Litcius/Paper detail

SmartState: Detecting State-Reverting Vulnerabilities in Smart Contracts via Fine-Grained State-Dependency Analysis

Zeqin Liao, Sicheng Hao, Yuhong Nan, Zibin Zheng

202322 citationsDOIOpen Access PDF

Abstract

Smart contracts written in Solidity are widely used in different blockchain platforms such as Ethereum, TRON and BNB Chain. One of the unique designs in Solidity smart contracts is its statereverting mechanism for error handling and access control. Unfortunately, a number of recent security incidents showed that adversaries also utilize this mechanism to manipulate critical states of smart contracts, and hence, bring security consequences such as illegal profit-gain and Deny-of-Service (DoS). In this paper, we call such vulnerabilities as the State-reverting Vulnerability (SRV). Automatically identifying SRVs poses unique challenges, as it requires an in-depth analysis and understanding of the state-dependency relations in smart contracts.

Topics & Concepts

SolidityComputer securityDependency (UML)Computer scienceState (computer science)Profit (economics)Security analysisEconomicsMicroeconomicsSoftware engineeringProgramming languageAlgorithmBlockchain Technology Applications and SecurityAdversarial Robustness in Machine LearningSecurity and Verification in Computing