Litcius/Paper detail

Are We There Yet? Unraveling the State-of-the-Art Smart Contract Fuzzers

Shuohan Wu, Zihao Li, Luyi Yan, Weimin Chen, Muhui Jiang, Chenxu Wang, Xiapu Luo, Hao Zhou

202424 citationsDOIOpen Access PDF

Abstract

Given the growing importance of smart contracts in various applications, ensuring their security and reliability is critical. Fuzzing, an effective vulnerability detection technique, has recently been widely applied to smart contracts. Despite numerous studies, a systematic investigation of smart contract fuzzing techniques remains lacking. In this paper, we fill this gap by: 1) providing a comprehensive review of current research in contract fuzzing, and 2) conducting an in-depth empirical study to evaluate state-of-the-art contract fuzzers' usability. To guarantee a fair evaluation, we employ a carefully-labeled benchmark and introduce a set of pragmatic performance metrics, evaluating fuzzers from five complementary perspectives. Based on our findings, we provide direction for the future research and development of contract fuzzers.

Topics & Concepts

Fuzz testingComputer scienceBenchmark (surveying)UsabilityVulnerability (computing)Set (abstract data type)Smart contractSoftware engineeringMachine learningComputer securityProgramming languageHuman–computer interactionSoftwareDatabase transactionGeographyGeodesyBlockchain Technology Applications and SecurityAdvanced Malware Detection TechniquesAdversarial Robustness in Machine Learning