一种支持内嵌数据处理的合约漏洞修复方案

彭泳翔; 刘志全; 王立波; 吴永东; 马建峰; 陈宁

doi:10.19665/j.issn1001-2400.20230208

您当前的位置：

首页 >

文章列表页 >

一种支持内嵌数据处理的合约漏洞修复方案

网络空间安全 | 更新时间：2024-04-03

- 一种支持内嵌数据处理的合约漏洞修复方案
- Contract vulnerability repair scheme supporting inline data processing
- 西安电子科技大学学报 2024年51卷第1期页码：178-186
- 作者机构：
  
  1. 暨南大学信息科学技术学院,广东广州 510632
  2. 广东省网络与信息安全漏洞研究重点实验室,广东广州 510643
  3. 西安电子科技大学网络与信息安全学院,陕西西安 710071
- 作者简介：
  
  [ "彭泳翔(1998—),男,暨南大学硕士研究生,E-mail:[email protected];" ]
  刘志全(1989—),男,副研究员,E-mail:[email protected]
  [ "王立波(1988—),男,讲师,E-mail:[email protected];" ]
  [ "吴永东(1970—),男,教授,E-mail:[email protected];" ]
  [ "马建峰(1963—),男,教授,E-mail:[email protected];" ]
  [ "陈宁(1984—),女,工程师,E-mail:[email protected]" ]
- 基金信息：
  
  国家自然科学基金(62032025);国家自然科学基金(61932011);国家自然科学基金(62272195);广东省网络与信息安全漏洞研究重点实验室项目(2020B1212060081);广东省重点研发计划(2020B0101090002);广东省基础与应用基础研究基金(2022A1515010299);广东省基础与应用基础研究基金(2020A1515110364);广州市科技计划项目(202201010421);中央高校基本科研业务费专项资金(21622402)
- DOI：10.19665/j.issn1001-2400.20230208
  中图分类号： TP309
- 收稿日期：2022-11-02，
  
  网络出版日期：2023-10-16，
  
  纸质出版日期：2024-01-20
- 稿件说明：
移动端阅览
彭泳翔, 刘志全, 王立波, 等. 一种支持内嵌数据处理的合约漏洞修复方案[J]. 西安电子科技大学学报, 2024,51(1):178-186.

Yongxiang PENG, Zhiquan LIU, Libo WANG, et al. Contract vulnerability repair scheme supporting inline data processing[J]. Journal of xidian university, 2024, 51(1): 178-186.
彭泳翔, 刘志全, 王立波, 等. 一种支持内嵌数据处理的合约漏洞修复方案[J]. 西安电子科技大学学报, 2024,51(1):178-186. DOI： 10.19665/j.issn1001-2400.20230208.

Yongxiang PENG, Zhiquan LIU, Libo WANG, et al. Contract vulnerability repair scheme supporting inline data processing[J]. Journal of xidian university, 2024, 51(1): 178-186. DOI： 10.19665/j.issn1001-2400.20230208.

摘要

智能合约是一段部署在区块链上的程序

为分布式交易提供了可能。然而

由于智能合约携带的金融属性及部署后不可改变的特性

使其成为黑客攻击的目标。因此

为保证合约的安全性

需对漏洞合约进行修复。然而

现有合约漏洞修复方案存在修复成功率低、无法处理复杂合约等问题

为此提出一种支持内嵌数据处理的合约漏洞修复方案。该方案首先研究并形式化以太坊虚拟机动态装载机制

并基于内存拷贝指令构建内嵌数据定位算法

解析并反编译智能合约字节码结构;接着基于蹦床机制对智能合约字节码进行重写

并修正因重写而产生的内嵌数据地址偏移;最终实现智能合约的漏洞修复。基于所提方案实现原型工具SCRepair

部署于本地测试网络Ganache以对其进行性能测试

并与现有漏洞修复工具EVMPatch和Smartshield进行比较。实验结果表明

相比于EVMPatch

SCRepair的合约字节码重写成功率提升了约26.9%

并有着更好的执行重写稳定性

受编译器版本的较影响小;相比于Smartshield

SCRepair能够更好地处理复杂合约。

Abstract

Smart contracts are programs deployed on the blockchain that enable distributed transactions.However

due to the financial attributes and immutable characteristics of smart contracts

they become targets of hacker attacks.Therefore

to ensure the security of contracts

it is necessary to repair vulnerable contracts.However

existing contract vulnerability repair schemes have problems such as low repair success rate and inability to handle complex contracts.To this end

