SlideShare ist ein Scribd-Unternehmen logo

Daniel Connelly Ethereum Smart Contract Master's Thesis

D
Daniel Connelly

Ethereum is a unique offshoot of blockchain technologies that incorporates the use of what are called smart contracts or Dapps – small-sized programs that orchestrate financial transactions on the Ethereum blockchain. With this fairly new paradigm in blockchain, however, comes a host of security concerns and a track record that reveals a history of losses in the range of millions of dollars. Since Ethereum is a decentralized entity, these concerns are not allayed as they are in typical financial institutions. For example, there is no Federal Deposit Insurance Corporation (FDIC) to back the investors of these contracts from financial loss as there is with bank depositors. Furthermore, there is also no Better Business Bureau (BBB) or Consumer Reports organization to offer any sort of ratings on these contracts. However, there exists a well-known method for verifying a program’s integrity; a method called symbolic execution. Such an examination promises to give not only a perspective on the security of Ethereum, but also highlight areas where security experts may need to target to more quickly improve upon the security of this blockchain. This paper proposes a solution to ensuring security and increasing end user confidence -- a digital registry of smart contracts that have security flaws in them. A rating system for contracts is proposed and the capabilities one has with knowledge of these vulnerabilities is examined. This research attempts to give a picture of the current state of security of Ethereum Smart Contracts by employing symbolic analysis on a portion of the Smart Contracts up until approximately the 8.4 millionth block. Vulnerabilities in Smart Contracts may be prevalent and, if they are, a registry for enumerating which ones are can be built and potentially used to easily enumerate them.

