Uncover the Premeditated Attacks: Detecting Exploitable Reentrancy Vulnerabilities by Identifying Attacker Contracts
Proceedings of the IEEE/ACM 46th International Conference on Software Engineering(2024)
Abstract
Reentrancy, a notorious vulnerability in smart contracts, has led to millions
of dollars in financial loss. However, current smart contract vulnerability
detection tools suffer from a high false positive rate in identifying contracts
with reentrancy vulnerabilities. Moreover, only a small portion of the detected
reentrant contracts can actually be exploited by hackers, making these tools
less effective in securing the Ethereum ecosystem in practice.
In this paper, we propose BlockWatchdog, a tool that focuses on detecting
reentrancy vulnerabilities by identifying attacker contracts. These attacker
contracts are deployed by hackers to exploit vulnerable contracts
automatically. By focusing on attacker contracts, BlockWatchdog effectively
detects truly exploitable reentrancy vulnerabilities by identifying reentrant
call flow. Additionally, BlockWatchdog is capable of detecting new types of
reentrancy vulnerabilities caused by poor designs when using ERC tokens or
user-defined interfaces, which cannot be detected by current rule-based tools.
We implement BlockWatchdog using cross-contract static dataflow techniques
based on attack logic obtained from an empirical study that analyzes attacker
contracts from 281 attack incidents. BlockWatchdog is evaluated on 421,889
Ethereum contract bytecodes and identifies 113 attacker contracts that target
159 victim contracts, leading to the theft of Ether and tokens valued at
approximately 908.6 million USD. Notably, only 18 of the identified 159 victim
contracts can be reported by current reentrancy detection tools.
MoreTranslated text
Key words
Software and its engineering →Software verification and validation,Smart Contract,Dataflow Analysis,Reentrancy,Attacker Identification,Ethereum
AI Read Science
Must-Reading Tree
Example
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined