Clairvoyance: Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts

Ye, J; Ma, M; Lin, Y; Sui, Y; Xue, Y

Clairvoyance: Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts

Ye, J Ma, M Lin, Y Sui, Y

Xue, Y

Permalink

Publisher:: ACM
Publication Type:: Conference Proceeding
Citation:: Proceedings - International Conference on Software Engineering, 2020, pp. 274-275
Issue Date:: 2020-06-27

Closed Access

	Filename	Description	Size
	3377812.3390908.pdf	Published Version	523.6 kB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Ye, J
dc.contributor.author	Ma, M
dc.contributor.author	Lin, Y
dc.contributor.author	Sui, Y https://orcid.org/0000-0002-9510-6574
dc.contributor.author	Xue, Y
dc.date.accessioned	2021-01-28T00:27:04Z
dc.date.available	2021-01-28T00:27:04Z
dc.date.issued	2020-06-27
dc.identifier.citation	Proceedings - International Conference on Software Engineering, 2020, pp. 274-275
dc.identifier.isbn	9781450371223
dc.identifier.issn	0270-5257
dc.identifier.uri	http://hdl.handle.net/10453/145622
dc.description.abstract	© 2020 Copyright held by the owner/author(s). Reentrancy bugs in smart contracts caused a devastating financialloss in 2016, considered as one of the most severe vulnerabilities insmart contracts. Most of the existing general-purpose security toolsfor smart contracts have claimed to be able to detect reentrancybugs. In this paper, we present Clairvoyance, a cross-function andcross-contract static analysis by identifying infeasible paths to detect reentrancy vulnerabilities in smart contracts. To reduce FPs,we have summarized five major path protective techniques (PPTs)to support fast yet precise path feasibility checking. We have implemented our approach and compared Clairvoyance with threestate-of-the-art tools on 17770 real-worlds contracts. The resultsshow that Clairvoyance yields the best detection accuracy amongall the tools.
dc.language	en
dc.publisher	ACM
dc.relation.ispartof	Proceedings - International Conference on Software Engineering
dc.relation.ispartof	ICSE '20: 42nd International Conference on Software Engineering
dc.relation.isbasedon	10.1145/3377812.3390908
dc.rights	info:eu-repo/semantics/closedAccess
dc.title	Clairvoyance: Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts
dc.type	Conference Proceeding
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Strength - AAII - Australian Artificial Intelligence Institute
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
pubs.organisational-group	/University of Technology Sydney
utslib.copyright.status	closed_access	*
dc.date.updated	2021-01-28T00:26:16Z
pubs.publication-status	Published

Abstract:

© 2020 Copyright held by the owner/author(s). Reentrancy bugs in smart contracts caused a devastating financialloss in 2016, considered as one of the most severe vulnerabilities insmart contracts. Most of the existing general-purpose security toolsfor smart contracts have claimed to be able to detect reentrancybugs. In this paper, we present Clairvoyance, a cross-function andcross-contract static analysis by identifying infeasible paths to detect reentrancy vulnerabilities in smart contracts. To reduce FPs,we have summarized five major path protective techniques (PPTs)to support fast yet precise path feasibility checking. We have implemented our approach and compared Clairvoyance with threestate-of-the-art tools on 17770 real-worlds contracts. The resultsshow that Clairvoyance yields the best detection accuracy amongall the tools.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/145622