Research Pulse #81 09/05/2022

  1. SoK: Decentralized Finance (DeFi) Incidents
    Authors: Liyi Zhou, Xihan Xiong, Jens Ernstberger, Stefanos Chaliasos, Zhipeng Wang, Ye Wang, Kaihua Qin, Roger Wattenhofer, Dawn Song, and Arthur Gervais

Within just four years, the blockchain-based Decentralized Finance (DeFi) ecosystem has accumulated a peak total value locked (TVL) of more than 253 billion USD. This surge in DeFi’s popularity has, unfortunately, been accompanied by many impactful incidents. According to our data, users, liquidity providers, speculators, and protocol operators suffered a total loss of at least 3.24 billion USD from Apr 30, 2018 to Apr 30, 2022. Given the blockchain’s transparency and increasing incident frequency, two questions arise: How can we systematically measure, evaluate, and compare DeFi incidents? How can we learn from past attacks to strengthen DeFi security?
In this paper, we introduce a common reference frame to systematically evaluate and compare DeFi incidents. We investigate 77 academic papers, 30 audit reports, and 181 real-world incidents. Our open data reveals several gaps between academia and the practitioners’ community. For example, few academic papers address “price oracle attacks” and “permissonless interactions”, while our data suggests that they are the two most frequent incident types (15% and 10.5% correspondingly). We also investigate potential defenses, and find that: (i) 103 (56%) of the attacks are not executed atomically, granting a rescue time frame for defenders; (ii) SoTA bytecode similarity analysis can at least detect 31 vulnerable/23 adversarial contracts; and (iii) 33 (15.3%) of the adversaries leak potentially identifiable information by interacting with centralized exchanges.

Link to Paper

  • Properly securing DeFi applications can be an extremely challenging task as new types of vulnerabilities are virtually discovered on a weekly basis.
  • As an emerging area, it is crucial to document DeFi security incidents so that smart contract developers can learn from them and not repeat the same mistakes.
  • Given the frequency of DeFi exploits, documentation is often siloed and not sufficiently rich in details, a trend evidenced by the lack of post-mortems.
  • This paper provides a comprehensive analysis of DeFi security incidents and compiles a substantial amount of information on them. In order to contextualize these exploits, the authors present a framework that systematizes different types of vulnerabilities into four layers: DeFi Protocol Layer (Pro), Smart Contract Layer (SC), Blockchain Consensus Layer (CON), and Network Layer (NET).
  1. Auto-Tune: Efficient Autonomous Routing for Payment Channel Networks
    Authors: Hsiang-Jen Hong, Sang-Yoon Chang, and Xiaobo Zhou

Payment Channel Network (PCN) is a scaling solution for Cryptocurrency networks. We advance the practicality of the PCN multi-path routing by better modeling the system to incorporate the cost of routing fee and the privacy requirement of the channel balance. We design our Auto-Tune algorithm to optimize the routing concerning both the success rate and the routing fee and utilizing the limited channel capacity information (due to the privacy of the PCN user, the channel balance information is withheld). The simulation result shows Auto-Tune outperforms the current PCN implementation based on single-path routing in the success rate. We compare Auto-Tune against the state-of-the-art Flash algorithm, utilizing the channel-balance information, violating the PCN user privacy, and diverging from current implementation practices. Auto-Tune achieves the routing fee close to the optimal fee obtained by Flash, and its success rate is also close to the success rate achieved by Flash.

Link to Paper

  • Bitcoin’s Lightning Network continues to gain traction as the industry’s largest Payment Channel Network. Nevertheless, there are still challenges when it comes to increasing the efficiency and assurances of Lightning payments.
  • Over the years, new algorithms have been proposed to address these challenges via improved payment routing, which relates to the path and size permutations that a Lightning payment undergoes before it reaches its final destination.
  • This paper introduces a new routing algorithm called Auto-Tune, which features an interesting set of improvements over the status-quo solution, the Flash algorithm, especially as it relates to routing fees.
  1. Pied-Piper: Revealing the Backdoor Threats in Ethereum ERC Token Contracts
    Authors: Fuchen Ma, Meng Ren, Lerong Ouyang, Yuanliang Chen, Juan Zhu, Ting Chen, Yingli Zheng, Xiao Dai, Yu Jiang, and Jiaguang Sun

With the development of decentralized networks, smart contracts, especially those for ERC tokens, are attracting more and more Dapp users to implement their applications. There are some functions in ERC token contracts that only a specific group of accounts could invoke. Among those functions, some even can influence other accounts or the whole system without prior notice or permission. These functions are referred to as contract backdoors. Once exploited by an attacker, they can cause property losses and harm users’ privacy.
In this work, we propose Pied-Piper, a hybrid analysis method that integrates datalog analysis and directed fuzzing to detect backdoor threats in Ethereum ERC token contracts. First, datalog analysis is applied to abstract the data structures and identification rules related to the threats for preliminary static detection. Then, directed fuzzing is applied to eliminate false positives caused by the static analysis. We first evaluated Pied-Piper on 200 smart contracts, which are injected with different types of backdoors. It reported all problems without false positives, and none of the injected problems was missed. Then, we applied Pied-Piper on 13484 real token contracts deployed on Ethereum. Pied-Piper reported 189 confirmed problems, 4 of which have been assigned unique CVE ids while others are still in the review process. Each contract takes 8.03 seconds for datalog analysis on average, and the fuzzing engine can eliminate the false positives within 1 minute.

Link to Paper

  • At times smart contracts must be able to perform critical actions, such as the minting of tokens, blacklisting of users, or updating a DeFi application to a new version.
  • These actions are implemented as functions in the smart contract, and many have expiration dates given that such functionality can pose non-trivial security risks.
  • This paper evaluates critical functions, specifically in ERC contracts, and provides insights into when these functions are exploited.
  1. Gromit: Benchmarking the Performance and Scalability of Blockchain Systems
    Authors: Bulat Nasrulin, Martijn De Vos, Georgy Ishmaev, and Johan Pouwelse

The growing number of implementations of blockchain systems stands in stark contrast with still limited research on a systematic comparison of performance characteristics of these solutions. Such research is crucial for evaluating fundamental trade-offs introduced by novel consensus protocols and their implementations. These performance limitations are commonly analyzed with ad-hoc benchmarking frameworks focused on the consensus algorithm of blockchain systems. However, comparative evaluations of design choices require macro-benchmarks for uniform and comprehensive performance evaluations of blockchains at the system level rather than performance metrics of isolated components. To address this research gap, we implement Gromit, a generic framework for analyzing blockchain systems. Gromit treats each system under test as a transaction fabric where clients issue transactions to validators. We use Gromit to conduct the largest blockchain study to date, involving seven representative systems with varying consensus models. We determine the peak performance of these systems with a synthetic workload in terms of transaction throughput and scalability and show that transaction throughput does not scale with the number of validators. We explore how robust the subjected systems are against network delays and reveal that the performance of permissoned blockchain is highly sensitive to network conditions.

Link to Paper

  • Over the past two years, the industry has witnessed a Cambrian explosion of smart contract platforms competing with Ethereum.
  • A core tenet spoused by these competitors revolves around scalability: the ability to process dozens of thousands of transactions per second.
  • However, there are several additional factors that must be considered beyond scalability in order to properly assess the virtues and drawbacks of these systems.
  • This paper provides an interesting evaluation framework that enables layer 1s to be properly benchmarked.