Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts

Author

Yuzhou FANG
Daoyuan WU
Xiao YI
Shuai WANG
Yufan CHEN
Mengjie CHEN
Yang LIU
Lingxiao JIANG, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

7-2023

Abstract

A smart contract is a piece of application-layer code running on blockchain ledgers and it provides programmatic logic via transaction-based execution of pre-defined functions. Smart contract functions are by default invokable by any party. To safeguard them, the mainstream smart contract language, i.e., Solidity of the popular Ethereum blockchain, proposed a unique language-level keyword called “modifier,” which allows developers to define custom function access control policies beyond the traditional “protected” and “private” modifiers in classic programming languages.In this paper, we aim to conduct a large-scale security analysis of the modifiers used in real-world Ethereum smart contracts. To achieve this, we design and implement a novel smart contract analysis tool called SoMo. Its main objective is to identify insecure modifiers that can be bypassed from one or more unprotected smart contract functions. This is challenging because of the complicated relationship between modifiers and their variables/functions and the ambiguity of attacker-accessible entry functions. To overcome them, we first propose a new structure, the Modifier Dependency Graph (MDG), to connect all the modifier-related control/data flows. Over MDGs, we then model system variables, generate symbolic path constraints, and iteratively test each candidate entry function. Our extensive evaluation shows that SoMo outperforms the state-of-the-art SPCon tool by detecting all its true positives and correctly avoiding 9 out of 11 false positives. It also achieves high precision of 91.2% when analyzing a large dataset of 62,464 contracts, over 400 of which were identified with bypassable modifiers. Our analysis further reveals three interesting security findings about modifiers and nine major types of modifier usage in the wild. SoMo has been integrated into an online security scanning service, MetaScan.

Keywords

Smart Contract Security, Taint Analysis, Access Control, Modifiers

Discipline

Finance and Financial Management | Information Security | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

ISSTA '23: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, Seattle, July 17-21

First Page

1157

Last Page

1168

ISBN

9798400702211

Identifier

10.1145/3597926.3598125

Publisher

ACM

City or Country

New York

Citation

FANG, Yuzhou; WU, Daoyuan; YI, Xiao; WANG, Shuai; CHEN, Yufan; CHEN, Mengjie; LIU, Yang; and JIANG, Lingxiao. Beyond "protected" and "private": An empirical security analysis of custom function modifiers in smart contracts. (2023). ISSTA '23: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, Seattle, July 17-21. 1157-1168.
Available at: https://ink.library.smu.edu.sg/sis_research/8545

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1145/3597926.3598125