Ingenieurwesen
1 von 44
Downloaden Sie, um offline zu lesen
Smart Contract Vulnerabilities On the Ethereum Blockchain: A Current Perspective Author: Daniel Connelly Adviser: Dr. Wu-chang Feng
Blockchain Review Most financial data from hereon has been collected on 02/14/2020
Blockchain Review - Details Anonymous Users (Wallet Address) (0x12a56b78c…) Immutable Ledger of txns (Stored in “Blocks”) Ledger is distributed Ledger is append-only
Blockchain Review - Bank Comparison Users -> Wallet Addresses Transactions -> Immutable Blocks Distributed Network Append-only ledger ● Bank Account numbers are tied to an identity. ● Closest is transactions in/among accounts. This system can be tricked, however. ● There is a centralized/decentralized financial system ● Banks may have a mutable database Blockchain Banks
It All Began With Bitcoin..
Blockchain Review - Bitcoin ● 03 January 2009 Bitcoin was created (the year I graduated HS) ● Mystery creator(s) named “Satoshi Nakamoto” ● A form of virtual currency -- BTC ● Current price of $10,474.70; most expensive ~$20,000! ● 17.85 Million bitcoins in supply ● “Simple” style: anonymous, immutable, append-only ledger; distributed among a peer-to-peer network
Ethereum Review
Ethereum on The Rise? Recent Events. Over the past week (02/14/2020)... ● $168 1 month ago. $117.10 . %68.60 ● The number of active Ethereum addresses has grown by 21.5% ● Transactions have increased by 13.2% ● JPMorgan is in talks to merge its open source Ethereum-based blockchain Quorum with Ethereum startup ConsenSys Disclaimer: I am not advocating investing in any cryptocurrency
● Ethereum was created July 30th, 2015. ● Creators were Vitalik Buterin and others ● A form of virtual currency -- ETH ● Highest value was $334. ● 107 Million ETH in supply ● “Simple” style: anonymous, immutable, append-only ledger; distributed among a peer-to-peer network ● ...BUT, also has what is called Decentralized Applications (DApps), or in Ethereum lingo, Smart Contracts ○ “Just” programs ○ Contracts are not all that complex ○ Primarily written in Solidity ○ Compiled to bytecode ○ Deployed to network ○ Ethereum Virtual Machine (EVM) ○ Contracts can act as a mediary by interacting with users Blockchain Review - Ethereum
Ethereum Review - Smart Contract Properties Contracts are similar to other programs: ● Name: 0x3023868433F6086cd8CE0C4083fe2E11B37ce0B7 ● A user can call a contract; a contract can call other contracts on the blockchain (i.e., programs can call programs) But also are very unique: ● Can hold money inside of them ( tracked by the blockchain ) ● Can send money to wallet or contract addresses ● Can take out middlemen: ○ Trust funds, New forms of currency/assets (“Tokens”), Buying a house, receiving a deed, gambling, gaming…
Ethereum Review - Solidity Language ● The main language to write these contracts in is Solidity -- a horribly insecure language! ● Here are a listing of different ways to mess up (vulnerabilities): ○ Integer Arithmetic ○ Floating Point Arithmetic ○ Reentrancy ○ Access Control ■ Default Visibility ■ Authentication With tx.origin ■ Signature Verification ■ Unprotected Functions ○ Code Injection via delegatecall ○ Signature Replay Attacks ○ Unchecked External Calls ■ Insufficient Gas Attacks ○ DOS ■ Unexpected Revert ■ Block Gas Limit ■ External Calls without Gas Stipends ■ Offline Owner ...Not Very Solid
Ethereum Review - Solidity Language ● Dirty Higher Order Bits ● Complex Modifiers ● Outdated Compiler ● Use of Deprecated Solidity Functions ● Experimental Language Features ● Frontend (Off Chain) Attacks ○ Short Address Attack ● Historic Attacks ○ Constructor Names ○ Call Depth Attack ○ Constantinople Reentrancy ○ Solidity Abi Encoder v2 Bug ● References ● Entropy Illusion ● Privacy Illusion ● Miner Attacks ○ Transaction Ordering ○ Timestamp Manipulation ● Unexpected Ether ● External Contract Referencing ● Uninitialized Storage Pointers ● Writes to Arbitrary Storage Locations ● Incorrect Interface ● Arbitrary Jumps with Function Variables ● Variable Shadowing ● Assert Violation
Blockchain Review - Historical Losses ● Launched April 2016 ● Raised $150M+...in a single address! ● There was a recursive bug -- a “reentrancy bug” ● ~$60M drained from the contract ● Authors reset the chain to an earlier date and fixed the bug ○ A non-immutable act The DAO ((Almost)Loss: June, 2016) Fairwin ((Almost)Loss: Oct. 2019) ● Launched July 2019 ● Once contained $10.5 Mil of ETH ● Multiple bugs -- including the owner of the contract being able to siphon all money out of it ● Loss also (likely) avoided; due to calls to pull out of this contract by the security community
Vulnerability and Exploit Walkthrough
Blockchain Review - Details ● A weakness in software systems. ● For example (Integer Overflow) ○ A variable overflows, but is not checked or used in that context. ● Program behaves unexpectedly, but no damages incurred. ● Exploits are attacks which leverage vulnerabilities. ● For example, an Integer Underflow that leads to a bank account amount being flipped to a balance of $2,147,483,647. Vulnerability Exploit
● Always a vulnerability and part of an exploit ● The Unprotected Self destruct vulnerability is where a function contains a self destruct call and is public (with no additional logic to stop anyone from executing the self destruct call). ● Can send all the ETH inside of a contract to a specified address before permanently deleting a contracts bytecode on the network. ● In the above code, the method has been declared public, which means anybody can call it (line 1). Furthermore, the person who called it is sent any available ETH in the contract before the bytecode is self-destructed (line 2). Unprotected Self Destruct 1 function close() public { 2 selfdestruct(msg.sender); // send available ETH to the contract invoker 3 } Figure 1 - UNSAFE Self Destruct Example 1 function close() public { 2 if (msg.sender == owner) // caller is owner 3 selfdestruct(msg.sender); // send available ETH to the contract invoker 4 } Figure 2 - SAFE Self Destruct Example
pragma solidity ^0.6.0; contract MyFaultyContract { address owner = 0x7a2afF8E576ce73bF775Eb2D8E443098c82261eA; function kill() public{ require(msg.sender == owner); // only owner may kill our function! selfdestruct(msg.sender); } function setOwner() public { // Anyone can be owner! owner = msg.sender; } /* Code included for demo */ function seeOwner() public view returns (address){ return owner; } } Self Destruct Demo (A real contract)
https://etherscan.io/address/0xeb20733df3007b0e674e99f0e9f674776064d77f Self Destruct Demo
Registry Why not put information about vulnerable contracts in a public database for others to see?
● There is NO insurance for Ethereum Wallet Address or Contracts (FDIC, SPIC) ● There exists currently NO official Consumer Report-like, VirusTotal-like, or BBB-like agency to tell users what contracts to avoid ● 50% of general Smart Contract flaws and 78% of the most important flaws can be discovered with static and dynamic analysis!¹ ● Symbolic execution is such a method and detects a wide range of vulnerabilities! ● These vulnerabilities can be programmatically discovered and the output parsed to fit in a database. State Of The Art ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
Why a Digital Registry? ● Tools can be cumbersome and filled with technical jargon only CS majors or enthusiasts understand ● Tools may not be widely known or advertised to people...individuals don’t know of these tools ● Owners and users of vulnerable contracts cannot be contacted any other way! ○ As mentioned, everything is anonymous on the blockchain ● Getting results takes TIME, ELECTRICITY, and MONEY. ● Contracts can be given a rating indicating levels of risk ○ Like the BBB, Consumer Reports rating system ○ Can use multiple opinions from varying engines (VirusTotal) ● There is a need for a rating of the technologies themselves ○ Mythril, for example, gives erroneous output in Self Destruct Vulnerabilities… ● Vulnerability names need to be unified… ○ E.g., is “Accessible Self Destruct” comparable to “Unprotected Self Destruct”? ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
Why a Digital Registry? ● Users can search a contract before using it ● Vulnerable contracts are less likely to fill up with ETH and cause a giant exploit later on ● Users can remove their funds from insecure contracts ● Developers are more aware of problematic codebases ● Developers can redeploy new contracts with reduced bugs and divert their users to that contract ● Increases user confidence in a contract and Ethereum as a whole. ● ... ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
Similar Work ● Consumer Reports, VirusTotal, BBB. ● haveibeenpwned.com ● Contract-library.org ● A rating system - http://ethtrust.org/ ● …? Downside to decentralization: little centralized resource listings
What Is Symbolic Execution And Mythril Execution?
Symbolic Execution Walkthrough What if the `if` branch was “Send all ETH to the caller’s address”?
Symbolic Execution Walkthrough
Symbolic Execution Walkthrough - Mythril ● Mythril discovers a total of 16 vulnerabilities ● Bytecode is disassembled, then LASER -- A Symbolic VM that can run EVM Instructions (not bytecode) -- is used to find vulnerable states ● Mythril is able to traverse all possible states for common vulnerabilities ● States that pose a vulnerability are discovered and then proved ● Mythril proves possible paths by using Z3, an automatic Theorem Prover, to prove or disprove the reachability of a certain state Theorem Proving Paths
Integer Overflow and Integer Underflow An overflow/underflow happens when an arithmetic operationreaches the maximum or minimum size of a type. E.g., uint8 = 2^8.Overflow could cause if statements to be false when true. Exception State (Assert violation) Flow control reaches a failing Assert() statement. External Call To User-Supplied Address (Reentrancy) A contract calls an external contract that the callee of the contractprovides, opening up the possibility for a reentrancy bug. External Call To Fixed Address (Reentrancy) A contract calls an external contract that the contract has hardcoded,opening the possibility for a reentrancy bug. Delegatecall Proxy To User-Supplied Address (DelegateCALL tountrusted Contract/Callee) A contract uses [address].delegatecall(). Code at target address isexecuted in the context of the calling contract; contract can changelocal storage or drain contract of balance. Dependence on predictable environment variable ● Detects Weak Randomness ● And Timestamp Dependence Numbers controlled by miners are a bad source of randomness asminers can control the output, and by association a variable that isusing that number.
Use of tx.origin (Use of Deprecated Functions) A deprecated function. May lead to unintended side effects. Unprotected Ether Withdrawal (Ether Thief) Function(s) is not protected with the potential net effect being anyparty may withdraw ETH from the contract. Multiple Calls in a Single Transaction (DOS With Failed Call) If an external call fails accidentally or deliberately, a DoS conditioncan result in the contract as a contract is waiting for a call to return. State change after external call (Reentrancy) A contract may call back into the calling contract before the firstinvocation finishes. This could result in undesirable consequences. Unprotected Selfdestruct (Unprotected Selfdestruct) Any party can call the function that has a self-destruct in itscontract. Unchecked Call Return Value (Unchecked Call Return Value) Return values of a message call must be checked to see if anexception was thrown. Otherwise, the program will continue despitea failed call.
Use of callcode (Use of Deprecated Functions) A deprecated function. May lead to unintended side effects. Jump to an arbitrary instruction (Arbitrary Jump with Function TypeVariable) A developer may use assembly instruction mstore or the assignoperator, an attacker may point a function type variable to any codeinstruction. Jump to an arbitrary line (Arbitrary Jump with Function Type Variable) A developer may use assembly instruction mstore or the assignoperator, an attacker may point a function type variable to any codeinstruction. Write to an arbitrary storage slot (SWC: Write to an Arbitrary StorageLocation) A contract may write to an arbitrary storage location, which couldhouse the contract owners address for example. An attacker couldbe renamed the contract owner.
Methodology
Data Collection ● The registry service was built by interacting with a GETH node to discover contract addresses ● Multiple machines were spun up in Google Cloud Platform ● Each machine ran a Python program that spawned ~10 threads to spawn docker containers where each container was given an address to run the image of Mythril ● Output was separated into bins (i.e., exceptions, errors, or Mythril Output). ● Mythril Output was then parsed to derive each vulnerable contract and its vulnerabilities that were inserted as a row in a table, forming a vulnerable contracts table. https://github.com/ConsenSys/mythril
Results
Results ● ~50 days of compute time ● 3,046,140 contracts from the 0-9 millionth block ● Achieved partial analysis through the blockchain 0-~8.4 millionth block ● 797,384 contracts had vulnerabilities in them ● ~%26+ of Ethereum contracts have vulnerabilities ○ didn’t complete analysis up to 9 millionth block ○ live contracts with exploits is a smaller number, and thus a higher ratio ○ time limit constraints on symbolic execution (1 hour) likely yielded less results ○ higher transaction (“call”) count could yield more vulnerabilities (default is 2 in Mythril) ● 1,224,486 vulnerabilities within those 797,384 contracts ● 2,580,565 ETH at risk* ○ $430,128,605 in USD (1/19/2020) * Ether at risk is defined as any contract with money and an exploit(s) inside
Results(cont)
Results(cont)
Results(cont)
Results(cont)
The Registry - http://haveibeenexploited.com
Discussion ● A number of bugs in Mythril cast doubt on some results ○ Self Destructs are not always reliable ○ But the registry is still an important idea ● Some ethical concerns in allowing people to find these contracts. However, a similar system already exists (contract-library.com) and this has not upset the system. ● More analysis needs to be done to detect true enduring patterns and know the security of the blockchain. ● ...But generally the blockchain is pretty safe and is increasing in popularity! ○ Jan 4th, 2018: 1.3 million transactions! the most transactions in 24 hours
Future Work ● Finish analysis ● Include other engines ○ Akin to virustotal.com ● Automate analysis, parsing, updating of database ● Rating system ○ Based off multiple engines ○ Based of what each engine thinks is severe ● Run deeper transactional analysis on vulnerable contracts (default in Mythril is 2 transactions) ● Collect Z3 outputs from Mythril, sort by high ETH, and determine if exploit exists. ● Update Website (Aesthetics, Cloud Run, etc.). Oyente Manticore echidna
Special Thanks ● I owe special thanks to Professor of Computer Science Dr. Wu-chang Feng. Without Dr. Feng, I would not have had any knowledge to work with in Blockchain or in Cloud Computing, both of whose subject knowledge this thesis relied heavily on. Furthermore, without his additional guidance in crafting this thesis, I would have gotten into many sticky situations, which were ultimately avoided. ● Finally, thanks must go to the two funders of this project. The first, The National Science Foundation (NSF) grant Curricula and CTF Exercises for Teaching Smart Fuzzing and Symbolic Execution (#1821841). The second source, the Google Faculty Research Grant, which generously gave $5,000 worth of cloud research credits for Google Cloud Platform use. Without the NSF grant and compute resources afforded by these Google Cloud credits, this project would not exist at its current level of maturity. ● I owe another thanks to the Ethereum Foundation for connecting me with a community -- -- the ETHSecurity Community Telegram channel --to ask questions and gain informational resources.
References https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/ https://arxiv.org/pdf/1911.07567.pdf https://www.coinbase.com/price/ethereum https://cointelegraph.com/news/five-signs-that-ethereum-is-having-its-moment-right-now https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities https://thefengs.com/wuchang/courses/cs410b/slides//05a_SymbolicExecution.pdf https://www.google.com/imghp?hl=en https://www.cryptoglobe.com/latest/2019/08/ethereums-total-supply-has-added-35-million-eth-in-three-years/ https://blockgeeks.com/how-many-bitcoins-are-there/ https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities https://media.consensys.net/ethereum-by-the-numbers-3520f44565a9

Empfohlen

Ethereum Intro
Ethereum IntroEthereum Intro
Ethereum IntroDejan Radic
 
Blockchain Corporate Style
Blockchain Corporate StyleBlockchain Corporate Style
Blockchain Corporate StyleNarendranath Reddy
 
Bitcoin and Ethereum
Bitcoin and EthereumBitcoin and Ethereum
Bitcoin and EthereumJongseok Choi
 
How to be a smart contract engineer
How to be a smart contract engineerHow to be a smart contract engineer
How to be a smart contract engineerOded Noam
 
Ethereum
EthereumEthereum
EthereumBrian Yap
 
Every thing bitcoin in baby language
Every thing bitcoin in baby languageEvery thing bitcoin in baby language
Every thing bitcoin in baby languageOssai Nduka
 
The Blockchain and JavaScript
The Blockchain and JavaScriptThe Blockchain and JavaScript
The Blockchain and JavaScriptPortia Burton
 
Ethereum
EthereumEthereum
EthereumShermin Voshmgir
 

Empfohlen

Ethereum Intro
Ethereum IntroEthereum Intro
Ethereum IntroDejan Radic
 
Blockchain Corporate Style
Blockchain Corporate StyleBlockchain Corporate Style
Blockchain Corporate StyleNarendranath Reddy
 
Bitcoin and Ethereum
Bitcoin and EthereumBitcoin and Ethereum
Bitcoin and EthereumJongseok Choi
 
How to be a smart contract engineer
How to be a smart contract engineerHow to be a smart contract engineer
How to be a smart contract engineerOded Noam
 
Ethereum
EthereumEthereum
EthereumBrian Yap
 
Every thing bitcoin in baby language
Every thing bitcoin in baby languageEvery thing bitcoin in baby language
Every thing bitcoin in baby languageOssai Nduka
 
The Blockchain and JavaScript
The Blockchain and JavaScriptThe Blockchain and JavaScript
The Blockchain and JavaScriptPortia Burton
 
Ethereum
EthereumEthereum
EthereumShermin Voshmgir
 
Blockchain - a basic overview
Blockchain - a basic overviewBlockchain - a basic overview
Blockchain - a basic overviewSyed Rakib Al Hasan
 
BitCoin Protocol
BitCoin ProtocolBitCoin Protocol
BitCoin ProtocolConsulthinkspa
 
gething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang clientgething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang clientSathish VJ
 
Write smart contract with solidity on Ethereum
Write smart contract with solidity on EthereumWrite smart contract with solidity on Ethereum
Write smart contract with solidity on EthereumMurughan Palaniachari
 
Welcome to Ethereum
Welcome to EthereumWelcome to Ethereum
Welcome to EthereumAll Things Open
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumTerek Judi
 
Building Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart ContractBuilding Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart ContractVaideeswaran Sethuraman
 
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Zvi Avraham
 
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...Simplilearn
 
Ethereum Smart Contract Tutorial
Ethereum Smart Contract TutorialEthereum Smart Contract Tutorial
Ethereum Smart Contract TutorialArnold Pham
 
bitcoin_presentation
bitcoin_presentationbitcoin_presentation
bitcoin_presentationDmytro Pershyn
 
create your own cryptocurrency
create your own cryptocurrencycreate your own cryptocurrency
create your own cryptocurrencyBellaj Badr
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodGalin Dinkov
 
Blockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency RegulationsBlockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency RegulationsAmir Rafati
 
Ethereum Mining How To
Ethereum Mining How ToEthereum Mining How To
Ethereum Mining How ToNugroho Gito
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Codemotion
 
Blockchain Programming
Blockchain ProgrammingBlockchain Programming
Blockchain ProgrammingRhea Myers
 
Evaluation of Ethereum
Evaluation of Ethereum Evaluation of Ethereum
Evaluation of Ethereum Giuseppe Andreetti
 
Economías criptográficas
Economías criptográficasEconomías criptográficas
Economías criptográficasnavajanegra
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...maeste
 
Web3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profitWeb3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profitTal Be'ery
 
Web3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEMWeb3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEMTal Be'ery
 

Weitere ähnliche Inhalte

Was ist angesagt?

gething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang clientgething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang clientSathish VJ
 
Write smart contract with solidity on Ethereum
Write smart contract with solidity on EthereumWrite smart contract with solidity on Ethereum
Write smart contract with solidity on EthereumMurughan Palaniachari
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumTerek Judi
 
Building Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart ContractBuilding Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart ContractVaideeswaran Sethuraman
 
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Zvi Avraham
 
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...Simplilearn
 
Ethereum Smart Contract Tutorial
Ethereum Smart Contract TutorialEthereum Smart Contract Tutorial
Ethereum Smart Contract TutorialArnold Pham
 
create your own cryptocurrency
create your own cryptocurrencycreate your own cryptocurrency
create your own cryptocurrencyBellaj Badr
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodGalin Dinkov
 
Blockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency RegulationsBlockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency RegulationsAmir Rafati
 
Ethereum Mining How To
Ethereum Mining How ToEthereum Mining How To
Ethereum Mining How ToNugroho Gito
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Codemotion
 
Blockchain Programming
Blockchain ProgrammingBlockchain Programming
Blockchain ProgrammingRhea Myers
 
