- Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
Authors: Behkish Nassirzadeh, Vijay Ganesh, Huaiying Sun, and Sebastian Banescu
In recent years we have witnessed a dramatic increase in the adoption and application of smart contracts in a variety of contexts such as decentralized finance, supply chain management, and identity management. However, a critical stumbling block to the further adoption of smart contracts is their security (or more precisely, the lack thereof). A particularly widespread class of security vulnerabilities that afflicts Ethereum smart contracts is the gas limit denial of service (DoS) on a contract via unbounded operations. These vulnerabilities result in a failed transaction with an ”out-of-gas” error and are often present in contracts containing loops whose bounds are affected by end-user input. Note that such vulnerabilities differ from gas limit DoS on the network via block stuffing.
To address the above-described problem, we present Gas Gauge, a tool aimed at detecting Out-of-Gas DoS vulnerabilities in Ethereum smart contracts. Gas Gauge consists of three major components: the Detection, Identification, and Correction Phases. The Detection Phase consists of an accurate static analysis approach that finds and summarizes all the loops in a smart contract. The Identification Phase, which follows the Detection Phase, uses a white-box fuzzing approach to generate a set of inputs that causes the contract to run out of gas. The Correction Phase uses static analysis and run-time verification to predict the maximum loop bounds consistent with allowable gas usage and suggest appropriate repairs to the user of the tool. Each part of the tool can be used separately for different purposes or all together to detect, identify and help repair the contracts vulnerable to Out-of-Gas DoS vulnerabilities. Gas Gauge was tested on 1,000 real-world solidity smart contracts deployed on the Ethereum Mainnet. The results were compared to seven stateof-the-art static and symbolic tools, including Mythril, Slither, SmartCheck, Securify 2.0, GasTap/Gasol, Madmax, and MPro, and it was empirically demonstrated that Gas Gauge is far more effective than competing state-of-the-art tools.
Link: https://arxiv.org/pdf/2112.14771.pdf
- MSCCS: A Monero-Based Security-Enhanced Covert Communication System
Authors: Liang Liu, Lin Liu, Beibei Li, Yi Zhong, Shan Liao, and Lei Zhang
Existing public blockchain-based covert communication systems are suffering the issues of insufficient robustness, anti-temper modification, and anonymity at both the transaction and network layers. In this paper, to overcome this problem, we propose a novel Monero-based security-enhanced covert communication system, in which a new storage-type covert channel is developed. This channel makes Monero transaction amount as data carrier for covert communication. Then, we devise two new algorithms, respectively for resisting Eclipse attacks and the two existing node crawling attacks. Extensive simulation experiments show that the developed new covert communication channel can achieve higher robustness, anti-detection, and anonymity. The new security-enhanced algorithms can effectively mitigate Eclipse attacks by 37.6%, and the two existing node crawling attacks by 21.1% and 17.1% respectively.
Link: https://www.sciencedirect.com/science/article/abs/pii/S1389128621006010
- A Multipath Payment Scheme Supporting Proof of Payment
Authors: Hangguan Qian and Lin You
Blockchain technology has always been plagued by performance problems. Given this problem, many scaling schemes have been put forward. A layer 2 network is a technology that solves the performance problem of blockchain. Connected parties in this network can set up channels to send digital currency to each other. Since the interaction with the blockchain is only required when the channel is established and closed, a large number of transactions do not need to be recorded on the blockchain, thus reducing the blockchain capacity. Due to the special structure of the payment channel, the distribution of funds in the channel is often unbalanced, which limits the route payment to a certain extent. This paper improves the original payment method in the second layer network by introducing new scripts. The new payment scheme supports proof of payment which is integral to the nature of the lightning network and divides the payment into several subpayments, so the large payment can be divided into relatively small payments. Due to the capacity limitation of the payment channel, theoretically, the success rate of the micropayment route is higher. This paper tests the new payment scheme on the simulated network and validates the nature of this solution to have a high routing success rate while supporting proof of payment.
Link: A Multipath Payment Scheme Supporting Proof of Payment