FSFC: An input filter-based secure framework for smart contract

摘要

Discovering vulnerabilities in smart contracts, particularly those that can be exploited, is challenging. Existing research efforts tend to focus on pre-tests or are not capable of dynamically protecting the deployed contracts without impacting on the availability of the contracts. Thus in this paper, we propose and implement a high-availability and unified input Filter-based Secure Framework for Ethereum smart Contract (hereafter referred to as FSFC). FSFC is designed to allow the deployed smart contracts to continue running normally even when faced with potential attacks (due to vulnerability exploitation). Specifically, the proposed approach allows one to dynamically identify and discard bad inputs before getting processed. In other words, the owner can protect the contract by deploying filters through FSFC, regardless of the vulnerability discovered in the deployed contract, and without suspending the contract service. We also evaluate the security of FSFC. Then, using integer vulnerability as a case study, we demonstrate how FSFC can be deployed and evaluate its utility using real-world smart contracts with known integer vulnerability. For example, a comparative summary demonstrates that in comparison to the plain Geth, FSFC only incurs minimal additional overhead for the miners and less than 2% extra gas consumption for normal users.