Security reinforcement for Ethereum virtual machine
Introduction
Ethereum is considered as the second large blockchain system in the world. Ethereum expands the blockchain concept with smart contracts. Smart contracts are the programs running on the Ethereum blockchain. In order to execute the smart contracts, Ethereum provides Ethereum Virtual Machine (EVM) to parse the source code of the contracts into an opcode sequence defined by Ethereum. Each node in Ethereum blockchain needs an EVM to execute the contracts properly and process the transactions. However, attacks on the smart contracts deployed on Ethereum platform are widespread and could cause a significant loss of money.
Many researchers attempted to improve the robustness of smart contracts with the customization of traditional testing techniques such as fuzzing and symbolic execution (melonproject, 2018, mythril-classic, 2018, trailofbits, 2018a). However, in real industry practice, we find that existing tools may miss some vulnerabilities hidden in the deep path of smart contracts. For example, we run ContractFuzzer on a contract with a known timestamp error for 2 h, but the bug was not detected. It is challenging for those techniques working on smart contract level to ensure security. The first is that testing before the deployment of smart contracts is not complete. It is not easy to explore all situations and paths, and the false positive and false negative cases would result in big potential issues. Another challenge is that the contract cannot be altered once after being deployed on Ethereum, and testing tools of smart contracts cannot protect the deployed contracts.
In this paper, instead of working on the vulnerability detection at the smart contract level, we propose EVM* to reinforce the underlying EVM implementations, which could hunt and interrupt the dangerous transactions in real time. The reinforced EVM* consists of three steps: monitoring strategy definition, opcode-structure maintenance and EVM instrumentation. Monitoring strategy definition provides the detail constraints and rules to decide whether there is a dangerous operation such as integer overflow during the execution of transactions. Opcode-structure maintenance is to maintain a structure to store the interesting opcodes and parameters related to the strategy definition. EVM instrumentation is to insert the monitoring strategy, interrupting mechanism and the opcode-structure operations in the original EVM source code. Then, the reinforced EVM* could monitor all the transactions and stop dangerous transactions with the predefined interrupt mechanism in real time.
We need to solve two main challenges during the EVM* design and implementation. The first is to define the strategies accurately because incorrect monitoring strategies would result in serious false positives and false negatives. The second is to ensure the monitoring with tolerable overhead because huge overhead or resource consumption would limit the practical usage of the EVM*. Furthermore, EVM* should be scalable to different EVM implementations and vulnerability types.
For evaluation, we implement EVM* on two widely used EVMs: js-evm (ethereumjs, 2018a) which is implemented in JavaScript, and FISCO-BCOS-evm (http://www.fisco-bcos.org. (Accessed 23 August 2019)) which is implemented in C++. We implement four common monitoring strategies (integer overflow, timestamp dependency, delegatedcall to an untrusted callee and send with insufficient gas) and throw an exception when encountered an unsafe action. A stack is implemented to store the strategy related opcodes as well as the operands. 100 real world smart contracts are collected with known bugs. Then we made a dangerous transaction on each contract on the original EVM and the reinforced EVM*. None of the dangerous transactions could be stopped by the original EVMs, while all the dangerous transactions on the reinforced EVM* could be interrupted successfully. For the time overhead, the reinforced EVM* with all the four monitoring strategies is slower than the original EVMs by 33.52%, and the reinforced EVM* with only one monitoring strategy ranges is slower for about 22.16%–28.98%.
Our main contributions lay on the following aspects:
- (1)
We proposed a framework of reinforcing EVMs to prevent dangerous transactions in real time, which is scalable for different EVM platforms such as cpp-evm and js-evm, and different types of bug such as integer overflow and timestamp dependency error.
- (2)
We implemented the reinforced EVM* on two widely used EVMs, js-evm and FISCO-BCOS-evm to protect the transactions from 4 common types of smart contract vulnerabilities. The reinforced FISCO-BCOS-evm has been integrated into the official release version 2.0 of FISCO-BCOS1 in WeBank Company.
- (3)
We evaluated the effectiveness of the original EVMs and the reinforced EVM*. The reinforced EVM* could successfully stop all dangerous transactions from execution with a tolerable time overhead.
Section snippets
Related work
In recent years, blockchain systems have been applied in various software systems, especially in information systems (Baniata et al., 2021, Berdik et al., 2021, Campanile et al., 2021, Chen et al., 2020b, Esposito et al., 2021, Hardin et al., 2020, Jing et al., 2021, Khalid et al., 2021, Li et al., 2020, Oham et al., 2021, Putz et al., 2021, Yu et al., 2021, Zhao et al., 2020). The security of the blockchain system has attracted the attention of many researchers. We discuss the most related
Motivating example
In this section, we illustrate the motivation of this work with a real contract. The code listed in Listing 1 shows an example of a lottery game.
The game chooses winners who have the genius number. If nobody has the genius number, there is no winner in this game. Function choose_genius_number randomly chooses a string as the genius number which is the hash value of the current timestamp. The second function set_player_nums set the number of a certain player. The number is chosen by the players
Reinforcement methodology EVM*
Different from existing work trying to detect vulnerabilities at the smart contract level, EVM* applies run-time verification to monitor and interrupt dangerous transactions at the EVM level. The reinforced EVM* contains three main components, as presented in Fig. 2. The monitoring strategy component refers to the definition that whether an opcode sequence is dangerous and how to stop a dangerous transaction. Engineers can define the rules for the vulnerabilities they want to support. The
Evaluation
In our evaluation of the reinforced EVM*, we will answer the following research questions:
Q1. Can the reinforced EVM* platform detect vulnerabilities in transactions and stop the vulnerable executions?
Q2. What is the time overhead of the reinforced EVM* on executing different transactions?
Conclusion
In this work, we proposed the framework EVM* to protect the transactions on Ethereum from being attacked. The reinforced EVM* can make up for the current testing tools and stop the execution of dangerous transactions in real time. For the time overhead, reinforced EVM* is slower than the original one by 20%–30% in average. EVM* could still be used to monitor some other vulnerabilities which are not only from the execution of smart contracts. Furthermore, the proposed framework has been proved
CRediT authorship contribution statement
Fuchen Ma: Conceptualization, Methodology, Writing - original draft, Software. Meng Ren: Software, Data curation. Ying Fu: Software, Validation. Mingzhe Wang: Software, Investigation. Huizhong Li: Supervision. Houbing Song: Validation, Writing - reviewing. Yu Jiang: Supervision, Writing - reviewing.
Acknowledgment
This research is sponsored in part by the NSFC Program (No. 62022046, U1911401, 61802223), National Key Research and Development Project (Grant No. 2019YFB1706200).
References (35)
Survey on blockchain for information systems management and security
Information Processing & Management
(2021)Designing a GDPR compliant blockchain-based IoV distributed information tracking system
Information Processing & Management
(2021)An incentive-aware blockchain-based solution for internet of fake media things
Information Processing & Management
(2020)An incentive-aware blockchain-based solution for internet of fake media things
Information Processing & Management
(2020)Blockchain-based authentication and authorization for smart city applications
Information Processing & Management
(2021)Transaction-based classification and detection approach for Ethereum smart contract
Information Processing & Management
(2021)A blockchain-based code copyright management system
Information Processing & Management
(2021)A blockchain based incentive provisioning scheme for traffic event validation and information storage in VANETs
Information Processing & Management
(2021)B-FERL: Blockchain based framework for securing smart vehicles
Information Processing & Management
(2021)EtherTwin: Blockchain-based secure digital twin information management
Information Processing & Management
(2021)
Latency performance modeling and analysis for hyperledger fabric blockchain network
Information Processing & Management
A novel Dual-Blockchained structure for contract-theoretic LoRa-based information systems
Information Processing & Management
Blockchain-based privacy-preserving remote data integrity checking scheme for IoT information systems
Information Processing & Management
PF-BTS: A Privacy-Aware Fog-enhanced Blockchain-assisted task scheduling
Information Processing & Management
Vandal: A scalable security analysis framework for smart contracts
Cited by (24)
Past, present, and future of the application of machine learning in cryptocurrency research
2022, Research in International Business and FinanceSolGuard: Preventing external call issues in smart contract-based multi-agent robotic systems
2021, Information SciencesThe Ethereum Blockchain: Implementation and Security Aspects
2024, Advances in Information SecurityPioneering automated vulnerability detection for smart contracts in blockchain using KEVM: Guardian ADRGAN
2024, International Journal of Information SecurityZt &t: secure service session management using blockchain-based tokens in zero trust networks.
2024, Annales des Telecommunications/Annals of Telecommunications