Finding The Greedy, Prodigal, and Suicidal Contracts at Scale (1802.06038v2)

Abstract: Smart contracts---stateful executable objects hosted on blockchains like Ethereum---carry billions of dollars worth of coins and cannot be updated once deployed. We present a new systematic characterization of a class of trace vulnerabilities, which result from analyzing multiple invocations of a contract over its lifetime. We focus attention on three example properties of such trace vulnerabilities: finding contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone. We implemented MAIAN, the first tool for precisely specifying and reasoning about trace properties, which employs inter-procedural symbolic analysis and concrete validator for exhibiting real exploits. Our analysis of nearly one million contracts flags 34,200 (2,365 distinct) contracts vulnerable, in 10 seconds per contract. On a subset of3,759 contracts which we sampled for concrete validation and manual analysis, we reproduce real exploits at a true positive rate of 89%, yielding exploits for3,686 contracts. Our tool finds exploits for the infamous Parity bug that indirectly locked 200 million dollars worth in Ether, which previous analyses failed to capture.

• The paper introduces \codename, a novel tool that employs inter-procedural symbolic analysis and concrete validation to detect trace vulnerabilities in Ethereum smart contracts at scale.
• The paper achieves true positive rates of approximately 97% for prodigal and 99% for suicidal vulnerabilities, validating its robust methodology.
• The paper highlights the practical impact of its approach by preventing financial losses, as demonstrated by detecting critical issues like the Parity Wallet bug.

Analysis of Trace Vulnerabilities in Ethereum Smart Contracts

This paper presents a detailed paper of trace vulnerabilities within Ethereum smart contracts. The authors introduce a novel classification and detection method that addresses the greedy, prodigal, and suicidal behaviors of smart contracts. These behaviors are critical as they can result in the indefinite locking of funds, leakage of assets, or unintended contract termination.

Smart Contract Vulnerabilities

Smart contracts are immutable, autonomously-executed programs on blockchain platforms like Ethereum. While offering numerous benefits, such as tamper-proof execution, they also pose substantial security risks once deployed, due to their irreversibility. This work focuses on identifying trace vulnerabilities, which manifest over multiple invocations of a contract during its lifecycle.

The paper defines three trace vulnerabilities:

1. Prodigal Contracts: These contracts inadvertently transfer funds to unauthorized addresses.
2. Suicidal Contracts: Contracts that can be terminated by arbitrary users, potentially locking or misdirecting any remaining funds.
3. Greedy Contracts: These remain perpetually alive without releasing locked funds, often due to missing or unreachable code paths allowing fund transfer.

Methodology and Tool: \codename

The authors developed \codename, a tool for detecting trace vulnerabilities at scale. It employs inter-procedural symbolic analysis and a concrete validator for conducting analyses directly from bytecode, circumventing the limitation of unavailable source code. \codename was applied to nearly one million contracts, highlighting the widespread nature of these vulnerabilities.

Key findings and results from the tool include:

• Trace Analysis: The tool identified 1,504 prodigal, 1,495 suicidal, and 31,201 potentially greedy contracts.
• Concrete Validation: Among a subset of analyzed contracts, prodigal and suicidal classifications showed true positive rates of approximately 97% and 99%, respectively.
• Parity Bug Detection: \codename successfully detected the notorious Parity Wallet Library bug, which locked $200 million in Ether, showcasing its efficacy in identifying high-impact vulnerabilities.

Impact and Implications

This research has both practical and theoretical implications:

• Practical Significance: By identifying vulnerabilities, \codename helps prevent financial losses and increases code security by enabling contract auditors and developers to address vulnerabilities before deployment.
• Theoretical Contributions: The classification into trace vulnerabilities extends the understanding of smart contract security beyond static or dynamic analysis of single invocations.

Future Directions

The development of tools like \codename opens new avenues for improving blockchain security practices. Future research may focus on:

• Enhanced Detection Techniques: Incorporating more sophisticated analyses to capture and handle complex contract interactions.
• Tool Integration: Leveraging such tools in continuous integration and deployment pipelines to systematically reduce vulnerabilities.
• Broader Application: Applying this approach to other blockchain platforms to improve the robustness of decentralized applications universally.

In conclusion, this paper makes a significant contribution to the field of blockchain security by systematically identifying and addressing trace vulnerabilities in Ethereum smart contracts. The methodologies and tools developed provide both immediate utility and a foundation for future advancements in secure smart contract development.