SmartOracle: Generating Smart Contract Oracle via Fine-Grained Invariant Detection

TL;DR

SmartOracle is a dynamic invariant detection tool that automatically generates application-specific invariants to improve vulnerability detection in smart contracts, achieving higher accuracy and effectiveness than existing methods.

Contribution

It introduces a novel approach for automatically generating fine-grained invariants as smart contract oracles, enhancing vulnerability detection accuracy and handling complex contract functionalities.

Findings

Detects 50% more ERC20 invariants than existing methods

Achieves 96% precision in vulnerability detection

Successfully identifies 466 abnormal transactions involving 31 vulnerable contracts

Abstract

As decentralized applications (DApps) proliferate, the increased complexity and usage of smart contracts have heightened their susceptibility to security incidents and financial losses. Although various vulnerability detection tools have been developed to mitigate these issues, they often suffer poor performance in detecting vulnerabilities, as they either rely on simplistic and general-purpose oracles that may be inadequate for vulnerability detection, or require user-specified oracles, which are labor-intensive to create. In this paper, we introduce SmartOracle, a dynamic invariant detector that automatically generates fine-grained invariants as application-specific oracles for vulnerability detection. From historical transactions, SmartOracle uses pattern-based detection and advanced inference to construct comprehensive properties, and mines multi-layer likely invariants to accommodate the complicated contract functionalities. After that, SmartOracle identifies smart contract vulnerabilities by hunting the violated invariants in new transactions. In the field of invariant detection, SmartOracle detects 50% more ERC20 invariants than existing dynamic invariant detection and achieves 96% precision rate. Furthermore, we build a dataset that contains vulnerable contracts from real-world security incidents. SmartOracle successfully detects 466 abnormal transactions with an acceptable precision rate 96%, involving 31 vulnerable contracts. The experimental results demonstrate its effectiveness in detecting smart contract vulnerabilities, especially those related to complicated contract functionalities.