Ethereum Smart Contract Vulnerability Detection Based On Static Analysis

As an important symbol of the era of Blockchain 2.0,smart contracts have the char-acteristics of transparent data,unchangeable attribute and permanent operation,which makes them have inherent strengths in solving the “credit”problem.In recent years,the number and scale of smart contract has been expanding,and their functions have be-come increasingly complex.However,there are some compilation similarities between smart contracts and traditional softwares,weaknesses are inevitably rooted in smart con-tracts accordingly.Smart contracts are vulnerable to hackers in that they are difficult to be fixed and lack evaluation standards to ensure their own qualities.Hackers can expose weaknesses of smart contracts on Ethereum.A few years ago,the DAO attacks resulted in theft of 60 million dollars due to unsecured smart contracts.Although there are some tools related to vulnerability detection of smart contacts in the market,there are relatively few researches on some loopholes like “fake recharge”,“modify owner”,“transfer-Mint”and“mint anyone”.Therefore,this paper uses static analysis technology to detect the vulnerability of smart contracts on Ethereum platform,and designs and implements a vulnerability detection system for them.Primarily,in order to detect the four vulnerabilities of smart contracts more accu-rately,this thesis analyzes the contracts with four vulnerabilities from the source code and the underlying EVM,digs out the operating mechanisms of the four vulnerabilities under the underlying Ethereum virtual machine,summarizes the principles and conditions of the vulnerabilities,and puts forward different detection schemes for the four vulnerabilities according to their underlying operating mechanisms.Then,this thesis designs and implements a vulnerability detection system for smart contracts based on vulnerability detection scheme and symbolic execution technology.In the implementation of symbolic execution,the byte-code of smart contracts is converted into an instruction sequence at first,then the instruction sequence is divided into sev-eral basic blocks,and the control flow graph is constructed by using the jump relation of each basic block.Finally,the vulnerability detection scheme is implemented in the path exploration process.In the implementation process of symbolic execution,the function selector of symbolic execution process is realized according to the underlying function call characteristics of intelligent contract,and the function to which the path belongs can be determined in the process of path exploration.Eventually,this thesis tests 32,412 duplicate smart contracts on Ethereum in batches,and finds out that 1,296 contracts have ”fake deposit” vulnerability,498 contracts have“modify owner”vulnerability(including 4 contracts have arbitrary“modify owner”vul-nerability and 494 contracts CALL modification vulnerability),4 contracts have transfer-Mint vulnerability,and 3 contracts have mint anyone vulnerability.After discovering the vulnerabilities,the real transactions of these vulnerable contracts were analyzed,and 58 attacks which utilizes contract vulnerabilities were counted.