Detecting Buggy Contracts via Smart Testing

arXiv - CS - Software Engineering Pub Date : 2024-09-06 DOI:arxiv-2409.04597

Sally Junsong Wang, Jianan Yao, Kexin Pei, Hidedaki Takahashi, Junfeng Yang

{"title":"Detecting Buggy Contracts via Smart Testing","authors":"Sally Junsong Wang, Jianan Yao, Kexin Pei, Hidedaki Takahashi, Junfeng Yang","doi":"arxiv-2409.04597","DOIUrl":null,"url":null,"abstract":"Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic\nanalyses, such as concolic execution assisted fuzzing and foundation model\nassisted fuzzing, have emerged as highly effective testing techniques for smart\ncontract bug detection recently. This hybrid approach has shown initial promise\nin real-world benchmarks, but it still suffers from low scalability to find\ndeep bugs buried in complex code patterns. We observe that performance\nbottlenecks of existing dynamic analyses and model hallucination are two main\nfactors limiting the scalability of this hybrid approach in finding deep bugs. To overcome the challenges, we design an interactive, self-deciding\nfoundation model based system, called SmartSys, to support hybrid smart\ncontract dynamic analyses. The key idea is to teach foundation models about\nperformance bottlenecks of different dynamic analysis techniques, making it\npossible to forecast the right technique and generates effective fuzz targets\nthat can reach deep, hidden bugs. To prune hallucinated, incorrect fuzz\ntargets, SmartSys feeds foundation models with feedback from dynamic analysis\nduring compilation and at runtime. The interesting results of SmartSys include: i) discovering a smart contract\nprotocol vulnerability that has escaped eleven tools and survived multiple\naudits for over a year; ii) improving coverage by up to 14.3\\% on real-world\nbenchmarks compared to the baselines.","PeriodicalId":501278,"journal":{"name":"arXiv - CS - Software Engineering","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.04597","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic analyses, such as concolic execution assisted fuzzing and foundation model assisted fuzzing, have emerged as highly effective testing techniques for smart contract bug detection recently. This hybrid approach has shown initial promise in real-world benchmarks, but it still suffers from low scalability to find deep bugs buried in complex code patterns. We observe that performance bottlenecks of existing dynamic analyses and model hallucination are two main factors limiting the scalability of this hybrid approach in finding deep bugs. To overcome the challenges, we design an interactive, self-deciding foundation model based system, called SmartSys, to support hybrid smart contract dynamic analyses. The key idea is to teach foundation models about performance bottlenecks of different dynamic analysis techniques, making it possible to forecast the right technique and generates effective fuzz targets that can reach deep, hidden bugs. To prune hallucinated, incorrect fuzz targets, SmartSys feeds foundation models with feedback from dynamic analysis during compilation and at runtime. The interesting results of SmartSys include: i) discovering a smart contract protocol vulnerability that has escaped eleven tools and survived multiple audits for over a year; ii) improving coverage by up to 14.3\% on real-world benchmarks compared to the baselines.

查看原文本刊更多论文

通过智能测试检测漏洞合同

智能合约容易受到关键漏洞的影响。混合动态分析，如协迫执行辅助模糊（concolic execution assisted fuzzing）和基础模型辅助模糊（foundation modelassisted fuzzing），最近已成为智能合约漏洞检测的高效测试技术。这种混合方法在现实世界的基准测试中已初见成效，但仍存在可扩展性低的问题，难以发现埋藏在复杂代码模式中的深层错误。我们发现，现有动态分析的性能瓶颈和模型幻觉是限制这种混合方法在发现深度错误时可扩展性的两个主要因素。为了克服这些挑战，我们设计了一种交互式、基于自决基础模型的系统，称为 SmartSys，以支持混合智能合约动态分析。其关键思路是向基础模型传授不同动态分析技术的性能瓶颈，使其能够预测正确的技术并生成有效的模糊目标，从而发现深层隐藏的漏洞。为了删除幻觉的、不正确的模糊目标，SmartSys 在编译和运行时向基础模型提供动态分析的反馈。SmartSys 的有趣成果包括：i) 发现了一个智能合约协议漏洞，该漏洞躲过了 11 种工具的攻击，并在一年多的多次审计中幸存下来；ii) 与基线相比，在真实世界基准测试中的覆盖率提高了 14.3%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Software Engineering

自引率

0.00%

发文量