Jisuanji kexue (Nov 2021)
Ethereum Smart Contract Bug Detection and Repair Approach Based on Regular Expressions, Program Instrumentation and Code Replacement
Abstract
As the largest blockchain platform supporting smart contracts,millions of smart contracts have been deployed on Ethereum.Since the deployed smart contracts cannot be modified even if the contracts contain bugs,it is critical for developers to eliminate bugs prior to the deployment.Many smart contract analysis tools have been proposed.These tools either use bytecode-based symbolic execution to detect bugs,or convert the source code to an intermediate representation and then detect bugs.The tools based on symbolic execution usually cannot cover many types of bugs in source code.Converting the source code to an intermediate representation negatively impacts the detection speed.Moreover,these tools are bug detectors,which cannot automatically fix bugs based on analysis results.To address these limitations,we propose an approach named SolidityCheck,which employs regular expressions,program instrumentation and statement replacement in source code to quickly detect bugs and fix certain types of bugs.We conduct extensive experiments to evaluate SolidityCheck.The experimental results show that,compared with existing approaches,SolidityCheck demonstrates excellent performances on multiple indicators.
Keywords
