Diving Into Blockchain's Weaknesses: An Empirical Study of Blockchain System Vulnerabilities

Blockchain is an emerging technology for its decentralization and the capability of enabling cryptocurrencies and smart contracts. However, as a distributed ledger software by nature, blockchain inevitably has software issues. While application-level smart contracts have been extensively investigated, the underlying system-level security bugs of blockchain are much less explored. In this paper, we conduct an empirical study of blockchain's system vulnerabilities using four representative blockchains, Bitcoin, Ethereum, Monero, and Stellar. Due to the lack of CVE information associated with these blockchain projects, we first design a systematic process to effectively identify 1,037 vulnerabilities and their 2,317 patches from 34,245 issues/PRs (pull requests) and 85,164 commits on GitHub. Atop this unique dataset, we perform three levels of analyses, including (i) file-level vulnerable module categorization by identifying and correlating module paths across projects, (ii) text-level vulnerability type clustering by combining natural language processing with similarity-based sentence clustering, and (iii) code-level vulnerability pattern analysis by generating and clustering the code change signatures that concisely capture both syntactic and semantic information of patch code fragments. Among detailed results, our analysis reveals three key findings, including (i) some blockchain modules are more susceptible than the others; notably, the modules related to consensus, wallet, and networking are highly susceptible, each with over 200 issues; (ii) around 70% of blockchain vulnerabilities are in traditional types, but we also identify four new types specific to blockchains; and (iii) we obtain 21 blockchain-specific vulnerability patterns and demonstrate that they can be used to detect similar vulnerabilities in other top blockchains (e.g., Dogecoin and Bitcoin SV).