Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts

Christof Ferreira Torres; H.L. Jonker; Radu State

doi:10.1145/3545948.3545975

Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts

Christof Ferreira Torres, H.L. Jonker, Radu State

Research output: Chapter in Book/Report/Conference proceeding › Conference Article in proceeding › Academic › peer-review

Abstract

Fixing bugs is easiest by patching source code. However, source code is not always available: only 0.3% of the ∼49M smart contracts that are currently deployed on Ethereum have their source code publicly available. Moreover, since contracts may call functions from other contracts, security flaws in closed-source contracts may affect open-source contracts as well. However, current state-of-the-art approaches that operate on closed-source contracts (i.e., EVM bytecode), such as EVMPatch and SmartShield, make use of purely hard-coded templates that leverage fix patching patterns. As a result, they cannot dynamically adapt to the bytecode that is being patched, which severely limits their flexibility and scalability. For instance, when patching integer overflows using hard-coded templates, a particular patch template needs to be employed as the bounds to be checked are different for each integer size (i.e., one template for uint256, another template for uint64, etc.). In this paper, we propose Elysium, a scalable approach towards automatic smart contract repair at the bytecode level. Elysium combines template-based and semantic-based patching by inferring context information from bytecode. Elysium is currently able to patch 7 different types of vulnerabilities in smart contracts automatically and can easily be extended with new templates and new bug-finding tools. We evaluate its effectiveness and correctness using 3 different datasets by replaying more than 500K transactions on patched contracts. We find that Elysium outperforms existing tools by patching at least 30% more contracts correctly. Finally, we also compare the overhead of Elysium in terms of deployment and transaction cost. In comparison to other tools, we find that generally Elysium minimizes the runtime cost (i.e., transaction cost) up to a factor of 1.7, for only a marginally higher deployment cost, where deployment cost is a one-time cost as compared to the runtime cost.

Original language	English
Title of host publication	RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses
Publisher	Association for Computing Machinery (ACM)
Pages	115-128
Number of pages	14
ISBN (Electronic)	9781450397049
DOIs	https://doi.org/10.1145/3545948.3545975
Publication status	Published - 26 Oct 2022
Event	25th International Symposium on Research in Attacks, Intrusions and Defenses - Limassol , Cyprus Duration: 26 Oct 2022 → 28 Oct 2022 Conference number: 25 http://raid2022.cs.ucy.ac.cy

Conference

Conference	25th International Symposium on Research in Attacks, Intrusions and Defenses
Abbreviated title	RAID 2022
Country/Territory	Cyprus
City	Limassol
Period	26/10/22 → 28/10/22
Internet address	http://raid2022.cs.ucy.ac.cy

Keywords

Ethereum
bytecode
context-aware patching
smart contracts

Access to Document

10.1145/3545948.3545975Licence: CC BY

Cite this

@inproceedings{259e0d2146894617b07102464b6e8a3b,

title = "Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts",

abstract = "Fixing bugs is easiest by patching source code. However, source code is not always available: only 0.3% of the ∼49M smart contracts that are currently deployed on Ethereum have their source code publicly available. Moreover, since contracts may call functions from other contracts, security flaws in closed-source contracts may affect open-source contracts as well. However, current state-of-the-art approaches that operate on closed-source contracts (i.e., EVM bytecode), such as EVMPatch and SmartShield, make use of purely hard-coded templates that leverage fix patching patterns. As a result, they cannot dynamically adapt to the bytecode that is being patched, which severely limits their flexibility and scalability. For instance, when patching integer overflows using hard-coded templates, a particular patch template needs to be employed as the bounds to be checked are different for each integer size (i.e., one template for uint256, another template for uint64, etc.). In this paper, we propose Elysium, a scalable approach towards automatic smart contract repair at the bytecode level. Elysium combines template-based and semantic-based patching by inferring context information from bytecode. Elysium is currently able to patch 7 different types of vulnerabilities in smart contracts automatically and can easily be extended with new templates and new bug-finding tools. We evaluate its effectiveness and correctness using 3 different datasets by replaying more than 500K transactions on patched contracts. We find that Elysium outperforms existing tools by patching at least 30% more contracts correctly. Finally, we also compare the overhead of Elysium in terms of deployment and transaction cost. In comparison to other tools, we find that generally Elysium minimizes the runtime cost (i.e., transaction cost) up to a factor of 1.7, for only a marginally higher deployment cost, where deployment cost is a one-time cost as compared to the runtime cost.",

keywords = "Ethereum, bytecode, context-aware patching, smart contracts",

author = "{Ferreira Torres}, Christof and H.L. Jonker and Radu State",

year = "2022",

month = oct,

day = "26",

doi = "10.1145/3545948.3545975",

language = "English",

pages = "115--128",

booktitle = "RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2022 ; Conference date: 26-10-2022 Through 28-10-2022",

url = "http://raid2022.cs.ucy.ac.cy",

}

Ferreira Torres, C, Jonker, HL & State, R 2022, Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts. in RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses. Association for Computing Machinery (ACM), pp. 115-128, 25th International Symposium on Research in Attacks, Intrusions and Defenses, Limassol , Cyprus, 26/10/22. https://doi.org/10.1145/3545948.3545975

Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts. / Ferreira Torres, Christof; Jonker, H.L.; State, Radu.
RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses. Association for Computing Machinery (ACM), 2022. p. 115-128.

Research output: Chapter in Book/Report/Conference proceeding › Conference Article in proceeding › Academic › peer-review

TY - GEN

T1 - Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts

AU - Ferreira Torres, Christof

AU - Jonker, H.L.

AU - State, Radu

N1 - Conference code: 25

PY - 2022/10/26

Y1 - 2022/10/26

N2 - Fixing bugs is easiest by patching source code. However, source code is not always available: only 0.3% of the ∼49M smart contracts that are currently deployed on Ethereum have their source code publicly available. Moreover, since contracts may call functions from other contracts, security flaws in closed-source contracts may affect open-source contracts as well. However, current state-of-the-art approaches that operate on closed-source contracts (i.e., EVM bytecode), such as EVMPatch and SmartShield, make use of purely hard-coded templates that leverage fix patching patterns. As a result, they cannot dynamically adapt to the bytecode that is being patched, which severely limits their flexibility and scalability. For instance, when patching integer overflows using hard-coded templates, a particular patch template needs to be employed as the bounds to be checked are different for each integer size (i.e., one template for uint256, another template for uint64, etc.). In this paper, we propose Elysium, a scalable approach towards automatic smart contract repair at the bytecode level. Elysium combines template-based and semantic-based patching by inferring context information from bytecode. Elysium is currently able to patch 7 different types of vulnerabilities in smart contracts automatically and can easily be extended with new templates and new bug-finding tools. We evaluate its effectiveness and correctness using 3 different datasets by replaying more than 500K transactions on patched contracts. We find that Elysium outperforms existing tools by patching at least 30% more contracts correctly. Finally, we also compare the overhead of Elysium in terms of deployment and transaction cost. In comparison to other tools, we find that generally Elysium minimizes the runtime cost (i.e., transaction cost) up to a factor of 1.7, for only a marginally higher deployment cost, where deployment cost is a one-time cost as compared to the runtime cost.

AB - Fixing bugs is easiest by patching source code. However, source code is not always available: only 0.3% of the ∼49M smart contracts that are currently deployed on Ethereum have their source code publicly available. Moreover, since contracts may call functions from other contracts, security flaws in closed-source contracts may affect open-source contracts as well. However, current state-of-the-art approaches that operate on closed-source contracts (i.e., EVM bytecode), such as EVMPatch and SmartShield, make use of purely hard-coded templates that leverage fix patching patterns. As a result, they cannot dynamically adapt to the bytecode that is being patched, which severely limits their flexibility and scalability. For instance, when patching integer overflows using hard-coded templates, a particular patch template needs to be employed as the bounds to be checked are different for each integer size (i.e., one template for uint256, another template for uint64, etc.). In this paper, we propose Elysium, a scalable approach towards automatic smart contract repair at the bytecode level. Elysium combines template-based and semantic-based patching by inferring context information from bytecode. Elysium is currently able to patch 7 different types of vulnerabilities in smart contracts automatically and can easily be extended with new templates and new bug-finding tools. We evaluate its effectiveness and correctness using 3 different datasets by replaying more than 500K transactions on patched contracts. We find that Elysium outperforms existing tools by patching at least 30% more contracts correctly. Finally, we also compare the overhead of Elysium in terms of deployment and transaction cost. In comparison to other tools, we find that generally Elysium minimizes the runtime cost (i.e., transaction cost) up to a factor of 1.7, for only a marginally higher deployment cost, where deployment cost is a one-time cost as compared to the runtime cost.

KW - Ethereum

KW - bytecode

KW - context-aware patching

KW - smart contracts

U2 - 10.1145/3545948.3545975

DO - 10.1145/3545948.3545975

M3 - Conference Article in proceeding

SP - 115

EP - 128

BT - RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses

PB - Association for Computing Machinery (ACM)

T2 - 25th International Symposium on Research in Attacks, Intrusions and Defenses

Y2 - 26 October 2022 through 28 October 2022

ER -

Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this