Conference:ACM Conference on Computer and Communications Security (CCS)
CCF level:CCF A
Categories:network and information security
Year:2023
Num:25
14
Title:
Fuzz on the Beach: Fuzzing Solana Smart Contracts
海滩上的模糊:模糊测试Solana智能合约
Authors:****
Key words:
Blockchain Security, Solana, Fuzzing
区块链安全、Solana、模糊测试
Abstract:****
Solana has quickly emerged as a popular platform for building decentralized applications (DApps), such as marketplaces for non-fungible tokens (NFTs). A key reason for its success are Solana's low transaction fees and high performance, which is achieved in part due to its stateless programming model. Although the literature features extensive tooling support for smart contract security, current solutions are largely tailored for the Ethereum Virtual Machine. Unfortunately, the very stateless nature of Solana's execution environment introduces novel attack patterns specific to Solana requiring a rethinking for building vulnerability analysis methods. In this paper, we address this gap and propose FuzzDelSol, the first binary-only coverage-guided fuzzing architecture for Solana smart contracts. FuzzDelSol faithfully models runtime specifics such as smart contract interactions. Moreover, since source code is not available for the large majority of Solana contracts, FuzzDelSol operates on the contract's binary code. Hence, due to the lack of semantic information, we carefully extracted low-level program and state information to develop a diverse set of bug oracles covering all major bug classes in Solana. Our extensive evaluation on 6049 smart contracts shows that FuzzDelSol's bug oracles finds impactful vulnerabilities with a high precision and recall. To the best of our knowledge, this is the largest evaluation of the security landscape on the Solana mainnet.
Solana 已迅速成为构建去中心化应用程序 (DApp) 的流行平台,例如非同质化代币 (NFT) 的市场。其成功的一个关键原因是 Solana 的低交易费和高性能,这在一定程度上得益于其无状态编程模型。尽管文献中介绍了对智能合约安全的广泛工具支持,但当前的解决方案主要是针对以太坊虚拟机量身定制的。不幸的是,Solana 执行环境的无状态特性引入了 Solana 特有的新攻击模式,需要重新考虑构建漏洞分析方法。在本文中,我们解决了这一差距并提出了 FuzzDelSol,这是第一个仅针对二进制的覆盖引导式 Solana 智能合约模糊测试架构。FuzzDelSol 忠实地模拟了运行时细节,例如智能合约交互。此外,由于大多数 Solana 合约都没有源代码,因此 FuzzDelSol 会对合约的二进制代码进行操作。因此,由于缺乏语义信息,我们仔细提取了低级程序和状态信息,以开发一组多样化的漏洞预言机,涵盖 Solana 中所有主要漏洞类别。我们对 6049 个智能合约进行了广泛的评估,结果表明 FuzzDelSol 的漏洞预言机能够以较高的准确率和召回率发现重大漏洞。据我们所知,这是对 Solana 主网安全状况的最大规模评估。
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3623178
15
Title:
Lanturn: Measuring Economic Security of Smart Contracts Through Adaptive Learning
Lanturn:通过自适应学习衡量智能合约的经济安全
Authors:****
Key words:
MEV; Machine Learning; Optimization; Decentralized Finance; Cryptoeconomics; Smart Contract Security Tool
MEV、机器学习、优化、去中心化金融、加密经济学、智能合约安全工具
Abstract:****
We introduce Lanturn: a general purpose adaptive learning-based framework for measuring the cryptoeconomic security of composed decentralized-finance (DeFi) smart contracts. Lanturn discovers strategies comprising of concrete transactions for extracting economic value from smart contracts interacting with a particular transaction environment. We formulate the strategy discovery as a black-box optimization problem and leverage a novel adaptive learning-based algorithm to address it. Lanturn features three key properties. First, it needs no contract-specific heuristics or reasoning, due to our black-box formulation of cryptoeconomic security. Second, it utilizes a simulation framework that operates natively on blockchain state and smart contract machine code, such that transactions returned by Lanturn's learning-based optimization engine can be executed on-chain without modification. Finally, Lanturn is scalable in that it can explore strategies comprising a large number of transactions that can be reordered or subject to insertion of new transactions. We evaluate Lanturn on the historical data of the biggest and most active DeFi Applications: Sushiswap, UniswapV2, UniswapV3, and AaveV2. Our results show that Lanturn not only rediscovers existing, well-known strategies for extracting value from smart contracts, but also discovers new strategies that are previously undocumented. Lanturn also consistently discovers higher value than evidenced in the wild, surpassing a natural baseline computed using value extracted by bots and other strategic agents.
