A layered approach to improving Blockchain systems security

During the past several years, blockchain systems have gained a lot of traction and adoption, with during peak periods, the total capitalisation of these systems exceeding 2 trillion. Given the permissionless nature of blockchain systems and their large scope in terms of software - e.g. distributed consensus, untrusted program execution - numerous attack vectors need to be studied, understood and protected against for blockchain systems to be able to deliver their promises of a safer financial system. In this thesis, we study and contribute to improving the security of various parts of the blockchain stack, from the execution to the application layer. We start with one of the lowest layers of the Ethereum blockchain stack, the EVM, and study the resource metering mechanism that is used to limit the total amount of resources that can be consumed by a smart contract. We discover inconsistencies in the metering mechanism and show and responsibly disclose that it would have been possible to execute transactions that would result in a denial of service attack on the Ethereum blockchain. Our findings were part of the motivation of Ethereum for changing some of its gas metering mechanisms. We then broaden our analysis to other blockchain systems and study how different fee mechanisms affect the transactional throughput as well as the usage of the blockchain. We discover that low fees, which are in theory attractive to users, can lead to a lot of spam. We find that for two of the blockchain we analyse, EOS and Ripple, this type of spam leads to system outages where the blockchain is unable to process transactions. Finally, we find that a common motivation for spam transactions is to artificially inflate the activity of the application layer, through wash-trading for example. In the last main chapter of this thesis, we move to the application layer and turn our focus on decentralised finance (DeFi) ecosystem, which is one of the most prevalent types of application implemented on top of blockchain systems. We start by giving formal definitions of the different types of security, namely technical and economic security. With that definition in mind, in the first part of this chapter, we study technical security exploits and develop an automated tool to detect on-chain exploits. We find that the majority of the exploits found through techniques such as program analysis are not exploited in practice, either because of the lack of feasibility of the exploit or because of the lack of economic incentive to do so. In the second part of this chapter, we focus on economic security and study the liquidation mechanism that is used to protect the users of DeFi lending protocols. We highlight how the efficiency of the liquidations has increased over time, and how depegging events of stablecoin have caused very large amounts of liquidations because of the over-confidence in their stability.Open Acces

The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts

In recent years, Ethereum gained tremendously in popularity, growing from a daily transaction average of 10K in January 2016 to an average of 500K in January 2020. Similarly, smart contracts began to carry more value, making them appealing targets for attackers. As a result, they started to become victims of attacks, costing millions of dollars. In response to these attacks, both academia and industry proposed a plethora of tools to scan smart contracts for vulnerabilities before deploying them on the blockchain. However, most of these tools solely focus on detecting vulnerabilities and not attacks, let alone quantifying or tracing the number of stolen assets. In this paper, we present Horus, a framework that empowers the automated detection and investigation of smart contract attacks based on logic-driven and graph-driven analysis of transactions. Horus provides quick means to quantify and trace the flow of stolen assets across the Ethereum blockchain. We perform a large-scale analysis of all the smart contracts deployed on Ethereum until May 2020. We identified 1,888 attacked smart contracts and 8,095 adversarial transactions in the wild. Our investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant. Finally, we also demonstrate the practicality of our framework via an in-depth analysis on the recent Uniswap and Lendf.me attacks

Static Analysis for Detecting Side Effects in Ethereum Smart Contracts

Το Ethereum είναι το πιο διαδεδομένο blockchain στο οποίο εκτελούνται smart contracts. Τα τελευταία χρόνια, η δημοτικότητα των εφαρμογών που δημιουργούνται με τη χρήση των smart contracts έχει αυξηθεί κατακόρυφα. Το Gigahorse είναι ένα Framework, μέσω του οποίου μπορεί να γίνει decompilation από EVM bytecodes αλλά και στατικές αναλύσεις για smart contracts. Σκοπός της πτυχιακής εργασίας είναι να παραχθούν στατιστικά για το κατα πόσο υπάρχουν side effects σε public signatures, με σκοπό να καταγραφεί η συνέπεια στον προγραμματισμό των public functions, να αναγνωριστούν ύποπτες συμπεριφορές τους και να υπάρχει μία σφαιρική εικόνα όταν ελέγχονται smart contracts με γνωστά signatures. Για να γίνει αυτό υλοποιήθηκε μία ανάλυση σε souffle η οποία βρίσκει τα side effects στα public signatures από κάθε smart contract στο mainnet του Ethereum και στη συνέχεια υπολογίστηκαν τα στατιστικά, σε τι ποσοστό δηλαδή εμφάνισης ενός public signature υπάρχουν side effects.Ethereum is the most widespread blockchain in which smart contracts are executed. In recent years, the applications that are built using smart contracts have gained mass appeal that keeps growing. Gigahorse is a framework that decompiles EVM bytecode and can run static analyses on smart contracts. The goal of this thesis is to produce useful statistics about the presence of side effects in the public functions of smart contracts in the main net of Ethereum, in order to document the consistency of the programming of public functions, acknowledge suspicious practices and have a global picture when auditing smart contracts with public signatures