Automated Repair of Vulnerable Smart Contracts

Develop and evaluate methods for automated synthesis of correct, gas-minimized, repairs for vulnerable smart contracts
Master

Smart contracts or automated contracts are computer programs that are used to manage and control the transfer of assets between parties under certain conditions. They currently underpin many interesting online commercial transactions which are typically running on the top of blockchain systems. One of the key attributes of smart contracts is their ability to automatically execute transactions without the need for involving third parties. While this automation may reduce the transaction cost significantly and allow parties to preserve the privacy of their transaction, there is a serious risk for the assets of parties to be stolen due to existing unfixed vulnerabilities in the executed smart contract.

Generating correct, gas-minimized repairs for vulnerable smart contracts is highly desirable from both security and financial perspectives. This is mainly due to the observation that smart contracts are typically used to transfer valuable assets among parties and that gas (the execution fee of smart contract transactions) costs real money. The key difference between smart contract repair and traditional program repair is that the cost of generated repairs for a given vulnerable smart contract can have a major impact on the feasibility of the repaired contract. The generated patches for a buggy smart contract might be correct but infeasible to be used for commercial transactions. This happens when the patch consumes a significantly large amount of gas and thus leads to expensive transactions. It is therefore necessary to reduce the repairing cost of a buggy contract and also the possibility of introducing new out-of-gas exceptions. This would generally increase the overall computational complexity of the repair problem.

In general, it is difficult to estimate the gas usage of smart contracts accurately before executing them: the gas cost of a smart contract depends on a number of parameters including memory cost, stack cost, and storage cost in addition to the instructions’ costs. This makes the gas estimation process both complex and expensive in particular when repairing vulnerable smart contracts that exhibit loops with complex behavior.

Goal

The first goal of this project is to extend the current test-based repair techniques for smart contracts to handle a wide range of security vulnerabilities. In general, it is difficult for test-based repair approaches (dynamic repair approaches) to ensure the correctness of the generated patches for a given buggy smart contract. The test suite in real-world smart contracts is usually too weak to be used as a correctness specification and therefore the precision of such repair approaches is generally low (i.e., most of generated plausible patches are incorrect).

The second goal of the project is to integrate gas-awareness into the repair process of smart contracts without directly analyzing the gas usage of the generated candidate patches. This can be performed by organizing the constructed patch space of the detected vulnerability in a way such that low-cost repairs receive higher priority than high-cost repairs. Furthermore, developers need to manually verify the correctness of generated patches. This is indeed a tedious and time-consuming task. So the third goal of this work is to fully automate the validation process of generated patches for smart contracts.

Learning outcome

  • Applying fundamental program analysis techniques to develop efficient, flexible, and scalable repair systems for smart contracts that can deal with a wide variety of vulnerabilities.
  • Applying static analysis techniques to identify gas-costly patterns in smart contracts and using them to develop effective search strategies for the patch space of detected vulnerabilities such that low-cost repairs receive higher priority in the search order than high-cost repairs.
  • Collecting, analyzing, and formalizing known correct repair patterns for recurring classes of vulnerabilities from available reliable repositories of patched vulnerable smart contracts.
  • Applying semantic-preserving gas optimization transformation rules to reduce the overall gas usage for the obtained valid patches.

Qualifications

Necessary:

  • interested in devising automated program repair techniques
  • good programming skills
  • background in software engineering

Desired:

  • knowledge of blockchains and smart contracts
  • background in formal analysis techniques including static program analysis
  • experience with contemporary SMT solvers
  • good project management skills

Supervisors

  • Omar Al-Bataineh
  • Leon Moonen

References

  • Loi Luu, Duc-Hiep Chu, Hrishi Olickel, Prateek Saxena , and Aquinas Hobor. Making smart contracts smarter. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, 2016. doi.org/10.1145/2976749.2978309
  • Xiao Liang Yu, Omar Al-Bataineh, David Lo, and Abhik Roychoudhury. Smart contract repair. In ACM Transactions on Software Engineering and Methodology (TOSEM). 2020. doi.org/10.1145/3402450
  • Ting Chen, Xiaoqi Li, Xiapu Luo, and Xiaosong Zhang. Under-optimized smart contracts devour your money. In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2017. doi.org/10.1109/SANER.2017.7884650

Contact person