research-article

Storage State Analysis and Extraction of Ethereum Blockchain Smart Contracts

Authors:

Muhammad Janjua,

Talha AhmadAuthors Info & Claims

ACM Transactions on Software Engineering and Methodology, Volume 32, Issue 3

Article No.: 57, Pages 1 - 32

https://doi.org/10.1145/3548683

Published: 26 April 2023 Publication History

Abstract

In migrating and upgrading an Ethereum smart contract, it is necessary to transfer both the code as well as the stored data. Various methods attempt to migrate or upgrade a smart contract, but they are mostly manual, error-prone, and applicable only before deployment. Further, they have challenges in extracting the storage state of complex mapping data structures along with their keys. In this work, we present Smartmuv as an automatic source-code-based static analysis tool to analyze and extract the state from the storage-trie of smart contracts. Based on the abstract syntax tree and the control flow graphs of the Solidity source code, the tool analyzes each state variable including mapping types along the inheritance hierarchy. It also provides the upgrade algorithm that initializes the extracted state in the constructor of new smart contract. Smartmuv safely approximates the origin of the keys used in the mapping to extract values and has been able to extract the mapping state of 23,673 smart contracts with 95.7% overall precision. Moreover, we also validate the Smartmuv’s extracted state with the third-party tool Etherscan.

References

[1]

Bernard Marr. 2018. Blockchain: A Very Short History Of Ethereum Everyone Should Read. Retrieved October 10, 2020 from https://www.forbes.com/sites/bernardmarr/2018/02/02/blockchain-a-very-short-history-of-ethereum-everyone-should-read/.

[2]

OpenZepplin. 2017–2020. Upgrades Plugins. Retrieved September 9, 2020 from https://docs.openzeppelin.com/upgrades-plugins/1.x/.

[3]

Steve Marx. 2018. Understanding Ethereum Smart Contract Storage. Retrieved September 9, 2020 from https://programtheblockchain.com/posts/2018/03/09/understanding-ethereum-smart-contract-storage/.

[4]

Solidity Technical Documentation. 2016–2020. Layout of State Variables in Storage. Retrieved September 9, 2020 from https://solidity.readthedocs.io/en/v0.4.24/miscellaneous.html.

[5]

Alfred V. Aho, Ravi Sethi, and Jeffrey D. Ullman. 1986. Compilers: Principles, Techniques, and Tools. Addison-Wesley Longman.

Digital Library

[6]

Hmn Dilum Bandara, Xiwei Xu, and Ingo Weber. 2019. Patterns for blockchain migration. arXiv :1906.00239. Retrieved from https://arxiv.org/abs/1906.00239.

[7]

Chriseth, Hari, Mathias L. Baumann, and Tony. 2021. Layout of state variables in storage. Layout of State Variables in Storage - Solidity 0.8.11 Documentation. https://docs.soliditylang.org/en/v0.8.11/internals/layout_in_storage.html.

[8]

Binance DEX Community. 2019. Binance Chain Mainnet Swap. Retrieved from https://community.binance.org/topic/44/binance-chain-mainnet-swap.

[9]

Coin Desk. 2018. $3 Billion Blockchain Tron Kicks Off Token Migration. Retrieved from https://www.coindesk.com/3-billion-blockchain-tron-kicks-off-token-migration-today.

[10]

Eiki. 2019. Ethereum: Datastore Types Explained. Retrieved from https://medium.com/@eiki1212/ethereum-datastore-types-explained-b085bc79aa4b.

[11]

Josselin Feist, Gustavo Greico, and Alex Groce. 2019. Slither: A static analysis framework for smart contracts. In Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB’19). IEEE Press, 8–15. DOI:

Digital Library

[12]

J. F. Ferreira, P. Cruz, T. Durieux, and R. Abreu. [n.d.]. SmartBugs: A Framework to Analyze Solidity Smart Contracts, Github Repository. Retrieved February 17, 2021 from https://github.com/smartbugs/smartbugs.

[13]

J. F. Ferreira, P. Cruz, T. Durieux, and R. Abreu. 2020. SmartBugs: A framework to analyze solidity smart contracts. In Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE’20). IEEE Computer Society, Los Alamitos, CA, 1349–1352. https://doi.ieeecomputersociety.org/.

Digital Library

[14]

Enrique Fynn, Alysson Bessani, and Fernando Pedone. 2020. Smart contracts on the move. In Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’20). 233–244. DOI:

[15]

go ethereum. [n.d.]. Command-line Options. Retrieved from https://geth.ethereum.org/docs/interface/command-line-options.

[16]

Neville Grech, Lexi Brent, Bernhard Scholz, and Yannis Smaragdakis. 2019. Gigahorse: Thorough, declarative decompilation of smart contracts. In Proceedings of the IEEE/ACM 41st International Conference on Software Engineering (ICSE’19). 1176–1186. DOI:

Digital Library

[17]

Ákos Hajdu and Dejan Jovanović. 2020. SMT-friendly formalization of the solidity memory model. In Programming Languages and Systems, Peter Müller (Ed.). Springer International Publishing, Cham, 224–250.