a contract vulnerability repair scheme supporting inline data processing is proposed in this paper.The proposed scheme first studies and formalizes the dynamic loading mechanism of the Ethereum virtual machine

and constructs an inline data location algorithm based on memory copy instructions to parse and decompile the smart contract bytecode structure;then the smart contract bytecode is rewritten based on the trampoline mechanism

and the inline data address offset caused by rewriting is corrected

and finally the smart contract vulnerability repair is implemented.A prototype tool named SCRepair is implemented based on the proposed scheme

which is deployed on the local test network Ganache for performance testing

and compared with existing vulnerability repair tools EVMPatch and Smartshield.Experimental results show that the SCRepair improves the bytecode rewrite success rate by 26.9% when compared with the EVMPatch.Besides

the SCRepair has a better rewrite execution stability

and is less affected by the compiler version;the SCRepair can handle complex contracts better when compared with the Smartshield.

关键词

Keywords

references

王慧 , 王励成 , 柏雪 , 等 . 区块链隐私保护和扩容关键技术研究 [J]. 西安电子科技大学学报 , 2020 , 47 ( 5 ): 28 - 39 .

WANG Hui , WANG Licheng , BAI Xue , et al. Research on Key Technology of Blockchain Privacy Protection and Scalability [J]. Journal of Xidian University , 2020 , 47 ( 5 ): 28 - 39 .

LUU L , CHU D H , OLICKEL H , el al . Making Smart Contracts Smarter[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2016 : 254 - 269 .

LIU C , LIU H , CAO Z , et al. ReGuard:Finding Reentrancy Bugs in Smart Contracts[C]//2018 IEEE/ACM 40th International Conference on Software Engineering:Companion(ICSE-Companion) . Piscataway : IEEE , 2018 : 65 - 68 .

TSANKOV P , DAN A , DRACHSLER-COHEN D , et al. Securify:Practical Security Analysis of Smart Contracts[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM , 2018 : 67 - 82 .

AZZOPARDI S , ELLUL J , PACE G J . Monitoring Smart Contracts:Contractlarva and Open Challenges Beyond[C]//International Conference on Runtime Verification . Heidelberg:Springer , 2018 : 113 - 137 .

MA F , FU Y , REN M , et al. EVM*:From Offline Detection to Online Reinforcement for Ethereum Virtual Machine[C]// 2019 IEEE 26th International Conference on Software Analysis,Evolution and Reengineering(SANER) . Piscataway : IEEE , 2019 : 554 - 558 .

WANG X , HE J , XIE Z , et al. ContractGuard:Defend Ethereum Smart Contracts with Embedded Intrusion Detection [J]. IEEE Transactions on Services Computing , 2019 , 13 ( 2 ): 314 - 328 .

AYOADE G , BAUMAN E , KHAN L , et al. Smart Contract Defense through Bytecode Rewriting[C]//2019 IEEE International Conference on Blockchain(Blockchain) . Piscataway : IEEE , 2019 : 384 - 389 .

ZHANG Y , MA S , LI J , et al. Smartshield:Automatic Smart Contract Protection Made Easy[C]// 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering(SANER) . Piscataway : IEEE , 2020 : 23 - 34 .

RODLER M , LI W , KARAME G O , et al. EVMPatch:Timely and Automated Patching of Ethereum Smart Contracts[C]//30th USENIX Security Symposium(USENIX Security 21) . Berkely : USENIX , 2021 : 1289 - 1306 .

WENZL M , MERZDOVNIK G , ULLRICH J , et al. From Hack to Elaborate Technique-A Survey on Binary Rewriting [J]. ACM Computing Surveys(CSUR) , 2019 , 52 ( 3 ): 1 - 37 .

DUCK G J , GAO X , ROYCHOUDHURY A . Binary Rewriting without Control Flow Recovery[C]//Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation . New York : ACM , 2020 : 151 - 163 .

CHEN T , LI Z , ZHANG Y , et al. A Large-Scale Empirical Study on Control Flow Identification of Smart Contracts[C]//2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement(ESEM) . Piscataway : IEEE , 2019 : 1 - 11 .

FRANK J , ASCHENMANN C , HOLZE T . ETHBMC:A Bounded Model Checker for Smart Contracts[C]//29th USENIX Security Symposium(USENIX Security 20) . Berkely : USENIX , 2020 : 2757 - 2774 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

一种支持交易筛选的高性能智能合约测试方案

车联网中区块链辅助的紧急消息信任评估方案

一种抗分布式机器学习恶意节点的区块链方案

支持属性和代理重加密的区块链数据共享方案

机器学习辅助的车联网紧急消息信任评估方案