Unlock instant, AI-driven research and patent intelligence for your innovation.

Intelligent contract defect triggering detection method and system based on defect abstracts

A smart contract and detection method technology, applied in the direction of error detection/correction, platform integrity maintenance, software testing/debugging, etc., can solve the code defects of the detection results, reduce the validity of the detection results, and can not describe the security of smart contracts well status quo and other issues to achieve the effect of protecting safety

Active Publication Date: 2020-05-08
BEIJING INSTITUTE OF TECHNOLOGYGY +1
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A static analysis cannot describe the security status of smart contracts well
And because the existing detection methods do not take into account the specific values ​​when the smart contract is executed during the detection process, it may lead to a large number of potential code defects in the detection results. Since the triggering of these defects requires specific conditions, the detection results are reduced. The effectiveness of the system security risk prediction and prevention reference is very limited
[0006] Since the smart contracts deployed on the blockchain system cannot be modified, these smart contracts cannot be repaired after they are found to be flawed, which leads to a large number of flawed smart contracts in Ethereum

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent contract defect triggering detection method and system based on defect abstracts
  • Intelligent contract defect triggering detection method and system based on defect abstracts
  • Intelligent contract defect triggering detection method and system based on defect abstracts

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment 1

[0088] The detection process of a smart contract defect triggerability detection method based on defect summary is:

[0089] Step 1. For the defects of the smart contract to be detected, define the defect trigger constraint conditions (the defect trigger constraint conditions are fixed); the contract symbol σs represents the contract execution stack, INS represents the currently executed instruction and defines related functions, The related functions include: zero extension function ZeroExt, sign extension function SignExt and unsigned number comparison function UGT, etc.

[0090] Take the unsigned number comparison function UGT as an example. When the first parameter is greater than the second parameter, UGT returns true, otherwise it returns false; for example, the defect trigger condition of the subtraction overflow of uint256 data can be expressed as:

[0091] {INS == SUB, UGT(σs[1],σs[0])}

[0092] Step 2. Select any symbolic execution tool to extract the path constraint set T w...

specific Embodiment 2

[0103] The detection process of a smart contract defect triggerability detection method based on defect summary is as follows:

[0104] Step 1: Select the open source tool Oyente as the symbolic execution tool;

[0105] Step 2: Use the open source tool ethereumetl to obtain the smart contract existing in Ethereum as a test case;

[0106] Step 3: Use Oyente for symbolic execution of all test cases, and obtain the defect summary of each test case;

[0107] Step 4: When the contract call for the smart contract in the test case occurs, obtain the state data of the smart contract and the contract call data;

[0108] Step 5: Use real data to replace the symbols in the path constraint and defect trigger condition constraint obtained by symbolic execution with real values;

[0109] Step 6: For path constraints and defect trigger condition constraints whose symbols are replaced with real values, perform constraint solving through Z3, and calculate whether all constraints have solutions;

[0110] S...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an intelligent contract defect triggering detection method and a system based on defect abstracts, and the method comprises the steps: carrying out the defect detection of a to-be-detected intelligent contract, and extracting one or more defect abstracts; when the intelligent contract is called, obtaining a real-time contract state data set and a contract calling data set;replacing a preset initial symbol value in each defect abstract of the smart contract by using the real-time state data and the call data; and solving the defect abstract after the symbol is replaced,and if the path constraint and the defect triggering condition constraint of the defect abstract have solutions at the same time, detecting that the defect is triggered when the smart contract is called. According to the method, the defect abstract, the real-time state data of the intelligent contract and the contract calling data are combined to quickly judge the triggers of the defects in the intelligent contract, so that the problem of high false alarm caused by the fact that real data is not considered in existing intelligent contract defect detection can be solved, and the accuracy of intelligent contract defect detection is improved.

Description

Technical field [0001] The present invention relates to the technical field of Ethereum smart contract and program defect detection, in particular to a method and system for detecting the triggerability of smart contract defects based on defect summary. Background technique [0002] Smart contract refers to a set of digitally defined contracts that can realize credible transactions without the supervision of a credible third party, and every transaction can be traced and irreversible. The smart contract implemented in Ethereum is a Turing complete language, and its essence is a program that can implement business logic such as asset management, message recording, event prediction, games, tokens, etc. The defect detection methods of smart contract programs include static detection, symbolic execution, and fuzzy testing. [0003] Static detection has the characteristics of low detection cost and fast detection speed. It can be automatically detected and is more suitable for large-sc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F11/36
CPCG06F21/563G06F11/3612
Inventor 计卫星田泽民刘法旺王一拙高玉金石峰
Owner BEIJING INSTITUTE OF TECHNOLOGYGY