{"title":"通过智能测试检测漏洞合同","authors":"Sally Junsong Wang, Jianan Yao, Kexin Pei, Hidedaki Takahashi, Junfeng Yang","doi":"arxiv-2409.04597","DOIUrl":null,"url":null,"abstract":"Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic\nanalyses, such as concolic execution assisted fuzzing and foundation model\nassisted fuzzing, have emerged as highly effective testing techniques for smart\ncontract bug detection recently. This hybrid approach has shown initial promise\nin real-world benchmarks, but it still suffers from low scalability to find\ndeep bugs buried in complex code patterns. We observe that performance\nbottlenecks of existing dynamic analyses and model hallucination are two main\nfactors limiting the scalability of this hybrid approach in finding deep bugs. To overcome the challenges, we design an interactive, self-deciding\nfoundation model based system, called SmartSys, to support hybrid smart\ncontract dynamic analyses. The key idea is to teach foundation models about\nperformance bottlenecks of different dynamic analysis techniques, making it\npossible to forecast the right technique and generates effective fuzz targets\nthat can reach deep, hidden bugs. To prune hallucinated, incorrect fuzz\ntargets, SmartSys feeds foundation models with feedback from dynamic analysis\nduring compilation and at runtime. The interesting results of SmartSys include: i) discovering a smart contract\nprotocol vulnerability that has escaped eleven tools and survived multiple\naudits for over a year; ii) improving coverage by up to 14.3\\% on real-world\nbenchmarks compared to the baselines.","PeriodicalId":501278,"journal":{"name":"arXiv - CS - Software Engineering","volume":"34 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Detecting Buggy Contracts via Smart Testing\",\"authors\":\"Sally Junsong Wang, Jianan Yao, Kexin Pei, Hidedaki Takahashi, Junfeng Yang\",\"doi\":\"arxiv-2409.04597\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic\\nanalyses, such as concolic execution assisted fuzzing and foundation model\\nassisted fuzzing, have emerged as highly effective testing techniques for smart\\ncontract bug detection recently. This hybrid approach has shown initial promise\\nin real-world benchmarks, but it still suffers from low scalability to find\\ndeep bugs buried in complex code patterns. We observe that performance\\nbottlenecks of existing dynamic analyses and model hallucination are two main\\nfactors limiting the scalability of this hybrid approach in finding deep bugs. To overcome the challenges, we design an interactive, self-deciding\\nfoundation model based system, called SmartSys, to support hybrid smart\\ncontract dynamic analyses. The key idea is to teach foundation models about\\nperformance bottlenecks of different dynamic analysis techniques, making it\\npossible to forecast the right technique and generates effective fuzz targets\\nthat can reach deep, hidden bugs. To prune hallucinated, incorrect fuzz\\ntargets, SmartSys feeds foundation models with feedback from dynamic analysis\\nduring compilation and at runtime. The interesting results of SmartSys include: i) discovering a smart contract\\nprotocol vulnerability that has escaped eleven tools and survived multiple\\naudits for over a year; ii) improving coverage by up to 14.3\\\\% on real-world\\nbenchmarks compared to the baselines.\",\"PeriodicalId\":501278,\"journal\":{\"name\":\"arXiv - CS - Software Engineering\",\"volume\":\"34 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.04597\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.04597","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic
analyses, such as concolic execution assisted fuzzing and foundation model
assisted fuzzing, have emerged as highly effective testing techniques for smart
contract bug detection recently. This hybrid approach has shown initial promise
in real-world benchmarks, but it still suffers from low scalability to find
deep bugs buried in complex code patterns. We observe that performance
bottlenecks of existing dynamic analyses and model hallucination are two main
factors limiting the scalability of this hybrid approach in finding deep bugs. To overcome the challenges, we design an interactive, self-deciding
foundation model based system, called SmartSys, to support hybrid smart
contract dynamic analyses. The key idea is to teach foundation models about
performance bottlenecks of different dynamic analysis techniques, making it
possible to forecast the right technique and generates effective fuzz targets
that can reach deep, hidden bugs. To prune hallucinated, incorrect fuzz
targets, SmartSys feeds foundation models with feedback from dynamic analysis
during compilation and at runtime. The interesting results of SmartSys include: i) discovering a smart contract
protocol vulnerability that has escaped eleven tools and survived multiple
audits for over a year; ii) improving coverage by up to 14.3\% on real-world
benchmarks compared to the baselines.