CN116028495A - Intelligent contract detection method and device - Google Patents

Intelligent contract detection method and device Download PDF

Info

Publication number
CN116028495A
CN116028495A CN202211698899.XA CN202211698899A CN116028495A CN 116028495 A CN116028495 A CN 116028495A CN 202211698899 A CN202211698899 A CN 202211698899A CN 116028495 A CN116028495 A CN 116028495A
Authority
CN
China
Prior art keywords
checked
function
tree
intelligent contract
condition
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211698899.XA
Other languages
Chinese (zh)
Inventor
许冠行
李文越
何伊圣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hillstone Networks Co Ltd
Original Assignee
Hillstone Networks Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hillstone Networks Co Ltd filed Critical Hillstone Networks Co Ltd
Priority to CN202211698899.XA priority Critical patent/CN116028495A/en
Publication of CN116028495A publication Critical patent/CN116028495A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application discloses a detection method and device of an intelligent contract. Wherein the method comprises the following steps: acquiring a source code corresponding to the intelligent contract; analyzing the source code by a grammar analyzer, and generating an abstract grammar tree corresponding to the source code according to the analysis result, wherein the grammar analyzer is used for carrying out grammar analysis on the source code of any version which is not compiled; traversing a plurality of tree nodes in the abstract syntax tree; detecting whether a plurality of tree nodes contain abnormal tree nodes or not according to preset conditions, wherein the preset conditions are used for representing code features of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code features of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions; and under the condition that abnormal tree nodes exist in the plurality of tree nodes, determining the intelligent contracts as abnormal intelligent contracts with information security risks. The technical problem of low information security risk detection efficiency of intelligent contracts in the prior art is solved.

Description

Intelligent contract detection method and device
Technical Field
The application relates to the technical field of blockchain, in particular to a detection method and device of an intelligent contract.
Background
An intelligent contract is a piece of code written in a computer language that runs on a public chain. In the prior art, when detecting whether an intelligent contract has information security risk, a mode of manually auditing contract codes is generally adopted, and whether the intelligent contract has information security loopholes is judged by manually searching whether the intelligent contract has dangerous function codes and analyzing logic of the dangerous function codes. The dangerous function code is a code suspected to have information security risks.
However, the intelligent contract detection method in the prior art consumes a great deal of labor cost and time cost, so that the detection efficiency of the intelligent contract is low.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the application provides a detection method and device for an intelligent contract, which are used for at least solving the technical problem of low information security risk detection efficiency of the intelligent contract in the prior art.
According to an aspect of the embodiments of the present application, there is provided a method for detecting an intelligent contract, including: acquiring a source code corresponding to the intelligent contract; analyzing the source code by a grammar analyzer, and generating an abstract grammar tree corresponding to the source code according to the analysis result, wherein the grammar analyzer is used for carrying out grammar analysis on the source code of any version which is not compiled; traversing a plurality of tree nodes in the abstract syntax tree, wherein the tree nodes are used for representing definition information of function codes contained in the intelligent contracts; detecting whether a plurality of tree nodes contain abnormal tree nodes or not according to preset conditions, wherein the preset conditions are used for representing code features of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code features of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions; and under the condition that abnormal tree nodes exist in the plurality of tree nodes, determining the intelligent contracts as abnormal intelligent contracts with information security risks.
