research-article

Making Smart Contracts Smarter

Authors:

Hrishi Olickel,

Prateek Saxena,

Aquinas HoborAuthors Info & Claims

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Pages 254 - 269

https://doi.org/10.1145/2976749.2978309

Published: 24 October 2016 Publication History

Abstract

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins.

In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.

References

[1]

Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. bitcoin.org, 2009.

[2]

Ethereum Foundation. Ethereum's white paper. https://github.com/ethereum/wiki/wiki/White-Paper, 2014.

[3]

A Miller, A Juels, E Shi, B Parno, and J Katz. Permacoin: Repurposing Bitcoin work for long-term data preservation. IEEE Security and Privacy, 2014.

Digital Library

[4]

Use case for factom: The world's first blockchain operating system (bos). http://kencode.de/projects/ePlug/Factom-Linux-Whitepaper.pdf, Feb 2015.

[5]

Nick Szabo. The idea of smart contracts. http://szabo.best.vwh.net/smart_contracts_idea.html, 1997.

[6]

Loi Luu, Jason Teutsch, Raghav Kulkarni, and Prateek Saxena. Demystifying incentives in the consensus computer. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS '15, pages 706--719. ACM, 2015.

Digital Library

[7]

EtherDice smart contract is down for maintenance. https://www.reddit.com/r/ethereum/comments/47f028/etherdice_is_down_for_maintenance_we_are_having/.

[8]

RSK Labs. Rootstock: Smart contracts platform powered by Bitcoin. http://www.rootstock.io/, 2015.

[9]

Counterparty platform. http://counterparty.io/, 2015.

[10]

James C. Corbett, Jeffrey Dean, Michael Epstein, Andrew Fikes, Christopher Frost, J. J. Furman, Sanjay Ghemawat, Andrey Gubarev, Christopher Heiser, Peter Hochschild, Wilson Hsieh, Sebastian Kanthak, Eugene Kogan, Hongyi Li, Alexander Lloyd, Sergey Melnik, David Mwaura, David Nagle, Sean Quinlan, Rajesh Rao, Lindsay Rolig, Yasushi Saito, Michal Szymaniak, Christopher Taylor, Ruth Wang, and Dale Woodford. Spanner: Google's globally distributed database. ACM Trans. Comput. Syst., aug 2013.

Digital Library

[11]

Jason Baker, Chris Bond, James C. Corbett, JJ Furman, Andrey Khorlin, James Larson, Jean-Michel Leon, Yawei Li, Alexander Lloyd, and Vadim Yushprakh. Megastore: Providing scalable, highly available storage for interactive services. In Proceedings of the Conference on Innovative Data system Research (CIDR), pages 223--234, 2011.

[12]

KingOfTheEtherThrone smart contract. https://github.com/kieranelby/KingOfTheEtherThrone/blob/v0.4.0/contracts/KingOfTheEtherThrone.sol.

[13]

GovernMental's 1100 ETH payout is stuck because it uses too much gas. https://www.reddit.com/r/ethereum/comments/4ghzhv/governmentals_1100_eth_jackpot_payout_is_stuck/.

[14]

Kevin Delmolino, Mitchell Arnett, Ahmed Kosba, Andrew Miller, and Elaine Shi. Step by step towards creating a safe smart contract: Lessons and insights from a cryptocurrency lab. Cryptology ePrint Archive, Report 2015/460, 2015. http://eprint.iacr.org/.

[15]

Gavin Wood. Ethereum: A secure decentralised generalised transaction ledger. http://gavwood.com/paper.pdf, 2014.

[16]

Ethereum Foundation. The solidity contract-oriented programming language. https://github.com/ethereum/solidity.

[17]

Ethereum Foundation. The serpent contract-oriented programming language. https://github.com/ethereum/serpent.

[18]

Oyente project page. https://www.comp.nus.edu.sg/ loiluu/oyente.html.

[19]

TheDAO smart contract. http://etherscan.io/address/0xbb9bc244d798123fde783fcc1c72d3bb8c189413#code.

[20]

EtherEx: A fully decentralized cryptocurrency exchange. https://etherex.org/.

[21]

EtherOpt: A decentralized options exchange. http://etheropt.github.io/.

[22]

The Run smart contract. https://etherscan.io/address/0xcac337492149bdb66b088bf5914bedfbf78ccc18.

[23]

Ethereum Foundation. Block validation algorithm. https://github.com/ethereum/wiki/wiki/Block-Protocol-2.0#block-validation-algorithm.

[24]

Andrew Miller, Brian Warner, and Nathan Wilcox. Gas economics. https://github.com/LeastAuthority/ethereum-analyses/blob/master/GasEcon.md.

[25]

Protect The Castle Contract. http://protect-the-castle.ether-contract.org/.

[26]

GovernMental Smart Contract. http://governmental.github.io/GovernMental/.

[27]

Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In Proceedings of the 2016 IEEE Symposium on Security and Privacy, SP '16. IEEE Computer Society, 2016.

[28]

Lottopolo smart contract. https://etherchain.org/account/0x0155ce35fe73249fa5d6a29f3b4b7b98732eb2ed.

[29]

Random number generator contract. https://github.com/randao/randao.

[30]

Joseph Bonneau, Jeremy Clark, and Steven Goldfeder. On Bitcoin as a public randomness source. Cryptology ePrint Archive, Report 2015/1015, 2015. http://eprint.iacr.org/.

[31]

James C. King. Symbolic execution and program testing. Commun. ACM, 19(7):385--394.

Digital Library

[32]

Patrick Cousot and Radhia Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pages 238--252, New York, NY, USA, 1977. ACM.

Digital Library

[33]

Microsoft Corporation. The Z3 theorem prover. https://github.com/Z3Prover/z3.

[34]

The Ethereum block explorer. https://etherscan.io/.

[35]

The Ethereum network stats. https://etherchain.org/.

[36]

Peter Borah. Tokenwith invariants - vulnerable contracts in ethereum. https://github.com/PeterBorah/smart-contract-security-examples/blob/7d7ef27b12f15318871c44512b70737176d23c5f/contracts/TokenWithInvariants.sol.

[37]

Peter Vessenes. More ethereum attacks: Race-to-empty is the real deal. http://vessenes.com/more-ethereum-attacks-race-to-empty-is-the-real-deal/.

[38]

Alexandre Naverniouk. EtherID: Ethereum name registrar. http://etherid.org/.

[39]

Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. Town crier: An authenticated data feed for smart contracts. Cryptology ePrint Archive, Report 2016/168, 2016. http://eprint.iacr.org/.

[40]

Ari Juels, Ahmed Kosba, and Elaine Shi. The ring of Gyges: Investigating the future of criminal smart contracts. Cryptology ePrint Archive, Report 2016/358, 2016. http://eprint.iacr.org/.

[41]

Philip A. Bernstein and Nathan Goodman. Concurrency control in distributed database systems. ACM Comput. Surv., 13(2):185--221, June 1981.

Digital Library

[42]

Friedemann Mattern. Virtual time and global states of distributed systems. In Parallel and Distributed Algorithms, pages 215--226. North-Holland, 1989.

[43]

C. J. Fidge. Timestamps in message-passing systems that preserve the partial ordering. Proceedings of the 11th Australian Computer Science Conference, 10(1):56--66, 1988.

[44]

Leslie Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, pages 558--565, July 1978.

Digital Library

[45]

Andrew Koening and Bjarne Stroustrup. Exception handling for C

[46]

. Journal of Object-Oriented Programming, 3(2):16--33, 1990.

[47]

Robin Milner, Mads Tofte, and David MacQueen. The Definition of Standard ML. MIT Press, Cambridge, MA, USA, 1997.

Cited By

Banaeian Far SHosseini Bamakan S(2025)Third layer blockchains are being rapidly developed: Addressing state-of-the-art paradigms and future horizonsJournal of Network and Computer Applications10.1016/j.jnca.2024.104044233(104044)Online publication date: Jan-2025
https://doi.org/10.1016/j.jnca.2024.104044
Cho D(2024)Smart Contract Security Vulnerability Analysis and Security Automation ModelJournal of Digital Contents Society10.9728/dcs.2024.25.4.108725:4(1087-1094)Online publication date: 30-Apr-2024
https://doi.org/10.9728/dcs.2024.25.4.1087
Bahrami MSadeghi Shahdani M(2024)The Ideal Model for Implementing Smart Contracts in the Insurance IndustryQuarterly Journal of Economic Research and Policies10.61186/qjerp.32.110.8232:110(82-120)Online publication date: 1-Sep-2024
https://doi.org/10.61186/qjerp.32.110.82
Show More Cited By

Index Terms

Making Smart Contracts Smarter
1. Security and privacy
  1. Formal methods and theory of security
    1. Logic and verification
  2. Software and application security
    1. Domain-specific security and privacy architectures
    2. Software security engineering

Recommendations

ContractFuzzer: fuzzing smart contracts for vulnerability detection
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering

Decentralized cryptocurrencies feature the use of blockchain to transfer values among peers on networks without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreements while ...
A Survey on Formal Verification for Solidity Smart Contracts
ACSW '21: Proceedings of the 2021 Australasian Computer Science Week Multiconference

