Smart Contract Repair

12 Dec 2019  ·  Xiao Liang Yu, Omar Al-Bataineh, David Lo, Abhik Roychoudhury ·

Smart contracts are automated or self-enforcing contracts that can be used to exchange money, property, or anything of value without having to place trust in third parties. Many commercial transactions presently make use of smart contracts due to their potential benefits in enabling parties to engage in secure peer-to-peer transactions independent of external parties. They do so by transferring trust to computer programs (smart contracts), raising the question of whether these programs can be fully trusted. However, the code can be complex and may behave in many different unexpected or malicious ways due to poorly written or vulnerable smart contracts. Furthermore, in the case of smart contracts on the blockchain, they are typically open to (malicious) agents which can interact with it in various ways. Experience shows that many commonly used smart contracts are vulnerable to serious malicious attacks which may enable attackers to steal valuable assets of involved parties. There is therefore a need to apply analysis techniques to detect and repair bugs in smart contracts before being deployed. In this work, we present the first automated smart contracts repair approach that is gas-optimized and vulnerability-agnostic. Our repair method is search-based and considers the gas usage of the candidate patches via leveraging our novel notation of \emph{gas dominance relationship}. Our approach can be used to optimise the overall security and reliability of smart contracts against malicious attackers.

PDF Abstract


Software Engineering Cryptography and Security 68N15 D.1.2


  Add Datasets introduced or used in this paper