SlideShare a Scribd company logo

Smartcheck: Static Analysis of Ethereum Smart Contracts

S
Sergei Tikhomirov

Presentation at the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain Gothenburg, Sweden 27 May 2018 Paper: http://hdl.handle.net/10993/35862 Video: https://www.youtube.com/watch?v=FBMI6VAESWo

Software
1 of 23
Download to read offline
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 1/23 SmartCheck: Static Analysis of Ethereum Smart Contracts Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, Yaroslav Alexandrov SnT, University of Luxembourg / SmartDec 27 May 2018 WETSEB, Gothenburg, Sweden
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 2/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 3/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 4/23 Goal: finding bugs that can cost you millions Smart contracts: a decentralized way to enforce digital agreements Ethereum: a blockchain-based Turing complete application platform Bugs can be (and have been) exploited: hundreds million USD lost We present SmartCheck – a static analyzer for Ethereum contracts
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 5/23 What Ethereum nodes do Store account balances, contract code and variables Execute smart contracts code on request Maintain a shared view of the global state
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 6/23 Ethereum security challenges Decentralized execution environment New software stack Very limited ability to patch contracts Anonymous financially motivated attackers Rapid pace of development Suboptimal high-level language
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 7/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 8/23 Classification of issues in Solidity code Security: directly lead to exploits Functional: violate the intended functionality1 Operational: lead to run-time problems Developmental: make code hard to improve 1 Though without a specification we only assume what the intended functionality is.
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 9/23 Typical issues in Solidity code Let us focus on three examples of code issues: Re-entrancy (security) Locked money (functional) Costly loop (operational) SmartCheck detects 21 types of issues.
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 10/23 Example 1/3: Re-entrancy Contract maintains internal list of balances If a user withdraws funds; their balance is set to zero Adversary requests withdrawal via malicious contract which calls the victim back before their balance is set to zero, depleting the victim contract’s balance Real-world case: The DAO hack (June 2016): $50m lost
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 11/23 Example 2/3: Locked money Contracts that receive ether should have a way to withdraw it: call transfer, send, or call.value Otherwise money is be stuck in contract forever
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 12/23 Example 3/3: Costly loop Ethereum users pay for contract execution with gas Tx’s are atomic: if one step fails, whole tx fails Miners enforce a block gas limit (hence, a limit on computation in one tx) A costly function called inside a long enough loop exceeds block gas limit: tx is never confirmed Example: payouts for all winners in a game fail because of one (maliciously) failing payout
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 13/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 14/23 Code analysis: dynamic vs static Dynamic code analysis: black box no false positives some code execution paths are missed Static code analysis: white box some false positives all the code is analyzed
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 15/23 Smart contracts code analysis Smart contracts code compared to web applications code: immutable self-bug-bounty all the code is crucial but less code (∼1,000 LOC vs ∼100,000 LOC) Thus, static analysis is our choice.
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 16/23 Static code analysis Static analysis usually includes three stages: 1. building an intermediate representation (IR) 2. enriching the IR with additional information 3. vulnerability detection
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 17/23 SmartCheck: static code analyser SmartCheck uses: ANTLR parser generator custom Solidity grammar XPath queries
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 18/23 Example parse tree
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 19/23 Vulnerabilities in 4,600 real contracts
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 20/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 21/23 Future work Improve the grammar Make patterns more precise Add new patterns Implement more sophisticated static analysis methods Add support for other languages
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 22/23 Current state of the project First version is open-sourced (GPL-3.0): github.com/smartdec/smartcheck Improved version is freely available as a service: tool.smartdec.net Currently 100 scans per day, 4212 scans in total
SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 23/23 Questions? github.com/smartdec/smartcheck tool.smartdec.net cryptolux.org s-tikhomirov.github.io

Recommended

Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...
Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...
Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...Intel® Software
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Linaro
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Linaro
 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A PrimerSaumil Shah
 
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSBuilding a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSFernando Luiz Cola
 
Introduction to Modern U-Boot
Introduction to Modern U-BootIntroduction to Modern U-Boot
Introduction to Modern U-BootGlobalLogic Ukraine
 
Révolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamiqueRévolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamiqueRaphaël PINSON
 
Learn C Programming Language by Using GDB
Learn C Programming Language by Using GDBLearn C Programming Language by Using GDB
Learn C Programming Language by Using GDBNational Cheng Kung University
 

