Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
194 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

How to Save My Gas Fees: Understanding and Detecting Real-world Gas Issues in Solidity Programs (2403.02661v1)

Published 5 Mar 2024 in cs.SE

Abstract: The execution of smart contracts on Ethereum, a public blockchain system, incurs a fee called gas fee for its computation and data-store consumption. When programmers develop smart contracts (e.g., in the Solidity programming language), they could unknowingly write code snippets that unnecessarily cause more gas fees. These issues, or what we call gas wastes, could lead to significant monetary waste for users. Yet, there have been no systematic examination of them or effective tools for detecting them. This paper takes the initiative in helping Ethereum users reduce their gas fees in two important steps: we conduct the first empirical study on gas wastes in popular smart contracts written in Solidity by understanding their root causes and fixing strategies; we then develop a static tool, PeCatch, to effectively detect gas wastes with simple fixes in Solidity programs based on our study findings. Overall, we make seven insights and four suggestions from our gas-waste study, which could foster future tool development, language improvement, and programmer awareness, and develop eight gas-waste checkers, which pinpoint 383 previously unknown gas wastes from famous Solidity libraries.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (82)
  1. Formally Verified EVM Block-Optimizations. In Proceedings of the 35th International Conference on Computer Aided Verification (CAV ’23). Paris, France.
  2. Synthesis of super-optimized smart contracts using max-smt. In Proceedings of the 32nd International Conference on Computer Aided Verification (CAV ’20). Springer, 177–200.
  3. SolCMC: Solidity Compiler’s Model Checker. In Proceedings of the 34th International Conference on Computer Aided Verification (CAV ’22). Haifa, Israel.
  4. Massimo Bartoletti and Livio Pompianu. 2017. An Empirical Analysis of Smart Contracts: Platforms, Applications, and Design Patterns. In Financial Cryptography and Data Security.
  5. BitInfoCharts. 2023. Ethereum (ETH) price stats and information. https://bitinfocharts.com/ethereum/
  6. Characterizing efficiency optimizations in solidity smart contracts. In 2020 IEEE International Conference on Blockchain (Blockchain ’20). IEEE, 281–290.
  7. Characterizing efficiency optimizations in solidity smart contracts. In Proceedings of the 2020 IEEE International Conference on Blockchain (Blockchain ’20). IEEE, 281–290.
  8. Chainlink. 2023. Top 6 Smart Contract Languages in 2023. https://chain.link/education-hub/smart-contract-programming-languages
  9. A Study of Inline Assembly in Solidity Smart Contracts. (2022).
  10. Gaschecker: Scalable analysis for discovering gas-inefficient smart contracts. IEEE Transactions on Emerging Topics in Computing 9, 3 (2020), 1433–1448.
  11. Under-optimized smart contracts devour your money. In Proceedings of the 24th IEEE international conference on software analysis, evolution and reengineering (SANER ’17). IEEE, 442–446.
  12. Towards saving money in using smart contracts. In Proceedings of the 2018 IEEE/ACM 40th international conference on software engineering: New ideas and emerging technologies results (ICSE-NIER ’18). IEEE, 81–84.
  13. Detecting Performance Anti-patterns for Applications Developed Using Object-relational Mapping. In Proceedings of the 36th International Conference on Software Engineering (ICSE ’14). Hyderabad, India.
  14. Tyr: Finding consensus failure bugs in blockchain system with behaviour divergent model. In 2023 IEEE Symposium on Security and Privacy (SP).
  15. Adaptive Performance Anomaly Detection for Online Service Systems via Pattern Sketching. In Proceedings of the 44th International Conference on Software Engineering (ICSE ’22). Pittsburgh, Pennsylvania.
  16. Crytic. 2023. Slither, the Solidity source analyzer. https://github.com/crytic/slither
  17. Yufei Ding and Xipeng Shen. 2017. GLORE: Generalized Loop Redundancy Elimination Upon LER-notation. In Proceedings of the ACM on Programming Languages (OOPSLA ’17). Vancouver, BC, Canada.
  18. Towards the Use of the Readily Available Tests from the Release Pipeline as Performance Tests: Are We There Yet?. In Proceedings of the 42nd International Conference on Software Engineering (ICSE ’20). Seoul, South Korea.
  19. A scalable technique for characterizing the usage of temporaries in framework-intensive Java applications. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE ’08). Atlanta, GA, USA.
