How Effective Are Smart Contract Analysis Tools? Evaluating Smart Contract Static Analysis Tools using Bug Injection
Security attacks targeting smart contracts have been on the rise, which have led to financial loss and erosion of trust. Therefore, it is important to enable developers to discover security vulnerabilities in smart contracts before deployment. A number of static analysis tools have been developed for finding security bugs in smart contracts. However, despite the numerous bug-finding tools, there is no systematic approach to evaluate the proposed tools and gauge their effectiveness. This paper proposes SolidiFI, an automated and systematic approach for evaluating smart contracts’ static analysis tools. SolidiFI is based on injecting bugs (i.e., code defects) into all potential locations in a smart contract to introduce targeted security vulnerabilities. SolidiFI then checks the generated buggy contract using the static analysis tools, and identifies the bugs that the tools are unable to detect (false-negatives) along with identifying the bugs reported as false-positives. SolidiFI is used to evaluate six widely-used static analysis tools, namely, Oyente, Securify, Mythril, SmartCheck, Manticore and Slither, using a set of 50 contracts. It finds several instances of bugs that are not detected by the evaluated tools despite their claims of being able to detect such bugs, and all the tools report many false positives.
Wed 22 JulDisplayed time zone: Tijuana, Baja California change
12:10 - 13:10
STATIC ANALYSIS AND SEARCH-BASED TESTINGTechnical Papers at Zoom
Chair(s): Daniel Kroening University of Oxford
Public Live Stream/Recording. Registered participants should join via the Zoom link distributed in Slack.
|How Effective Are Smart Contract Analysis Tools? Evaluating Smart Contract Static Analysis Tools using Bug Injection|
Asem Ghaleb , Karthik Pattabiraman University of British ColumbiaDOI Media Attached
|A Programming Model for Semi-implicit Parallelization of Static Analyses|
Dominik Helm TU Darmstadt, Germany, Florian Kübler TU Darmstadt, Germany, Jan Thomas Kölzer , Philipp Haller KTH Royal Institute of Technology, Michael Eichberg TU Darmstadt, Germany, Guido Salvaneschi Technische Universität Darmstadt, Mira Mezini Technische Universität DarmstadtDOI
|Recovering Fitness Gradients for Interprocedural Boolean Flags in Search-Based Testing|
Yun Lin National University of Singapore, Jun Sun Singapore Management University, Gordon Fraser University of Passau, Ziheng Xiu , Ting Liu Xi'an Jiaotong University, Jin Song Dong National University of SingaporeDOI Pre-print Media Attached