Interaction-Aware Vulnerability Detection in Smart Contract Bytecodes

TL;DR

COBRA is a novel framework that combines semantic context and function interface information in smart contract bytecodes to improve vulnerability detection accuracy, especially when ABI data is missing.

Contribution

This paper introduces COBRA, the first framework integrating semantic context and function interfaces for bytecode vulnerability detection, along with SRIF for inferring function signatures.

Findings

SRIF achieves 94.76% F1-score in function signature inference.

COBRA attains 93.45% F1-score in vulnerability classification with known ABI.

In absence of ABI, COBRA reaches 89.46% recall in vulnerability detection.

Abstract

The detection of vulnerabilities in smart contracts remains a significant challenge. While numerous tools are available for analyzing smart contracts in source code, only about 1.79% of smart contracts on Ethereum are open-source. For existing tools that target bytecodes, most of them only consider the semantic logic context and disregard function interface information in the bytecodes. In this paper, we propose COBRA, a novel framework that integrates semantic context and function interfaces to detect vulnerabilities in bytecodes of the smart contract. To our best knowledge, COBRA is the first framework that combines these two features. Moreover, to infer the function signatures that are not present in signature databases, we propose SRIF, automatically learn the rules of function signatures from the smart contract bytecodes. The bytecodes associated with the function signatures are collected by constructing a control flow graph (CFG) for the SRIF training. We optimize the semantic context using the operation code in the static single assignment (SSA) format. Finally, we integrate the context and function interface representations in the latent space as the contract feature embedding. The contract features in the hidden space are decoded for vulnerability classifications with a decoder and attention module. Experimental results demonstrate that SRIF can achieve 94.76% F1-score for function signature inference. Furthermore, when the ground truth ABI exists, COBRA achieves 93.45% F1-score for vulnerability classification. In the absence of ABI, the inferred function feature fills the encoder, and the system accomplishes an 89.46% recall rate.