137 of 831 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1,421
Total Citations
View Citations
13,517
Total Downloads

Downloads (Last 12 months)730
Downloads (Last 6 weeks)82

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pathan MJ RV Suresh C(2025)An Efficient Consensus Protocol for Blockchain Technology in Smart Grid ContractsJournal of Machine and Computing10.53759/7669/jmc202505003(030-044)Online publication date: 5-Jan-2025
https://doi.org/10.53759/7669/jmc202505003
Szrajber BAlon ILevy S(2025)Systematic Analysis of Decentralized FinanceJournal of Global Information Management10.4018/JGIM.36781033:1(1-29)Online publication date: 17-Jan-2025
https://doi.org/10.4018/JGIM.367810
Upendar Reddy Gade (2025)Blockchain Technology: Revolutionizing Financial Operations through Transparency and SecurityInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology10.32628/CSEIT25111224011:1(2295-2303)Online publication date: 10-Feb-2025
https://doi.org/10.32628/CSEIT251112240
Jyoti AGupta PGupta SKhatter HMishra A(2025)Inherent Insights using Systematic Analytics of Developments Tools in Ethereum Blockchain Smart ContractRecent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering)10.2174/012352096524943423102411173218:2(135-146)Online publication date: Feb-2025
https://doi.org/10.2174/0123520965249434231024111732
Wang ZChen JZheng PZhang YZhang WZheng Z(2025)Unity is Strength: Enhancing Precision in Reentrancy Vulnerability Detection of Smart Contract Analysis ToolsIEEE Transactions on Software Engineering10.1109/TSE.2024.342732151:1(1-13)Online publication date: Jan-2025
https://doi.org/10.1109/TSE.2024.3427321
Huang QChen RXing ZZeng JLu QXu X(2025)GuessGas: Tell Me Fine-Grained Gas Consumption of My Smart Contract and WhyIEEE Transactions on Reliability10.1109/TR.2024.340423874:1(2348-2362)Online publication date: Mar-2025
https://doi.org/10.1109/TR.2024.3404238
Liang RChen JWu CHe KWu YCao RDu RZhao ZLiu Y(2025)Vulseye: Detect Smart Contract Vulnerabilities via Stateful Directed Graybox FuzzingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2025.353782720(2157-2170)Online publication date: 2025
https://doi.org/10.1109/TIFS.2025.3537827
Huang YLi HSun YDuan S(2025)Byzantine Fault Tolerance With Non-Determinism, RevisitedIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.351654120(309-322)Online publication date: 2025
https://doi.org/10.1109/TIFS.2024.3516541
Lian WBao ZZhang XJia BZhang Y(2025)A Universal and Efficient Multi-Modal Smart Contract Vulnerability Detection Framework for Big DataIEEE Transactions on Big Data10.1109/TBDATA.2024.340337611:1(190-207)Online publication date: Feb-2025
https://doi.org/10.1109/TBDATA.2024.3403376
Soud MNuutinen WLiebel G(2025)Sóley: Automated detection of logic vulnerabilities in Ethereum smart contracts using large language modelsJournal of Systems and Software10.1016/j.jss.2025.112406226(112406)Online publication date: Aug-2025
https://doi.org/10.1016/j.jss.2025.112406
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten