Practical Mitigation of Smart Contract Bugs
CoRR(2022)
Abstract
In spite of their popularity, developing secure smart contracts remains a challenging task. Existing solutions are either impractical as they do not support many complex real-world contracts or leave the burden to developers for fixing bugs. In this paper, we propose the first practical smart contract compiler, called HCC, which automatically inserts security hardening checks at the source-code level. HCC develops a code property graph (CPG) to model control-flows and data-flows of a given smart contract. Due to the CPG notation, HCC can be applied to various smart contract platforms and programming languages. We demonstrate the effectiveness of this approach on Ethereum's Solidity smart contracts and show that it efficiently mitigates reentrancy and integer bugs. We also show how to integrate HCC within other blockchain platforms such as Hyperledger Fabric. Our evaluation on 10k real-world contracts demonstrates that HCC is highly practical and effective.
MoreTranslated text
Key words
smart contract bugs,mitigation
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined