research-article

Exploiting the laws of order in smart contracts

Authors:

Aashish Kolluri,

Prateek SaxenaAuthors Info & Claims

ISSTA 2019: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

Pages 363 - 373

https://doi.org/10.1145/3293882.3330560

Published: 10 July 2019 Publication History

Abstract

We investigate a family of bugs in blockchain-based smart contracts, which we dub event-ordering (or EO) bugs. These bugs are intimately related to the dynamic ordering of contract events, i.e. calls of its functions, and enable potential exploits of millions of USD worth of crypto-coins. Previous techniques to detect EO bugs have been restricted to those bugs that involve just one or two event orderings. Our work provides a new formulation of the general class of EO bugs arising in long permutations of such events by using techniques from concurrent program analysis. The technical challenge in detecting EO bugs in blockchain contracts is the inherent combinatorial blowup in path and state space analysis, even for simple contracts. We propose the first use of partial-order reduction techniques, using automatically extracted happens-before relations along with several dynamic symbolic execution optimizations. We build EthRacer, an automatic analysis tool that runs directly on Ethereum bytecode and requires no hints from users. It flags 8% of over 10, 000 contracts analyzed, providing compact event traces (witnesses) that human analysts can examine in only a few minutes per contract. More than half of the flagged contracts are likely to have unintended behaviour.

References

[1]

2018. Ethereum Github. https://github.com/ethereum/EIPs/issues/738. Accessed: 2018-05-05. 2018. Etherscan. https://etherscan.io. Accessed: 2018-05-05.

[2]

Sidney Amani, Myriam Bégel, Maksym Bortin, and Mark Staples. 2018. Towards Verifying Ethereum Smart Contract Bytecode in Isabelle/HOL. In CPP. ACM, 66–77.

Digital Library

[3]

Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli. 2017. A Survey of Attacks on Ethereum Smart Contracts (SoK). In POST (LNCS), Vol. 10204. Springer, 164– 186.

Digital Library

[4]

Kshitij Bansal, Eric Koskinen, and Omer Tripp. 2018. Automatic Generation of Precise and Useful Commutativity Conditions. In TACAS (Part I) (LNCS), Vol. 10805. Springer, 115–132.

[5]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Anitha Gollamudi, Georges Gonthier, Nadim Kobeissi, Natalia Kulatova, Aseem Rastogi, Thomas Sibut-Pinote, Nikhil Swamy, and Santiago Zanella-Béguelin. 2016. Formal Verification of Smart Contracts: Short Paper. In PLAS. ACM, 91–96.

Digital Library

[6]

Pavol Bielik, Veselin Raychev, and Martin T. Vechev. 2015. Scalable race detection for Android applications. In OOPSLA. ACM, 332–348.

Digital Library

[7]

Sam Blackshear, Nikos Gorogiannis, Peter W. O’Hearn, and Ilya Sergey. 2018. RacerD: Compositional Static Race Detection. PACMPL OOPSLA (2018).

Digital Library

[8]

Ahmed Bouajjani, Michael Emmi, Constantin Enea, and Jad Hamza. 2015. Tractable Refinement Checking for Concurrent Objects. In POPL. ACM, 651– 662.

Digital Library

[9]

Sebastian Burckhardt, Chris Dern, Madanlal Musuvathi, and Roy Tan. 2010. Lineup: a complete and automatic linearizability checker. In PLDI. 330–340.

Digital Library

[10]

ConsenSys Inc. 2018. Ethereum Smart Contract Security Best Practices: Known Attacks. https://consensys.github.io/smart-contract-best-practices/known_ attacks/

[11]

Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In TACAS (LNCS), Vol. 4963. Springer, 337–340.

Digital Library

[12]

Michael del Castillo. 2016. The Dao attack. https://www.coindesk.com/daoattacked-code-issue-leads-60-million-ether-theft/ 16 June 2016.

[13]

Kevin Delmolino, Mitchell Arnett, Ahmed E. Kosba, Andrew Miller, and Elaine Shi. 2016. Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab. In FC 2016 International Workshops (LNCS), Vol. 9604. Springer, 79–94.

[14]

Dimitar Dimitrov, Veselin Raychev, Martin T. Vechev, and Eric Koskinen. 2014. Commutativity race detection. In PLDI. ACM, 305–315.

Digital Library

[15]

Thomas Dinsdale-Young, Pedro da Rocha Pinto, Kristoffer Just Andersen, and Lars Birkedal. 2017. Caper - Automatic Verification for Fine-Grained Concurrency. In ESOP (LNCS), Vol. 10201. Springer, 420–447.

[16]

Cormac Flanagan and Stephen N. Freund. 2009. FastTrack: efficient and precise dynamic race detection. In PLDI. ACM, 121–133.

Digital Library

[17]

Cormac Flanagan and Stephen N. Freund. 2010. The RoadRunner dynamic analysis framework for concurrent programs. In Proceedings of the 9th ACM SIGPLANSIGSOFT Workshop on Program Analysis for Software Tools and Engineering. ACM, 1–8.

