Security reinforcement for Ethereum virtual machine

doi:10.1016/j.ipm.2021.102565

Information Processing & Management

Volume 58, Issue 4, July 2021, 102565

https://doi.org/10.1016/j.ipm.2021.102565 Get rights and content

Highlights

•
Detect dangerous transactions on blockchain in real time.
•
Support for 4 common types of smart contract vulnerabilities.
•
The reinforced EVM* has been implemented on two widely used EVMs, js-evm and FISCO-BCOS-evm.

Abstract

Smart contracts are more sensitive from a security perspective than other software due to several reasons. First, smart contracts are immutable thus cannot be easily patched once deployed. Second, smart contracts are directly tied to payments and can hold millions of dollars’ worth of digital currencies. Third, smart contracts are still a new practice thus do not have best coding practices and development lifecycles tailored for decentralized apps yet. Even though several testing and verification tools have been developed, smart contract vulnerabilities remain a clear and present danger. In this paper, we present an approach that is different from existing ones that attempt to eliminate vulnerabilities from smart contracts. Instead, we fortify Ethereum virtual machines (EVM) to stop dangerous transactions once vulnerabilities are detected in real-time. Since proving programs written in Turing-complete languages is undecidable, our approach complements current approaches by catching vulnerabilities and interrupts their executions during runtime. We have implemented our reinforcement on two widely used EVMs (js-evm and FISCO-BCOS-evm). The reinforced EVMs detects and interrupts all the vulnerabilities, 20% of them missed by testing tools, in 100 real smart contracts. Our approach is practical with less than 34% overhead. In fact, the reinforced FISCO-BCOS-evm has been integrated into the official release of FISCO-BCOS adopted by a large Chinese bank — WeBank.

Introduction

Ethereum is considered as the second large blockchain system in the world. Ethereum expands the blockchain concept with smart contracts. Smart contracts are the programs running on the Ethereum blockchain. In order to execute the smart contracts, Ethereum provides Ethereum Virtual Machine (EVM) to parse the source code of the contracts into an opcode sequence defined by Ethereum. Each node in Ethereum blockchain needs an EVM to execute the contracts properly and process the transactions. However, attacks on the smart contracts deployed on Ethereum platform are widespread and could cause a significant loss of money.

Many researchers attempted to improve the robustness of smart contracts with the customization of traditional testing techniques such as fuzzing and symbolic execution (melonproject, 2018, mythril-classic, 2018, trailofbits, 2018a). However, in real industry practice, we find that existing tools may miss some vulnerabilities hidden in the deep path of smart contracts. For example, we run ContractFuzzer on a contract with a known timestamp error for 2 h, but the bug was not detected. It is challenging for those techniques working on smart contract level to ensure security. The first is that testing before the deployment of smart contracts is not complete. It is not easy to explore all situations and paths, and the false positive and false negative cases would result in big potential issues. Another challenge is that the contract cannot be altered once after being deployed on Ethereum, and testing tools of smart contracts cannot protect the deployed contracts.

In this paper, instead of working on the vulnerability detection at the smart contract level, we propose EVM* to reinforce the underlying EVM implementations, which could hunt and interrupt the dangerous transactions in real time. The reinforced EVM* consists of three steps: monitoring strategy definition, opcode-structure maintenance and EVM instrumentation. Monitoring strategy definition provides the detail constraints and rules to decide whether there is a dangerous operation such as integer overflow during the execution of transactions. Opcode-structure maintenance is to maintain a structure to store the interesting opcodes and parameters related to the strategy definition. EVM instrumentation is to insert the monitoring strategy, interrupting mechanism and the opcode-structure operations in the original EVM source code. Then, the reinforced EVM* could monitor all the transactions and stop dangerous transactions with the predefined interrupt mechanism in real time.

We need to solve two main challenges during the EVM* design and implementation. The first is to define the strategies accurately because incorrect monitoring strategies would result in serious false positives and false negatives. The second is to ensure the monitoring with tolerable overhead because huge overhead or resource consumption would limit the practical usage of the EVM*. Furthermore, EVM* should be scalable to different EVM implementations and vulnerability types.

For evaluation, we implement EVM* on two widely used EVMs: js-evm (ethereumjs, 2018a) which is implemented in JavaScript, and FISCO-BCOS-evm (http://www.fisco-bcos.org. (Accessed 23 August 2019)) which is implemented in C++. We implement four common monitoring strategies (integer overflow, timestamp dependency, delegatedcall to an untrusted callee and send with insufficient gas) and throw an exception when encountered an unsafe action. A stack is implemented to store the strategy related opcodes as well as the operands. 100 real world smart contracts are collected with known bugs. Then we made a dangerous transaction on each contract on the original EVM and the reinforced EVM*. None of the dangerous transactions could be stopped by the original EVMs, while all the dangerous transactions on the reinforced EVM* could be interrupted successfully. For the time overhead, the reinforced EVM* with all the four monitoring strategies is slower than the original EVMs by 33.52%, and the reinforced EVM* with only one monitoring strategy ranges is slower for about 22.16%–28.98%.

Our main contributions lay on the following aspects:

(1)
We proposed a framework of reinforcing EVMs to prevent dangerous transactions in real time, which is scalable for different EVM platforms such as cpp-evm and js-evm, and different types of bug such as integer overflow and timestamp dependency error.
(2)
We implemented the reinforced EVM* on two widely used EVMs, js-evm and FISCO-BCOS-evm to protect the transactions from 4 common types of smart contract vulnerabilities. The reinforced FISCO-BCOS-evm has been integrated into the official release version 2.0 of FISCO-BCOS¹ in WeBank Company.
(3)
We evaluated the effectiveness of the original EVMs and the reinforced EVM*. The reinforced EVM* could successfully stop all dangerous transactions from execution with a tolerable time overhead.

Section snippets

Related work

In recent years, blockchain systems have been applied in various software systems, especially in information systems (Baniata et al., 2021, Berdik et al., 2021, Campanile et al., 2021, Chen et al., 2020b, Esposito et al., 2021, Hardin et al., 2020, Jing et al., 2021, Khalid et al., 2021, Li et al., 2020, Oham et al., 2021, Putz et al., 2021, Yu et al., 2021, Zhao et al., 2020). The security of the blockchain system has attracted the attention of many researchers. We discuss the most related

Motivating example

In this section, we illustrate the motivation of this work with a real contract. The code listed in Listing 1 shows an example of a lottery game.

The game chooses winners who have the genius number. If nobody has the genius number, there is no winner in this game. Function choose_genius_number randomly chooses a string as the genius number which is the hash value of the current timestamp. The second function set_player_nums set the number of a certain player. The number is chosen by the players

Reinforcement methodology EVM*

Different from existing work trying to detect vulnerabilities at the smart contract level, EVM* applies run-time verification to monitor and interrupt dangerous transactions at the EVM level. The reinforced EVM* contains three main components, as presented in Fig. 2. The monitoring strategy component refers to the definition that whether an opcode sequence is dangerous and how to stop a dangerous transaction. Engineers can define the rules for the vulnerabilities they want to support. The

Evaluation

In our evaluation of the reinforced EVM*, we will answer the following research questions:

Q1. Can the reinforced EVM* platform detect vulnerabilities in transactions and stop the vulnerable executions?

Q2. What is the time overhead of the reinforced EVM* on executing different transactions?

Conclusion

In this work, we proposed the framework EVM* to protect the transactions on Ethereum from being attacked. The reinforced EVM* can make up for the current testing tools and stop the execution of dangerous transactions in real time. For the time overhead, reinforced EVM* is slower than the original one by 20%–30% in average. EVM* could still be used to monitor some other vulnerabilities which are not only from the execution of smart contracts. Furthermore, the proposed framework has been proved

CRediT authorship contribution statement

Fuchen Ma: Conceptualization, Methodology, Writing - original draft, Software. Meng Ren: Software, Data curation. Ying Fu: Software, Validation. Mingzhe Wang: Software, Investigation. Huizhong Li: Supervision. Houbing Song: Validation, Writing - reviewing. Yu Jiang: Supervision, Writing - reviewing.

Acknowledgment

This research is sponsored in part by the NSFC Program (No. 62022046, U1911401, 61802223), National Key Research and Development Project (Grant No. 2019YFB1706200).

References (35)

BerdikDavid
Survey on blockchain for information systems management and security
Information Processing & Management
(2021)
CampanileLelio
Designing a GDPR compliant blockchain-based IoV distributed information tracking system
Information Processing & Management
(2021)
ChenQian
An incentive-aware blockchain-based solution for internet of fake media things
Information Processing & Management
(2020)
ChenQian
An incentive-aware blockchain-based solution for internet of fake media things
Information Processing & Management
(2020)
EspositoChristian
Blockchain-based authentication and authorization for smart city applications
Information Processing & Management
(2021)
HuT.
Transaction-based classification and detection approach for Ethereum smart contract
Information Processing & Management
(2021)
JingNan
A blockchain-based code copyright management system
Information Processing & Management
(2021)
KhalidAdia
A blockchain based incentive provisioning scheme for traffic event validation and information storage in VANETs
Information Processing & Management
(2021)
OhamChuka
B-FERL: Blockchain based framework for securing smart vehicles
Information Processing & Management
(2021)
PutzBenedikt
EtherTwin: Blockchain-based secure digital twin information management
Information Processing & Management
(2021)

XuXiaoqiong

Latency performance modeling and analysis for hyperledger fabric blockchain network

Information Processing & Management

(2021)

YuGuangsheng

A novel Dual-Blockchained structure for contract-theoretic LoRa-based information systems

Information Processing & Management

(2021)

ZhaoQuanyu

Blockchain-based privacy-preserving remote data integrity checking scheme for IoT information systems

Information Processing & Management

(2020)

Amani, Sidney, et al. (2018). Towards verifying ethereum smart contract bytecode in Isabelle/HOL. In CPP...

BaniataHamza

PF-BTS: A Privacy-Aware Fog-enhanced Blockchain-assisted task scheduling

Information Processing & Management

(2021)

Bhargavan, K., Delignat-Lavaud, A., & Fournet, C. (2016). Short paper: Formal verification of smart contracts ACM 2016...

BrentLexi

Vandal: A scalable security analysis framework for smart contracts

(2018)

Cited by (24)

Transforming agricultural supply chains: Leveraging blockchain-enabled java smart contracts and IoT integration
2024, ICT Express
The proposed idea is to give all the agricultural stakeholders secure storage. We must automate several processes utilizing brilliant codes to reduce risks and errors. The suggested schema applies Blockchain, source codes, and IoT on a farm network to enhance the analysis of agrarian datasets and tracking products to raise the productivity of agro-based supply chains. The application’s architecture will fix the faults found in earlier research. In the suggested method, sensors give us information about the environment. The Blockchain ledger stores our data in blocks. We create special agricultural automated codes in the treatment layer to automate task decisions.
Past, present, and future of the application of machine learning in cryptocurrency research
2022, Research in International Business and Finance
Cryptocurrency has captured the interest of financial scholars and become a major research topic in blockchain. In cryptocurrency research, the use of machine learning algorithms is enabled by the presence of many types of data and abundant resources. However, there is currently no comprehensive review on cryptocurrencies using machine learning. Therefore, we collect papers on cryptocurrency-related using machine learning in the web of science database, and summarize these papers according to the algorithm, and draw the following conclusions: (1) The application of machine learning for cryptocurrencies research is increasing year over year; (2) Predicting cryptocurrency price trends and income fluctuations is the most relevant research topic; (3) The machine learning algorithm utilized in cryptocurrency research is not unique, and the practise of combining multiple machine learning approaches has emerged; (4) Concerns such as overfitting and interpretability still persist with machine learning methods. Finally, we suggest future research directions.
SolGuard: Preventing external call issues in smart contract-based multi-agent robotic systems
2021, Information Sciences
In the new era of blockchain-based multi-agent robotic systems, smart contract programs perform an influential role in implementing decentralized applications with required task allocations. Smart contract programs are developed using script-type of programming languages, and they have already deployed several vulnerable patterns without proper testing and audit. We studied Solidity smart contracts running on the Ethereum platform and identified that they had been exploited because of several programming issues, especially using low-level external calls to malicious sources. Since smart contracts are immutable after their deployment to autonomous multi-robot systems, they should be tested to fix possible development phase issues. We implemented a prototype plugin called SolGuard by extending the solhint linter to prevent three critical issues related to Solidity smart contract programs’ usage of external calls. The SolGuard plugin checks state variable order in the smart contracts, participation of delegatecall invocations, address type parameters in the smart contract’s constructor, and denial of service patterns. We empirically evaluate the SolGuard plugin with existing popular static analysis tools. Our results indicate that SolGuard outperformed the baseline tools in terms of efficiency and accuracy.
The Ethereum Blockchain: Implementation and Security Aspects
2024, Advances in Information Security
Pioneering automated vulnerability detection for smart contracts in blockchain using KEVM: Guardian ADRGAN
2024, International Journal of Information Security
Zt &t: secure service session management using blockchain-based tokens in zero trust networks.
2024, Annales des Telecommunications/Annals of Telecommunications

View all citing articles on Scopus

View full text