我们介绍 Lanturn:一种基于自适应学习的通用框架,用于测量由去中心化金融(DeFi)智能合约组成的加密经济安全性。Lanturn 会发现由具体交易组成的策略,以便从与特定交易环境交互的智能合约中提取经济价值。我们将策略发现表述为一个黑盒优化问题,并利用一种新颖的基于自适应学习的算法来解决该问题。Lanturn 具有三个关键特性。首先,由于我们对加密经济安全性进行了黑箱表述,因此它不需要特定于合约的启发式或推理。其次,它利用了一个模拟框架,该框架可在区块链状态和智能合约机器代码上进行原生操作,因此,Lanturn 基于学习的优化引擎返回的交易可以在链上执行,无需修改。最后,Lanturn 具有可扩展性,它可以探索包含大量交易的策略,这些交易可以重新排序或插入新的交易。我们在最大、最活跃的 DeFi 应用程序的历史数据上对 Lanturn 进行了评估:Sushiswap、UniswapV2、UniswapV3 和 AaveV2。我们的研究结果表明,Lanturn 不仅能重新发现现有的、众所周知的从智能合约中提取价值的策略,还能发现以前未记录的新策略。Lanturn 还能持续发现比野生状态下更高的价值,超过使用机器人和其他策略代理提取的价值计算出的自然基线。
注:maximal (previously miner) extractable value (MEV)
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3623204
16
Title:
Riggs: Decentralized Sealed-Bid Auctions
Riggs:去中心化密封投标拍卖
Authors:****
Key words:
timed commitments, auctions, blockchains, range proofs
定时承诺、拍卖、区块链、范围证明
Abstract:****
We introduce the first practical protocols for fully decentralized sealed-bid auctions using timed commitments. Timed commitments ensure that the auction is finalized fairly even if all participants drop out after posting bids or if n-1 bidders collude to try to learn the nth bidder's bid value. Our protocols rely on a novel non-malleable timed commitment scheme which efficiently supports range proofs to establish that bidders have sufficient funds to cover a hidden bid value. This allows us to penalize users who abandon bids for exactly the bid value, while supporting simultaneous bidding in multiple auctions with a shared collateral pool. Our protocols are concretely efficient and we have implemented them in an Ethereum-compatible smart contract which automatically enforces payment and delivery of an auctioned digital asset.