Recommended

Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...
Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...
Simple Single Instruction Multiple Data (SIMD) with the Intel® Implicit SPMD ...Intel® Software
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Linaro
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Linaro
 
Operating Systems - A Primer
Operating Systems - A PrimerOperating Systems - A Primer
Operating Systems - A PrimerSaumil Shah
 
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSBuilding a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSFernando Luiz Cola
 
Introduction to Modern U-Boot
Introduction to Modern U-BootIntroduction to Modern U-Boot
Introduction to Modern U-BootGlobalLogic Ukraine
 
Révolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamiqueRévolution eBPF - un noyau dynamique
Révolution eBPF - un noyau dynamiqueRaphaël PINSON
 
Learn C Programming Language by Using GDB
Learn C Programming Language by Using GDBLearn C Programming Language by Using GDB
Learn C Programming Language by Using GDBNational Cheng Kung University
 
Docker para integradores Asterisk
Docker para integradores AsteriskDocker para integradores Asterisk
Docker para integradores AsteriskOpenDireito
 
OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022Ofek Shilon
 
ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介sounakano
 
平成生まれのための MINIX 講座
平成生まれのための MINIX 講座平成生まれのための MINIX 講座
平成生まれのための MINIX 講座TAKANO Mitsuhiro
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM VirtualizationMarcel Winandy
 
Linux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and TroubleshootingLinux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and TroubleshootingJérôme Kehrli
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at NetflixBrendan Gregg
 
about Tcpreplay
about Tcpreplayabout Tcpreplay
about Tcpreplay@ otsuka752
 
Dai conti al bilancio
Dai conti al bilancioDai conti al bilancio
Dai conti al bilancioGiuseppe Albezzano
 
BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話Kohei Tokunaga
 
FreeRTOS API
FreeRTOS APIFreeRTOS API
FreeRTOS APIVincent Claes
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceSUSE Labs Taipei
 
The overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz SnapshotterThe overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz SnapshotterKohei Tokunaga
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Kuniyasu Suzaki
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLinaro
 
FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!Vincent Claes
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 
Profiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event HandingProfiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event HandingSUSE Labs Taipei
 
Spi drivers
Spi driversSpi drivers
Spi driverspradeep_tewani
 
Privacy preserving KYC on Ethereum
Privacy preserving KYC on EthereumPrivacy preserving KYC on Ethereum
Privacy preserving KYC on EthereumSergei Tikhomirov
 
Blockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdfBlockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdfBlockchainLand
 

More Related Content

What's hot

Docker para integradores Asterisk
Docker para integradores AsteriskDocker para integradores Asterisk
Docker para integradores AsteriskOpenDireito
 
OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022Ofek Shilon
 
ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介sounakano
 
平成生まれのための MINIX 講座
平成生まれのための MINIX 講座平成生まれのための MINIX 講座
平成生まれのための MINIX 講座TAKANO Mitsuhiro
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM VirtualizationMarcel Winandy
 
Linux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and TroubleshootingLinux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and TroubleshootingJérôme Kehrli
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at NetflixBrendan Gregg
 
BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話Kohei Tokunaga
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceSUSE Labs Taipei
 
The overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz SnapshotterThe overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz SnapshotterKohei Tokunaga
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Kuniyasu Suzaki
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLinaro
 
FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!Vincent Claes
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 
Profiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event HandingProfiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event HandingSUSE Labs Taipei
 

What's hot (20)

Docker para integradores Asterisk
Docker para integradores AsteriskDocker para integradores Asterisk
Docker para integradores Asterisk
 
OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022OptView2 - C++ on Sea 2022
OptView2 - C++ on Sea 2022
 
ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介ARMアーキテクチャにおけるセキュリティ機構の紹介
ARMアーキテクチャにおけるセキュリティ機構の紹介
 
平成生まれのための MINIX 講座
平成生まれのための MINIX 講座平成生まれのための MINIX 講座
平成生まれのための MINIX 講座
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM Virtualization
 
Linux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and TroubleshootingLinux and Java - Understanding and Troubleshooting
Linux and Java - Understanding and Troubleshooting
 
Linux Profiling at Netflix
Linux Profiling at NetflixLinux Profiling at Netflix
Linux Profiling at Netflix
 
about Tcpreplay
about Tcpreplayabout Tcpreplay
about Tcpreplay
 
Dai conti al bilancio
Dai conti al bilancioDai conti al bilancio
Dai conti al bilancio
 
BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話BuildKitでLazy Pullを有効にしてビルドを早くする話
BuildKitでLazy Pullを有効にしてビルドを早くする話
 
FreeRTOS API
FreeRTOS APIFreeRTOS API
FreeRTOS API
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
 
The overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz SnapshotterThe overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
The overview of lazypull with containerd Remote Snapshotter & Stargz Snapshotter
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
 
FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!FreeRTOS Xilinx Vivado: Hello World!
FreeRTOS Xilinx Vivado: Hello World!
 
Secure boot general
Secure boot generalSecure boot general
Secure boot general
 
Profiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event HandingProfiling the ACPICA Namespace and Event Handing
Profiling the ACPICA Namespace and Event Handing
 
Spi drivers
Spi driversSpi drivers
Spi drivers
 

Similar to Smartcheck: Static Analysis of Ethereum Smart Contracts

Privacy preserving KYC on Ethereum
Privacy preserving KYC on EthereumPrivacy preserving KYC on Ethereum
Privacy preserving KYC on EthereumSergei Tikhomirov
 
Blockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdfBlockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdfBlockchainLand
 
Modern technologies and cybersecurity
Modern technologies and cybersecurityModern technologies and cybersecurity
Modern technologies and cybersecurityVadimDavydov3
 
Security challenges in Ethereum smart contract programming (ver. 2)
Security challenges in Ethereum smart contract programming (ver. 2)Security challenges in Ethereum smart contract programming (ver. 2)
Security challenges in Ethereum smart contract programming (ver. 2)Sergei Tikhomirov
 
Security challenges in Ethereum smart contract programming
Security challenges in Ethereum smart contract programmingSecurity challenges in Ethereum smart contract programming
Security challenges in Ethereum smart contract programmingSergei Tikhomirov
 
Data Science for Internet of Things with Ajit Jaokar
Data Science for Internet of Things with Ajit JaokarData Science for Internet of Things with Ajit Jaokar
Data Science for Internet of Things with Ajit JaokarJessica Willis
 
Nordic Legaltech - Digital Asset Panel
Nordic Legaltech - Digital Asset Panel Nordic Legaltech - Digital Asset Panel
Nordic Legaltech - Digital Asset Panel MichalGromek
 
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEALéo Lemordant
 
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...Priyanka Aash
 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET Journal
 
Exploring the ERC20 Token Standard for Ethereum Blockchain
Exploring the ERC20 Token Standard for Ethereum BlockchainExploring the ERC20 Token Standard for Ethereum Blockchain
Exploring the ERC20 Token Standard for Ethereum BlockchainMuneeb Ur Rehman
 
Implementing Commerce in the 21st century with Blockchain and Cryptocurrencies
Implementing Commerce in the 21st century with Blockchain and CryptocurrenciesImplementing Commerce in the 21st century with Blockchain and Cryptocurrencies
Implementing Commerce in the 21st century with Blockchain and CryptocurrenciesPayson Johnston
 
Digital Trends: Blockchain and FinTech
Digital Trends: Blockchain and FinTechDigital Trends: Blockchain and FinTech
Digital Trends: Blockchain and FinTechSvetlin Nakov
 

Similar to Smartcheck: Static Analysis of Ethereum Smart Contracts (15)

Privacy preserving KYC on Ethereum
Privacy preserving KYC on EthereumPrivacy preserving KYC on Ethereum
Privacy preserving KYC on Ethereum
 
Blockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdfBlockchain Land Audit Report.pdf
Blockchain Land Audit Report.pdf
 
Modern technologies and cybersecurity
Modern technologies and cybersecurityModern technologies and cybersecurity
Modern technologies and cybersecurity
 
Security challenges in Ethereum smart contract programming (ver. 2)
Security challenges in Ethereum smart contract programming (ver. 2)Security challenges in Ethereum smart contract programming (ver. 2)
Security challenges in Ethereum smart contract programming (ver. 2)
 
Security challenges in Ethereum smart contract programming
Security challenges in Ethereum smart contract programmingSecurity challenges in Ethereum smart contract programming
Security challenges in Ethereum smart contract programming
 
CIKMTutorial.pdf
CIKMTutorial.pdfCIKMTutorial.pdf
CIKMTutorial.pdf
 
Data Science for Internet of Things with Ajit Jaokar
Data Science for Internet of Things with Ajit JaokarData Science for Internet of Things with Ajit Jaokar
Data Science for Internet of Things with Ajit Jaokar
 
Ajit jaokar slides
Ajit jaokar slidesAjit jaokar slides
Ajit jaokar slides
 
Nordic Legaltech - Digital Asset Panel
Nordic Legaltech - Digital Asset Panel Nordic Legaltech - Digital Asset Panel
Nordic Legaltech - Digital Asset Panel
 
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA
[Meetup 9] Nuit de la Blockchain #2, François Le Fevre du CEA
 
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...
You May Have Paid more than you imagine: Replay Attacks on Ethereum Smart Con...
 
IRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using BlockchainIRJET- Smart Contracts using Blockchain
IRJET- Smart Contracts using Blockchain
 
Exploring the ERC20 Token Standard for Ethereum Blockchain
Exploring the ERC20 Token Standard for Ethereum BlockchainExploring the ERC20 Token Standard for Ethereum Blockchain
Exploring the ERC20 Token Standard for Ethereum Blockchain
 
Implementing Commerce in the 21st century with Blockchain and Cryptocurrencies
Implementing Commerce in the 21st century with Blockchain and CryptocurrenciesImplementing Commerce in the 21st century with Blockchain and Cryptocurrencies
Implementing Commerce in the 21st century with Blockchain and Cryptocurrencies
 
Digital Trends: Blockchain and FinTech
Digital Trends: Blockchain and FinTechDigital Trends: Blockchain and FinTech
Digital Trends: Blockchain and FinTech
 

More from Sergei Tikhomirov

Bitcoin: money of the future
Bitcoin: money of the futureBitcoin: money of the future
Bitcoin: money of the futureSergei Tikhomirov
 
Findel: Secure Derivative Contracts for Ethereum
Findel: Secure Derivative Contracts for EthereumFindel: Secure Derivative Contracts for Ethereum
Findel: Secure Derivative Contracts for EthereumSergei Tikhomirov
 
Financial Domain-Specific Languages
Financial Domain-Specific LanguagesFinancial Domain-Specific Languages
Financial Domain-Specific LanguagesSergei Tikhomirov
 
Computer Science and Blockchain Research at University of Luxembourg
Computer Science and Blockchain Research at University of LuxembourgComputer Science and Blockchain Research at University of Luxembourg
Computer Science and Blockchain Research at University of LuxembourgSergei Tikhomirov
 
Blockchain security research (in 2 minutes)
Blockchain security research (in 2 minutes)Blockchain security research (in 2 minutes)
Blockchain security research (in 2 minutes)Sergei Tikhomirov
 
Pethreon: recurring payments on Ethereum
Pethreon: recurring payments on EthereumPethreon: recurring payments on Ethereum
Pethreon: recurring payments on EthereumSergei Tikhomirov
 
Bitcoin: деньги будущего
Bitcoin: деньги будущегоBitcoin: деньги будущего
Bitcoin: деньги будущегоSergei Tikhomirov
 

More from Sergei Tikhomirov (7)

Bitcoin: money of the future
Bitcoin: money of the futureBitcoin: money of the future
Bitcoin: money of the future
 
Findel: Secure Derivative Contracts for Ethereum
Findel: Secure Derivative Contracts for EthereumFindel: Secure Derivative Contracts for Ethereum
Findel: Secure Derivative Contracts for Ethereum
 
Financial Domain-Specific Languages
Financial Domain-Specific LanguagesFinancial Domain-Specific Languages
Financial Domain-Specific Languages
 
Computer Science and Blockchain Research at University of Luxembourg
Computer Science and Blockchain Research at University of LuxembourgComputer Science and Blockchain Research at University of Luxembourg
Computer Science and Blockchain Research at University of Luxembourg
 
Blockchain security research (in 2 minutes)
Blockchain security research (in 2 minutes)Blockchain security research (in 2 minutes)
Blockchain security research (in 2 minutes)
 
Pethreon: recurring payments on Ethereum
Pethreon: recurring payments on EthereumPethreon: recurring payments on Ethereum
Pethreon: recurring payments on Ethereum
 
