46 research outputs found
A Concurrent Perspective on Smart Contracts
In this paper, we explore remarkable similarities between multi-transactional
behaviors of smart contracts in cryptocurrencies such as Ethereum and classical
problems of shared-memory concurrency. We examine two real-world examples from
the Ethereum blockchain and analyzing how they are vulnerable to bugs that are
closely reminiscent to those that often occur in traditional concurrent
programs. We then elaborate on the relation between observable contract
behaviors and well-studied concurrency topics, such as atomicity, interference,
synchronization, and resource ownership. The described
contracts-as-concurrent-objects analogy provides deeper understanding of
potential threats for smart contracts, indicate better engineering practices,
and enable applications of existing state-of-the-art formal verification
techniques.Comment: 15 page
A Theory of Termination via Indirection
Step-indexed models provide approximations to a class of domain
equations and can prove type safety, partial correctness, and program
equivalence; however, a common misconception is that they
are inapplicable to liveness problems. We disprove this by applying
step-indexing to develop the first Hoare logic of total correctness
for a language with function pointers and semantic assertions.
In fact, from a liveness perspective, our logic is stronger: we verify
explicit time resource bounds. We apply our logic to examples containing
nontrivial "higher-order" uses of function pointers and we
prove soundness with respect to a standard operational semantics.
Our core technique is very compact and may be applicable to other
liveness problems. Our results are machine checked in Coq
Smart Learning to Find Dumb Contracts
We introduce Deep Learning Vulnerability Analyzer (DLVA), a vulnerability
detection tool for Ethereum smart contracts based on powerful deep learning
techniques for sequential data adapted for bytecode. We train DLVA to judge
bytecode even though the supervising oracle, Slither, can only judge source
code. DLVA's training algorithm is general: we "extend" a source code analysis
to bytecode without any manual feature engineering, predefined patterns, or
expert rules. DLVA's training algorithm is also robust: it overcame a 1.25%
error rate mislabeled contracts, and the student surpassing the teacher; found
vulnerable contracts that Slither mislabeled. In addition to extending a source
code analyzer to bytecode, DLVA is much faster than conventional tools for
smart contract vulnerability detection based on formal methods: DLVA checks
contracts for 29 vulnerabilities in 0.2 seconds, a speedup of 10-500x+ compared
to traditional tools.
DLVA has three key components. Smart Contract to Vector (SC2V) uses neural
networks to map arbitrary smart contract bytecode to an high-dimensional
floating-point vector. Sibling Detector (SD) classifies contracts when a target
contract's vector is Euclidian-close to a labeled contract's vector in a
training set; although only able to judge 55.7% of the contracts in our test
set, it has an average accuracy of 97.4% with a false positive rate of only
0.1%. Lastly, Core Classifier (CC) uses neural networks to infer vulnerable
contracts regardless of vector distance. DLVA has an overall accuracy of 96.6%
with an associated false positive rate of only 3.7%
Schooling to Exploit Foolish Contracts
We introduce SCooLS, our Smart Contract Learning (Semi-supervised) engine.
SCooLS uses neural networks to analyze Ethereum contract bytecode and
identifies specific vulnerable functions. SCooLS incorporates two key elements:
semi-supervised learning and graph neural networks (GNNs). Semi-supervised
learning produces more accurate models than unsupervised learning, while not
requiring the large oracle-labeled training set that supervised learning
requires. GNNs enable direct analysis of smart contract bytecode without any
manual feature engineering, predefined patterns, or expert rules.
SCooLS is the first application of semi-supervised learning to smart contract
vulnerability analysis, as well as the first deep learning-based vulnerability
analyzer to identify specific vulnerable functions. SCooLS's performance is
better than existing tools, with an accuracy level of 98.4%, an F1 score of
90.5%, and an exceptionally low false positive rate of only 0.8%. Furthermore,
SCooLS is fast, analyzing a typical function in 0.05 seconds.
We leverage SCooLS's ability to identify specific vulnerable functions to
build an exploit generator, which was successful in stealing Ether from 76.9%
of the true positives
Decidability and Complexity of Tree Share Formulas
Fractional share models are used to reason about how multiple actors share ownership of resources. We examine the decidability and complexity of reasoning over the "tree share" model of Dockins et al. using first-order logic, or fragments thereof. We pinpoint a connection between the basic operations on trees union, intersection, and complement and countable atomless Boolean algebras, allowing us to obtain decidability with the precise complexity of both first-order and existential theories over the tree share model with the aforementioned operations. We establish a connection between the multiplication operation on trees and the theory of word equations, allowing us to derive the decidability of its existential theory and the undecidability of its full first-order theory. We prove that the full first-order theory over the model with both the Boolean operations and the restricted multiplication operation (with constants on the right hand side) is decidable via an embedding to tree-automatic structures