[18]

Pieter H. Hartel and Mark van Staalduinen. 2019. Truffle tests for free - replaying ethereum smart contracts for transparency. arxiv:1907.09208. Retrieved from http://arxiv.org/abs/1907.09208.

[19]

MyEtherWallet Inc. [n.d.]. Internal Transactions: What Do They Mean? Retrieved from https://kb.myetherwallet.com/en/transactions/internal-transactions/.

[20]

Thomas Lisankie Joshua. [n.d.]. Ethereum Virtual Machine (EVM). Retrieved from https://ethereum.org/en/developers/docs/evm/.

[21]

josselinfeist. [n.d.]. How Contract Migration Works. Retrieved August 12, 2020 from https://blog.trailofbits.com/2018/10/29/how-contract-migration-works/.

[22]

RSK Labs. [n.d.]. RSK ETH Token Bridge. Retrieved from https://developers.rsk.co/tools/tokenbridge/.

[23]

Sifis Lagouvardos, Neville Grech, Ilias Tsatiris, and Yannis Smaragdakis. 2020. Precise static modeling of ethereum “Memory.”Proc. ACM Program. Lang. 4 (Nov.2020), Article 190, 26 pages. DOI:

Digital Library

[24]

P. H. Madore. 2019. Deloitte Ditches Ethereum for VeChain, Brags about Overtaking Bitcoin Transactions. Retrieved from https://finance.yahoo.com/news/deloitte-ditches-ethereum-vechain-brags-065730503.html?guccounter=1.

[25]

Post author “By Mario.”2020. Storage vs. Memory vs. Stack in Solidity; Ethereum—Dlt-repo. Retrieved from https://dlt-repo.net/storage-vs-memory-vs-stack-in-solidity-ethereum/.

[26]

Bertrand Meyer. 2019. Soundness and Completeness: With Precision. Retrieved from https://cacm.acm.org/blogs/blog-cacm/236068-soundness-and-completeness-with-precision/fulltext.

[27]

Annaliese Milano and Taryana Odayar. 2018. Token Swaps: What Are They, How They Work and Why They’re Happening Now. CoinDesk Latest Headlines RSS. Retrieved from https://www.coindesk.com/markets/2018/06/16/token-swaps-what-are-they-how-they-work-why-theyre-happening-now/.

[28]

olha.hlebiv. 2018. Ethereum Smart-contract Storage. Retrieved September 12, 2020 from https://applicature.com/blog/blockchain-technology/ethereum-smart-contract-storage.

[29]

Qubicles. 2019. Migrating Ethereum Qubicle Tokens to the Telos Chain of EOS.IO Using the EOS21 Protocol. Retrieved from https://qubicles.medium.com/migrating-ethereum-qubicle-tokens-to-the-telos-chain-of-eos-io-using-the-eos21-protocol-e79c14fcf112.

[30]

Richard. 2018. Prepare Yourself for the Safex Blockchain Swap. Retrieved from https://safexnews.net/prepare-for-safex-blockchain-swap/.

[31]

Michael Rodler, Wenting Li, Ghassan O. Karame, and Lucas Davi. 2020. EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts. arXiv:2010.00341. Retrieved from https://arxiv.org/abs/2010.00341.

[32]

Vaibhav Saini. [n.d.]. Getting Deep into EVM: How Ethereum Works Backstage. Retrieved from https://hackernoon.com/getting-deep-into-evm-how-ethereum-works-backstage-ac7efa1f0015.

[33]

Yanniss Smaragdakis. [n.d.]. From Soundiness to Soundness. Retrieved from https://yanniss.github.io/M221/soundness.pdf.

[34]

Peter Szilagyi. 2021. Geth v1.10.0. Retrieved from https://blog.ethereum.org/2021/03/03/geth-v1-10-0/.

[35]

T. Takenobu [n.d.]. Ethereum EVM Illustrated. Retrieved from https://takenobu-hs.github.io/downloads/ethereum_evm_illustrated.pdf.

[36]

Crypto Market Pool Team. 2021. Access Private Data on the Ethereum Blockchain. Retrieved from https://cryptomarketpool.com/access-private-data-on-the-eth-blockchain/.

[37]

Parity Technologies. 2019. A Postmortem on the Parity Multi-Sig Library Self-Destruct. Retrieved from https://www.parity.io/a-postmortem-on-the-parity-multi-sig-library-self-destruct/.

[38]

vasa. [n.d.]. How to Write Upgradable Smart Contracts (Smart Contract Versioning). Retrieved August 12, 2020 from https://medium.com/swlh/how-to-write-upgradable-smart-contracts-smart-contract-versioning-5ff5ce035732/.Accessed: 2020-08-12.

[39]

Martin Westerkamp. 2019. Verifiable smart contract portability. arXiv:1902.03868. Retrieved from http://arxiv.org/abs/1902.03868.

