The Sword of Damocles: Upgradeable Smart Contract in EthereumICPCICPC Full paperVirtual-Talk
Although smart contracts are immutable once they are deployed, the reality is that they need upgrades to fix bugs or add new features. Nowadays, there are a few upgrade methods in Ethereum, some of which can change the contract without changing the contract address that users interact with. This upgrade way increases potential danger and results in users’ distrust, because it may secretly change the function of the contract and cause users financial loss. We examine two of these upgrade methods, i.e., proxy pattern and metamorphic contract. For the proxy pattern, we propose a bytecode-based method for detecting these upgradeable contracts, which achieves a 99.23% F1-score. We use the bytecode-based method to detect the contracts in the first 12 million blocks of Ethereum and find 127,753 upgradeable contracts. For the metamorphic contracts, we employ an Ethereum replay tool to replay the transactions and find the metamorphic contracts according to the SELFDESTRUCT and CREATE2 instructions. We find that 64.3% of the contracts upgraded using this way are malicious MEV bots. Finally, we summarize the reasons for smart contract upgrades and make development recommendations
Tue 16 AprDisplayed time zone: Lisbon change
14:00 - 15:30 | New Frontiers - Virtual Reality, Mobile Apps, Smart Contracts, and LLMsEarly Research Achievements (ERA) / Tool Demonstration / Research Track / at Sophia de Mello Breyner Andresen Chair(s): Sonia Haiduc Florida State University | ||
14:00 10mTalk | The Sword of Damocles: Upgradeable Smart Contract in EthereumICPCICPC Full paperVirtual-Talk Research Track Yuan Huang School of Data and Computer Science, Sun Yat-sen University, Guangzhou, China, Xiaoyuan Wu Sun Yat-sen University, Quanqi Wang Sun Yat-sen University, Ziang Qian Sun Yat-sen University, Xiangping Chen Sun Yat-sen University, Mingdong Tang Guangdong University of Foreign Studies, Zibin Zheng Sun Yat-sen University | ||
14:10 10mTalk | Collaborative Software Exploration with Multimedia Note Taking in Virtual RealityICPCICPC Full paper Research Track Adrian Hoff IT University of Copenhagen, Mircea Lungu IT University, Copenhagen, Christoph Seidl IT University of Copenhagen, Michele Lanza Software Institute - USI, Lugano Pre-print Media Attached | ||
14:20 10mTalk | No Source Code? No Problem! Demystifying and Detecting Mask Apps in iOSICPCICPC Full paper Research Track Yijun Zhao Institute of Information Engineering, Chinese Academy of Sciences, Lingjing Yu Institute of Information Engineering, Chinese Academy of Sciences, Yong Sun Institute of Information Engineering, Chinese Academy of Sciences, Qingyun Liu Institute of Information Engineering, Chinese Academy of Sciences, Bo Luo The University of Kansas Pre-print | ||
14:30 10mTalk | How do Hugging Face Models Document Datasets, Bias, and Licenses? An Empirical StudyICPCICPC Full paper Research Track Federica Pepe University of Sannio, Vittoria Nardone University of Molise, Antonio Mastropaolo Università della Svizzera italiana, Gabriele Bavota Software Institute @ Università della Svizzera Italiana, Gerardo Canfora University of Sannio, Massimiliano Di Penta University of Sannio, Italy Pre-print | ||
14:40 8mTalk | Capturing and Understanding the Drift Between Design, Implementation, and DocumentationICPCICPC ERA Paper Early Research Achievements (ERA) Joseph Romeo Software Institute - USI, Lugano, Switzerland, Marco Raglianti Software Institute - USI, Lugano, Csaba Nagy Software Institute - USI, Lugano, Michele Lanza Software Institute - USI, Lugano Pre-print | ||
14:48 8mTalk | Immersive Software Archaeology: Collaborative Exploration and Note Taking in Virtual RealityICPCICPC Tools Tool Demonstration Adrian Hoff IT University of Copenhagen, Mircea F. Lungu University of Groningen, Christoph Seidl IT University of Copenhagen, Michele Lanza Software Institute - USI, Lugano Pre-print Media Attached | ||
14:56 34mTalk | New Frontiers - Virtual Reality, Mobile Apps, Smart Contracts, and LLMs: Panel with SpeakersICPC Discussion |