TL;DR
This paper introduces Dynamit, a machine learning-based framework that detects reentrancy vulnerabilities in Ethereum smart contracts using only blockchain transaction and balance data, without needing code analysis or special environments.
Contribution
Dynamit is the first framework to detect reentrancy vulnerabilities using only transaction metadata and balance data, eliminating the need for domain knowledge or code instrumentation.
Findings
Successfully identifies vulnerable contracts with high accuracy
Provides execution traces that reproduce attacks
Operates solely on blockchain transaction data
Abstract
In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
