CDHF: Coordination Driven Hybrid Fuzzing for EOSIO Smart Contracts
Vulnerabilities in EOSIO smart contracts have caused significant economic losses. Although some approaches have been proposed to detect these vulnerabilities, they often face several limitations, such as inefficiency in path exploration, insufficient diversity of test cases, and path explosion, which collectively reduce code coverage and detection accuracy. Currently, there is a lack of hybrid fuzzing techniques specifically designed for EOSIO smart contracts to address these issues. To fill this gap, we propose a coordination-driven hybrid fuzzing approach for discovering vulnerabilities in EOSIO smart contracts. Our method employs a scheduling strategy using an online linear regression model based on stochastic gradient descent to reduce the edge redundancy detection in hybrid fuzzing and enhance the efficiency of path exploration during symbolic execution. Additionally, a synchronization strategy based on constraint domain abstraction and random walk sampling ensures uniform sampling in simplified scenarios, thus improving code coverage and mitigating path explosion. Furthermore, we design a function-level mutation strategy to rapidly diversify test cases in the seed pool, facilitating the efficiency of detecting vulnerabilities. We implement our method in a tool named CDHF and evaluate it on 3,440 smart contracts. Experimental results indicate that CDHF can detect vulnerabilities more precisely and efficiently, achieving an approximate 20% improvement in code coverage compared to WASAI.