ABSTRACT
Being a new kind of software leveraging blockchain to execute real contracts, smart contracts are in great demand due to many advantages. Ethereum is the largest blockchain platform that supports smart contracts by running them in its virtual machine. To ensure that a smart contract will terminate eventually and prevent abuse of resources, Ethereum charges the developers for deploying smart contracts and the users for executing smart contracts. Although our previous work shows that under-optimized smart contracts may cost more money than necessary, it just lists 7 anti-patterns and the detection method for 3 of them. In this paper, we conduct the first in-depth investigation on such under-optimized smart contracts. We first identify 24 anti-patterns from the execution traces of real smart contracts. Then, we design and develop GasReducer, the first tool to automatically detect all these anti-patterns from the bytecode of smart contracts and replace them with efficient code through bytecode-to-bytecode optimization. Using GasReducer to analyze all smart contracts and their execution traces, we detect 9,490,768 and 557,565,754 anti-pattern instances in deploying and invoking smart contracts, respectively.
- S. Bansal and A. Aiken. 2006. Automatic generation of peephole superoptimizers. In Proc. ASPLOS. Google ScholarDigital Library
- S. Bansal and A. Aiken. 2008. Binary translation using peephole superoptimizers. In Proc. OSDI. Google ScholarDigital Library
- K. Bhargavan and et al. 2016. Formal Verification of Smart Contracts: Short Paper. In Proc. PLAS. Google ScholarDigital Library
- T. Chen, X. Li, X. Luo, and X. Zhang. 2017. Under-optimized smart contracts devour your money. In Proc. SANER.Google Scholar
- T. Chen, X. Li, Y. Wang, J. Chen, Z. Li, X. Luo, M. Au, and X. Zhang. 2017. An Adaptive Gas Cost Mechanism for Ethereum to Defend Against Under-Priced DoS Attacks. In Proc. ISPEC.Google Scholar
- L. Luu, D. H. Chu, H. Olickel, P. Saxena, and A. Hobor. 2016. Making smart contracts smarter. In Proc. CCS. Google ScholarDigital Library
- Angela Ruth. 2016. Why build decentralized applications: understanding Dapp. (2016). https://goo.gl/U5RBSsGoogle Scholar
- Jeffrey Wilcke. 2016. The Ethereum network is currently undergoing a DoS attack. (2016). https://goo.gl/QvW7KjGoogle Scholar
- G. Wood. 2016. Ethereum: a secure decentralised transaction ledger, EIP-150 revision. (2016). http://gavwood.com/paper.pdfGoogle Scholar
Recommendations
ContractFuzzer: fuzzing smart contracts for vulnerability detection
ASE '18: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software EngineeringDecentralized cryptocurrencies feature the use of blockchain to transfer values among peers on networks without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreements while ...
Making Smart Contracts Smarter
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityCryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has ...
Characterizing and Detecting Gas-Inefficient Patterns in Smart Contracts
AbstractEthereum blockchain is a new internetware with tens of millions of smart contracts running on it. Different from general programs, smart contracts are decentralized, tamper-resistant and permanently running. Moreover, to avoid resource abuse, ...
Comments