Enhancing Oyente: four new vulnerability detections for improved smart contract security analysis

Abstract

Enhancing the security analysis of smart contracts, particularly in Ethereum, by extending the widely used Oyente tool is the main objective of this paper. The primary motivation stems from the crucial role of smart contracts in decentralized systems and the imperative need for their security. We have introduced four critical vulnerability detections-Bad randomness, Access control, Unchecked low level, and DoS with unbounded operations-aiming to augment Oyente’s original capabilities, which only detected seven vulnerabilities. The study proposes new algorithms for efficient vulnerability detection, tested on 2676 smart contracts. The research also establishes a new taxonomy to address security flaws in Ethereum smart contracts. By integrating these modules into Oyente, developers gain an improved framework for security analysis, empowering them to identify and address critical vulnerabilities. The contributions of this extended version enhance the overall security and trustworthiness of blockchain-based applications, fostering the development of more secure and resilient smart contract implementations.