SmartBugs: A Framework to Analyze Solidity Smart Contracts
Over the last few years, there has been substantial research on automated analysis, testing, and debugging of Ethereum smart contracts. However, it is not trivial to compare and reproduce that research.
To address this, we present SmartBugs, an extendable and easy-to-use execution framework that simplifies the execution of analysis tools on smart contracts written in Solidity, the primary language used in Ethereum.
SmartBugs is currently distributed with support for 10 tools and two datasets of Solidity contracts. The first dataset can be used to evaluate the precision of analysis tools, as it contains 143 annotated vulnerable contracts with 208 tagged vulnerabilities. The second dataset contains 47,518 unique contracts collected through Etherscan.
We discuss how SmartBugs supported the largest experimental setup to date both in the number of tools and in execution time. Moreover, we show how it enables easy integration and comparison of analysis tools by presenting a new extension to the tool Smartcheck that improves substantially the detection of vulnerabilities related to the DASP10 categories Bad Randomness, Time Manipulation, and Access Control (identified vulnerabilities increased from 11% to 24%).
Thu 24 Sep Times are displayed in time zone: (UTC) Coordinated Universal Time change
|09:10 - 09:30|
Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts
|09:30 - 09:50|
Bodin ChinthanetNara Institute of Science and Technology, Serena Elisa PontaSAP Security Research, Henrik PlateSAP Security Research, Antonino SabettaSAP Security Research, Raula Gaikovina KulaNAIST, Takashi IshioNara Institute of Science and Technology, Kenichi MatsumotoNara Institute of Science and Technology
|09:50 - 10:00|
|10:20 - 10:25|
|10:25 - 10:30|
EXPRESS: An Energy-Efficient and Secure Framework for Mobile Edge Computing and Blockchain based Smart Systems
|10:30 - 10:35|
|10:35 - 10:40|
RepoSkillMiner: Identifying software expertise from GitHub repositories using Natural Language Processing
Efstratios KourtzanidisUniversity Of Macedonia, Alexander ChatzigeorgiouUniversity of Macedonia, Apostolos AmpatzoglouUniversity of MacedoniaPre-print Media Attached File Attached
|10:40 - 10:45|
|10:45 - 10:50|
GUI2WiRe: Rapid Wireframing with a Mined and Large-Scale GUI Repository using Natural Language Requirements
|10:50 - 11:20|