In this work we propose Dynamit, a monitoring framework to detect reentrancy vulnerabilities in Ethereum smart contracts. The novelty of our framework is that it relies only on transaction metadata and balance data from the blockchain system; our approach requires no domain knowledge, code instrumentation, or special execution environment. Dynamit extracts features from transaction data and uses a machine learning model to classify transactions as benign or harmful. Therefore, not only can we find the contracts that are vulnerable to reentrancy attacks, but we also get an execution trace that reproduces the attack.
翻译:在这项工作中,我们提议了“针锋相对”这个用于检测Etheum智能合同中再生脆弱性的监测框架。我们框架的新颖之处在于它只依赖于交易元数据和链链系统中的平衡数据;我们的方法不需要领域知识、代码仪表或特殊执行环境。从交易数据中提取特征,并使用机器学习模型将交易归类为良性或有害性。 因此,我们不仅可以找到易遭受再生攻击的合同,而且我们还可以找到执行痕迹来复制袭击。
相关内容
微信扫码咨询专知VIP会员