SmartBugs 2.0: An Execution Framework for Weakness Detection in Ethereum Smart Contracts

38th IEEE/ACM International Conference on Automated Software Engineering (ASE '23), Tool track (ASE'23)

M. di AngeloT. DurieuxJ. F. FerreiraG. Salzer 

PDFDOISource code

Abstract

@INPROCEEDINGS {10298326,author = {M. di Angelo and T. Durieux and J. F. Ferreira and G. Salzer},booktitle = {2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)},title = {SmartBugs 2.0: An Execution Framework for Weakness Detection in Ethereum Smart Contracts},year = {2023},volume = {},issn = {},pages = {2102-2105},abstract = {Smart contracts are blockchain programs that often handle valuable assets. Writing secure smart contracts is far from trivial, and any vulnerability may lead to significant financial losses. To support developers in identifying and eliminating vulnerabilities, methods and tools for the automated analysis of smart contracts have been proposed. However, the lack of commonly accepted benchmark suites and performance metrics makes it difficult to compare and evaluate such tools. Moreover, the tools are heterogeneous in their interfaces and reports as well as their runtime requirements, and installing several tools is time-consuming. In this paper, we present SmartBugs 2.0, a modular execution framework. It provides a uniform interface to 19 tools aimed at smart contract analysis and accepts both Solidity source code and EVM bytecode as input. After describing its architecture, we highlight the features of the framework. We evaluate the framework via its reception by the community and illustrate its scalability by describing its role in a study involving 3.25 million analyses.},keywords = {measurement;runtime;source coding;scalability;smart contracts;computer architecture;writing},doi = {10.1109/ASE56229.2023.00060},url = {https://doi.ieeecomputersociety.org/10.1109/ASE56229.2023.00060},publisher = {IEEE Computer Society},address = {Los Alamitos, CA, USA},month = {sep}}
1
Last Updated: 04/03/2024