CrossFuzz: Cross-contract fuzzing for smart contract vulnerability detection

Context:: Smart contracts are computer programs that run on a blockchain. As the functions implemented by smart contracts become increasingly complex, the number of cross -contract interactions within them also rises. Consequently, the combinatorial explosion of transaction sequences poses a significant challenge for smart contract security vulnerability detection. Existing static analysis -based methods for detecting cross -contract vulnerabilities suffer from high false -positive rates and cannot generate test cases, while fuzz testing -based methods exhibit low code coverage and may not accurately detect security vulnerabilities. Objective:: The goal of this paper is to address the above limitations and efficiently detect crosscontract vulnerabilities. To achieve this goal, we present CrossFuzz, a fuzz testing -based method for detecting cross -contract vulnerabilities. Method:: First, CrossFuzz generates parameters of constructors by tracing data propagation paths. Then, it collects inter -contract data flow information. Finally, CrossFuzz optimizes mutation strategies for transaction sequences based on inter -contract data flow information to improve the performance of fuzz testing. Results:: We implemented CrossFuzz, which is an extension of ConFuzzius, and conducted experiments on a real -world dataset containing 396 smart contracts. The results show that CrossFuzz outperforms xFuzz, a fuzz testing -based tool optimized for cross -contract vulnerability detection, with a 10.58% increase in bytecode coverage. Furthermore, CrossFuzz detects 1.82 times more security vulnerabilities than ConFuzzius. Conclusion:: Our method utilizes data flow information to optimize mutation strategies. It significantly improves the efficiency of fuzz testing for detecting cross -contract vulnerabilities.