DelegateTracker: Delegatecall Vulnerability Detection Tool Based on Read-Write Data Flow Capture Algorithm
Delegatecall vulnerability, as one of the most cunning vulnerabilities, has caused great trouble to the development of smart contracts. Aiming at the high false-positive rate of detection results of existing smart contract vulnerability detection tools and the irrationality of delegatecall by discarding, this paper innovatively proposes a delegatecall vulnerability detection tool DelegateTracker. It is based on the delegatecall vulnerability detection logic of the read-write data flow capture algorithm, and through the attack path search module to determine the execution path of the function that can modify the state variables in the called contract, to prove the necessary conditions for the existence of the vulnerability, and then through the attack path validation module to prove the sufficient conditions for the existence of the vulnerability, so as to discover the vulnerability. The tool not only successfully corroborates the existence of delegatecall vulnerabilities in Parity Wallet, but also discovers untriggered delegatecall vulnerabilities and their trigger paths among them. We used DelegateTracker to discover for the first time a caller contract with a delegatecall vulnerability on 1 existing public chain, outputting 3 attack paths with a value of 0.19 ETH. In addition, we use DelegateTracker to analyze 12,402 smart contracts for alerts when called by delegatecall, and find that 215 contracts have delegatecall vulnerabilities and output caller warning messages.
Fri 26 JulDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
10:45 - 12:00 | Session 1 - Smart Contract SecurityResearch Track at The ballroom B Chair(s): Ruidong Zhang University of Wisconsin-Eau Claire | ||
10:45 15mPaper | ACOFuzz: an Ant Colony Algorithm-based Fuzzer for Smart Contracts Research Track Peixuan Feng Henan Key Laboratory of Network Cryptography Technology, Wenrui Cao Henan Key Laboratory of Network Cryptography Technology, Siqi Lu Henan Key Laboratory of Network Cryptography Technology, Yongjuan Wang Henan Key Laboratory of Network Cryptography Technology, Haoyuan Xue Henan Key Laboratory of Network Cryptography Technology, Runnan Yang Henan Armed Police Corps Hospital | ||
11:00 15mPaper | DelegateTracker: Delegatecall Vulnerability Detection Tool Based on Read-Write Data Flow Capture Algorithm Research Track Peixuan Feng Henan Key Laboratory of Network Cryptography Technology, Wenrui Cao Henan Key Laboratory of Network Cryptography Technology, Siqi Lu Henan Key Laboratory of Network Cryptography Technology, Yongjuan Wang Henan Key Laboratory of Network Cryptography Technology, Xiangyu Wang Henan Key Laboratory of Network Cryptography Technology, Runnan Yang Henan Armed Police Corps Hospital | ||
11:15 15mPaper | SoK: On the Security of Non-Fungible Tokens Research Track Kai Ma , Jintao Huang Huazhong University of Science and Technology, Ningyu He Peking University, Zhuo Wang , Haoyu Wang Huazhong University of Science and Technology | ||
11:30 15mPaper | To Healthier Ethereum: A Comprehensive and Iterative Smart Contract Weakness Enumeration Research Track Jiachi Chen Sun Yat-sen University, Mingyuan Huang Sun Yat-sen University, Zewei Lin Sun Yat-sen University, Peilin Zheng Sun Yat-sen University, Zibin Zheng Sun Yat-sen University | ||
11:45 15mPaper | DeFi Risk Assessment: MakerDAO Loan Portfolio Case Research Track Ignat Melnikov Skolkovo Institute of Science and Technology; Blockchain Laboratory, Sberbank PJSC, Irina Lebedeva Skolkovo Institute of Science and Technology, Blockchain Laboratory, Sberbank PJSC, Artem Petrov Blockchain Laboratory, Sberbank PJSC; Blockchain Department, Moscow Institute of Physics and Technology, Yury Yanovich Skolkovo Institute of Science and Technology; Faculty of Computer Science, HSE University | ||