StateGuard: Detecting State Derailment Defects in Decentralized Exchange Smart Contract

TL;DR

StateGuard is a deep learning framework that uses graph neural networks to detect state derailment defects in decentralized exchange smart contracts, improving security and reliability.

Contribution

This paper introduces the first systematic study of state derailment defects in DEXs and proposes a novel GCN-based detection framework called StateGuard.

Findings

Achieved 92.24% precision in defect detection.

Successfully identified multiple new CVEs in real-world contracts.

Demonstrated effectiveness on 46 DEX projects with 5,671 contracts.

Abstract

Decentralized Exchanges (DEXs), leveraging blockchain technology and smart contracts, have emerged in decentralized finance. However, the DEX project with multi-contract interaction is accompanied by complex state logic, which makes it challenging to solve state defects. In this paper, we conduct the first systematic study on state derailment defects of DEXs. These defects could lead to incorrect, incomplete, or unauthorized changes to the system state during contract execution, potentially causing security threats. We propose StateGuard, a deep learning-based framework to detect state derailment defects in DEX smart contracts. StateGuard constructs an Abstract Syntax Tree (AST) of the smart contract, extracting key features to generate a graph representation. Then, it leverages a Graph Convolutional Network (GCN) to discover defects. Evaluating StateGuard on 46 DEX projects with 5,671 smart contracts reveals its effectiveness, with a precision of 92.24%. To further verify its practicality, we used StateGuard to audit real-world smart contracts and successfully authenticated multiple novel CVEs.