Bitcoin: деньги будущего
Bitcoin: деньги будущегоBitcoin: деньги будущего
Bitcoin: деньги будущего
 

Recently uploaded

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Recently uploaded (20)

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Smartcheck: Static Analysis of Ethereum Smart Contracts

  • 1. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 1/23 SmartCheck: Static Analysis of Ethereum Smart Contracts Sergei Tikhomirov, Ekaterina Voskresenskaya, Ivan Ivanitskiy, Ramil Takhaviev, Evgeny Marchenko, Yaroslav Alexandrov SnT, University of Luxembourg / SmartDec 27 May 2018 WETSEB, Gothenburg, Sweden
  • 2. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 2/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
  • 3. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 3/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
  • 4. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 4/23 Goal: finding bugs that can cost you millions Smart contracts: a decentralized way to enforce digital agreements Ethereum: a blockchain-based Turing complete application platform Bugs can be (and have been) exploited: hundreds million USD lost We present SmartCheck – a static analyzer for Ethereum contracts
  • 5. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 5/23 What Ethereum nodes do Store account balances, contract code and variables Execute smart contracts code on request Maintain a shared view of the global state
  • 6. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 6/23 Ethereum security challenges Decentralized execution environment New software stack Very limited ability to patch contracts Anonymous financially motivated attackers Rapid pace of development Suboptimal high-level language
  • 7. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 7/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
  • 8. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 8/23 Classification of issues in Solidity code Security: directly lead to exploits Functional: violate the intended functionality1 Operational: lead to run-time problems Developmental: make code hard to improve 1 Though without a specification we only assume what the intended functionality is.
  • 9. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 9/23 Typical issues in Solidity code Let us focus on three examples of code issues: Re-entrancy (security) Locked money (functional) Costly loop (operational) SmartCheck detects 21 types of issues.
  • 10. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 10/23 Example 1/3: Re-entrancy Contract maintains internal list of balances If a user withdraws funds; their balance is set to zero Adversary requests withdrawal via malicious contract which calls the victim back before their balance is set to zero, depleting the victim contract’s balance Real-world case: The DAO hack (June 2016): $50m lost
  • 11. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 11/23 Example 2/3: Locked money Contracts that receive ether should have a way to withdraw it: call transfer, send, or call.value Otherwise money is be stuck in contract forever
  • 12. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 12/23 Example 3/3: Costly loop Ethereum users pay for contract execution with gas Tx’s are atomic: if one step fails, whole tx fails Miners enforce a block gas limit (hence, a limit on computation in one tx) A costly function called inside a long enough loop exceeds block gas limit: tx is never confirmed Example: payouts for all winners in a game fail because of one (maliciously) failing payout
  • 13. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 13/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
  • 14. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 14/23 Code analysis: dynamic vs static Dynamic code analysis: black box no false positives some code execution paths are missed Static code analysis: white box some false positives all the code is analyzed
  • 15. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 15/23 Smart contracts code analysis Smart contracts code compared to web applications code: immutable self-bug-bounty all the code is crucial but less code (∼1,000 LOC vs ∼100,000 LOC) Thus, static analysis is our choice.
  • 16. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 16/23 Static code analysis Static analysis usually includes three stages: 1. building an intermediate representation (IR) 2. enriching the IR with additional information 3. vulnerability detection
  • 17. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 17/23 SmartCheck: static code analyser SmartCheck uses: ANTLR parser generator custom Solidity grammar XPath queries
  • 18. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 18/23 Example parse tree
  • 19. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 19/23 Vulnerabilities in 4,600 real contracts
  • 20. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 20/23 Outline Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project
  • 21. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 21/23 Future work Improve the grammar Make patterns more precise Add new patterns Implement more sophisticated static analysis methods Add support for other languages
  • 22. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 22/23 Current state of the project First version is open-sourced (GPL-3.0): github.com/smartdec/smartcheck Improved version is freely available as a service: tool.smartdec.net Currently 100 scans per day, 4212 scans in total
  • 23. SmartCheck: Static Analysis of Ethereum Smart Contracts Tikhomirov, Voskresenskaya, Ivanitskiy, Takhaviev, Marchenko, Alexandrov Introduction Classification of issues in Solidity code SmartCheck: smart contract analyzer Future work and state of the project 23/23 Questions? github.com/smartdec/smartcheck tool.smartdec.net cryptolux.org s-tikhomirov.github.io