Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts

Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts

A smart contract is a piece of application-layer code running on blockchain ledgers and it provides programmatic logic via transaction-based execution of pre-defined functions. Smart contract functions are by default invokable by any party. To safeguard them, the mainstream smart contract language,...

Full description

Saved in:
Bibliographic Details
Main Authors: FANG, Yuzhou, WU, Daoyuan, YI, Xiao, WANG, Shuai, CHEN, Yufan, CHEN, Mengjie, LIU, Yang, JIANG, Lingxiao
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2023
Subjects:
Smart Contract Security
Taint Analysis
Access Control
Modifiers
Finance and Financial Management
Information Security
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/8545
https://ink.library.smu.edu.sg/context/sis_research/article/9548/viewcontent/ISSTA23SoMo.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-9548
record_format dspace
spelling sg-smu-ink.sis_research-95482024-01-22T14:50:37Z Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts FANG, Yuzhou WU, Daoyuan YI, Xiao WANG, Shuai CHEN, Yufan CHEN, Mengjie LIU, Yang JIANG, Lingxiao A smart contract is a piece of application-layer code running on blockchain ledgers and it provides programmatic logic via transaction-based execution of pre-defined functions. Smart contract functions are by default invokable by any party. To safeguard them, the mainstream smart contract language, i.e., Solidity of the popular Ethereum blockchain, proposed a unique language-level keyword called “modifier,” which allows developers to define custom function access control policies beyond the traditional “protected” and “private” modifiers in classic programming languages.In this paper, we aim to conduct a large-scale security analysis of the modifiers used in real-world Ethereum smart contracts. To achieve this, we design and implement a novel smart contract analysis tool called SoMo. Its main objective is to identify insecure modifiers that can be bypassed from one or more unprotected smart contract functions. This is challenging because of the complicated relationship between modifiers and their variables/functions and the ambiguity of attacker-accessible entry functions. To overcome them, we first propose a new structure, the Modifier Dependency Graph (MDG), to connect all the modifier-related control/data flows. Over MDGs, we then model system variables, generate symbolic path constraints, and iteratively test each candidate entry function. Our extensive evaluation shows that SoMo outperforms the state-of-the-art SPCon tool by detecting all its true positives and correctly avoiding 9 out of 11 false positives. It also achieves high precision of 91.2% when analyzing a large dataset of 62,464 contracts, over 400 of which were identified with bypassable modifiers. Our analysis further reveals three interesting security findings about modifiers and nine major types of modifier usage in the wild. SoMo has been integrated into an online security scanning service, MetaScan. 2023-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/8545 info:doi/10.1145/3597926.3598125 https://ink.library.smu.edu.sg/context/sis_research/article/9548/viewcontent/ISSTA23SoMo.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Smart Contract Security Taint Analysis Access Control Modifiers Finance and Financial Management Information Security Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Smart Contract Security
Taint Analysis
Access Control
Modifiers
Finance and Financial Management
Information Security
Software Engineering
spellingShingle Smart Contract Security
Taint Analysis
Access Control
Modifiers
Finance and Financial Management
Information Security
Software Engineering
FANG, Yuzhou
WU, Daoyuan
YI, Xiao
WANG, Shuai
CHEN, Yufan
CHEN, Mengjie
LIU, Yang
JIANG, Lingxiao
Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
description A smart contract is a piece of application-layer code running on blockchain ledgers and it provides programmatic logic via transaction-based execution of pre-defined functions. Smart contract functions are by default invokable by any party. To safeguard them, the mainstream smart contract language, i.e., Solidity of the popular Ethereum blockchain, proposed a unique language-level keyword called “modifier,” which allows developers to define custom function access control policies beyond the traditional “protected” and “private” modifiers in classic programming languages.In this paper, we aim to conduct a large-scale security analysis of the modifiers used in real-world Ethereum smart contracts. To achieve this, we design and implement a novel smart contract analysis tool called SoMo. Its main objective is to identify insecure modifiers that can be bypassed from one or more unprotected smart contract functions. This is challenging because of the complicated relationship between modifiers and their variables/functions and the ambiguity of attacker-accessible entry functions. To overcome them, we first propose a new structure, the Modifier Dependency Graph (MDG), to connect all the modifier-related control/data flows. Over MDGs, we then model system variables, generate symbolic path constraints, and iteratively test each candidate entry function. Our extensive evaluation shows that SoMo outperforms the state-of-the-art SPCon tool by detecting all its true positives and correctly avoiding 9 out of 11 false positives. It also achieves high precision of 91.2% when analyzing a large dataset of 62,464 contracts, over 400 of which were identified with bypassable modifiers. Our analysis further reveals three interesting security findings about modifiers and nine major types of modifier usage in the wild. SoMo has been integrated into an online security scanning service, MetaScan.
format text
author FANG, Yuzhou
WU, Daoyuan
YI, Xiao
WANG, Shuai
CHEN, Yufan
CHEN, Mengjie
LIU, Yang
JIANG, Lingxiao
author_facet FANG, Yuzhou
WU, Daoyuan
YI, Xiao
WANG, Shuai
CHEN, Yufan
CHEN, Mengjie
LIU, Yang
JIANG, Lingxiao
author_sort FANG, Yuzhou
title Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
title_short Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
title_full Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
title_fullStr Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
title_full_unstemmed Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts
title_sort beyond "protected" and "private": an empirical security analysis of custom function modifiers in smart contracts
publisher Institutional Knowledge at Singapore Management University
publishDate 2023
url https://ink.library.smu.edu.sg/sis_research/8545
https://ink.library.smu.edu.sg/context/sis_research/article/9548/viewcontent/ISSTA23SoMo.pdf
_version_ 1789483262440112128

Similar Items