Machine Learning Guided Cross-Contract Fuzzing
Authors: Yinxing Xue, Jiaming Ye, Wei Zhang, Jun Sun, Lei Ma, Haijun Wang, and Jianjun Zhao
Smart contract transactions are increasingly interleaved by crosscontract calls. While many tools have been developed to identify a common set of vulnerabilities to guard smart contracts, the crosscontract vulnerability is however overlooked by existing tools. Cross-contract vulnerabilities are exploitable bugs that manifest in the presence of more than two interacting contracts. Existing methods are however limited to analyze a maximum of two contracts at the same time. Detecting cross-contract vulnerabilities is highly non-trivial. With multiple interacting contracts, the search space is much larger than that of a single contract. To address this problem, we present xFuzz, a machine learning guided smart contract fuzzing framework. The machine learning models are trained with novel features (e.g., word vectors and instructions) and are used to filter likely benign program paths. Comparing with existing static tools, machine learning model is proven to be more robust, avoiding directly adopting manually-defined rules in specific tools. We compare xFuzz with three state-of-the-art tools on 7,391 contracts. xFuzz detects 18 exploitable cross-contract vulnerabilities, of which 15 vulnerabilities are exposed for the first time. Furthermore, our approach is shown to be efficient in detecting non-cross-contract vulnerabilities as well—using less than 20% time as that of other fuzzing tools, xFuzz detects twice as many vulnerabilities.
Layering Quantum-Resistance into Classical Digital Signature Algorithms
Authors: Teik Guan Tan and Jianying Zhou
It is proven that asymmetric key cryptographic systems that rely on Integer Factorization or Discrete Logarithm as the underlying hard problem are vulnerable to quantum computers. Using Shor’s algorithm on a large-enough quantum computer, an attacker can cryptanalyze the public key to obtain the private key in O(logN) time complexity. For systems that use the classical Digital Signature Algorithm (DSA), Rivest-Shamir-Adleman (RSA) algorithm or Elliptic-Curve Digital Signature Algorithm (ECDSA), it means that authentication, data integrity and non-repudiation between the communicating parties cannot be assured in the post-quantum era.
In this paper, we present a novel approach using zero-knowledge proofs on the pre-image of the private signing key to layer in quantum-resistance into digital signature deployments that require longer-term post-quantum protection while maintaining backward compatibility with existing implementations. We show that this approach can extend the cryptographic protection of data beyond the post-quantum era and is also easy to migrate to. An implementation of this approach applying a ZKBoo zero-knowledge proof on ECDSA signatures is realized using a RFC3161-compatible time-stamp server with OpenSSL and an Adobe Acrobat Reader DC.
Hybrid Analysis of Smart Contracts and Malicious Behaviors in Ethereum
Author: Xiaoqi Li
Since its inception, blockchain technology has shown promising application prospects from cryptocurrency to a variety of forms, such as medicine, economics, cloud computing, and so on. As the program deployed and executed in blockchain, smart contract is the core technology in the 2.0 era of blockchain. Through developing smart contracts, developers can realize rich logic and greatly expand the capabilities of blockchain system. As the most popular blockchain system that supports smart contract, Ethereum can complete one million transactions per day.
Since blockchain is one of the core technology in FinTech (Financial Technology) industry, users are very concerned about its security. Some security vulnerabilities and attacks have been recently reported. Note that smart contracts with security vulnerabilities may lead to financial losses. For instance, in June 2016, the criminals attacked the smart contract DAO by exploiting a recursive calling vulnerability, and stole around 60 million dollars. In this thesis, we conduct systematic examination on security risks to popular blockchain systems. We survey the real attacks on popular blockchain systems and analyze the vulnerabilities exploited in these cases. Furthermore, we summarize practical academic achievements for enhancing the security of blockchain, and suggest a few future directions in this area.
More than eight million smart contracts have already been deployed in Ethereum, while only less than 1% are open-source. Unfortunately, facing the bytecodes of deployed smart contracts, it is difficult to quickly and comprehensively understand their details. In this thesis, we propose and implement a system named Stan, which can analyze the runtime bytecodes of smart contract and automatically describe its interfaces in natural language, enabling users to quickly and thoroughly understand closed-source contracts. Given the address of target contract, Stan can automatically acquire its runtime bytecodes and describe every interface from four aspects. The functionality description summarizes the interface’s functionality, and usage description tells the user how to call this interface. The behavior description describes message-call related behaviors within the interface, and payment description describes whether the interface can receive ETH. We analyze bytecodes through symbolic execution and generate readable descriptions following standard workflow of NLG (Natural Language Generation) system. Furthermore, we statically analyze contract source codes to evaluate descriptions’ adequacy and accuracy. We also evaluate descriptions’ readability through questionnaires and statistical methods.