[40]

Muhammad Ahmad Zafar, Falak Sher, Muhammad Umar Janjua, and Salman Baset. 2018. Sol2js: Translating solidity contracts into Javascript for hyperledger fabric. In Proceedings of the 2nd Workshop on Scalable and Resilient Infrastructures for Distributed Ledgers (SERIAL’18). Association for Computing Machinery, New York, NY, 19–24. DOI:

Digital Library

[41]

Peilin Zheng, Zibin Zheng, and Hongning Dai. 2019. XBlock-ETH: Extracting and exploring blockchain data from ethereum. arXiv:1911.00169. Retrieved from http://arxiv.org/abs/1911.00169.

[42]

Susan Moore Gartner. 2018. Top 3 Blockchain and Data Management Myths. Retrieved from https://www.gartner.com/smarterwithgartner/top-3-blockchain-and-data-management-myths/.

[43]

josselinfeist. 2018. Contract Upgrade Anti-patterns. Retrieved October 23, 2020 from https://blog.trailofbits.com/2018/09/05/contract-upgrade-anti-patterns/.

[44]

vasa. 2020. How to Write Upgradable Smart Contracts (Smart Contract Versioning). Retrieved October 23, 2020 from https://medium.com/swlh/how-to-write-upgradable-smart-contracts-smart-contract-versioning-5ff5ce035732.

Cited By

Ayub MKhan MJanjua M(2024)Sound analysis and migration of data from Ethereum smart contractsAutomated Software Engineering10.1007/s10515-024-00422-331:1Online publication date: 29-Feb-2024
https://dl.acm.org/doi/10.1007/s10515-024-00422-3
Henry TTucci-Piergiovanni S(2024)Secure Proof Verification Blockchain PatternsBusiness Process Management: Blockchain, Robotic Process Automation, Central and Eastern European, Educators and Industry Forum10.1007/978-3-031-70445-1_5(71-88)Online publication date: 1-Sep-2024
https://doi.org/10.1007/978-3-031-70445-1_5
Goel SMazzara M(2024)Early Design Mechanism for Upgrading Smart Contract Business ProcessesComplex, Intelligent and Software Intensive Systems10.1007/978-3-031-70011-8_17(184-195)Online publication date: 6-Sep-2024
https://doi.org/10.1007/978-3-031-70011-8_17

Index Terms

Storage State Analysis and Extraction of Ethereum Blockchain Smart Contracts
1. Software and its engineering
  1. Software creation and management
    1. Software development techniques
      1. Software prototyping
  2. Software notations and tools
    1. Software maintenance tools

Recommendations

Empirical review of automated analysis tools on 47,587 Ethereum smart contracts
ICSE '20: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering

Over the last few years, there has been substantial research on automated analysis, testing, and debugging of Ethereum smart contracts. However, it is not trivial to compare and reproduce that research. To address this, we present an empirical evaluation ...
Sound analysis and migration of data from Ethereum smart contracts
Abstract
With the addition of multiple blockchain platforms in the ecosystem, the Dapp owners need to migrate their smart contracts from one platform to another to remain competitive, cost-effective, and secure. A smart contract is a piece of code that ...
Empirical vulnerability analysis of automated smart contracts security testing on blockchains
CASCON '18: Proceedings of the 28th Annual International Conference on Computer Science and Software Engineering

The emerging blockchain technology supports decentralized computing paradigm shift and is a rapidly approaching phenomenon. While blockchain is thought primarily as the basis of Bitcoin, its application has grown far beyond cryptocurrencies due to the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Software Engineering and Methodology

ACM Transactions on Software Engineering and Methodology Volume 32, Issue 3

May 2023

937 pages

ISSN:1049-331X

EISSN:1557-7392

DOI:10.1145/3594533

Editor:
Mauro Pezzè
USI Università della Svizzera italiana and SIT Schaffhausen Institute of Technology, Switzerland

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 April 2023

Online AM: 29 July 2022

Accepted: 29 June 2022

Revised: 22 April 2022

Received: 07 July 2021

Published in TOSEM Volume 32, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
767
Total Downloads

Downloads (Last 12 months)419
Downloads (Last 6 weeks)18

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ayub MKhan MJanjua M(2024)Sound analysis and migration of data from Ethereum smart contractsAutomated Software Engineering10.1007/s10515-024-00422-331:1Online publication date: 29-Feb-2024
https://dl.acm.org/doi/10.1007/s10515-024-00422-3
Henry TTucci-Piergiovanni S(2024)Secure Proof Verification Blockchain PatternsBusiness Process Management: Blockchain, Robotic Process Automation, Central and Eastern European, Educators and Industry Forum10.1007/978-3-031-70445-1_5(71-88)Online publication date: 1-Sep-2024
https://doi.org/10.1007/978-3-031-70445-1_5
Goel SMazzara M(2024)Early Design Mechanism for Upgrading Smart Contract Business ProcessesComplex, Intelligent and Software Intensive Systems10.1007/978-3-031-70011-8_17(184-195)Online publication date: 6-Sep-2024
https://doi.org/10.1007/978-3-031-70011-8_17
Wang CLiu XLi HDi XCong LZhang SQi H(2023)Smart contract-based integrity audit method for IoTInformation Sciences: an International Journal10.1016/j.ins.2023.119413647:COnline publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.ins.2023.119413

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View full text|Download PDF

View Issue’s Table of Contents