SolidityCheck : Quickly Detecting Smart Contract Problems Through Regular Expressions

TL;DR

SolidityCheck is a rapid detection tool for Solidity smart contract issues using regular expressions, improving efficiency and effectiveness over existing methods.

Contribution

The paper introduces SolidityCheck, a novel approach employing regular expressions for quick detection of Solidity smart contract problems.

Findings

SolidityCheck outperforms existing detection tools in speed.

It effectively identifies common vulnerabilities like re-entrancy and integer overflow.

Experimental results demonstrate high accuracy and efficiency.

Abstract

As a blockchain platform that has developed vigorously in recent years, Ethereum is different from Bitcoin in that it introduces smart contracts into blockchain.Solidity is one of the most mature and widely used smart contract programming language,which is used to write smart contracts and deploy them on blockchain. However, once the data in the blockchain is written, it cannot be modified. Ethereum smart contract is stored in the block chain, which makes the smart contract can no longer repair the code problems such as re-entrancy vulnerabilities or integer overflow problems. Currently, there still lacks of an efficient and effective approach for detecting these problems in Solidity. In this paper, we first classify all the possible problems in Solidity, then propose a smart contract problem detection approach for Solidity, namely SolidityCheck. The approach uses regular expressions to define the characteristics of problematic statements and uses regular matching and program instrumentation to prevent or detect problems. Finally, a large number of experiments is performed to show that SolidityCheck is superior to existing approaches.