sBugChecker: A Systematic Framework for Detecting Solidity Compiler-Introduced Bugs

A compiler converts smart contract source code into bytecode, ensuring behavior consistency between them. However, as compiler is also a program, it may contain bugs that disrupt this consistency, known as Compiler-Introduced Bugs (CIBs). Of the latest 4,857 verified smart contracts coded in Solidity, approximately 58% still use compilers that contain at least one CIB. These CIBs can be exploited by attackers to bypass security checks or inject malicious data, leading to significant security issues, which becomes even more serious for smart contracts in blockchain as they cannot be modified after being deployed. To this end, this paper proposes sBugChecker, to the best of our knowledge, the first systematic framework designed to automatically and effectively detect CIBs for smart contracts coded in Solidity. sBugChecker can be readily extended with the rule customization suite we propose based on domain specific language. Additionally, it employs two static analytical methods, i.e., pattern matching, and symbolic execution, to identify CIBs’ triggering conditions and confirm their impacts, broadening its detection scope and improving its detection efficiency. To evaluate sBugChecker’s performance, we construct a CIB mutated smart contract dataset, which is the first publicly-available one for this study. According to the evaluation based on this dataset, sBugChecker performs exceptionally well, with detection precision, recall, and F-measure on average achieving 96.6%, 95.5% and 96.0%, respectively. Moreover, sBugChecker has been applied to successfully discover real-world deployed smart contracts capable of triggering CIBs.