TL;DR
EtherSolve introduces a novel static analysis method using symbolic execution to accurately resolve jumps and construct control-flow graphs from Ethereum bytecode, enhancing security analysis of smart contracts.
Contribution
The paper presents EtherSolve, a new approach that improves CFG accuracy from Ethereum bytecode by resolving jumps through symbolic execution, addressing limitations of existing tools.
Findings
EtherSolve outperforms existing tools in CFG accuracy.
Improved CFG enables better detection of vulnerabilities like re-entrancy.
Prototype demonstrates practical effectiveness on real-world contracts.
Abstract
Motivated by the immutable nature of Ethereum smart contracts and of their transactions, quite many approaches have been proposed to detect defects and security problems before smart contracts become persistent in the blockchain and they are granted control on substantial financial value. Because smart contracts source code might not be available, static analysis approaches mostly face the challenge of analysing compiled Ethereum bytecode, that is available directly from the official blockchain. However, due to the intrinsic complexity of Ethereum bytecode (especially in jump resolution), static analysis encounters significant obstacles that reduce the accuracy of exiting automated tools. This paper presents a novel static analysis algorithm based on the symbolic execution of the Ethereum operand stack that allows us to resolve jumps in Ethereum bytecode and to construct an accurate…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
