A smart contract is a software product embedded in blockchain and designed to implement a business logic provided by an algorithm of some project developer. For example, the Ethereum network initially deployed a smart contract, the business logic of which is to automate transaction processing and emulate new tokens.
Strictly speaking, blockchain for example like Decimal is also implemented via software code, but this code is carefully “polished” to avoid errors, inaccuracies and vulnerabilities.
As for smart contracts, they use blockchain as a basis and implement simple functions, and this process does not necessarily involve specialists of the required qualification. And since the business model of SCs is such that it does not involve making changes after embedding a smart contract in the blockchain, any mistakes made can only be corrected by deploying a new corrected code on the blockchain. Even if the false code did not cause trouble, the very procedure of developing and implementing a new contract is very costly and troublesome.
But that’s not all. If information about a discovered vulnerability was leaked to the media before it was fixed (no matter who became the informant), this is a clear threat to all users of the system. But if the developer knows about the existence of the problem and is in no hurry to fix it due to the above reasons, it’s even worse. Over time, the risks grow and may eventually cause the loss of a huge amount of funds invested in the project by investors.
How to avoid errors and vulnerabilities in the smart contract code? The problem is quite urgent, and therefore many tools for code analysis deal with this issue in order to identify vulnerable language constructions.
SC security analysis methods
Since the niche of smart contracts is still in its infancy, there are no uniform tools, regulations and guidelines for their safe development. But since it is still a program code, the following proven methods of searching for errors can be applied to it:
- errors in building a business model;
- the actual vulnerabilities of the code that allow attacks on the registry.
Code analysis can be carried out manually, via an expert audit, or with the help of specialized software configured to search for known vulnerabilities.
In any case, the analysis should be performed both before the deployment of smart contracts (static methods) and in “combat” conditions (dynamic analysis).
Let’s consider both types in detail.
Static security analysis of SC code
Debugging a code without executing it is a detailed analysis of the program logic and finding possible vulnerabilities before they manifest themselves. Advantages of the statistical analysis method:
- the ability to study all branches of the code, which is difficult at the stage of program execution;
- early identification of potential errors;
- finding the exact localization of the code vulnerability, which is not always possible to achieve when using dynamic analysis.
There are also some disadvantages:
- the non-reproducibility of the detected errors, for which they have to be checked in dynamics to exclude false positives;
- the ability to identify only the previously detected and well-known vulnerabilities;
- the complexity of code analysis, high probability of errors in the analysis.
Popular software kits for static code analysis of smart contracts: Security, SmartCheck, Oyente.
For a regular program, direct execution is considered to be in demand, when carefully prepared data is run to cover the maximum number of options for the software under test. A special case is fuzzing, when similar data is entered deliberately incorrectly in order to detect vulnerabilities.
But since any smart contract deployed on blockchain can no longer be fixed, this approach is not used. Instead, the SCs are implemented on the blockchain that is specially designed for such work, in other cases, developers just use an emulation environment.
Advantages of dynamic analysis:
- reproducibility when entering the same arrays of source data;
- the ability to test smart contracts without having to access the source code.
dynamic analysis is not complete without the use of significant computing resources;
inability to accurately identify the line of code in which the vulnerability was detected;
it takes a lot of time and effort to check all possible options of the algorithm operation, which makes testing of large projects quite complicated.
The most popular tools for dynamic analysis of smart contracts are MAIAN, Mythril, Manticore.
Safety assessment, measures taken
After identifying errors and code vulnerabilities, it is necessary to assess the security level of the smart contract.
If a SC program code allows the loss of privacy introduced into the blockchain the SC is based on, this can have disastrous financial consequences for users and reputational consequences for the developer. This level of security is considered critical.
The low level of SC security threatens the loss of confidential data for individual users, while possible financial losses are estimated as moderate.
With an average level of security, the probability of hacking is low, however, in this case, the placement of a smart contract on blockchain is strongly discouraged until the identified shortcomings are corrected.
A high level implies the absence of identified vulnerabilities, although it does not provide a 100% guarantee of their absence.
For medium, low and critical security levels, it is necessary to eliminate the identified errors and vulnerabilities and retest the SC.
It should be noted that testing the smart contract code for its security should be entrusted to specialists with appropriate qualifications.
Since smart contracts are considered specific software products, there are few developed tools for their security analysis, and almost all of them are designed to be used only in blockchains with Turing completeness. This already imposes certain restrictions in terms of choosing a platform for the development of SCs.
A typical example is the Oyente complex. The principle of operation of this tool is to transform the code of a smart contract (when using an Ethereum virtual machine) into a graph, which is then checked character by character in order to identify sequences characteristic of known vulnerabilities. The great advantage of this tool is the ability to analyze the SC deployed on the blockchain.
The effectiveness of Oyente can be judged by the official data of the project: it is claimed that in a result of the analysis of 19,367 smart contracts, 8835 of them turned out to be vulnerable.
In conclusion, we note that the blockchain technology is considered safe enough for end users today. But there are platforms that use specific programming languages, which introduces a human factor into the process of coding a smart contract and generally reduces the degree of security. The problem is solved by choosing a blockchain for which there is a set of tools for conducting thorough testing.