Ethereum has two kinds of accounts: EOA (Externally Owned Account) and contract account. However, not all accounts should be kept. We regard the worthless accounts that deserve to be removed without affecting the normal operations of users and other accounts as erasable accounts. Erasable accounts not only waste system resources and affect the efficiency of blockchain, but also easily waste users’ money. In this thesis, we design and implement a novel tool named Glaser to discover erasable accounts by analyzing the StateDB of Ethereum. In detail, it leverages program analysis techniques to discover contract accounts with worthless runtime bytecodes, and employs state field and transaction analysis to discover EOAs that no one owns their private keys. The accounts discovered by Glaser are worthless and deserve to be removed without affecting the normal operations of other accounts/users. Applying Glaser to all Ethereum accounts, we discovered 508,482 erasable accounts, and more than 99.9% of them are still stored in Ethereum. These erasable accounts have wasted users more than 106 million dollars and can be removed through executing SELFDESTRUCT operation in their runtime bytecodes by users, or removed forcibly by Ethereum officials. Glaser also characterizes erasable accounts through call graph and creation graph analysis.
Gas is the execution fee for running smart contracts in Ethereum. However, we find that under-optimized smart contracts cost more gas than necessary, and therefore the miners or users will be overcharged. In this thesis, we identify seven gas-costly patterns and divide them into two categories: useless-code related patterns, and loop-related patterns. Furthermore, we propose and develop Gasper, a new tool for discovering gas-costly patterns in bytecode automatically. Gasper leverages symbolic execution and it can locate three representative patterns. By applying Gasper to analyze deployed smart contracts, we find that more than 80% smart contracts suffer from these three patterns, respectively. There are already more than 296 thousand kinds of cryptocurrencies built on Ethereum. However, not all cryptocurrencies can be controlled by users. For example, some money is permanently locked in wallets’ accounts due to attacks. In this thesis, we conduct the systematic investigation on locked cryptocurrencies in Ethereum. In particular, we define four categories of accounts with locked cryptocurrencies and develop a novel tool named Clue to discover them. Results show that there are more than one billion dollars value of cryptocurrencies locked in Ethereum. We also analyze the reasons (i.e., attacks/behaviors) why cryptocurrencies are locked. Because the locked cryptocurrencies can never be controlled by users, avoid interacting with the accounts discovered by Clue and repeating the same mistakes again can help users to save money. Keywords: Smart Contract, Ethereum, Program Analysis, Cryptocurrency, Malicious Behavior.
Exploring Blockchain-based Decentralized Exchanges
Author: Benjamin Helmy
Frontrunning has become a frequently discussed subject in the world of cryptocurrencies and decentralized exchanges. This is an act where a malicious attacker reacts to given information by trying to get his transactions executed before another transaction. This thesis covers some base concepts from transactions on the Ethereum blockchain, giving an in depth understanding of gas prices, miners and transaction ordering and how these topics are related to frontrunning. The architecture of the most popular decentralized exchange called Uniswap will be explained and its vulnerabilities to frontrunning. A literature research of blockchain concepts shows that each transaction on the Ethereum blockchain is in need of the native cryptocurrency Ether, which defines how fast a transaction will be executed. The participants who add transactions to the blockchain are called miners and are being incentivised for their services by a fee paid in Ether. Because miners are profit-oriented stakeholders in the Ethereum blockchain ecosystem, the possibility of frontrunning transactions by paying higher gas prices to animate a miner to execute a transaction before another is possible. The fact that miners are profit-oriented also leads to a trade-off between fast and cheap transactions. The Uniswap protocol, which is a system of nonupgradeable smart contracts on the Ethereum blockchain, is powering an approach of an automated market maker and is mostly used for swaps between two ERC-20 tokens. By looking at the architecture of Uniswap there are obviously lucrative possibilities to frontrun various transactions. A final approach tries to put together all previous gathered information by developing an algorithm which automatically tries to frontrun Uniswap transactions.
𝖣𝖤𝖵𝖠 : Decentralized, Verifiable Secure Aggregation for Privacy-Preserving Learning
Authors: Georgia Tsaloli, Bei Liang, Carlo Brunetta, Gustavo Banegas, and Aikaterini Mitrokotsa
Aggregating data from multiple sources is often required in multiple applications. In this paper, we introduce 𝖣𝖤𝖵𝖠 , a protocol that allows a distributed set of servers to perform secure and verifiable aggregation of multiple users’ secret data, while no communication between the users occurs. 𝖣𝖤𝖵𝖠 computes the sum of the users’ input and provides public verifiability, i.e., anyone can be convinced about the correctness of the aggregated sum computed from a threshold amount of servers. A direct application of the 𝖣𝖤𝖵𝖠 protocol is its employment in the machine learning setting, where the aggregation of multiple users’ parameters (used in the learning model), can be orchestrated by multiple servers, contrary to centralized solutions that rely on a single server. We prove the security and verifiability of the proposed protocol and evaluate its performance for the execution time and bandwidth, the verification execution, the communication cost, and the total bandwidth usage of the protocol. We compare our findings to the prior work, concluding that 𝖣𝖤𝖵𝖠 requires less communication cost for a big amount of users.
