Runtime Hook on Blockchain and Smart Contract Systems

Abstract

Using hard-fork mechanism on the blockchain to recover the losses caused by attacks contradicts the immutable characteristic of a blockchain system. To prevent malicious transactions from getting into blockchains in advance, we propose a runtime hook technique to synchronize and analyze the ongoing transactions exposed to the Ethereum transaction pool. Having a complete view of the past and the ongoing transactions, we can identify and enforce abortion of malicious transactions and prevent losses due to attacks being executed and recorded in the blockchain. Specifically, we modify the Ethereum source code to instrument the entry point of a node to synchronize data received from the Ethereum P2P network and systematically scan suspicious patterns in transactions to identify potential attacks. As a proof-of-the-concept, we show how to deploy the proposed runtime hook system on a private blockchain system, such that we can detect and prevent transactions of double spending on the 51% attack and reentrancy attack of smart contracts.