Digital Library

[18]

Brian Goetz, Tim Peierls, Joshua J. Bloch, Joseph Bowbeer, David Holmes, and Doug Lea. 2006. Java Concurrency in Practice. Addison-Wesley.

[19]

Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. 2018. A Semantic Framework for the Security Analysis of Ethereum Smart Contracts. In POST (LNCS), Vol. 10804. Springer, 243–269.

[20]

Shelly Grossman, Ittai Abraham, Guy Golan-Gueta, Yan Michalevsky, Noam Rinetzky, Mooly Sagiv, and Yoni Zohar. 2018. Online detection of effectively callback free objects with applications to smart contracts. PACMPL 2, POPL (2018), 48:1–48:28.

Digital Library

[21]

Maurice Herlihy and Jeannette M. Wing. 1990. Linearizability: A Correctness Condition for Concurrent Objects. 12, 3 (1990), 463–492.

Digital Library

[22]

Everett Hildenbrandt, Manasvi Saxena, Nishant Rodrigues, Xiaoran Zhu, Philip Daian, Dwight Guth, Daejun Park, Yi Zhang, Brandon Moore, and Grigore Rosu. 2018. KEVM: A Complete Semantics of the Ethereum Virtual Machine. In CSF. IEEE. To appear.

[23]

Yoichi Hirai. 2017. Defining the Ethereum Virtual Machine for Interactive Theorem Provers. In 1st Workshop on Trusted Smart Contracts (LNCS), Vol. 10323.

[24]

Springer, 520–535.

[25]

Yoichi Hirai. 2017. Ethereum Virtual Machine for Coq (v0.0.2). Published online on 5 March 2017.

[26]

https://medium.com/@pirapira/ethereum-virtual-machinefor-coq-v0-0-2-d2568e068b18

[27]

Sukrit Kalra, Seep Goel, Mohan Dhawan, and Subodh Sharma. 2018. Zeus: Analyzing Safety of Smart Contracts. In NDSS.

[28]

Johannes Krupp and Christian Rossow. 2018. teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts. In USENIX Security.

Digital Library

[29]

Leslie Lamport. 1978. The Implementation of Reliable Distributed Multiprocess Systems. Computer Networks 2 (1978), 95–114.

[30]

Leslie Lamport. 1978. Time, Clocks, and the Ordering of Events in a Distributed System. Commun. ACM 21, 7 (1978), 558–565.

Digital Library

[31]

Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena, and Aquinas Hobor. 2016. Making Smart Contracts Smarter. In CCS. ACM, 254–269.

Digital Library

[32]

Richard Ma, Steven Stewart, Vajih Montaghami, Ed Zulkoski, and Leonardo Passos. 2017. Quantstamp : The protocol for securing smart contracts. https: //quantstamp.com/

[33]

Pallavi Maiya, Aditya Kanade, and Rupak Majumdar. 2014. Race detection for Android applications. In PLDI. ACM, 316–325.

Digital Library

[34]

Manticore 2018. Manticore: A symbolic execution tool for analysis of binaries and smart contracts. https://github.com/trailofbits/manticore

[35]

Bernhard Mueller. 2018. How Formal Verification Can Ensure Flawless Smart Contracts. https://media.consensys.net/how-formal-verification-can-ensureflawless-smart-contracts-cbda8ad99bd1

[36]

Mythril 2018. Mythril: A security analysis tool for Ethereum smart contracts. https://github.com/b-mueller/mythril

[37]

Mayur Naik, Alex Aiken, and John Whaley. 2006. Effective static race detection for Java. In PLDI. ACM, 308–319.

Digital Library

[38]

Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. http: //bitcoin.org/bitcoin.pdf

[39]

Ivica Nikolić, Aashish Kolluri, Ilya Sergey, Prateek Saxena, and Aquinas Hobor. 2018. Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. CoRR abs/1802.06038 (2018).

[40]

Oraclize 2016. Oraclize – Blockchain Oracle service, enabling data-rich smart contracts. http://www.oraclize.it.

[41]

Oyente 2018. Oyente: An Analysis Tool for Smart Contracts. https://github. com/melonproject/oyente

[42]

Veselin Raychev, Martin T. Vechev, and Manu Sridharan. 2013. Effective race detection for event-driven programs. In OOPSLA. ACM, 151–166.

Digital Library

[43]

Grigore Rosu. December 2017. ERC20-K: Formal Executable Specification of ERC20. https://runtimeverification.com/blog/?p=496

[44]

Ilya Sergey and Aquinas Hobor. 2017. A Concurrent Perspective on Smart Contracts. In 1st Workshop on Trusted Smart Contracts.

[45]

Ilya Sergey, Aleksandar Nanevski, and Anindya Banerjee. 2015. Mechanized Verification of Fine-grained Concurrent Programs. In PLDI. ACM, 77–87.

Digital Library

[46]

Emin Gün Sirer. 2016. Reentrancy Woes in Smart Contracts. http:// hackingdistributed.com/2016/07/13/reentrancy-woes/ 13 July 2016.

