Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Demystifying and Detecting Cryptographic Defects in Ethereum Smart Contracts

Jiashuo Zhang, Yiming Shen, Jiachi Chen, Jianzhong Su, Yanlin Wang, Ting Chen, Jianbo Gao, Zhong Chen

TL;DR

This paper tackles cryptographic defects in Ethereum smart contracts by proposing a new taxonomy of nine defect types derived from 2,406 real-world security reports. It introduces CrySol, a fuzzing-based detector that combines transaction replay and dynamic taint analysis with crypto-aware test-case generation to uncover these defects. On a large-scale dataset of 25,745 crypto-related contracts, CrySol achieves 95.4% precision and 91.2% recall, revealing that 22.7% of contracts harbor at least one cryptographic defect. The work provides practical mitigations, validates the approach with extensive evaluation, and supplies open-source tools and datasets to advance secure on-chain cryptographic practices.

Abstract

Ethereum has officially provided a set of system-level cryptographic APIs to enhance smart contracts with cryptographic capabilities. These APIs have been utilized in over 10% of Ethereum transactions, motivating developers to implement various on-chain cryptographic tasks, such as digital signatures. However, since developers may not always be cryptographic experts, their ad-hoc and potentially defective implementations could compromise the theoretical guarantees of cryptography, leading to real-world security issues. To mitigate this threat, we conducted the first study aimed at demystifying and detecting cryptographic defects in smart contracts. Through the analysis of 2,406 real-world security reports, we defined nine types of cryptographic defects in smart contracts with detailed descriptions and practical detection patterns. Based on this categorization, we proposed CrySol, a fuzzing-based tool to automate the detection of cryptographic defects in smart contracts. It combines transaction replaying and dynamic taint analysis to extract fine-grained crypto-related semantics and employs crypto-specific strategies to guide the test case generation process. Furthermore, we collected a large-scale dataset containing 25,745 real-world crypto-related smart contracts and evaluated CrySol's effectiveness on it. The result demonstrated that CrySol achieves an overall precision of 95.4% and a recall of 91.2%. Notably, CrySol revealed that 5,847 (22.7%) out of 25,745 smart contracts contain at least one cryptographic defect, highlighting the prevalence of these defects.

Demystifying and Detecting Cryptographic Defects in Ethereum Smart Contracts

TL;DR

This paper tackles cryptographic defects in Ethereum smart contracts by proposing a new taxonomy of nine defect types derived from 2,406 real-world security reports. It introduces CrySol, a fuzzing-based detector that combines transaction replay and dynamic taint analysis with crypto-aware test-case generation to uncover these defects. On a large-scale dataset of 25,745 crypto-related contracts, CrySol achieves 95.4% precision and 91.2% recall, revealing that 22.7% of contracts harbor at least one cryptographic defect. The work provides practical mitigations, validates the approach with extensive evaluation, and supplies open-source tools and datasets to advance secure on-chain cryptographic practices.

Abstract

Ethereum has officially provided a set of system-level cryptographic APIs to enhance smart contracts with cryptographic capabilities. These APIs have been utilized in over 10% of Ethereum transactions, motivating developers to implement various on-chain cryptographic tasks, such as digital signatures. However, since developers may not always be cryptographic experts, their ad-hoc and potentially defective implementations could compromise the theoretical guarantees of cryptography, leading to real-world security issues. To mitigate this threat, we conducted the first study aimed at demystifying and detecting cryptographic defects in smart contracts. Through the analysis of 2,406 real-world security reports, we defined nine types of cryptographic defects in smart contracts with detailed descriptions and practical detection patterns. Based on this categorization, we proposed CrySol, a fuzzing-based tool to automate the detection of cryptographic defects in smart contracts. It combines transaction replaying and dynamic taint analysis to extract fine-grained crypto-related semantics and employs crypto-specific strategies to guide the test case generation process. Furthermore, we collected a large-scale dataset containing 25,745 real-world crypto-related smart contracts and evaluated CrySol's effectiveness on it. The result demonstrated that CrySol achieves an overall precision of 95.4% and a recall of 91.2%. Notably, CrySol revealed that 5,847 (22.7%) out of 25,745 smart contracts contain at least one cryptographic defect, highlighting the prevalence of these defects.
Paper Structure (30 sections, 9 figures, 4 tables)

This paper contains 30 sections, 9 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Background
  3. Ethereum Virtual Machine (EVM)
  4. Cryptographic APIs in EVM
  5. Cryptographic Tasks in Smart Contracts
  6. Defects in Smart Contracts
  7. Security Reports for Smart Contracts
  8. Cryptographic Defects in Smart Contracts
  9. Data Collection
  10. Data Pre-processing
  11. Data Analysis
  12. Defects Definition
  13. Methodology
  14. Design Decisions
  15. Overview
  16. ...and 15 more sections

Figures (9)

  • Figure 1: An example of the cards of security reports.
  • Figure 2: An example contract with SSR, CSR, and SF defects
  • Figure 3: An example contract with the SM defect
  • Figure 4: An example contract with the ISV defect
  • Figure 5: An example contract with MR and MF defects.
  • ...and 4 more figures