Yue Li, Han Liu, Zhiqiang Yang, Qian Ren, Lei Wang, Bangdao Chen
{"title":"SafePay on Ethereum: A Framework For Detecting Unfair Payments in Smart Contracts","authors":"Yue Li, Han Liu, Zhiqiang Yang, Qian Ren, Lei Wang, Bangdao Chen","doi":"10.1109/ICDCS47774.2020.00116","DOIUrl":null,"url":null,"abstract":"Smart contracts on the Ethereum blockchain are notoriously known as vulnerable to external attacks. Many of their issues led to a considerably large financial loss as they resulted from broken payments by digital assets, e.g., cryptocurrency. Existing research focused on specific patterns to find such problems, e.g., reentrancy bug, nondeterministic recipient etc., yet may lead to false alarms or miss important issues. To mitigate these limitations, we designed the SafePay analysis framework to find unfair payments in Ethereum smart contracts. Compared to existing analyzers, SafePay can detect potential blockchain transactions with feasible exploits thus effectively avoid false reports. Specifically, the detection is driven by a systematic search for violations on fair value exchange (FVE), i.e., a new security invariant introduced in SafePay to indicate that each party “fairly” pays to others. The preliminary evaluation validated the efficacy of SafePay by reporting previously unknown issues and decreasing the number of false alarms.","PeriodicalId":158630,"journal":{"name":"2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCS47774.2020.00116","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Smart contracts on the Ethereum blockchain are notoriously known as vulnerable to external attacks. Many of their issues led to a considerably large financial loss as they resulted from broken payments by digital assets, e.g., cryptocurrency. Existing research focused on specific patterns to find such problems, e.g., reentrancy bug, nondeterministic recipient etc., yet may lead to false alarms or miss important issues. To mitigate these limitations, we designed the SafePay analysis framework to find unfair payments in Ethereum smart contracts. Compared to existing analyzers, SafePay can detect potential blockchain transactions with feasible exploits thus effectively avoid false reports. Specifically, the detection is driven by a systematic search for violations on fair value exchange (FVE), i.e., a new security invariant introduced in SafePay to indicate that each party “fairly” pays to others. The preliminary evaluation validated the efficacy of SafePay by reporting previously unknown issues and decreasing the number of false alarms.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