  20. ECMA. 2023. ECMA-262. https://www.ecma-international.org/publications-and-standards/standards/ecma-262/
  21. Ethereum. [n. d.]. GAS AND FEES. https://ethereum.org/en/developers/docs/gas/
  22. Ethereum. 2023a. Ethereum. https://ethereum.org/en/
  23. Ethereum. 2023b. The Optimizer. https://docs.soliditylang.org/en/latest/internals/optimizer.html
  24. Etherscan. 2023. Ethereum Gas Tracker. https://etherscan.io/gastracker
  25. Faizan Nehal. 2023. How Solidity 0.8 protect against integer underflow/overflow and how they can still happen in Solidity 0.8. https://faizannehal.medium.com/how-solidity-0-8-protect-against-integer-underflow-overflow-and-how-they-can-still-happen-7be22c4ab92f
  26. PerfBlower: Quickly Detecting Memory-Related Performance Problems via Amplification. In Proceedings of the 29th European Conference on Object-Oriented Programming (ECOOP ’15). Prague, Czech Republic.
  27. Gabriel Delight. 2023. A Comprehensive Guide To Gas And Gas Price In Solidity. https://blog.openreplay.com/a-comprehensive-guide-to-gas-and-gas-price-in-solidity/
  28. eTainter: detecting gas-related vulnerabilities in smart contracts. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA ’22). 728–739.
  29. Madmax: Surviving out-of-gas conditions in ethereum smart contracts. Proceedings of the ACM on Programming Languages 2, OOPSLA (2018), 1–27.
  30. PerfSig: Extracting Performance Bug Signatures via Multi-Modality Causal Analysis. In Proceedings of the 44th International Conference on Software Engineering (ICSE ’22). Pittsburgh, Pennsylvania.
  31. Understanding and detecting real-world performance bugs. In Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’12). Beijing, China.
  32. Finding latent performance bugs in systems implementations. In Proceedings of the Eighteenth ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE ’10). Santa Fe, NM, USA.
  33. Characterizing and Detecting Gas-Inefficient Patterns in Smart Contracts. Journal of Computer Science and Technology 37, 1 (2022), 67–82.
  34. SafePay on Ethereum: A Framework For Detecting Unfair Payments in Smart Contracts. In 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS). 1219–1222. https://doi.org/10.1109/ICDCS47774.2020.00116
  35. Have Things Changed Now? An Empirical Study of Bug Characteristics in Modern Open Source Software. In Proceedings of the 1st Workshop on Architectural and System Support for Improving Software Dependability (ASID ’06). San Jose, California.
  36. ReGuard: Finding Reentrancy Bugs in Smart Contracts. In Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings (ICSE ’18). Gothenburg, Sweden.
  37. Automatic Detection of Performance Bugs in Database Systems Using Equivalent Queries. In Proceedings of the 44th International Conference on Software Engineering (ICSE ’22). Pittsburgh, Pennsylvania.
  38. Characterizing and Detecting Performance Bugs for Smartphone Applications. In Proceedings of the 36th International Conference on Software Engineering (ICSE ’14). Hyderabad, India.
  39. LLVM. 2023. LLVM’s Analysis and Transform Passes. https://llvm.org/docs/Passes.html
  40. Zohar Manna. 1969. The correctness of programs. J. Comput. System Sci. 3, 2 (1969), 119–127.
  41. Low-resource eclipse attacks on ethereum’s peer-to-peer network. Cryptology ePrint Archive (2018).
  42. Markus Waas. 2022. Top 7 Reasons To Learn Solidity Programming ASAP. https://zerotomastery.io/blog/top-7-reasons-to-learn-solidity-programming/
  43. Julian Nagele and Maria Anna Schett. 2020. Blockchain Superoptimizer. ArXiv abs/2005.05912 (2020). https://api.semanticscholar.org/CorpusID:218596321
  44. Smart Contracts Refinement for Gas Optimization. In Proceedings of the 2021 3rd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS ’21). IEEE, 229–236.
  45. Khanh Nguyen and Guoqing Xu. 2013. Cachetor: Detecting Cacheable Data to Remove Bloat. In Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (FSE ’13). Saint Petersburg, Russia.
  46. GasSaver: A Tool for Solidity Smart Contract Optimization. In Proceedings of the Fourth ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI ’22). Nagasaki, Japan, 125–134.
  47. CARAMEL: Detecting and Fixing Performance Problems That Have Non-Intrusive Fixes. In Proceedings of the 37th International Conference on Software Engineering - Volume 1 (ICSE ’15). Piscataway, NJ, USA.
  48. Toddler: Detecting Performance Problems via Similar Memory-Access Patterns. In Proceedings of the 2013 International Conference on Software Engineering (ICSE ’13). Piscataway, NJ, USA.
  49. Static Detection of Asymptotic Performance Bugs in Collection Traversals. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’15). Portland, OR, USA.