Further, the method for detecting the intelligent contract further comprises the following steps: after traversing a plurality of tree nodes in the abstract syntax tree, determining each tree node as a function definition object to obtain a plurality of function definition objects; obtaining a function body sub-object in each function definition object, wherein the function body sub-object comprises at least one statement object, and the statement object comprises at least one function expression; detecting whether all function expressions contained in each function definition object contain objective function expressions or not, wherein the objective function expressions are used for transferring balance funds in the intelligent contract to a caller of the intelligent contract; and determining the function definition object containing the target function expression as a definition object to be checked, and determining the tree node corresponding to the definition object to be checked as a tree node to be checked.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that tree nodes to be checked do not exist in the plurality of tree nodes, determining that the intelligent contract is about a normal intelligent contract without information security risk; and under the condition that the tree nodes to be checked exist in the plurality of tree nodes, detecting whether the tree nodes to be checked are abnormal tree nodes or not according to preset conditions.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that the tree node to be checked simultaneously meets all the following preset sub-conditions, determining the tree node to be checked as an abnormal tree node, wherein the preset sub-conditions at least comprise: the method comprises the steps of a first preset sub-condition, a second preset sub-condition, a third preset sub-condition and a fourth preset sub-condition; the first preset sub-condition characterizes that a to-be-checked definition object corresponding to the to-be-checked tree node does not contain a target modifier, wherein the target modifier is used for limiting the number of times that a caller of the intelligent contract repeatedly accesses the to-be-checked definition object; the second preset sub-condition characterizes that the address variable called by the target function expression in the to-be-checked definition object can be controlled by an external account, wherein the external account is an account without the control authority of the intelligent contract; the third preset sub-condition characterizes that after the target function expression in the definition object to be checked is called, the state of the definition object to be checked is updated; the fourth preset sub-condition characterizes that the to-be-checked definition object is not provided with a target resource consumption value smaller than a preset threshold value aiming at the target function expression, wherein the target resource consumption value is used for characterizing the maximum value of computing resources required by the target function expression in running.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that tree nodes to be checked exist in the plurality of tree nodes, detecting whether a target modifier is contained in a definition object to be checked corresponding to the tree nodes to be checked; and under the condition that the object to be checked contains the target modifier, determining the tree node to be checked as a normal tree node, and intelligently integrating normal intelligent contracts without information security risks.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that tree nodes to be checked exist in a plurality of tree nodes, acquiring address variables called by target function expressions in the defined objects to be checked; detecting whether the address variable can be controlled by an external account; and under the condition that the address variable cannot be controlled by an external account, determining the tree node to be checked as a normal tree node, and intelligently integrating normal intelligent contracts without information security risks.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that tree nodes to be checked exist in the plurality of tree nodes, detecting whether the state of the definition object to be checked is updated after the target function expression in the definition object to be checked is called; and under the condition that the state of the to-be-checked definition object is not updated, determining the to-be-checked tree node as a normal tree node, and intelligently integrating normal intelligent contracts without information security risks.
Further, the method for detecting the intelligent contract further comprises the following steps: after the target function expression in the definition object to be checked is called, a plurality of function sentences generated by the definition object to be checked are obtained; detecting whether a plurality of function sentences comprise objective function sentences, wherein the objective function sentences are assignment sentences comprising assignment symbols, and one side of each objective function sentence is a state variable corresponding to an intelligent contract; under the condition that the plurality of function sentences comprise target function sentences, determining that the state of the definition object to be checked has update; and under the condition that the objective function sentences are not contained in the function sentences, determining that the state of the definition object to be checked is not updated.
Further, the method for detecting the intelligent contract further comprises the following steps: under the condition that tree nodes to be checked exist in the plurality of tree nodes, detecting whether a to-be-checked definition object is provided with a target resource consumption value smaller than a preset threshold value aiming at a target function expression; and under the condition that the to-be-checked definition object is provided with a target resource consumption value aiming at the target function expression, determining the to-be-checked tree node as a normal tree node, and intelligently integrating normal intelligent contracts without information security risks.
According to another aspect of the embodiments of the present application, there is also provided an apparatus for detecting an intelligent contract, including: the acquisition module is used for acquiring source codes corresponding to the intelligent contracts; the parsing module is used for parsing the source code through the parser and generating an abstract syntax tree corresponding to the source code according to the parsing result, wherein the parser is used for parsing the source code of any version which is not compiled; the traversal module is used for traversing a plurality of tree nodes in the abstract syntax tree, wherein the tree nodes are used for representing definition information of function codes contained in the intelligent contract; the detection module is used for detecting whether the plurality of tree nodes contain abnormal tree nodes or not according to preset conditions, wherein the preset conditions are used for representing the code characteristics of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code characteristics of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions; and the determining module is used for determining the intelligent contract as an abnormal intelligent contract with information security risk under the condition that the abnormal tree nodes exist in the plurality of tree nodes.
