SGUARD: Towards fixing vulnerable smart contracts automatically

SGUARD: Towards fixing vulnerable smart contracts automatically

Smart contracts are distributed, self-enforcing programs executing on top of blockchain networks. They have the potential to revolutionize many industries such as financial institutes and supply chains. However, smart contracts are subject to code-based vulnerabilities, which casts a shadow on its a...

Full description

Saved in:
Bibliographic Details
Main Authors: NGUYEN, Tai D., PHAM, Long H., SUN, Jun
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2021
Subjects:
Smart contracts
blockchain networks
vulnerabilities
runtime verification
Programming Languages and Compilers
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/6115
https://ink.library.smu.edu.sg/context/sis_research/article/7118/viewcontent/2101.01917.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-7118
record_format dspace
spelling sg-smu-ink.sis_research-71182022-05-18T06:14:09Z SGUARD: Towards fixing vulnerable smart contracts automatically NGUYEN, Tai D. PHAM, Long H. SUN, Jun Smart contracts are distributed, self-enforcing programs executing on top of blockchain networks. They have the potential to revolutionize many industries such as financial institutes and supply chains. However, smart contracts are subject to code-based vulnerabilities, which casts a shadow on its applications. As smart contracts are unpatchable (due to the immutability of blockchain), it is essential that smart contracts are guaranteed to be free of vulnerabilities. Unfortunately, smart contract languages such as Solidity are Turing-complete, which implies that verifying them statically is infeasible. Thus, alternative approaches must be developed to provide the guarantee. In this work, we develop an approach which automatically transforms smart contracts so that they are provably free of 4 common kinds of vulnerabilities. The key idea is to apply runtime verification in an efficient and provably correct manner. Experiment results with 5000 smart contracts show that our approach incurs minor run-time overhead in terms of time (i.e., 14.79%) and gas (i.e., 0.79%). 2021-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/6115 info:doi/10.1109/SP40001.2021.00057 https://ink.library.smu.edu.sg/context/sis_research/article/7118/viewcontent/2101.01917.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Smart contracts blockchain networks vulnerabilities runtime verification Programming Languages and Compilers Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Smart contracts
blockchain networks
vulnerabilities
runtime verification
Programming Languages and Compilers
Software Engineering
spellingShingle Smart contracts
blockchain networks
vulnerabilities
runtime verification
Programming Languages and Compilers
Software Engineering
NGUYEN, Tai D.
PHAM, Long H.
SUN, Jun
SGUARD: Towards fixing vulnerable smart contracts automatically
description Smart contracts are distributed, self-enforcing programs executing on top of blockchain networks. They have the potential to revolutionize many industries such as financial institutes and supply chains. However, smart contracts are subject to code-based vulnerabilities, which casts a shadow on its applications. As smart contracts are unpatchable (due to the immutability of blockchain), it is essential that smart contracts are guaranteed to be free of vulnerabilities. Unfortunately, smart contract languages such as Solidity are Turing-complete, which implies that verifying them statically is infeasible. Thus, alternative approaches must be developed to provide the guarantee. In this work, we develop an approach which automatically transforms smart contracts so that they are provably free of 4 common kinds of vulnerabilities. The key idea is to apply runtime verification in an efficient and provably correct manner. Experiment results with 5000 smart contracts show that our approach incurs minor run-time overhead in terms of time (i.e., 14.79%) and gas (i.e., 0.79%).
format text
author NGUYEN, Tai D.
PHAM, Long H.
SUN, Jun
author_facet NGUYEN, Tai D.
PHAM, Long H.
SUN, Jun
author_sort NGUYEN, Tai D.
title SGUARD: Towards fixing vulnerable smart contracts automatically
title_short SGUARD: Towards fixing vulnerable smart contracts automatically
title_full SGUARD: Towards fixing vulnerable smart contracts automatically
title_fullStr SGUARD: Towards fixing vulnerable smart contracts automatically
title_full_unstemmed SGUARD: Towards fixing vulnerable smart contracts automatically
title_sort sguard: towards fixing vulnerable smart contracts automatically
publisher Institutional Knowledge at Singapore Management University
publishDate 2021
url https://ink.library.smu.edu.sg/sis_research/6115
https://ink.library.smu.edu.sg/context/sis_research/article/7118/viewcontent/2101.01917.pdf
_version_ 1770575824111534080

Similar Items