Towards Usable Protection Against Honeypots
暂无分享,去创建一个
The Ethereum blockchain enables the execution of so-called smart contracts. These are programs that facilitate the automated transfer of funds according to a given business logic without the participants requiring to trust one another. However, recently attackers started using smart contracts to lure users into traps by deploying contracts that pretend to give away funds but in fact contain hidden traps. This new type of scam is commonly referred to as honeypots. In this paper, we propose a system that aims to protect users from falling into these traps. The system consists of a plugin for MetaMask and a back-end service that continuously scans the Ethereum blockchain for honeypots. Whenever a user is about to perform a transaction through MetaMask, our plugin sends a request to the back-end and warns the user if the target contract is a honeypot.
[1] Radu State,et al. A Data Science Approach for Honeypot Detection in Ethereum , 2019, ArXiv.
[2] Daniel Davis Wood,et al. ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .
[3] Mathis Steichen,et al. The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts , 2019, USENIX Security Symposium.