In the method, a mode of converting source codes of intelligent contracts into abstract syntax trees and detecting abnormal tree nodes in the abstract syntax trees by combining preset conditions is adopted, source codes corresponding to the intelligent contracts are firstly obtained, then the source codes are analyzed through a syntax analyzer, abstract syntax trees corresponding to the source codes are generated according to analysis results, a plurality of tree nodes in the abstract syntax trees are traversed, whether the plurality of tree nodes contain the abnormal tree nodes or not is detected according to the preset conditions, and finally the intelligent contracts are determined to be abnormal intelligent contracts with information security risks under the condition that the abnormal tree nodes exist in the plurality of tree nodes. The grammar analyzer is used for carrying out grammar analysis on source codes of any version which are not compiled, the tree nodes are used for representing definition information of function codes contained in the intelligent contracts, the preset conditions are used for representing code characteristics of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code characteristics of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions.
According to the method, the system and the device, the intelligent contract source code is converted into the abstract syntax tree, then the abnormal tree node corresponding to the abnormal function code is detected from the abstract syntax tree, whether the intelligent contract has an information security vulnerability or not is judged according to the detection rule (namely, the preset condition), the purpose of automatically detecting the information security risk of the intelligent contract is achieved, the manual detection cost is reduced, and the detection efficiency for the intelligent contract is improved. In addition, the grammar analyzer can carry out grammar analysis on source codes of any version which is not compiled, so that the code compiling process during intelligent contract analysis can be saved, and the detection efficiency of intelligent contracts is further improved.
Therefore, the technical scheme of the application achieves the purpose of automatically detecting whether the intelligent contract has information security risks by using the abstract syntax tree, so that the problems of large repeated workload and excessively complicated work load during artificial audit of the intelligent contract code are solved, and the technical problem of low information security risk detection efficiency of the intelligent contract in the prior art is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. In the drawings:
FIG. 1 is a schematic diagram of an alternative attack contract and attacked contract in accordance with an embodiment of the present application;
FIG. 2 is a flowchart of an alternative detect exception function code according to an embodiment of the present application;
FIG. 3 is a flow chart of an alternative smart contract detection method in accordance with an embodiment of the present application;
fig. 4 is a schematic diagram of an alternative smart contract detection apparatus in accordance with an embodiment of the present application.
Detailed Description
In order to make the present application solution better understood by those skilled in the art, the following description will be made in detail and with reference to the accompanying drawings in the embodiments of the present application, it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that embodiments of the present application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be further noted that, related information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party. For example, an interface is provided between the system and the relevant user or institution, before acquiring the relevant information, the system needs to send an acquisition request to the user or institution through the interface, and acquire the relevant information after receiving the consent information fed back by the user or institution.
Example 1
An intelligent contract is a piece of code written in a computer language that runs on a public chain. The public chain with the most important and highest total value is the Ethernet main chain, and the most popular intelligent contract language on the Ethernet main chain is the solubility language, so that the safety problem of the solubility language is the most important safety problem in the blockchain field.
Wherein the reentry vulnerability is a high-risk vulnerability in the solubility language, and the reentry vulnerability occurs because a developer uses part of the dangerous function code (i.e., the abnormal function code) by mistake when writing the source code of the smart contract. As shown in fig. 1, an example of exception function codes in an attacked contract is as follows:
function withdrawBalance{
amountToWithdraw=userBalances[msg.sender];
if(!(msg.sender.call.value(amountToWithdraw)())){throw;}
userBalances[msg.sender]=0;
}
In particular, the function of this piece of exception function code is to withdraw the user balance in the smart contract. Firstly, the exception function code obtains the account balance of the caller msg.sender, secondly, the exception function code uses a call calling function to send the balance to the caller in an Ether (Ethernet) mode, and finally, the exception function code zeroes the account balance of the caller.
When the abnormal function code calls call function to transfer money to caller, if msg.sender is contract account, it will enter into the rollback function of caller contract, wherein the rollback function is a special function without function name and parameter, the rollback function is used to accept Ether sent by other address to the intelligent contract, meaning if one address sends Ether to the intelligent contract, it will enter into the rollback function, and execute logic in abnormal function code. On this basis, as shown in fig. 1, an attacker may deploy an attack contract and call a withdrew balance function using the attack contract, and the withdrew balance function will call the call function and enter the rollback function of the attack contract. Specific operations can be seen in the following code examples:
function(){
if(dao.balanceOfEther()>0){
dao.withdrawBalance();
}
}
In addition, in the rollback function, the withdrawwbalance function in the attacked contract can be continuously called, in the call of the upper layer, the code only runs to the call function call of the second step, and does not go to the balance zeroing operation of the third step, which results in that the balance of the caller in the contract is not reduced, so that the obtained amount to be sent to the caller is not changed when the call function enters the next layer call. Then the widthwbaance function of the attacked contract and the rollback function of the attacked contract are recursively invoked repeatedly, and each time the attacked contract sends an attack contract balance amount of ethernet to the attack contract, until the balance of the ethernet in the attacked contract is exhausted.
