All Your Tokens are Belong to Us: Demystifying Address Verification Vulnerabilities in Solidity Smart Contracts

TL;DR

This paper introduces AVVERIFIER, a static analysis tool for detecting address verification vulnerabilities in Ethereum smart contracts, significantly improving detection efficiency and uncovering previously unknown vulnerabilities affecting billions of dollars.

Contribution

The paper presents AVVERIFIER, a novel lightweight static taint analysis tool that effectively detects address verification vulnerabilities in smart contracts with high accuracy and efficiency.

Findings

Identified 812 previously undisclosed vulnerable contracts.

Achieved 2-5 times efficiency improvement over state-of-the-art methods.

Verified vulnerabilities in contracts with over $11.2 billion in total value locked.

Abstract

In Ethereum, the practice of verifying the validity of the passed addresses is a common practice, which is a crucial step to ensure the secure execution of smart contracts. Vulnerabilities in the process of address verification can lead to great security issues, and anecdotal evidence has been reported by our community. However, this type of vulnerability has not been well studied. To fill the void, in this paper, we aim to characterize and detect this kind of emerging vulnerability. We design and implement AVVERIFIER, a lightweight taint analyzer based on static EVM opcode simulation. Its three-phase detector can progressively rule out false positives and false negatives based on the intrinsic characteristics. Upon a well-established and unbiased benchmark, AVVERIFIER can improve efficiency 2 to 5 times than the SOTA while maintaining a 94.3% precision and 100% recall. After a large-scale evaluation of over 5 million Ethereum smart contracts, we have identified 812 vulnerable smart contracts that were undisclosed by our community before this work, and 348 open source smart contracts were further verified, whose largest total value locked is over $11.2 billion. We further deploy AVVERIFIER as a real-time detector on Ethereum and Binance Smart Chain, and the results suggest that AVVERIFIER can raise timely warnings once contracts are deployed.