Securify: Practical Security Analysis of Smart Contracts (1806.01143v2)

Abstract: Permissionless blockchains allow the execution of arbitrary programs (called smart contracts), enabling mutually untrusted entities to interact without relying on trusted third parties. Despite their potential, repeated security concerns have shaken the trust in handling billions of USD by smart contracts. To address this problem, we present Securify, a security analyzer for Ethereum smart contracts that is scalable, fully automated, and able to prove contract behaviors as safe/unsafe with respect to a given property. Securify's analysis consists of two steps. First, it symbolically analyzes the contract's dependency graph to extract precise semantic information from the code. Then, it checks compliance and violation patterns that capture sufficient conditions for proving if a property holds or not. To enable extensibility, all patterns are specified in a designated domain-specific language. Securify is publicly released, it has analyzed >18K contracts submitted by its users, and is regularly used to conduct security audits by experts. We present an extensive evaluation of Securify over real-world Ethereum smart contracts and demonstrate that it can effectively prove the correctness of smart contracts and discover critical violations.

• The paper introduces Securify, a tool that employs dependency graph analysis and a dual-pattern approach to verify and refute security properties in smart contracts.
• The paper achieves high precision by proving 55.5% of instructions as safe and identifying 29.3% as definite vulnerabilities, reducing manual inspections by 65.9%.
• Securify’s integration of symbolic execution with a domain-specific language establishes a scalable, practical framework for robust blockchain security audits.

Securify: Practical Security Analysis of Smart Contracts

The paper "Securify: Practical Security Analysis of Smart Contracts" by Tsankov et al. presents an automated analyzer for Ethereum smart contracts aimed at addressing pervasive security concerns in the blockchain ecosystem. The authors propose Securify, a tool that leverages both compliance and violation patterns to verify and refute security properties in smart contracts.

The primary concern driving the creation of Securify is the high frequency of critical vulnerabilities found in smart contracts. Recent history has shown multiple instances where security flaws led to significant financial losses, highlighting the need for robust automated verification tools. Securify provides a scalable and fully automated security analysis by focusing on domain-specific properties of smart contracts, a method that promises both precision and efficiency.

Key Contributions

1. Dependency Graph Analysis: Securify starts with a symbolic analysis of a contract's dependency graph, extracting semantic information critical for subsequent verification steps. This step is pivotal in understanding the flow of data and control instructions within the smart contract.
2. Use of Compliance and Violation Patterns: Securify employs a dual-criterion approach: compliance patterns aim to prove the satisfaction of a property, while violation patterns seek to prove its negation. This bifurcated strategy ensures a nuanced analysis that can differentiate between guaranteed safe behaviors and definite vulnerabilities.
3. Domain-Specific Language (DSL): The patterns are specified in a dedicated DSL, allowing for extensibility and customization. This flexibility is crucial for adapting Securify to emerging vulnerabilities and evolving contract functionalities.
4. Practical Utility and Evaluation: The implementation of Securify has been subjected to extensive real-world evaluations, covering over 18,000 smart contracts. This empirical evaluation demonstrates that Securify not only proves properties and discovers violations effectively but also aids in rigorous security audits.

Analysis and Results

The evaluation of Securify in the paper involves two datasets: one comprising over 24,000 contracts and another with 100 contracts written in Solidity. The tool was able to prove and disprove several security properties across these contracts, with specific numeric results highlighting its effectiveness:

• Securify proved $55.5\%$ of the relevant instructions to be safe.
• It identified $29.3\%$ as definite violations.
• The approach reduced the need for manual inspection by $65.9\%.

Comparison with other tools like Oyente and Mythril illustrates Securify's superior precision and lesser false positive rates. These symbolic execution-based tools often fail to guarantee complete coverage, while Securify’s pattern-based analysis ensures all paths are considered.

Implications for Practice and Future Work

The implications of this work are multifaceted:

• Enhanced Security Assurance: By automating the detection of violations and proofs of compliance, Securify stands to greatly enhance the security assurances provided to users of Ethereum smart contracts.
• Reduced Manual Effort: The dual-pattern approach significantly lessens the burden on developers and auditors, who can trust Securify to both catch critical vulnerabilities and affirm safe execution paths.
• Scalability: Securify’s reliance on off-the-shelf Datalog solvers and a declarative approach ensures that it remains scalable, handling real-world contract sizes and complexities efficiently.

Future Directions

Looking forward, several enhancements could further elevate Securify’s capabilities:

• Numerical Analysis Extensions: Incorporating numerical analysis could allow Securify to check for properties like overflows, further broadening its applicability.
• Formal Verification Integration: Integrating Securify with formal EVM semantics and frameworks like KEVM would enhance its validation and offer stronger guarantees.
• Dynamic Checking: Combining Securify’s static analysis with dynamic execution paths or symbolic execution techniques could balance precision and coverage more proficiently.

In conclusion, "Securify: Practical Security Analysis of Smart Contracts" offers a robust, scalable, and extensible solution to the pressing problem of security verification in Ethereum smart contracts. By introducing a novel pattern-based verification approach, it strikes a practical balance between comprehensive coverage and efficient, automated analysis, setting a new standard in the field of blockchain security.