More about HKUST
Static Analysis of Gas-Related Vulnerabilities in Smart Contracts
PhD Qualifying Examination
Title: "Static Analysis of Gas-Related Vulnerabilities in Smart Contracts"
by
Mr. Soroush FAROKHNIA
Abstract:
Blockchain functions as a distributed ledger, allowing participants to
conduct fund transfers without reliance on a centralized authority.
Additionally, the concept of blockchain has been extended to facilitate the
execution of decentralized programs known as smart contracts. However, the
expressive nature of smart contracts permits programmers to create arbitrary
programs, which can be exploited by attackers to initiate denial-of-service
(DoS) attacks, such as infinite loops, thereby obstructing the entire
network. To address this issue, the concept of gas was introduced to quantify
computation, which not only establishes an upper limit on resource usage but
also charges users based on the resources they consume. Nonetheless, the
implementation of gas has posed challenges for the community, as it has
proven to be expensive and has introduced gas-specific vulnerabilities. As a
valuable resource, gas can be manipulated by attackers to provoke undesirable
behavior in a victim's smart contract, leading to the depletion or blockage
of the victim's funds. Research has shown that such oversights have resulted
in significant (millions of dollars) financial losses for users.
The following survey investigates gas-related vulnerabilities and evaluates
the efficacy of existing static analysis tools, including MadMax, eTainter,
GASTAP, and Asparagus, in identifying these vulnerabilities. Furthermore, the
survey analyzes the methodologies utilized by these tools and assesses their
overall effectiveness.
Date: Tuesday, 29 October 2024
Time: 4:00pm - 6:00pm
Venue: Room 5501
Lifts 25/26
Committee Members: Dr. Amir Goharshady (Supervisor)
Prof. Fangzhen Lin (Chairperson)
Prof. Andrew Horner
Dr. Xiaomin Ouyang
Facebook
LinkedIn
Instagram
YouTube
Contact Us