Economías criptográficas
Economías criptográficasEconomías criptográficas
Economías criptográficasnavajanegra
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...maeste
 

Was ist angesagt? (20)

Blockchain - a basic overview
Blockchain - a basic overviewBlockchain - a basic overview
Blockchain - a basic overview
 
BitCoin Protocol
BitCoin ProtocolBitCoin Protocol
BitCoin Protocol
 
gething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang clientgething started - ethereum & using the geth golang client
gething started - ethereum & using the geth golang client
 
Write smart contract with solidity on Ethereum
Write smart contract with solidity on EthereumWrite smart contract with solidity on Ethereum
Write smart contract with solidity on Ethereum
 
Welcome to Ethereum
Welcome to EthereumWelcome to Ethereum
Welcome to Ethereum
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to Ethereum
 
Building Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart ContractBuilding Apps with Ethereum Smart Contract
Building Apps with Ethereum Smart Contract
 
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
 
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
Ethereum Tutorial - Ethereum Explained | What is Ethereum? | Ethereum Explain...
 
Ethereum Smart Contract Tutorial
Ethereum Smart Contract TutorialEthereum Smart Contract Tutorial
Ethereum Smart Contract Tutorial
 
bitcoin_presentation
bitcoin_presentationbitcoin_presentation
bitcoin_presentation
 
create your own cryptocurrency
create your own cryptocurrencycreate your own cryptocurrency
create your own cryptocurrency
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the Hood
 
Blockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency RegulationsBlockchain Ecosystem and Cryptocurrency Regulations
Blockchain Ecosystem and Cryptocurrency Regulations
 
Ethereum Mining How To
Ethereum Mining How ToEthereum Mining How To
Ethereum Mining How To
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
 
Blockchain Programming
Blockchain ProgrammingBlockchain Programming
Blockchain Programming
 
Evaluation of Ethereum
Evaluation of Ethereum Evaluation of Ethereum
Evaluation of Ethereum
 
Economías criptográficas
Economías criptográficasEconomías criptográficas
Economías criptográficas
 
Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...Blockchain and smart contracts, what they are and why you should really care ...
Blockchain and smart contracts, what they are and why you should really care ...
 

Ähnlich wie Daniel Connelly Ethereum Smart Contract Master's Thesis

Web3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profitWeb3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profitTal Be'ery
 
Web3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEMWeb3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEMTal Be'ery
 
Best practices to build secure smart contracts
Best practices to build secure smart contractsBest practices to build secure smart contracts
Best practices to build secure smart contractsGautam Anand
 
Smart contract honeypots for profit (and fun) - bha
Smart contract honeypots for profit (and fun) - bhaSmart contract honeypots for profit (and fun) - bha
Smart contract honeypots for profit (and fun) - bhaPolySwarm
 
Understanding blockchain
Understanding blockchainUnderstanding blockchain
Understanding blockchainPriyab Satoshi
 
Blockchain, smart contracts - introduction
Blockchain, smart contracts - introductionBlockchain, smart contracts - introduction
Blockchain, smart contracts - introductionLukasz Jarmulowicz
 
Blockchain Development
Blockchain DevelopmentBlockchain Development
Blockchain Developmentpreetikumara
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Codemotion
 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architectedIBM Sverige
 
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Codemotion
 
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Codemotion
 
Blockchain an introduction_n_li
Blockchain an introduction_n_liBlockchain an introduction_n_li
Blockchain an introduction_n_linikinew1
 
Smart contracts using web3.js
Smart contracts using web3.jsSmart contracts using web3.js
Smart contracts using web3.jsFelix Crisan
 
Fluent destry saul
Fluent destry saulFluent destry saul
Fluent destry saulDestry Saul
 
Ethereum in a nutshell
Ethereum in a nutshellEthereum in a nutshell
Ethereum in a nutshellDaniel Chan
 
Decentralized Application: A Software Engineering Perspective
Decentralized Application: A Software Engineering PerspectiveDecentralized Application: A Software Engineering Perspective
Decentralized Application: A Software Engineering PerspectiveBambang Purnomosidi D. P.
 

Ähnlich wie Daniel Connelly Ethereum Smart Contract Master's Thesis (20)

Web3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profitWeb3’s red pill: Smashing Web3 transaction simulations for fun and profit
Web3’s red pill: Smashing Web3 transaction simulations for fun and profit
 
Web3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEMWeb3 Security: The Blockchain is Your SIEM
Web3 Security: The Blockchain is Your SIEM
 
Best practices to build secure smart contracts
Best practices to build secure smart contractsBest practices to build secure smart contracts
Best practices to build secure smart contracts
 
Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum) Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum)
 
Smart contract honeypots for profit (and fun) - bha
Smart contract honeypots for profit (and fun) - bhaSmart contract honeypots for profit (and fun) - bha
Smart contract honeypots for profit (and fun) - bha
 
Understanding blockchain
Understanding blockchainUnderstanding blockchain
Understanding blockchain
 
Blockchain, smart contracts - introduction
Blockchain, smart contracts - introductionBlockchain, smart contracts - introduction
Blockchain, smart contracts - introduction
 
Blockchain Development
Blockchain DevelopmentBlockchain Development
Blockchain Development
 
BlockChain Public
BlockChain PublicBlockChain Public
BlockChain Public
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architected
 
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
 
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
Jerome de Tychey - Building Web3.0 with Ethereum - Codemotion Berlin 2018
 
Blockchain an introduction_n_li
Blockchain an introduction_n_liBlockchain an introduction_n_li
Blockchain an introduction_n_li
 
An Introduction to Blockchains
An Introduction to BlockchainsAn Introduction to Blockchains
An Introduction to Blockchains
 
