Safeguarding DeFi Smart Contracts against Oracle Deviations

TL;DR

This paper introduces OVer, a framework that automatically analyzes DeFi smart contracts for oracle deviation vulnerabilities, generating guard statements to prevent manipulation and revealing that current parameters are often insufficient for safety.

Contribution

OVer is the first automated symbolic analysis framework for detecting oracle deviation vulnerabilities in DeFi smart contracts, enhancing security measures.

Findings

OVer successfully analyzed 10 diverse DeFi benchmarks.

Most existing parameters are inadequate against oracle deviations.

Guard statements can be generated to prevent oracle manipulation attacks.

Abstract

This paper presents OVer, a framework designed to automatically analyze the behavior of decentralized finance (DeFi) protocols when subjected to a "skewed" oracle input. OVer firstly performs symbolic analysis on the given contract and constructs a model of constraints. Then, the framework leverages an SMT solver to identify parameters that allow its secure operation. Furthermore, guard statements may be generated for smart contracts that may use the oracle values, thus effectively preventing oracle manipulation attacks. Empirical results show that OVer can successfully analyze all 10 benchmarks collected, which encompass a diverse range of DeFi protocols. Additionally, this paper also illustrates that current parameters utilized in the majority of benchmarks are inadequate to ensure safety when confronted with significant oracle deviations.