我们引入了第一个使用定时承诺的完全去中心化密封投标拍卖的实用协议。定时承诺确保拍卖公平完成,即使所有参与者在发布投标后退出,或者 n-1 个投标人串通试图了解第 n 个投标人的出价。我们的协议依赖于一种新颖的不可延展的定时承诺方案,该方案有效地支持范围证明,以确定投标人有足够的资金来支付隐藏的出价。这使我们能够惩罚那些放弃出价的用户,同时支持在共享抵押品池的多个拍卖中同时出价。我们的协议非常高效,我们已经在与以太坊兼容的智能合约中实现了它们,该合约自动执行拍卖数字资产的支付和交付。
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3623182
17
Title:
Accio: Variable-Amount, Optimized-Unlinkable and NIZK-Free Off-Chain Payments via Hubs
Accio:通过 Hub 进行可变金额、优化不可链接且无需 NIZK 的链下支付
Authors:****
Key words:
Payment Channel Hub, Variable Amount, Unlinkability, NIZK-free
支付渠道Hub、可变金额、不可链接、无需 NIZK
Abstract:****
Payment channel hubs (PCHs) serve as a promising solution to achieving quick off-chain payments between pairs of users. They work by using an untrusted tumbler to relay the payments between the payer and payee and enjoy the advantages of low cost and high scalability. However, the most recent privacy-preserving payment channel hub solution that supports variable payment amounts suffers from limited unlinkability, e.g., being vulnerable to the abort attack. Moreover, this solution utilizes zero-knowledge proofs, which bring huge costs on both computation time and communication overhead. Therefore, how to design PCHs that support variable amount payments and unlinkability, but reduce the use of huge-cost cryptographic tools as much as possible, is significant for the large-scale practical applications of off-chain payments. In this paper, we propose Accio, a variable amount payment channel hub solution with optimized unlinkability, by deepening research on unlinkability and constructing a new cryptographic tool. We provide the detailed Accio protocol and formally prove its security and privacy under the Universally Composable framework. Our prototype demonstrates its feasibility and the evaluation shows that Accio outperforms the other state-of-the-art works in both communication and computation costs.
支付通道hub (PCH) 是实现用户对之间快速链下支付的一种有前途的解决方案。它们通过使用无需信任的翻转器(tumbler)在付款人和收款人之间传递付款,具有成本低、可扩展性强等优势。然而,最新的支持可变支付金额的隐私保护支付通道hub解决方案存在有限的不可链接性问题,例如容易受到中止攻击。此外,该解决方案使用零知识证明,这在计算时间和通信开销上都带来了巨大的成本。因此,如何设计支持可变金额支付和不可链接性的 PCH,同时尽可能减少使用成本高昂的加密工具,对于链下支付的大规模实际应用具有重要意义。在本文中,我们通过深化对不可链接性的研究并构建新的加密工具,提出了一种具有优化不可链接性的可变金额支付通道枢纽解决方案 Accio。我们提供了详细的 Accio 协议,并在 Universally Composable 框架下正式证明了其安全性和隐私性。我们的原型证明了它的可行性,评估表明 Accio 在通信和计算成本方面都优于其他最先进的工作。
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3616577
18
Title:
CryptoConcurrency: (Almost) Consensusless Asset Transfer with Shared Accounts
CryptoConcurrency:通过共享账户实现(几乎)无共识资产转移
Authors:****
Key words:
Asynchronous BFT; blockchain; consensus; crypt ocurrency
异步 BFT;区块链;共识;crypt ocurrency
Abstract:****
A typical blockchain protocol uses consensus to make sure that mutually mistrusting users agree on the order in which their operations on shared data are executed. However, it is known that asset transfer systems, by far the most popular application of blockchains, can be implemented without consensus. Assuming that no account can be accessed concurrently and every account belongs to a single owner, one can efficiently implement an asset transfer system in a purely asynchronous, consensus-free manner. It has also been shown that implementing asset transfer with shared accounts is impossible without consensus. In this paper, we propose CryptoConcurrency, an asset transfer protocol that allows concurrent accesses to be processed in parallel, without involving consensus, whenever possible. More precisely, if concurrent transfer operations on a given account do not lead to overspending, i.e. can all be applied without the account balance going below zero, they proceed in parallel. Otherwise, the account's owners may have to access an external consensus object. Notably, we avoid relying on a central, universally-trusted, consensus mechanism and allow each account to use its own consensus implementation, which only the owners of this account trust. This provides greater decentralization and flexibility.
典型的区块链协议使用共识来确保相互不信任的用户同意对共享数据执行操作的顺序。然而,众所周知,资产转移系统是区块链迄今为止最流行的应用,可以在没有共识的情况下实现。假设没有账户可以同时访问,并且每个账户都属于一个所有者,那么可以以纯异步、无共识的方式有效地实现资产转移系统。事实也表明,没有共识就不可能实现共享账户的资产转移。在本文中,我们提出了 CryptoConcurrency,这是一种资产转移协议,它允许在可能的情况下并行处理并发访问,而无需共识。更准确地说,如果给定帐户上的并发转移操作不会导致超支,即可以在帐户余额不低于零的情况下全部应用,则它们将并行进行。否则,帐户的所有者可能必须访问外部共识对象。值得注意的是,我们避免依赖中心的、普遍信任的共识机制,并允许每个帐户使用自己的共识实现,只有该帐户的所有者信任该实现。这提供了更大的去中心化和灵活性。
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3616587
19
Title:
TrustBoost: Boosting Trust among Interoperable Blockchains
TrustBoost:增强互操作区块链之间的信任
Authors:****
Key words:
cross-chain interoperability, smart contracts, consensus
跨链互操作性、智能合约、共识
Abstract:****
Currently there exist many blockchains with weak trust guarantees, limiting applications and participation. Existing solutions to boost the trust using a stronger blockchain, e.g., via checkpointing, requires the weaker blockchain to give up sovereignty. In this paper, we propose a family of protocols in which multiple blockchains interact to create a combined ledger with boosted trust. We show that even if several of the interacting blockchains cease to provide security guarantees, the combined ledger continues to be secure - our Trustboost protocols achieve the optimal threshold of tolerating the insecure blockchains. This optimality, along with the necessity of blockchain interactions, is formally shown within the classic shared memory model, tackling the long standing open challenge of solving consensus in the presence of both Byzantine objects and processes. Furthermore, our proposed construction of Trustboost simply operates via smart contracts and require no change to the underlying consensus protocols of the participating blockchains, a form of "consensus on top of consensus''. The protocols are lightweight and can be used on specific (e.g., high value) transactions; we demonstrate the practicality by implementing and deploying Trustboost as cross-chain smart contracts in the Cosmos ecosystem using approximately 3,000 lines of Rust code, made available as open source [52]. Our evaluation shows that using 10 Cosmos chains in a local testnet, Trustboost has a gas cost of roughly $2 with a latency of 2 minutes per request, which is in line with the cost on a high security chain such as Bitcoin or Ethereum.
目前,许多区块链的信任保证较弱,限制了应用和参与。使用较强的区块链(如通过检查点)增强信任的现有解决方案需要较弱的区块链放弃主权。在本文中,我们提出了一系列协议,在这些协议中,多个区块链相互作用,创建一个具有增强信任的组合账本。我们的研究表明,即使几个相互作用的区块链不再提供安全保证,组合账本仍然是安全的--我们的信任增强协议达到了容忍不安全区块链的最佳阈值。这种最优性以及区块链交互的必要性在经典共享内存模型中得到了正式证明,从而解决了在拜占庭对象和进程同时存在的情况下解决共识问题这一长期存在的挑战。此外,我们提出的 Trustboost 结构只需通过智能合约运行,无需更改参与区块链的底层共识协议,是一种 "共识之上的共识"。这些协议是轻量级的,可用于特定(如高价值)交易;我们在 Cosmos 生态系统中以跨链智能合约的形式实施和部署了 Trustboost,使用了约 3000 行 Rust 代码,并以开放源代码的形式提供[52],从而证明了其实用性。我们的评估显示,在本地测试网络中使用 10 个 Cosmos 链,Trustboost 的气体成本约为 2 美元,每个请求的延迟时间为 2 分钟,与比特币或以太坊等高安全性链上的成本一致。
Pdf link:
https://dl.acm.org/doi/10.1145/3576915.3623080
篇幅有限,下篇文章将继续分享剩余论文
关注我们,持续接收区块链最新论文
洞察区块链技术发展趋势
Follow us to keep receiving the latest blockchain papers
Insight into Blockchain Technology Trends