Smart contracts using web3.js
Smart contracts using web3.jsSmart contracts using web3.js
Smart contracts using web3.js
 
Ergo Hong Kong meetup
Ergo Hong Kong meetupErgo Hong Kong meetup
Ergo Hong Kong meetup
 
Fluent destry saul
Fluent destry saulFluent destry saul
Fluent destry saul
 
Ethereum in a nutshell
Ethereum in a nutshellEthereum in a nutshell
Ethereum in a nutshell
 
Decentralized Application: A Software Engineering Perspective
Decentralized Application: A Software Engineering PerspectiveDecentralized Application: A Software Engineering Perspective
Decentralized Application: A Software Engineering Perspective
 

Kürzlich hochgeladen

computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction managementMariconPadriquez1
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncssuser2ae721
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHC Sai Kiran
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 

Kürzlich hochgeladen (20)

computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction management
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECH
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 

Daniel Connelly Ethereum Smart Contract Master's Thesis

  • 1. Smart Contract Vulnerabilities On the Ethereum Blockchain: A Current Perspective Author: Daniel Connelly Adviser: Dr. Wu-chang Feng
  • 2. Blockchain Review Most financial data from hereon has been collected on 02/14/2020
  • 3. Blockchain Review - Details Anonymous Users (Wallet Address) (0x12a56b78c…) Immutable Ledger of txns (Stored in “Blocks”) Ledger is distributed Ledger is append-only
  • 4. Blockchain Review - Bank Comparison Users -> Wallet Addresses Transactions -> Immutable Blocks Distributed Network Append-only ledger ● Bank Account numbers are tied to an identity. ● Closest is transactions in/among accounts. This system can be tricked, however. ● There is a centralized/decentralized financial system ● Banks may have a mutable database Blockchain Banks
  • 5. It All Began With Bitcoin..
  • 6. Blockchain Review - Bitcoin ● 03 January 2009 Bitcoin was created (the year I graduated HS) ● Mystery creator(s) named “Satoshi Nakamoto” ● A form of virtual currency -- BTC ● Current price of $10,474.70; most expensive ~$20,000! ● 17.85 Million bitcoins in supply ● “Simple” style: anonymous, immutable, append-only ledger; distributed among a peer-to-peer network
  • 8. Ethereum on The Rise? Recent Events. Over the past week (02/14/2020)... ● $168 1 month ago. $117.10 . %68.60 ● The number of active Ethereum addresses has grown by 21.5% ● Transactions have increased by 13.2% ● JPMorgan is in talks to merge its open source Ethereum-based blockchain Quorum with Ethereum startup ConsenSys Disclaimer: I am not advocating investing in any cryptocurrency
  • 9. ● Ethereum was created July 30th, 2015. ● Creators were Vitalik Buterin and others ● A form of virtual currency -- ETH ● Highest value was $334. ● 107 Million ETH in supply ● “Simple” style: anonymous, immutable, append-only ledger; distributed among a peer-to-peer network ● ...BUT, also has what is called Decentralized Applications (DApps), or in Ethereum lingo, Smart Contracts ○ “Just” programs ○ Contracts are not all that complex ○ Primarily written in Solidity ○ Compiled to bytecode ○ Deployed to network ○ Ethereum Virtual Machine (EVM) ○ Contracts can act as a mediary by interacting with users Blockchain Review - Ethereum
  • 10. Ethereum Review - Smart Contract Properties Contracts are similar to other programs: ● Name: 0x3023868433F6086cd8CE0C4083fe2E11B37ce0B7 ● A user can call a contract; a contract can call other contracts on the blockchain (i.e., programs can call programs) But also are very unique: ● Can hold money inside of them ( tracked by the blockchain ) ● Can send money to wallet or contract addresses ● Can take out middlemen: ○ Trust funds, New forms of currency/assets (“Tokens”), Buying a house, receiving a deed, gambling, gaming…
  • 11. Ethereum Review - Solidity Language ● The main language to write these contracts in is Solidity -- a horribly insecure language! ● Here are a listing of different ways to mess up (vulnerabilities): ○ Integer Arithmetic ○ Floating Point Arithmetic ○ Reentrancy ○ Access Control ■ Default Visibility ■ Authentication With tx.origin ■ Signature Verification ■ Unprotected Functions ○ Code Injection via delegatecall ○ Signature Replay Attacks ○ Unchecked External Calls ■ Insufficient Gas Attacks ○ DOS ■ Unexpected Revert ■ Block Gas Limit ■ External Calls without Gas Stipends ■ Offline Owner ...Not Very Solid
  • 12. Ethereum Review - Solidity Language ● Dirty Higher Order Bits ● Complex Modifiers ● Outdated Compiler ● Use of Deprecated Solidity Functions ● Experimental Language Features ● Frontend (Off Chain) Attacks ○ Short Address Attack ● Historic Attacks ○ Constructor Names ○ Call Depth Attack ○ Constantinople Reentrancy ○ Solidity Abi Encoder v2 Bug ● References ● Entropy Illusion ● Privacy Illusion ● Miner Attacks ○ Transaction Ordering ○ Timestamp Manipulation ● Unexpected Ether ● External Contract Referencing ● Uninitialized Storage Pointers ● Writes to Arbitrary Storage Locations ● Incorrect Interface ● Arbitrary Jumps with Function Variables ● Variable Shadowing ● Assert Violation
  • 13. Blockchain Review - Historical Losses ● Launched April 2016 ● Raised $150M+...in a single address! ● There was a recursive bug -- a “reentrancy bug” ● ~$60M drained from the contract ● Authors reset the chain to an earlier date and fixed the bug ○ A non-immutable act The DAO ((Almost)Loss: June, 2016) Fairwin ((Almost)Loss: Oct. 2019) ● Launched July 2019 ● Once contained $10.5 Mil of ETH ● Multiple bugs -- including the owner of the contract being able to siphon all money out of it ● Loss also (likely) avoided; due to calls to pull out of this contract by the security community