One of the 21st century’s hottest topics in the world of IT has been the emergence of what some predict to be the foundation stone for a new era of internet (web 3.0): Blockchain technology. Besides being the backbone of what we come to know as ...
Blockchain and Smart Contracts
ICSIE '19: Proceedings of the 8th International Conference on Software and Information Engineering

This paper presents an introduction to the current state of art of the Blockchain and Smart Contract technologies. Blockchain is a fast-disruptive technology becoming a key instrument in share economy. The Blockchain-based Smart Contract aim to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

October 2016

1924 pages

ISBN:9781450341394

DOI:10.1145/2976749

General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
TU Darmstadt, CYSEC, Germany
,
Program Chairs:
Christopher Kruegel
University of California, Santa Barbara, USA
,
Andrew Myers
Cornell University, USA
,
Shai Halevi
IBM Research, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'16

Sponsor:

SIGSAC

CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security

October 24 - 28, 2016

Vienna, Austria

Acceptance Rates

CCS '16 Paper Acceptance Rate 137 of 831 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1,344
Total Citations
View Citations
13,313
Total Downloads

Downloads (Last 12 months)815
Downloads (Last 6 weeks)64

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Banaeian Far SHosseini Bamakan S(2025)Third layer blockchains are being rapidly developed: Addressing state-of-the-art paradigms and future horizonsJournal of Network and Computer Applications10.1016/j.jnca.2024.104044233(104044)Online publication date: Jan-2025
https://doi.org/10.1016/j.jnca.2024.104044
Cho D(2024)Smart Contract Security Vulnerability Analysis and Security Automation ModelJournal of Digital Contents Society10.9728/dcs.2024.25.4.108725:4(1087-1094)Online publication date: 30-Apr-2024
https://doi.org/10.9728/dcs.2024.25.4.1087
Bahrami MSadeghi Shahdani M(2024)The Ideal Model for Implementing Smart Contracts in the Insurance IndustryQuarterly Journal of Economic Research and Policies10.61186/qjerp.32.110.8232:110(82-120)Online publication date: 1-Sep-2024
https://doi.org/10.61186/qjerp.32.110.82
Sawant RDeepa JMenon RWadalkar S(2024)Research Trends and Impacts of Blockchain Technology in Construction Sector: Scientistometric StudyData and Metadata10.56294/dm2024.3693Online publication date: 1-Jan-2024
https://doi.org/10.56294/dm2024.369
Sakib S(2024)Blockchain Technology for Smart ContractsAchieving Secure and Transparent Supply Chains With Blockchain Technology10.4018/979-8-3693-0482-2.ch014(246-266)Online publication date: 18-Jan-2024
https://doi.org/10.4018/979-8-3693-0482-2.ch014
Sanchez-Gomez NGutierrez JParrilla EGarcía Jde-Acuña MEscalona M(2024)Mechanism for the Systematic Generation of Functional Tests of Smart Contracts in Digital Publication Management SystemsFrameworks for Blockchain Standards, Tools, Testbeds, and Platforms10.4018/979-8-3693-0405-1.ch008(182-207)Online publication date: 17-Jan-2024
https://doi.org/10.4018/979-8-3693-0405-1.ch008
De Mofo GWacka ATchakounte FFotso J(2024)Detection of Vulnerabilities in Cryptocurrency Smart Contracts Based on Image ProcessingGlobal Perspectives on the Applications of Computer Vision in Cybersecurity10.4018/978-1-6684-8127-1.ch004(102-123)Online publication date: 23-Feb-2024
https://doi.org/10.4018/978-1-6684-8127-1.ch004
Nagurnhak G(2024)Tokenização da propriedade fracionada e as implicações tributárias: atualidade e estudo de casoRevista Jurídica da OAB/SC10.37497/rev.jur.oab-sc.v4i00.444:00(e044)Online publication date: 30-Sep-2024
https://doi.org/10.37497/rev.jur.oab-sc.v4i00.44
Wu HPeng YHe YLu S(2024)EDSCVD: Enhanced Dual-Channel Smart Contract Vulnerability Detection MethodSymmetry10.3390/sym1610138116:10(1381)Online publication date: 17-Oct-2024
https://doi.org/10.3390/sym16101381
Begum KMozumder MJoo MKim H(2024)BFLIDS: Blockchain-Driven Federated Learning for Intrusion Detection in IoMT NetworksSensors10.3390/s2414459124:14(4591)Online publication date: 15-Jul-2024
https://doi.org/10.3390/s24144591
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents