Programming errors enable security attacks on smart contracts, which are used to manage large sums of financial assets. Automated program repair (APR) techniques aim to reduce developers’ burden of manually fixing bugs by automatically generating patches for a given issue. Existing APR tools for smart contracts focus on mitigating typical smart contract vulnerabilities rather than violations of functional specification. However, in decentralized financial (DeFi) smart contracts, the inconsistency between intended behavior and implementation translates into the deviation from the underlying financial model, resulting in irrecoverable monetary losses for the application and its users. In this work, we propose DeFinery—a technique for automated repair of a smart contract that does not satisfy a user-defined correctness property, financial or otherwise. To explore a larger set of diverse patches while providing formal correctness guarantees w.r.t. the intended behavior, we combine search-based patch generation with semantic analysis of an original program for inferring its specification. Our experiments in repairing nine real-world and benchmark smart contracts reveal that DeFinery efficiently navigates the search space and generates higher-quality patches that cannot be obtained by other smart contract APR tools.
Wed 12 OctDisplayed time zone: Eastern Time (US & Canada) change
13:30 - 15:30 | Technical Session 13 - Application DomainsNIER Track / Research Papers / Journal-first Papers at Ballroom C East Chair(s): Andrea Stocco Università della Svizzera italiana (USI) | ||
13:30 20mResearch paper | A Hybrid Approach for Inference between Behavioral Exception API Documentation and Implementations, and Its Applications Research Papers Hoan Anh Nguyen Amazon, Hung Phan , Samantha Syeda Khairunnesa Bradley University, Son Nguyen The University of Texas at Dallas, Aashish Yadavally University of Texas at Dallas, Shaohua Wang New Jersey Institute of Technology, Hridesh Rajan Iowa State University, Tien N. Nguyen University of Texas at Dallas | ||
13:50 10mVision and Emerging Results | Property-Based Automated Repair of DeFi Protocols NIER Track Palina Tolmach Nanyang Technological University, Singapore, Institute of High Performance Computing, Agency for Science, Technology and Research (A*STAR), Singapore, Yi Li Nanyang Technological University, Singapore, Shang-Wei Lin Nanyang Technological University Pre-print | ||
14:00 20mResearch paper | Automatically Detecting Visual Bugs in HTML5 <canvas> Games Research Papers Finlay Macklon University of Alberta, Mohammad Reza Taesiri University of Alberta, Markos Viggiato University of Alberta, Stefan Antoszko University of Alberta, Natalia Romanova Prodigy Education, Dale Paas Prodigy Education, Cor-Paul Bezemer University of Alberta | ||
14:20 10mVision and Emerging Results | Reflecting on Recurring Failures in IoT Development NIER Track | ||
14:30 20mResearch paper | Empirical Study of System Resources Abused by IoT AttackersVirtual Research Papers Zijing Yin Tsinghua University, Yiwen Xu Tsinghua University, Chijin Zhou Tsinghua University, Yu Jiang Tsinghua University | ||
14:50 20mPaper | Large-Scale Empirical Study of Inline Assembly on 7.6 Million Ethereum Smart ContractsVirtual Journal-first Papers Xiao Peng China EverBright Bank, Shuwei Song University of Electronic Science and Technology of China, Xiao Peng China EverBright Bank, Xiapu Luo Hong Kong Polytechnic University, Xiao Peng China EverBright Bank, Xiao Peng China EverBright Bank, Ting Chen University of Electronic Science and Technology of China, Jiachi Chen Sun Yat-Sen University, Tao Zhang Macau University of Science and Technology (MUST), Xiaosong Zhang University of Electronic Science and Technology of China Link to publication DOI | ||
15:10 20mResearch paper | Accelerating OCR-Based Widget Localization for Test Automation of GUI ApplicationsVirtual Research Papers Ju Qian Nanjing University of Aeronautics and Astronautics, Yingwei Ma Nanjing University of Aeronautics and Astronautics, Chenghao Lin Nanjing University of Aeronautics and Astronautics, Lin Chen Nanjing University | ||