Supporting the most popular cryptocurrency, the Bitcoin platform allows its transactions to be programmable via its scripts. Defects in Bitcoin scripts will make users lose their bitcoins. However, there are few studies on the defects of Bitcoin scripts. In this paper, we conduct the first systematic investigation on the defects of Bitcoin scripts through three steps, including defect definition, defect detection, and exploitation tracing. First, we define 6 typical defects of scripts in the Bitcoin history, namely unbinded-txid, useless-sig, uncertain-sig, simple-key, impossible-key, and never-true. Three are inspired by the community, and three are new from us. Second, we develop a tool to discover Bitcoin scripts with any of typical defects based on symbolic execution and enhanced by historical exact scripts. By analyzing all Bitcoin transactions from Oct. 2009 to Aug. 2022, we find that 383,544 transaction outputs are paid to the Bitcoin scripts with defects. The total amount of them is 3,115.43 BTC, which is around 60 million dollars at present. Third, in order to trace the exploitation of the defects, we instrument the Bitcoin VM to record the traces of the real-world spending transactions of the buggy scripts. We find that 84,130 output scripts are exploited. The implementation and non-harmful datasets are released.
| Slides (bshunter_icse223.pdf) | 4.29MiB |
Wed 17 MayDisplayed time zone: Hobart change
11:00 - 12:30 | Blockchain/smart contractsTechnical Track / DEMO - Demonstrations / SEIP - Software Engineering in Practice / Journal-First Papers at Meeting Room 106 Chair(s): Yi Li Nanyang Technological University | ||
11:00 15mTalk | SmartMark: Software Watermarking Scheme for Smart Contracts Technical Track Taeyoung Kim Sungkyunkwan University, Yunhee Jang Sungkyunkwan University, Chanjong Lee Sungkyunkwan University, Hyungjoon Koo Sungkyunkwan University, hyoungshick kim Sungkyunkwan University | ||
11:15 15mTalk | Turn the Rudder: A Beacon of Reentrancy Detection for Smart Contracts on Ethereum Technical Track Zibin Zheng School of Software Engineering, Sun Yat-sen University, Neng Zhang School of Software Engineering, Sun Yat-sen University, Jianzhong Su Sun Yat-sen University, Zhijie Zhong School of Software Engineering, Sun Yat-sen University, Mingxi Ye Sun Yat-sen University, Jiachi Chen School of Software Engineering, Sun Yat-sen University Pre-print | ||
11:30 15mTalk | BSHUNTER: Detecting and Tracing Defects of Bitcoin Scripts Technical Track Peilin Zheng Sun Yat-sen University, Xiapu Luo The Hong Kong Polytechnic University, Zibin Zheng School of Software Engineering, Sun Yat-sen University Pre-print File Attached | ||
11:45 15mTalk | DAppHunter: Identifying Inconsistent Behaviors of Blockchain-based Decentralized Applications SEIP - Software Engineering in Practice Jianfei Zhou University of Electronic Science and Technology of China, Jiang Tianxing , Haijun Wang Ant Group, Meng Wu Ant Group, Ting Chen University of Electronic Science and Technology of China | ||
12:00 15mTalk | Evolutionary Approach for Concurrency Testing of Ripple Blockchain Consensus Algorithm SEIP - Software Engineering in Practice Martijn van Meerten Delft University of Technology, Burcu Kulahcioglu Ozkan Delft University of Technology, Annibale Panichella Delft University of Technology | ||
12:15 7mTalk | Siguard: Detecting Signature-Related Vulnerabilities in Smart Contracts DEMO - Demonstrations Jiashuo Zhang Peking University, China, Yue Li Peking University, Jianbo Gao Peking University, Zhi Guan Peking University, Zhong Chen | ||
12:22 7mTalk | Storage State Analysis and Extraction of Ethereum Blockchain Smart Contracts Journal-First Papers Maha Ayub Information Technology University (ITU) Lahore, Pakistan, Tania Saleem Information Technology University (ITU) Lahore, Pakistan, Muhammad Umar Janjua Information Technology University (ITU) Lahore, Pakistan, Talha Ahmed Information Technology University (ITU) Lahore, Pakistan | ||