Spear: fast multi-path payment with redundancy
Authors: Sonbol Rahimpour and Majid Khabbazian
In a payment network, like the Lightning Network, Alice can transfer a payment to Bob by splitting the payment into partial payments and transferring these partial payments through multiple paths. The transfer, however, delays if any of the partial payments fails or delays. To handle this, one can add redundant payment paths. The challenge in doing so is that Bob may now overdraw funds from the redundant paths. To address this, Bagaria, Neu, and Tse introduced Boomerang, a mechanism based on secret sharing and homomorphic one-way functions, which allows Alice to revert the transfer if Bob overdraws.
In this work, we introduce Spear, a simple method with lower latency than Boomerang. In addition, Spear needs significantly less computation, and half the maximum locktime of Boomerang. Unlike Boomerang, Spear can be implemented using only a minor change to the Lightning Network. This minor change enables both Alice and Bob to have control over the release of partial payments. This prevents Bob from ever overdrawing. Another interesting feature of Spear is that it is more robust than Boomerang against malicious intermediate nodes who do not forward payments in an attempt to lock up funds. Finally, Spear trivially supports division of a payment into uneven partial payments. This gives Alice maximum flexibility in dividing her payment into partial payments.
How Can Applications of Blockchain and Artificial Intelligence Improve Performance of Internet of Things? – A Survey
Authors: Priyanka Bothra, Raja Karmakar, Sanjukta Bhattacharya, and Sayantani De
In the era of the Internet of Things (IoT), massive computing devices surrounding us operate and interact with each other to provide several significant services in industries, medical as well as in daily life activities at home, office, education sectors, and so on. The participating devices in an IoT network usually have resource constraints and the devices are prone to different cyber attacks, leading to the loopholes in the security and authentication. As a revolutionized and innovated technology, blockchain, that is applied in cryptocurrency, market prediction, etc., uses a distributed ledger that records transactions securely and efficiently. To utilize the great potential of blockchain, both industries and academia have paid a significant attention to integrate it with the IoT, as reported by several existing literature. On the other hand, Artificial Intelligence (AI) is able to embed intelligence in a system, and thus the AI can be integrated with IoT devices in order to automatically cope with different environments according to the demands. Furthermore, both blockchain and AI can be integrated with the IoT to design an automated secure and robust IoT model, as mentioned by numerous existing works. In this survey, we present a discussion on the IoT, blockchain, and AI, along with the descriptions of several research works that apply blockchain and AI in the IoT. In this direction, we point out strengths and limitations of the related existing researches. We also discuss different open challenges to exploit the full capacities of blockchain and AI in designing an IoT-based model. Therefore, the highlighted challenging issues can open the door for the development of future IoT models which will be intelligent and secure based on the integration of blockchain and AI with the IoT.
Towards Verified Price Oracles for Decentralized Exchange Protocols
Authors: Kinnari Dave, Vilhelm Sjöberg, and Xinyuan Sun
Various smart contracts have been designed and deployed on blockchain platforms to enable cryptocurrency trading, leading to an ever expanding user base of decentralized exchange platforms (DEXs). Automated Market Maker contracts enable token exchange without the need of third party book-keeping. These contracts also serve as price oracles for other contracts, by using a mathematical formula to calculate token exchange rates based on token reserves. However, the price oracle mechanism is vulnerable to attacks both from programming errors and from mistakes in the financial model, and so far their complexity makes it difficult to formally verify them. We present a verified AMM contract and validate its financial model by proving a theorem about a lower bound on the cost of manipulation of the token prices to the attacker. The contract is implemented using the DeepSEA system, which ensures that the theorem applies to the actual EVM bytecode of the contract. This theorem could be used as proof of correctness for other contracts using the AMM, so this is a step towards a verified DeFi landscape.
Georacle: Enabling Geospatially Aware Smart Contracts
Author: Taha Azzaoui
Smart contracts  have enabled a paradigm shift in computing by leveraging decentralized networks of trust to achieve consensus at scale. Oracle networks further extend the power of smart contracts by solving the so-called “oracle problem” . Such networks enable smart contracts to make use of the vast amount pre-existing data available on the web today without jeopardizing the integrity of the underlying network of trust. By leveraging oracle networks, smart contracts can make decisions based on data corresponding to the physical world. To this end, we introduce Georacle - an oracle service that enables geospatially aware smart contracts in a way that respects the space constrained nature of blockchain environments. Contracts can query the location of objects in a given area, map between street addresses and coordinates, and retrieve the geometry of a desired region of space while conserving gas consumption and avoiding unnecessary data processing.