Smart contract vulnerabilities have attracted lots of concerns due to the resultant financial losses. Matching-based detection methods extrapolating known vulnerabilities to unknown have proven to be effective in other platforms. However, directly adopting the technique to smart contracts is obstructed by two issues, i.e., diversity of bytecode generation resulting from the rapid evolution of compilers and interference of noise code easily caused by the homogeneous business logics. To address the problems, we propose contract bytecode-oriented normalization and slicing techniques to augment bytecode matching. Specifically, we conduct data- and instruction-level normalizations to uniform the bytecode generated by different compilers, and enforce contract-specific slicing by tracking data- and control-flows with simulated bytecode executions to prune the noise code as far as possible. Based on the above techniques, we design an unsupervised graph embedding algorithm to encode the code graphs into quantitatively comparable vectors. The potentially vulnerable smart contracts can be identified by measuring the similarities between their vectors and known vulnerable ones. Our evaluations have shown the efficiency (0.47 seconds per contract on average), effectiveness (160 verified true positives) and high precision (91.95% for top-ranked). It is worth noting that, we also identify dozens of honeypot contracts, further demonstrating the capability of our method.

中文翻译：

---

通过基于图嵌入的字节码匹配来寻找易受攻击的智能合约


智能合约漏洞由于造成的经济损失而引起了很多关注。将已知漏洞推断为未知漏洞的基于匹配的检测方法已被证明在其他平台上是有效的。然而，将该技术直接应用于智能合约会受到两个问题的阻碍：编译器的快速发展导致字节码生成的多样性以及同质业务逻辑容易造成噪声代码的干扰。为了解决这些问题，我们提出了面向合约字节码的规范化和切片技术来增强字节码匹配。具体来说，我们进行数据和指令级标准化，以统一不同编译器生成的字节码，并通过模拟字节码执行跟踪数据和控制流来强制执行特定于合约的切片，以尽可能修剪噪声代码。基于上述技术，我们设计了一种无监督图嵌入算法，将代码图编码为定量可比的向量。可以通过测量其向量与已知易受攻击的智能合约之间的相似性来识别潜在易受攻击的智能合约。我们的评估显示了效率（平均每个合约 0.47 秒）、有效性（160 个已验证的真阳性）和高精度（排名第一的为 91.95%）。值得注意的是，我们还识别了数十个蜜罐合约，进一步证明了我们方法的能力。