Wed 7 Nov 2018 13:52 - 14:15 at Studio 1 - Security Chair(s): Tobias Wrigstad

Ethereum is a distributed blockchain platform, serving as an ecosystem for smart contracts: full-fledged inter-communicating programs that capture the transaction logic of an account. Unlike programs in mainstream languages, the execution of an Ethereum smart contract is restricted by a gas limit: execution proceeds as long as gas is available. Thus, gas is a valuable resource that can be manipulated by an attacker to provoke unwanted behavior in a victim’s smart contract (e.g., wasting or blocking funds of said victim). Gas-focused vulnerabilities exploit undesired behavior when a contract (directly or through other interacting contracts) runs out of gas. Such vulnerabilities are among the hardest for programmers to protect against, as out-of-gas behavior may be uncommon in non-attack scenarios and reasoning about it is far from trivial. In this paper, we classify and identify gas-focused vulnerabilities, and present MadMax: a static program analysis technique to automatically detect gas-focused vulnerabilities with very high confidence. Our approach combines a control-flow-analysis-based decompiler and declarative program-structure queries. The combined analysis captures high-level domain-specific concepts (such as “dynamic data structure storage” and “safely resumable loops”) and achieves high precision and scalability. MadMax analyzes the entirety of smart contracts in the current Ethereum blockchain in just 10 hours (with decompilation timeouts in 8% of the cases) and flags contracts with a current (though highly volatile) monetary value of over $5B as vulnerable. Manual inspection of a sample of flagged contracts shows that 81% of the sampled warnings do indeed lead to vulnerabilities, which we report on in our experiment.

Slides (madmax.odp)1.48MiB

Wed 7 Nov
Times are displayed in time zone: Guadalajara, Mexico City, Monterrey change

13:30 - 15:00: SecurityOOPSLA at Studio 1
Chair(s): Tobias WrigstadUppsala University
13:30 - 13:52
A Derivation Framework for Dependent Security Label Inference
Peixuan LiPenn State University, Danfeng ZhangPennsylvania State University
13:52 - 14:15
MadMax: Surviving Out-of-Gas Conditions in Ethereum Smart ContractsDistinguished Paper Award
Neville GrechUniversity of Athens, Michael KongUniversity of Sydney, Anton JurisevicUniversity of Sydney, Lexi BrentUniversity of Sydney, Bernhard ScholzThe University of Sydney, Yannis SmaragdakisUniversity of Athens
Link to publication Pre-print File Attached
14:15 - 14:37
Faster Variational Execution with Transparent Bytecode Transformation
Chu-Pan WongCarnegie Mellon University, Jens MeinickeMagdeburg University, Lukas Lazarek, Christian KästnerCarnegie Mellon University
14:37 - 15:00
Secure Serverless Computing Using Dynamic Information Flow Control
Kalev AlpernasTel Aviv University, Cormac FlanaganUniversity of California, Santa Cruz, Sadjad FouladiStanford University, Leonid RyzhykVMware Research, Mooly SagivTel Aviv University, Thomas Schmitz, Keith WinsteinStanford University