This project aims to provide a valuable resource for Web3 developers and security analysts by facilitating their understanding of exploitable bugs in smart contracts. We conduct a thorough analysis of exploitable bugs extracted from code4rena and classify each bug according to its nature.
Our initial research suggests that a notable proportion of exploitable bugs in smart contracts are functional bugs, which cannot be detected using simple and general oracles like reentrancy. We aim to raise awareness about the significance of such bugs and encourage practitioners to develop more sophisticated and nuanced automatic semantical oracles to detect them.
π° πππππππππππ ππππππ ππ ππ‘πππππππππ ππππ ππ πππππ πππππππππ ππππ πππππ πππ ππππππππ’ ππ ππππππππππ ππππ, π ππππ ππππππ ππ ππππππππ πππππ ππππππ πππ πππππππ πππππππ.
Please be aware that this repository is currently undergoing active development, and the data may change over time due to ongoing code4rena contests.
We plan to compile an extensive list of vulnerability detection techniques that prioritize the development of semantical oracles for smart contracts.
We warmly welcome any additional suggestions or contributions from the community to help expand and improve the list. These techniques can be sourced from a variety of materials, such as peer-reviewed research papers, pre-prints, industry tools, online resources, and more.
- Finding Permission Bugs in Smart Contracts with Role Mining, which tries to address access control issues.
- AChecker: Statically Detecting Smart Contract Access Control Vulnerabilities, which tries to address access control issues.
The dataset is organized into four folders:
- papers/: contains our ICSE23 paper summarizing our preliminary results, as well as the supplementary material for the paper.
- results/: contains the bug classification in bugs.csv and the description for each contest in contests.csv.
- contracts/: contains all the smart contracts that we examined, using the version at the time of the contest.
- reports/: contains all the reports provided by code4rena.
We classify the surveyed bugs into three main categories based on their nature:
- Out-of-scope bugs (denoted by O)
- Bugs with simple and general testing oracles (denoted by L)
- Bugs that require high-level semantical oracles (denoted by S)
As classifying functional bugs can be ambiguous, we welcome suggestions to improve our classification standards. You can find more detailed label information in our documentation, and we encourage you to refer to our current classification guidelines for more information.
We welcome all types of contributions to our project, including but not limited to:
- Suggesting new reference techniques for prioritizing smart contract vulnerability detection with semantical oracles.
- Adding newly disclosed code4rena contest bugs.
- Suggesting improvements to the classification standard
- Correcting mislabeled bugs
Further details can be found in our contribution guidelines.
- Zhuo Zhang, Brian Zhang, Wen Xu, Zhiqiang Lin, "Demystifying Exploitable Bugs in Smart Contracts." In Proceedings of the 45th International Conference on Software Engineering, 2023.
Please refer to our classification documentation.
We would like to extend our sincere thanks to code4rena for making this valuable information publicly available.