[47]

SmartCheck 2018. SmartCheck. https://tool.smartdec.net/

[48]

Solidity 2016. Solidity: A contract-oriented, high-level language for implementing smart contracts. http://solidity.readthedocs.io

[49]

Nick Szabo. 1996. Smart Contracts: Building Blocks for Digital Markets.

[50]

Petar Tsankov, Andrei Marian Dan, Dana Drachsler Cohen, Arthur Gervais, Florian Buenzli, and Martin T. Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. CoRR abs/1806.01143 (2018).

Cited By

Wang HHu YWu HLiu DPeng CWu YFan MLiu TFilkov VRay BZhou M(2024)Skyeye: Detecting Imminent Attacks via Analyzing Adversarial Smart ContractsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695526(1570-1582)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695526
Fang YZhou ZDai SYang JZhang HLu Y(2024)PaVM: A Parallel Virtual Machine for Smart Contract Execution and ValidationIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2023.333420835:1(186-202)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TPDS.2023.3334208
Sendner CPetzi LStang JDmitrienko A(2024)Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00230(2273-2290)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00230
Show More Cited By

Index Terms

Exploiting the laws of order in smart contracts
1. Security and privacy
  1. Software and application security
    1. Domain-specific security and privacy architectures
    2. Software security engineering

Recommendations

Making Smart Contracts Smarter
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has ...
Adding Concurrency to Smart Contracts
PODC '17: Proceedings of the ACM Symposium on Principles of Distributed Computing

Modern cryptocurrency systems, such as Ethereum, permit complex financial transactions through scripts called smart contracts. These smart contracts are executed many, many times, always without real concurrency. First, all smart contracts are serially ...
Adding concurrency to smart contracts
Abstract
Modern cryptocurrency systems, such as the Ethereum project, permit complex financial transactions through scripts called smart contracts. These smart contracts are executed many, many times, always without real concurrency. First, all smart ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ISSTA 2019: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

July 2019

451 pages

ISBN:9781450362245

DOI:10.1145/3293882

General Chair:
Dongmei Zhang
Microsoft Research, China
,
Program Chair:
Anders Møller
Aarhus University, Denmark

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 July 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ISSTA '19

Sponsor:

SIGSOFT

ISSTA '19: 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

July 15 - 19, 2019

Beijing, China

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Sponsor:
sigsoft

34th ACM SIGSOFT International Symposium on Software Testing and Analysis

June 25 - 28, 2025

Trondheim , Norway

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

62
Total Citations
View Citations
769
Total Downloads

Downloads (Last 12 months)76
Downloads (Last 6 weeks)5

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang HHu YWu HLiu DPeng CWu YFan MLiu TFilkov VRay BZhou M(2024)Skyeye: Detecting Imminent Attacks via Analyzing Adversarial Smart ContractsProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695526(1570-1582)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695526
Fang YZhou ZDai SYang JZhang HLu Y(2024)PaVM: A Parallel Virtual Machine for Smart Contract Execution and ValidationIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2023.333420835:1(186-202)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TPDS.2023.3334208
Sendner CPetzi LStang JDmitrienko A(2024)Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00230(2273-2290)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00230
Zhang WZhang ZShi QLiu LWei LLiu YZhang XCheung S(2024)Nyx: Detecting Exploitable Front-Running Vulnerabilities in Smart Contracts2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00146(2198-2216)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00146
Liao JGong BSun WZhang FNing ZAu MShi W(2024)BFTRAND: Low-Latency Random Number Provider for BFT Smart Contracts2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00046(389-402)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00046
Munir STaha WIqbal Baig M(2024)Static Detection of Missing Validations in Solidity Smart Contracts2024 IEEE International Conference on Cyber Security and Resilience (CSR)10.1109/CSR61664.2024.10679381(413-420)Online publication date: 2-Sep-2024
https://doi.org/10.1109/CSR61664.2024.10679381
Khan ZNamin A(2024)A Survey of Vulnerability Detection Techniques by Smart Contract ToolsIEEE Access10.1109/ACCESS.2024.340162312(70870-70910)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3401623
Vidal FIvaki NLaranjeiro N(2024)Vulnerability detection techniques for smart contractsJournal of Systems and Software10.1016/j.jss.2024.112160217:COnline publication date: 1-Nov-2024
https://dl.acm.org/doi/10.1016/j.jss.2024.112160
Wu GWang HLai XWang MHe DChan S(2024)A comprehensive survey of smart contract security: State of the art and research directionsJournal of Network and Computer Applications10.1016/j.jnca.2024.103882226(103882)Online publication date: Jun-2024
https://doi.org/10.1016/j.jnca.2024.103882
Arusoaie ASusan Ș(2024)Towards Trusted Smart Contracts: A Comprehensive Test Suite For Vulnerability DetectionEmpirical Software Engineering10.1007/s10664-024-10509-w29:5Online publication date: 25-Jul-2024
https://dl.acm.org/doi/10.1007/s10664-024-10509-w
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents