Conference:33rd USENIX Security Symposium
CCF level:CCF A
Categories:network and information security
Year:2024
Conference time:August 14--16, 2024 Philadelphia, PA, USA
Title:
Using My Functions Should Follow My Checks: Understanding and Detecting Insecure OpenZeppelin Code in Smart Contracts
使用我的功能应遵循我的检查:理解和检测智能合约中不安全的 OpenZeppelin 代码
Authors:****
Abstract:****
Sharding is a prominent technique for scaling blockchains.
OpenZeppelin is a popular framework for building smart contracts. It provides common libraries (e.g., SafeMath), implementations of Ethereum standards (e.g., ERC20), and reusable components for access control and upgradability. However, unlike traditional software libraries, which are typically imported as static linking libraries or dynamic loading libraries, OpenZeppelin is utilized by Solidity contracts in the form of source code. As a result, developers often make custom modifications to their copies of OpenZeppelin code, which may lead to unintended security consequences.
In this paper, we conduct the first systematic study on the security of OpenZeppelin code used in real-world contracts. Specifically, we focus on the security checks in the official OpenZeppelin library and examine whether they are faithfully enforced in the relevant OpenZeppelin functions of real contracts. To this end, we propose a novel tool named ZepScope that comprises two components: MINER and CHECKER. First, MINER analyzes the official OpenZeppelin functions to extract the facts of explicit checks (i.e., the checks defined within the functions) and implicit checks (i.e., the conditions of calling the functions). Second, based on the facts extracted by MINER, CHECKER examines real contracts to identify their OpenZeppelin functions, match their checks with those in the facts, and validate the consequences for those inconsistent checks. By overcoming multiple challenges in developing ZepScope, we obtain not only the first taxonomy of OpenZeppelin checks but also the comprehensive results of checking the top 35,882 contracts from three mainstream blockchains.
OpenZeppelin 是一种流行的智能合约构建框架。它提供了通用库(例如 SafeMath)、以太坊标准的实现(例如 ERC20)以及用于访问控制和可升级性的可重用组件。然而,与通常作为静态链接库或动态加载库导入的传统软件库不同,OpenZeppelin 以源代码的形式被 Solidity 合约使用。因此,开发人员经常对其 OpenZeppelin 代码副本进行自定义修改,这可能会导致意想不到的安全后果。
在本文中,我们对实际合约中使用的 OpenZeppelin 代码的安全性进行了首次系统研究。具体来说,我们重点关注官方 OpenZeppelin 库中的安全检查,并检查它们是否在实际合约的相关 OpenZeppelin 函数中得到忠实执行。为此,我们提出了一个名为 ZepScope 的新工具,它由两个组件组成:MINER 和 CHECKER。首先,MINER 分析 OpenZeppelin 官方函数,提取显式检查(即函数内部定义的检查)和隐式检查(即调用函数的条件)的事实。其次,基于 MINER 提取的事实,CHECKER 检查真实合约,识别其 OpenZeppelin 函数,将其检查与事实中的检查进行匹配,并验证不一致检查的后果。通过克服 ZepScope 开发过程中的多重挑战,我们不仅获得了 OpenZeppelin 检查的第一个分类法,还获得了对来自三个主流区块链的前 35,882 个合约进行检查的综合结果。
