OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine
As Ethereum continues to thrive, the Ethereum Virtual Machine (EVM) has become the cornerstone powering tens of millions of active smart contracts. Intuitively, security issues in EVMs could lead to inconsistent behaviors among smart contracts or even denial-of-service of the entire blockchain network. However, to the best of our knowledge, only a limited number of studies focus on the security of EVMs. Moreover, they suffer from 1) insufficient test input diversity and invalid semantics; and 2) the inability to automatically identify bugs and locate root causes. To bridge this gap, we propose OpDiffer, a differential testing framework for EVM, which takes advantage of LLMs and static analysis methods to address the above two limitations. We have conducted the largest-scale evaluation, covering nine EVMs and uncovering 26 previously unknown bugs, 22 of which have been confirmed by developers and three have been assigned CNVD IDs. Compared to state-of-the-art baselines, OpDiffer can improve the code coverage by at most 108.18% and 410.85%, respectively. Through analysis of Ethereum contracts, we estimate that 7.21% of real-world deployed contracts could trigger our identified EVM bugs under certain environmental settings, leading to severe negative impact to the Ethereum ecosystem.
Fri 27 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
16:00 - 17:15 | Smart Contracts 2Research Papers at Cosmos 3B Chair(s): Zhenbang Chen College of Computer, National University of Defense Technology | ||
16:00 25mTalk | OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine Research Papers Jie Ma Beihang University; Zhongguancun Laboratory, Ningyu He Hong Kong Polytechnic University, Jinwen Xi , Mingzhe Xing Zhongguancun Laboratory, Haoyu Wang Huazhong University of Science and Technology, Ying Gao School of Cyber Science and Technology, Beihang University; Zhongguancun Laboratory, Yinliang Yue Zhongguancun Laboratory DOI | ||
16:25 25mTalk | Why Does My Transaction Fail? A First Look at Failed Transactions on the Solana Blockchain Research Papers Xiaoye Zheng Zhejiang University, Zhiyuan Wan Zhejiang University, David Lo Singapore Management University, Difan Xie Hangzhou High-Tech Zone (Binjiang) Institute of Blockchain and Data Security, Xiaohu Yang Zhejiang University DOI | ||
16:50 25mTalk | Automated Attack Synthesis for Constant Product Market Makers Research Papers DOI Pre-print |
Cosmos 3B is the second room in the Cosmos 3 wing.
When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.