Options
2024
Conference Paper
Title
Comparison of Ethereum Smart Contract Analysis and Verification Methods
Abstract
Ethereum allows to publish and use applications known as smart contracts on its public network.
Smart contracts can be costly for users if erroneous. Various security vulnerabilities have occurred in the past and have been exploited causing the loss of billions of dollars. Therefore, it is in the developer’s interest to publish smart contracts that serve their intended purpose only.
In this work, we study different approaches to verify if Ethereum smart contracts behave as intended and how to detect possible vulnerabilities. To this end, we compare and evaluate, different formal verification tools and tools to automatically detect vulnerabilities. Our empirical comparison of 140 smart contracts with known vulnerabilities shows that different tools vary in their success to identify issues with smart contracts. In general, we find that automated analysis tools often miss vulnerabilities, while formal verifiers based on model checking with Hoare-style source code annotations require high effort and knowledge to discover possible weaknesses. Specifically, some vulnerabilities (e.g., related to bad randomness) are not detected by any of the tools. Formal verifiers perform better than automated analysis tools as they detect more vulnerabilities and are more reliable. One of the automated analysis tools was able to find only three out of 16 Access Control vulnerabilities. On the contrary, formal verifiers have a hundred percent detection rate for selected tests.
As a case study with a smart contract without previously known vulnerabilities and for a more in-depth evaluation, we examine a smart contract using a two-phase commit protocol mechanism which is key in many smart contract applications. We use the presented tools to analyze and verify the contract. Thereby we come across different important patterns to detect vulnerabilities e.g. with respect to re-entrancy, and how to annotate a contract to prove that intended the restriction and requirements hold at any time.
Smart contracts can be costly for users if erroneous. Various security vulnerabilities have occurred in the past and have been exploited causing the loss of billions of dollars. Therefore, it is in the developer’s interest to publish smart contracts that serve their intended purpose only.
In this work, we study different approaches to verify if Ethereum smart contracts behave as intended and how to detect possible vulnerabilities. To this end, we compare and evaluate, different formal verification tools and tools to automatically detect vulnerabilities. Our empirical comparison of 140 smart contracts with known vulnerabilities shows that different tools vary in their success to identify issues with smart contracts. In general, we find that automated analysis tools often miss vulnerabilities, while formal verifiers based on model checking with Hoare-style source code annotations require high effort and knowledge to discover possible weaknesses. Specifically, some vulnerabilities (e.g., related to bad randomness) are not detected by any of the tools. Formal verifiers perform better than automated analysis tools as they detect more vulnerabilities and are more reliable. One of the automated analysis tools was able to find only three out of 16 Access Control vulnerabilities. On the contrary, formal verifiers have a hundred percent detection rate for selected tests.
As a case study with a smart contract without previously known vulnerabilities and for a more in-depth evaluation, we examine a smart contract using a two-phase commit protocol mechanism which is key in many smart contract applications. We use the presented tools to analyze and verify the contract. Thereby we come across different important patterns to detect vulnerabilities e.g. with respect to re-entrancy, and how to annotate a contract to prove that intended the restriction and requirements hold at any time.
Author(s)