Hybrid analysis of smart contracts and malicious behaviors in ethereum

Abstract

Since its inception, blockchain technology has shown promising application prospects from cryptocurrency to a variety of forms, such as medicine, economics, cloud computing, and so on. As the program deployed and executed in blockchain, smart contract is the core technology in the 2.0 era of blockchain. Through developing smart contracts, developers can realize rich logic and greatly expand the capabilities of blockchain system. As the most popular blockchain system that supports smart contract, Ethereum can complete one million transactions per day. Since blockchain is one of the core technology in FinTech (Financial Technology) industry, users are very concerned about its security. Some security vulnerabilities and attacks have been recently reported. Note that smart contracts with security vulnerabilities may lead to financial losses. For instance, in June 2016, the criminals attacked the smart contract DAO by exploiting a recursive calling vulnerability, and stole around 60 million dollars. In this thesis, we conduct systematic examination on security risks to popular blockchain systems. We survey the real attacks on popular blockchain systems and analyze the vulnerabilities exploited in these cases. Furthermore, we summarize practical academic achievements for enhancing the security of blockchain, and suggest a few future directions in this area. More than eight million smart contracts have already been deployed in Ethereum, while only less than 1% are open-source. Unfortunately, facing the bytecodes of deployed smart contracts, it is difficult to quickly and comprehensively understand their details. In this thesis, we propose and implement a system named STAN, which can analyze the runtime bytecodes of smart contract and automatically describe its interfaces in natural language, enabling users to quickly and thoroughly understand closed-source contracts. Given the address of target contract, STAN can automatically acquire its runtime bytecodes and describe every interface from four aspects. The functionality description summarizes the interface's functionality, and usage description tells the user how to call this interface. The behavior description describes message-call related behaviors within the interface, and payment description describes whether the interface can receive ETH. We analyze bytecodes through symbolic execution and generate readable descriptions following standard workfow of NLG (Natural Language Generation) system. Furthermore, we statically analyze contract source codes to evaluate descriptions' adequacy and accuracy. We also evaluate descriptions' readability through questionnaires and statistical methods. Ethereum has two kinds of accounts: EOA (Externally Owned Account) and contract account. However, not all accounts should be kept. We regard the worthless accounts that deserve to be removed without affecting the normal operations of users and other accounts as erasable accounts. Erasable accounts not only waste system resources and affect the efficiency of blockchain, but also easily waste users' money. In this thesis, we design and implement a novel tool named GLASER to discover erasable accounts by analyzing the StateDB of Ethereum. In detail, it leverages program analysis techniques to discover contract accounts with worthless runtime bytecodes, and employs state field and transaction analysis to discover EOAs that no one owns their private keys. The accounts discovered by GLASER are worthless and deserve to be removed without affecting the normal operations of other accounts/users. Applying GLASER to all Ethereum accounts, we discovered 508,482 erasable accounts, and more than 99.9% of them are still stored in Ethereum. These erasable accounts have wasted users more than 106 million dollars and can be removed through executing SELFDESTRUCT operation in their runtime bytecodes by users, or removed forcibly by Ethereum officials. GLASER also characterizes erasable accounts through call graph and creation graph analysis. Gas is the execution fee for running smart contracts in Ethereum. However, we find that under-optimized smart contracts cost more gas than necessary, and therefore the miners or users will be overcharged. In this thesis, we identify seven gas-costly patterns and divide them into two categories: useless-code related patterns, and loop-related patterns. Furthermore, we propose and develop GASPER, a new tool for discovering gas-costly patterns in bytecode automatically. GASPER leverages symbolic execution and it can locate three representative patterns. By applying GASPER to analyze deployed smart contracts, we find that more than 80% smart contracts suffer from these three patterns, respectively. There are already more than 296 thousand kinds of cryptocurrencies built on Ethereum. However, not all cryptocurrencies can be controlled by users. For example, some money is permanently locked in wallets' accounts due to attacks. In this thesis, we conduct the systematic investigation on locked cryptocurrencies in Ethereum. In particular, we define four categories of accounts with locked cryptocurrencies and develop a novel tool named CLUE to discover them. Results show that there are more than one billion dollars value of cryptocurrencies locked in Ethereum. We also analyze the reasons (i.e., attacks/behaviors) why cryptocurrencies are locked. Because the locked cryptocurrencies can never be controlled by users, avoid interacting with the accounts discovered by CLUE and repeating the same mistakes again can help users to save money.