OpenTracer: A Dynamic Transaction Trace Analyzer for Smart Contract Invariant Generation and Beyond
Zhiyang Chen, Ye Liu, Sidi Mohamed Beillahi, Yi Li, Fan Long
TL;DR
OpenTracer tackles the lack of open, comprehensive tools for dynamic analysis of Ethereum smart contract transactions. It downloads and augments traces from archive nodes, builds function-level invocation trees, decodes function and storage data with ABIs, and supports taint and data-flow analyses to derive invariant-related information. In validation via Trace2Inv on $42$ victim contracts and $350{,}800$ transactions, OpenTracer inferred $659$ invariants across $8$ categories from $23$ templates, with the best invariant protecting a substantial share of contracts. The tool is fully open-source and demonstrates practical utility, including fast translation to $TxSpector$ format, enabling researchers and developers to study transaction behaviors and validate new invariants at scale.
Abstract
Smart contracts, self-executing programs on the blockchain, facilitate reliable value exchanges without centralized oversight. Despite the recent focus on dynamic analysis of their transaction histories in both industry and academia, no open-source tool currently offers comprehensive tracking of complete transaction information to extract user-desired data such as invariant-related data. This paper introduces OpenTracer, designed to address this gap. OpenTracer guarantees comprehensive tracking of every execution step, providing complete transaction information. OpenTracer has been employed to analyze 350,800 Ethereum transactions, successfully inferring 23 different types of invariant from predefined templates. The tool is fully open-sourced, serving as a valuable resource for developers and researchers aiming to study transaction behaviors or extract and validate new invariants from transaction traces. The source code of OpenTracer is available at https://github.com/jeffchen006/OpenTracer.