  50. OpenZeppelin. 2023. OpenZeppelin Contracts is a library for secure smart contract development. https://github.com/OpenZeppelin/openzeppelin-contracts
  51. PeCatch. 2023a. Measured Gas Wastes. https://github.com/PeCatch-Artifact/PeCatch-Artifact/tree/main/results/gas%20impact-bugs
  52. PeCatch. 2023b. The code and results for PLDI 2024 Artifact Evaluation. https://github.com/PeCatch-Artifact/PeCatch-Artifact
  53. A Massive Analysis of Ethereum Smart Contracts Empirical Study and Code Metrics. IEEE Access 7 (2019), 78194–78213. https://doi.org/10.1109/ACCESS.2019.2921936
  54. Towards automated reentrancy detection for smart contracts based on sequential models. IEEE Access 8 (2020), 19685–19695.
  55. Understanding memory and thread safety practices and issues in real-world Rust programs. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’20). London, UK.
  56. Jolt: Lightweight Dynamic Analysis and Removal of Object Churn. In Proceedings of the 23rd ACM SIGPLAN Conference on Object-oriented Programming Systems Languages and Applications (OOPSLA ’08) (Nashville, TN, USA).
  57. solmate. 2023. Modern, opinionated, and gas optimized building blocks for smart contract development. https://github.com/transmissions11/solmate
  58. Linhai Song and Shan Lu. 2017. Performance Diagnosis for Inefficient Loops. In Proceedings of the 39th International Conference on Software Engineering (ICSE ’17). Buenos Aires, Argentina.
  59. Pinpointing Performance Inefficiencies in Java. In Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE ’19). Tallinn, Estonia.
  60. Swathi Kashettar. 2023. Top 5 Blockchain Programming Languages for Smart Contracts. https://www.analyticsinsight.net/top-5-blockchain-programming-languages-for-smart-contracts/
  61. Smart Contracts Software Metrics: a First Study. https://doi.org/10.13140/RG.2.2.25506.12483
  62. Understanding Real-World Concurrency Bugs in Go. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ’19). Providence, RI.
  63. uniswap-lib. 2023. Solidity libraries that are shared across Uniswap contracts. https://github.com/Uniswap/solidity-lib
  64. Detecting Nondeterministic Payment Bugs in Ethereum Smart Contracts. (2019).
  65. Wikipedia. 2023a. Ethereum. https://en.wikipedia.org/wiki/Ethereum
  66. Wikipedia. 2023b. OpenSea. https://en.wikipedia.org/wiki/OpenSea
  67. Wikipedia. 2023c. Smart contract. https://en.wikipedia.org/wiki/Smart_contract
  68. Wikipedia. 2023d. Solidity. https://en.wikipedia.org/wiki/Solidity
  69. Wikipedia. 2023e. Uniswap. https://en.wikipedia.org/wiki/Uniswap
  70. Karl Wüst and Arthur Gervais. 2016. Ethereum eclipse attacks. Technical Report. ETH Zurich.
  71. Guoqing Xu. 2012. Finding Reusable Data Structures. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA ’12). Tucson, AZ, USA.
  72. Guoqing Xu. 2013. Resurrector: A Tunable Object Lifetime Profiling Technique for Optimizing Real-world Programs. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA ’13). Indianapolis, IN, USA.
  73. Go with the flow: profiling copies to find runtime bloat. In Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’09). Dublin, Ireland.
  74. LeakChaser: Helping Programmers Narrow Down Causes of Memory Leaks. In Proceedings of the 32Nd ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’11). San Jose, CA, USA.
  75. Am I eclipsed? A smart detector of eclipse attacks for Ethereum. Computers & Security 88 (2020), 101604.
  76. Finding low-utility data structures. In Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’10). Toronto, ON, Canada.
  77. Guoqing Xu and Atanas Rountev. 2010. Detecting inefficiently-used containers to avoid bloat. In Proceedings of the 31st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI ’10). Toronto, ON, Canada.
  78. Static Detection of Loop-invariant Data Structures. In Proceedings of the 26th European Conference on Object-Oriented Programming (ECOOP ’12). Beijing, China.
  79. Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE ’20).
  80. How Not to Structure Your Database-Backed Web Applications: A Study of Performance Bugs in the Wild. In Proceedings of the 40th International Conference on Software Engineering (ICSE ’18). Gothenburg, Sweden.
  81. Finding consensus bugs in ethereum via multi-transaction differential fuzzing. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI ’21). 349–365.
  82. Automatically Identifying Performance Issue Reports with Heuristic Linguistic Patterns. In Proceedings of the 2020 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE ’20). Virtual Event, USA.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now