SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding
Ethereum has become a widely used platform to enable secure, Blockchain-based financial and business transactions. However, a major concern in Ethereum is the security of its smart contracts. Many identified bugs and vulnerabilities in smart contracts not only present challenges to maintenance of bl...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4814 https://ink.library.smu.edu.sg/context/sis_research/article/5817/viewcontent/icsme19smartembed_demo.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5817 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-58172020-04-02T06:47:22Z SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding GAO, Zhipeng JAYASUNDARA, Magalle Hewa Vinoj Yasanga JIANG, Lingxiao XIA, Xin LO, David GRUNDY, John C. Ethereum has become a widely used platform to enable secure, Blockchain-based financial and business transactions. However, a major concern in Ethereum is the security of its smart contracts. Many identified bugs and vulnerabilities in smart contracts not only present challenges to maintenance of blockchain, but also lead to serious financial loses. There is a significant need to better assist developers in checking smart contracts and ensuring their reliability. In this paper, we propose a web service tool, named SMARTEMBED, which can help Solidity developers to find repetitive contract code and clone-related bugs in smart contracts. Our tool is based on code embeddings and similarity checking techniques. By comparing the similarities among the code embedding vectors for existing solidity code in the Ethereum blockchain and known bugs, we are able to efficiently identify code clones and clone-related bugs for any solidity code given by users, which can help to improve the users’ confidence in the reliability of their code. In addition to the uses by individual developers, SMARTEMBED can also be applied to studies of smart contracts in a large scale. When applied to more than 22K solidity contracts collected from the Ethereum blockchain, we found that the clone ratio of solidity code is close to 90%, much higher than traditional software, and 194 clonerelated bugs can be identified efficiently and accurately based on our small bug database with a precision of 96%. SMARTEMBED can be accessed at http://www.smartembed.net. A demo video of SMARTEMBED is at https://youtu.be/o9ylyOpYFq8 2019-10-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4814 info:doi/10.1109/ICSME.2019.00067 https://ink.library.smu.edu.sg/context/sis_research/article/5817/viewcontent/icsme19smartembed_demo.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Software Engineering |
| spellingShingle |
Software Engineering GAO, Zhipeng JAYASUNDARA, Magalle Hewa Vinoj Yasanga JIANG, Lingxiao XIA, Xin LO, David GRUNDY, John C. SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| description |
Ethereum has become a widely used platform to enable secure, Blockchain-based financial and business transactions. However, a major concern in Ethereum is the security of its smart contracts. Many identified bugs and vulnerabilities in smart contracts not only present challenges to maintenance of blockchain, but also lead to serious financial loses. There is a significant need to better assist developers in checking smart contracts and ensuring their reliability. In this paper, we propose a web service tool, named SMARTEMBED, which can help Solidity developers to find repetitive contract code and clone-related bugs in smart contracts. Our tool is based on code embeddings and similarity checking techniques. By comparing the similarities among the code embedding vectors for existing solidity code in the Ethereum blockchain and known bugs, we are able to efficiently identify code clones and clone-related bugs for any solidity code given by users, which can help to improve the users’ confidence in the reliability of their code. In addition to the uses by individual developers, SMARTEMBED can also be applied to studies of smart contracts in a large scale. When applied to more than 22K solidity contracts collected from the Ethereum blockchain, we found that the clone ratio of solidity code is close to 90%, much higher than traditional software, and 194 clonerelated bugs can be identified efficiently and accurately based on our small bug database with a precision of 96%. SMARTEMBED can be accessed at http://www.smartembed.net. A demo video of SMARTEMBED is at https://youtu.be/o9ylyOpYFq8 |
| format |
text |
| author |
GAO, Zhipeng JAYASUNDARA, Magalle Hewa Vinoj Yasanga JIANG, Lingxiao XIA, Xin LO, David GRUNDY, John C. |
| author_facet |
GAO, Zhipeng JAYASUNDARA, Magalle Hewa Vinoj Yasanga JIANG, Lingxiao XIA, Xin LO, David GRUNDY, John C. |
| author_sort |
GAO, Zhipeng |
| title |
SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| title_short |
SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| title_full |
SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| title_fullStr |
SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| title_full_unstemmed |
SmartEmbed: A tool for clone and bug detection in smart contracts through structural code embedding |
| title_sort |
smartembed: a tool for clone and bug detection in smart contracts through structural code embedding |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/4814 https://ink.library.smu.edu.sg/context/sis_research/article/5817/viewcontent/icsme19smartembed_demo.pdf |
| _version_ |
1770575053487865856 |