TL;DR
Harvey is an innovative greybox fuzzer designed for smart contracts that enhances code coverage and vulnerability detection by predicting promising inputs and generating targeted transaction sequences, significantly improving testing efficiency.
Contribution
The paper introduces novel techniques for predicting inputs and targeted transaction fuzzing, specifically tailored for smart contracts, addressing limitations of traditional greybox fuzzers.
Findings
Increased code coverage and vulnerability detection in real-world contracts
Techniques achieve results orders of magnitude faster than existing methods
Revealed new insights about smart contract code vulnerabilities
Abstract
We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities. However, greybox fuzzers randomly mutate program inputs to exercise new paths; this makes it challenging to cover code that is guarded by narrow checks, which are satisfied by no more than a few input values. Moreover, most real-world smart contracts transition through many different states during their lifetime, e.g., for every bid in an auction. To explore these states and thereby detect deep vulnerabilities, a greybox fuzzer would need to generate sequences of contract transactions, e.g., by creating bids from multiple users, while at the same time keeping the search space and test suite tractable. In this experience paper, we explain how Harvey…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
