Turn the Rudder: A Beacon of Reentrancy Detection for Smart Contracts on Ethereum

Smart contracts are programs deployed on a blockchain and are immutable once deployed. Reentrancy, one of the most important vulnerabilities in smart contracts, has caused millions of dollars in financial loss. Many reentrancy detection approaches have been proposed. It is necessary to investigate the performance of these approaches to provide useful guidelines for their application. In this work, we conduct a large-scale empirical study on the capability of five well-known or recent reentrancy detection tools such as Mythril and Sailfish. We collect 230,548 verified smart contracts from Etherscan and use detection tools to analyze 139,424 contracts after deduplication, which results in 21,212 contracts with reentrancy issues. Then, we manually examine the defective functions located by the tools in the contracts. From the examination results, we obtain 34 true positive contracts with reentrancy and 21,178 false positive contracts without reentrancy. We also analyze the causes of the true and false positives. Finally, we evaluate the tools based on the two kinds of contracts. The results show that more than 99.8% of the reentrant contracts detected by the tools are false positives with eight types of causes, and the tools can only detect the reentrancy issues caused by call.value(), 58.8% of which can be revealed by the Ethereum's official IDE, Remix. Furthermore, we collect real-world reentrancy attacks reported in the past two years and find that the tools fail to find any issues in the corresponding contracts. Based on the findings, existing works on reentrancy detection appear to have very limited capability, and researchers should turn the rudder to discover and detect new reentrancy patterns except those related to call.value().

[1]  Jiaguang Sun,et al.  Pluto: Exposing Vulnerabilities in Inter-Contract Scenarios , 2022, IEEE Transactions on Software Engineering.

[2]  Alex Groce,et al.  SMARTIAN: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses , 2021, 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[3]  Kuhu Tanvir,et al.  Remix , 2021, BioScope: South Asian Screen Studies.

[4]  Giovanni Vigna,et al.  SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds , 2021, 2022 IEEE Symposium on Security and Privacy (SP).

[5]  Robert Norvill,et al.  ÆGIS: Shielding Vulnerable Smart Contracts Against Attacks , 2020, AsiaCCS.

[6]  Yinxing Xue,et al.  Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts , 2020, 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[7]  Zhenguang Liu,et al.  Smart Contract Vulnerability Detection using Graph Neural Network , 2020, IJCAI.

[8]  Lei Wu,et al.  DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart Contracts , 2020, 2020 25th International Conference on Engineering of Complex Computer Systems (ICECCS).

[9]  Jun Sun,et al.  sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[10]  Robert Norvill,et al.  {\AE}GIS: Shielding Vulnerable Smart Contracts Against Attacks , 2020, 2003.05987.

[11]  Dan Boneh,et al.  Zether: Towards Privacy in a Smart Contract World , 2020, IACR Cryptol. ePrint Arch..

[12]  Hong-Ning Dai,et al.  An Overview on Smart Contracts: Challenges, Advances and Platforms , 2019, Future Gener. Comput. Syst..

[13]  Rui Abreu,et al.  Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts , 2019, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[14]  Radu State,et al.  Standardising smart contracts: Automatically inferring ERC standards , 2019, 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[15]  Alex Groce,et al.  Slither: A Static Analysis Framework for Smart Contracts , 2019, 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[16]  Radu State,et al.  Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts , 2018, ACSAC.

[17]  Ye Liu,et al.  ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[18]  Petar Tsankov,et al.  Securify: Practical Security Analysis of Smart Contracts , 2018, CCS.

[19]  Chao Zhang,et al.  Fuzzing: a survey , 2018, Cybersecur..

[20]  A. Emmanuel Testing, testing , 2018, Frontline Gastroenterology.

[21]  Prateek Saxena,et al.  Finding The Greedy, Prodigal, and Suicidal Contracts at Scale , 2018, ACSAC.

[22]  Henry M. Kim,et al.  Understanding a Revolutionary and Flawed Grand Experiment in Blockchain: The DAO Attack , 2017, J. Cases Inf. Technol..

[23]  Simone Wurster,et al.  The immutability concept of blockchains and benefits of early standardization , 2017, 2017 ITU Kaleidoscope: Challenges for a Data-Driven Society (ITU K).

[24]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[25]  Roberto Baldoni,et al.  A Survey of Symbolic Execution Techniques , 2016, ACM Comput. Surv..

[26]  Luc Van Gool,et al.  A Benchmark Dataset and Evaluation Methodology for Video Object Segmentation , 2016, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[27]  Dan Boneh Solidity , 1973 .

[28]  Benjamin Livshits,et al.  Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited , 2021, USENIX Security Symposium.

[29]  Sukrit Kalra,et al.  ZEUS: Analyzing Safety of Smart Contracts , 2018, NDSS.

[30]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[31]  M. Young Test Oracles , 2001 .