  • 15. Blockchain Review - Details ● A weakness in software systems. ● For example (Integer Overflow) ○ A variable overflows, but is not checked or used in that context. ● Program behaves unexpectedly, but no damages incurred. ● Exploits are attacks which leverage vulnerabilities. ● For example, an Integer Underflow that leads to a bank account amount being flipped to a balance of $2,147,483,647. Vulnerability Exploit
  • 16. ● Always a vulnerability and part of an exploit ● The Unprotected Self destruct vulnerability is where a function contains a self destruct call and is public (with no additional logic to stop anyone from executing the self destruct call). ● Can send all the ETH inside of a contract to a specified address before permanently deleting a contracts bytecode on the network. ● In the above code, the method has been declared public, which means anybody can call it (line 1). Furthermore, the person who called it is sent any available ETH in the contract before the bytecode is self-destructed (line 2). Unprotected Self Destruct 1 function close() public { 2 selfdestruct(msg.sender); // send available ETH to the contract invoker 3 } Figure 1 - UNSAFE Self Destruct Example 1 function close() public { 2 if (msg.sender == owner) // caller is owner 3 selfdestruct(msg.sender); // send available ETH to the contract invoker 4 } Figure 2 - SAFE Self Destruct Example
  • 17. pragma solidity ^0.6.0; contract MyFaultyContract { address owner = 0x7a2afF8E576ce73bF775Eb2D8E443098c82261eA; function kill() public{ require(msg.sender == owner); // only owner may kill our function! selfdestruct(msg.sender); } function setOwner() public { // Anyone can be owner! owner = msg.sender; } /* Code included for demo */ function seeOwner() public view returns (address){ return owner; } } Self Destruct Demo (A real contract)
  • 19. Registry Why not put information about vulnerable contracts in a public database for others to see?
  • 20. ● There is NO insurance for Ethereum Wallet Address or Contracts (FDIC, SPIC) ● There exists currently NO official Consumer Report-like, VirusTotal-like, or BBB-like agency to tell users what contracts to avoid ● 50% of general Smart Contract flaws and 78% of the most important flaws can be discovered with static and dynamic analysis!¹ ● Symbolic execution is such a method and detects a wide range of vulnerabilities! ● These vulnerabilities can be programmatically discovered and the output parsed to fit in a database. State Of The Art ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
  • 21. Why a Digital Registry? ● Tools can be cumbersome and filled with technical jargon only CS majors or enthusiasts understand ● Tools may not be widely known or advertised to people...individuals don’t know of these tools ● Owners and users of vulnerable contracts cannot be contacted any other way! ○ As mentioned, everything is anonymous on the blockchain ● Getting results takes TIME, ELECTRICITY, and MONEY. ● Contracts can be given a rating indicating levels of risk ○ Like the BBB, Consumer Reports rating system ○ Can use multiple opinions from varying engines (VirusTotal) ● There is a need for a rating of the technologies themselves ○ Mythril, for example, gives erroneous output in Self Destruct Vulnerabilities… ● Vulnerability names need to be unified… ○ E.g., is “Accessible Self Destruct” comparable to “Unprotected Self Destruct”? ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
  • 22. Why a Digital Registry? ● Users can search a contract before using it ● Vulnerable contracts are less likely to fill up with ETH and cause a giant exploit later on ● Users can remove their funds from insecure contracts ● Developers are more aware of problematic codebases ● Developers can redeploy new contracts with reduced bugs and divert their users to that contract ● Increases user confidence in a contract and Ethereum as a whole. ● ... ₁ TrailOfBits, a security auditing and consulting company https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/
  • 23. Similar Work ● Consumer Reports, VirusTotal, BBB. ● haveibeenpwned.com ● Contract-library.org ● A rating system - http://ethtrust.org/ ● …? Downside to decentralization: little centralized resource listings
  • 24. What Is Symbolic Execution And Mythril Execution?
  • 25. Symbolic Execution Walkthrough What if the `if` branch was “Send all ETH to the caller’s address”?
  • 27. Symbolic Execution Walkthrough - Mythril ● Mythril discovers a total of 16 vulnerabilities ● Bytecode is disassembled, then LASER -- A Symbolic VM that can run EVM Instructions (not bytecode) -- is used to find vulnerable states ● Mythril is able to traverse all possible states for common vulnerabilities ● States that pose a vulnerability are discovered and then proved ● Mythril proves possible paths by using Z3, an automatic Theorem Prover, to prove or disprove the reachability of a certain state Theorem Proving Paths
  • 28. Integer Overflow and Integer Underflow An overflow/underflow happens when an arithmetic operationreaches the maximum or minimum size of a type. E.g., uint8 = 2^8.Overflow could cause if statements to be false when true. Exception State (Assert violation) Flow control reaches a failing Assert() statement. External Call To User-Supplied Address (Reentrancy) A contract calls an external contract that the callee of the contractprovides, opening up the possibility for a reentrancy bug. External Call To Fixed Address (Reentrancy) A contract calls an external contract that the contract has hardcoded,opening the possibility for a reentrancy bug. Delegatecall Proxy To User-Supplied Address (DelegateCALL tountrusted Contract/Callee) A contract uses [address].delegatecall(). Code at target address isexecuted in the context of the calling contract; contract can changelocal storage or drain contract of balance. Dependence on predictable environment variable ● Detects Weak Randomness ● And Timestamp Dependence Numbers controlled by miners are a bad source of randomness asminers can control the output, and by association a variable that isusing that number.
  • 29. Use of tx.origin (Use of Deprecated Functions) A deprecated function. May lead to unintended side effects. Unprotected Ether Withdrawal (Ether Thief) Function(s) is not protected with the potential net effect being anyparty may withdraw ETH from the contract. Multiple Calls in a Single Transaction (DOS With Failed Call) If an external call fails accidentally or deliberately, a DoS conditioncan result in the contract as a contract is waiting for a call to return. State change after external call (Reentrancy) A contract may call back into the calling contract before the firstinvocation finishes. This could result in undesirable consequences. Unprotected Selfdestruct (Unprotected Selfdestruct) Any party can call the function that has a self-destruct in itscontract. Unchecked Call Return Value (Unchecked Call Return Value) Return values of a message call must be checked to see if anexception was thrown. Otherwise, the program will continue despitea failed call.
  • 30. Use of callcode (Use of Deprecated Functions) A deprecated function. May lead to unintended side effects. Jump to an arbitrary instruction (Arbitrary Jump with Function TypeVariable) A developer may use assembly instruction mstore or the assignoperator, an attacker may point a function type variable to any codeinstruction. Jump to an arbitrary line (Arbitrary Jump with Function Type Variable) A developer may use assembly instruction mstore or the assignoperator, an attacker may point a function type variable to any codeinstruction. Write to an arbitrary storage slot (SWC: Write to an Arbitrary StorageLocation) A contract may write to an arbitrary storage location, which couldhouse the contract owners address for example. An attacker couldbe renamed the contract owner.
  • 32. Data Collection ● The registry service was built by interacting with a GETH node to discover contract addresses ● Multiple machines were spun up in Google Cloud Platform ● Each machine ran a Python program that spawned ~10 threads to spawn docker containers where each container was given an address to run the image of Mythril ● Output was separated into bins (i.e., exceptions, errors, or Mythril Output). ● Mythril Output was then parsed to derive each vulnerable contract and its vulnerabilities that were inserted as a row in a table, forming a vulnerable contracts table. https://github.com/ConsenSys/mythril
  • 33.
  • 35. Results ● ~50 days of compute time ● 3,046,140 contracts from the 0-9 millionth block ● Achieved partial analysis through the blockchain 0-~8.4 millionth block ● 797,384 contracts had vulnerabilities in them ● ~%26+ of Ethereum contracts have vulnerabilities ○ didn’t complete analysis up to 9 millionth block ○ live contracts with exploits is a smaller number, and thus a higher ratio ○ time limit constraints on symbolic execution (1 hour) likely yielded less results ○ higher transaction (“call”) count could yield more vulnerabilities (default is 2 in Mythril) ● 1,224,486 vulnerabilities within those 797,384 contracts ● 2,580,565 ETH at risk* ○ $430,128,605 in USD (1/19/2020) * Ether at risk is defined as any contract with money and an exploit(s) inside
  • 40. The Registry - http://haveibeenexploited.com
  • 41. Discussion ● A number of bugs in Mythril cast doubt on some results ○ Self Destructs are not always reliable ○ But the registry is still an important idea ● Some ethical concerns in allowing people to find these contracts. However, a similar system already exists (contract-library.com) and this has not upset the system. ● More analysis needs to be done to detect true enduring patterns and know the security of the blockchain. ● ...But generally the blockchain is pretty safe and is increasing in popularity! ○ Jan 4th, 2018: 1.3 million transactions! the most transactions in 24 hours
  • 42. Future Work ● Finish analysis ● Include other engines ○ Akin to virustotal.com ● Automate analysis, parsing, updating of database ● Rating system ○ Based off multiple engines ○ Based of what each engine thinks is severe ● Run deeper transactional analysis on vulnerable contracts (default in Mythril is 2 transactions) ● Collect Z3 outputs from Mythril, sort by high ETH, and determine if exploit exists. ● Update Website (Aesthetics, Cloud Run, etc.). Oyente Manticore echidna
  • 43. Special Thanks ● I owe special thanks to Professor of Computer Science Dr. Wu-chang Feng. Without Dr. Feng, I would not have had any knowledge to work with in Blockchain or in Cloud Computing, both of whose subject knowledge this thesis relied heavily on. Furthermore, without his additional guidance in crafting this thesis, I would have gotten into many sticky situations, which were ultimately avoided. ● Finally, thanks must go to the two funders of this project. The first, The National Science Foundation (NSF) grant Curricula and CTF Exercises for Teaching Smart Fuzzing and Symbolic Execution (#1821841). The second source, the Google Faculty Research Grant, which generously gave $5,000 worth of cloud research credits for Google Cloud Platform use. Without the NSF grant and compute resources afforded by these Google Cloud credits, this project would not exist at its current level of maturity. ● I owe another thanks to the Ethereum Foundation for connecting me with a community -- -- the ETHSecurity Community Telegram channel --to ask questions and gain informational resources.
  • 44. References https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/ https://arxiv.org/pdf/1911.07567.pdf https://www.coinbase.com/price/ethereum https://cointelegraph.com/news/five-signs-that-ethereum-is-having-its-moment-right-now https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities https://thefengs.com/wuchang/courses/cs410b/slides//05a_SymbolicExecution.pdf https://www.google.com/imghp?hl=en https://www.cryptoglobe.com/latest/2019/08/ethereums-total-supply-has-added-35-million-eth-in-three-years/ https://blockgeeks.com/how-many-bitcoins-are-there/ https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities https://media.consensys.net/ethereum-by-the-numbers-3520f44565a9