ISmart: Protecting Smart Contract Against Integer Bugs

Abstract

Blockchain technology is known as a decentralized, distributed ledger that records digital asset. It has been applied in numbers of aspects of society, including finance, judiciary and commerce. Ethereum is referred to as the next generation decentralized application platform. It is one of the most popular blockchain platforms that supports smart contracts. Smart contract is a set of codes that sored on blockchain and can be called and created as turing-complete programs running on the blockchain. Developers use smart contracts to build decentralized applications (Dapp) which has widely used cryptocurrency related project. As smart contracts become more popular and more valuable, they are faced with more risk of being hacked. As a result that smart contracts cannot be modified once deployed on the blockchain, it is a great challenge to fix and update deployed vulnerable contract which can lead to a huge loss of cryptocurrency and financial disorder. In this paper, we focus on Integer Bugs in Ethereum Smart Contracts and present ISmart, which protects deployed smart contracts against attacks caused by Integer Bugs. We implemented ISmart based on go-ethereum, a Ethereum client written in Go, by adding a simplified taint analysis component. In our preliminary, ISmart can prevent attacks accurately with little runtime overhead.