Skip to main content
SpringerLink
Log in

Library Usage Detection in Ethereum Smart Contracts

  • Conference paper
  • First Online:
On the Move to Meaningful Internet Systems: OTM 2019 Conferences (OTM 2019)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11877))

Abstract

We analyze the usage of the SafeMath library on the blockchain with a data set of 6.9 million bytecodes of Ethereum smart contracts. This library provides safe arithmetic operations for contracts. In order to detect smart contracts that make use of the library from the bytecode alone, we perform the following five steps: download all available library versions, write test contracts that use the library, compile all test contracts with all compatible compiler versions, extract the internal library functions from the compiled bytecode, and search for contracts on the blockchain that use these library function bytecodes. In total, we detect usage of the SafeMath library in 1.34% of all smart contracts on the blockchain and in 27.52% of all distinct contract codes. To evaluate our approach, we use more than 50,000 verified contracts from Etherscan for which both the Solidity source code and the bytecode is available. Our algorithm correctly detects library usage for 86.34% of the smart contracts in the evaluation set.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The CREATE2 instruction was introduced only after our data collection process.

  2. 2.

    https://etherscan.io.

References

  1. Buterin, V.: A next-generation smart contract and decentralized application platform. white paper (2014)

    Google Scholar 

  2. Payette, J., Schwager, S., Murphy, J.: Characterizing the ethereum address space (2017)

    Google Scholar 

  3. Norvill, R., Awan, I.U., Pontiveros, B.B.F., Cullen, A.J.: Automated labeling of unknown contracts in Ethereum (2017)

    Google Scholar 

  4. Fröwis, M., Fuchs, A., Böhme, R.: Detecting Token Systems on Ethereum. arXiv preprint arXiv:1811.11645 (2018)

  5. Bartoletti, M., Carta, S., Cimoli, T., Saia, R.: Dissecting Ponzi schemes on Ethereum: identification, analysis, and impact. arXiv preprint arXiv:1703.03779 (2017)

  6. Chen, W., Zheng, Z., Cui, J., Ngai, E., Zheng, P., Zhou, Y.: Detecting ponzi schemes on ethereum: towards healthier blockchain technology. In: Proceedings of the 2018 World Wide Web Conference on World Wide Web, pp. 1409–1418 (2018)

    Google Scholar 

  7. OpenZeppelin: OpenZeppelin is a library for secure smart contract development. https://github.com/OpenZeppelin/openzeppelin-solidity. Accessed on 07 July 2019

  8. Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on Ethereum smart contracts. IACR Cryptology ePrint Archive, vol. 2016, p. 1007 (2016)

    Google Scholar 

  9. Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, vol. 151, pp. 1–32 (2014)

    Google Scholar 

  10. Kiffer, L., Levin, D., Mislove, A.: Analyzing Ethereum’s Contract Topology. In: Proceedings of the Internet Measurement Conference, vol. 2018, pp. 494–499 (2018)

    Google Scholar 

  11. Zhou, Y., Kumar, D., Bakshi, S., Mason, J., Miller, A., Bailey, M.: Erays: reverse engineering ethereum’s opaque smart contracts. In: 27th \(\{\)USENIX\(\}\) Security Symposium (\(\{\)USENIX\(\}\) Security 18), pp. 1371–1385 (2018)

    Google Scholar 

  12. Ferreira Torres, C., Schütte, J., State, R.: Osiris: Hunting for integer bugs in ethereum smart contracts. In: 34th Annual Computer Security Applications Conference (ACSAC 2018), San Juan, Puerto Rico, USA, 3–7 December 2018 (2018)

    Google Scholar 

  13. Reibel, P., Yousaf, H., Meiklejohn, S.: Short Paper: an exploration of code diversity in the cryptocurrency landscape (2019)

    Chapter  Google Scholar 

  14. Di Angelo, M., Salzer, G.: A survey of tools for analyzing ethereum smart contracts. In: 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON) (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Informatics, Technical University of Munich, Munich, Germany

    Alexander Hefele, Ulrich Gallersdörfer & Florian Matthes

Authors
  1. Alexander Hefele
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ulrich Gallersdörfer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Florian Matthes
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alexander Hefele .

Editor information

Editors and Affiliations

  1. University of Lorraine, Vandoeuvre Les Nancy Cedex, France

    Hervé Panetto

  2. Trinity College Dublin, Dublin, Ireland

    Christophe Debruyne

  3. Universität der Bundeswehr München, Munich, Germany

    Martin Hepp

  4. Trinity College Dublin, Dublin, Ireland

    Dave Lewis

  5. Università degli Studi di Milano Crema, Crema, Italy

    Claudio Agostino Ardagna

  6. TU Graz, Graz, Austria

    Robert Meersman

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hefele, A., Gallersdörfer, U., Matthes, F. (2019). Library Usage Detection in Ethereum Smart Contracts. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C., Meersman, R. (eds) On the Move to Meaningful Internet Systems: OTM 2019 Conferences. OTM 2019. Lecture Notes in Computer Science(), vol 11877. Springer, Cham. https://doi.org/10.1007/978-3-030-33246-4_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-33246-4_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-33245-7

  • Online ISBN: 978-3-030-33246-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation