EOSFuzzer: Fuzzing EOSIO Smart Contracts for Vulnerability Detection
release_kzqtq46ihnczjbbf4unwmlqm5m
by
Yuhe Huang, Bo Jiang, W.K. Chan
2020
Abstract
EOSIO is one typical public blockchain platform. It is scalable in terms of
transaction speeds and has a growing ecosystem supporting smart contracts and
decentralized applications. However, the vulnerabilities within the EOSIO smart
contracts have led to serious attacks, which caused serious financial loss to
its end users. In this work, we systematically analyzed three typical EOSIO
smart contract vulnerabilities and their related attacks. Then we presented
EOSFuzzer, a general black-box fuzzing framework to detect vulnerabilities
within EOSIO smart contracts. In particular, EOSFuzzer proposed effective
attacking scenarios and test oracles for EOSIO smart contract fuzzing. Our
fuzzing experiment on 3963 EOSIO smart contracts shows that EOSFuzzer is both
effective and efficient to detect EOSIO smart contract vulnerabilities with
high accuracy.
In text/plain
format
Archived Content
There are no accessible files associated with this release. You could check other releases for this work for an accessible version.
Know of a fulltext copy of on the public web? Submit a URL and we will archive it
2007.14903v2
access all versions, variants, and formats of this works (eg, pre-prints)