According to the above, the reason for forming the reentry vulnerability is that the related state variables occur after the call calling function is called, after the caller of the intelligent contract revisits the call calling function, the state of the intelligent contract is not changed correspondingly, so that the account balance of the caller in the intelligent contract is not changed, and finally the intelligent contract can be transferred to the caller all the time.
To radically avoid reentrant vulnerabilities, a third party modifier may be used: non-Reetrandom. This modifier is also known as a reentrant lock, which has multiple versions, but all implement a check on the number of function code entries. As long as this modifier is used, re-entry can be avoided entirely. The use of the reentrant lock may be referred to as code examples:
function methed()public nonReetrancy{
msg.sender.call();
}
if the function code does not use the reentrant lock, it needs to determine whether the function code has a state change after the call function is called, where the state refers to a state variable in the smart contract, and the state variable is used to store a value that needs to exist for a long time in the smart contract, such as balance information, authorization information, and the like. The case where the state change occurs after call can be referred to as the following code:
function methed()public{
amount=balanceOf[msg.sender];
msg.sender.call.value(amount)();
balance of [ msg.sender ] =0; the// state change occurs after call invocation
}
If the state change occurs after the call function is called, it is also necessary to determine whether the call function, when called, limits gas consumption. The gas refers to the computing resource overhead required for running the contract code, and because the ethernet virtual machine is complete in graphics, a shutdown problem exists. To solve the downtime problem, the ethernet house has introduced a gas system that specifies a corresponding gas consumption value for each instruction in the ethernet house virtual machine instruction set. When a caller invokes a function code in a smart contract, the caller also needs to provide a certain gas for running the function code. While the function code is running, the ethernet virtual machine also calculates gas consumption, if gas remains after the function code is running, the ethernet virtual machine returns the remaining gas value to the caller, but if gas is consumed before the function code is running, the intelligent contract is returned, and the consumed gas is not returned.
Further, the instruction that changes state in the ethernet virtual machine is sstore, whose gas consumption is typically 5000, which means that if the amount of gas that can be used by call calling functions at runtime is limited to below 5000, any state change can be prevented, thereby preventing the occurrence of reentrant vulnerabilities. But is notable. In the clienthamburg upgrade of the ethernet, the gas consumption of the sstore instruction of the ethernet virtual machine is modified, and in this modification, if a state variable which is not 0 is finally modified to 0 by using the sstore, only 400gas is required, and at this time, the gas limit of 5000 is insufficient to ensure that the occurrence of the reentrant vulnerability can be completely avoided. Since an attacker needs to deploy a sload operator at least once in the rollback function of the attack contract in order to implement the attack, and 2100gas is consumed for the sload operator, the generation of reentrant vulnerabilities can be completely avoided as long as the gas amount that can be used by the call calling function during running is limited to be below 2100.
From the above, in order to accurately detect whether the smart contract has a reentrant vulnerability, at least 4 steps in fig. 2 are required:
Step S201, first, all function codes containing call calling functions are checked.
Step S202, checking whether a reentrant lock exists in function codes containing call calling functions, namely, a third party modifier: non-Reetrandom. Specifically, if there is a reentrant lock, the function code is described as a normal function code, and the intelligent contract is about a normal contract where there is no information security risk. If the function code containing call calling function has a reentrant lock, indicating that the function code is a suspected abnormal function code, and the intelligent contract is a suspected abnormal intelligent contract, and continuing to detect the intelligent contract in the next step;
in step S203, it is checked whether the function code containing the call function has a state change after the call function is called. Specifically, if the function code has no state change after the call calling function is called, the function code is indicated to be a normal function code, and the intelligent contract is about a normal contract without information security risk, if the function code has state change after the call calling function is called, the function code is indicated to be an abnormal function code, and the intelligent contract is indicated to be an abnormal contract with information security risk, and the intelligent contract needs to be detected in the next step;
Step S204, finally checking whether gas required by the call function when called is limited to 2100 or below in the function code containing the call function. If the gas value required by the call function when called is limited to 2100 or less, this indicates that the function code is normal and the intelligence is about a normal contract where there is no information security risk.
It should be noted that if the gas value required by the call function in a function code is not limited to 2100 or less when the call function is called, and the function code changes its state after the call function is called in step S203, and there is no reentrant lock in the function code, it may be determined that the function code is an abnormal function code, and the intelligent contract corresponding to the function code is about an abnormal intelligent contract with information security risk.
Due to the risk of reentry vulnerabilities, in the security check of all smart contracts, it is checked whether the smart contract has a reentry vulnerability according to the steps in fig. 2. Along with the development of intelligent contracts, the code amount and logic complexity of the intelligent contracts are rapidly increased, so that the workload and cost for auditing codes by using a manual mode are greatly increased, and the problem of low intelligent contract detection efficiency is caused.
In order to solve the above-described problems, the embodiments of the present application provide a method for detecting a smart contract, it should be noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system such as a set of computer executable instructions, and although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different from that herein.
FIG. 3 is a flowchart of an alternative smart contract detection method, as shown in FIG. 3, according to an embodiment of the present application, the method including the steps of:
step S301, source codes corresponding to the intelligent contracts are acquired.
In step S301, the smart contract is about a smart contract deployed in a blockchain, where the blockchain may be an ethernet main chain (ethernet main), and the smart contract may be a code written in a solubility language.
Step S302, analyzing the source code through a grammar analyzer, and generating an abstract grammar tree corresponding to the source code according to the analysis result.
In step S302, the parser is used to parse an arbitrary version of source code that is not compiled.
Specifically, in the prior art, most static analysis tools of the solubility code use an official solubility compiler solc written in c++ language. The abstract syntax tree corresponding to the json-format intelligent contract source code can be generated through the solc, however, the following problems exist when the solc is used for generating the abstract syntax tree:
First, the problem of compiler version is that the solc has tens of versions, when the solc is used to analyze source code to generate an abstract syntax tree, the version of the compiler must be compatible with the version number declared in the source code, but in the environment of a system, only one version of the solc is needed, and a third party tool is needed to switch versions, so that static analysis tools such as the solc often need to consume a great deal of time and cost to perform environmental configuration before use.
Secondly, when the source code is analyzed by the solc, the source code itself needs to be compiled, if the source code does not pass the compilation, the solc cannot analyze the source code correctly, so when the source code is analyzed by the solc, the source code needs to be compiled with additional labor cost.
To circumvent the above-described problem with solc, the present application uses Antlr4 (parser auto-generation tool) to generate a parser for the sound language. Wherein, antlr4 can generate grammar analyzers of main stream languages such as c++, C#, go, python, java and the like according to g4 grammar files of different languages. And, the parser generated by Antlr4 can parse arbitrary versions of the source code of the solubility, and can parse the source code even if the source code cannot be compiled.
Therefore, the grammar analyzer can carry out grammar analysis on source codes of any version which is not compiled, so that the compiling cost of the source codes and the configuration cost of the grammar analyzer in use can be saved, and the generation efficiency of the abstract grammar tree is improved.
Step S303, traversing a plurality of tree nodes in the abstract syntax tree.
In step S303, the tree node is used to characterize definition information of function codes included in the smart contract.
In an alternative embodiment, an intelligent contract checking system may be used as the execution subject of the intelligent contract checking method in the embodiments of the present application. The intelligent contract detection system at least comprises the grammar analyzer.
Specifically, after the intelligent contract detection system analyzes the source code of the intelligent contract through the grammar analyzer and obtains an abstract grammar tree corresponding to the source code, the intelligent contract detection system also traverses the whole abstract grammar tree and obtains all tree nodes related to function call in the abstract grammar.
Each of the solubility source code files generates an abstract syntax tree after being analyzed, wherein the abstract syntax tree comprises a plurality of contract definition nodes, and each contract definition node is used for representing version information, interface statement, contract statement and the like of an intelligent contract. Meanwhile, a plurality of function declaration sub-nodes are contained under the contract definition node.
It should be noted that, when traversing the abstract syntax tree, the intelligent contract detection system traverses at least two layers, so as to obtain a contract definition node in the abstract syntax tree and a function sound sub-node under the contract definition node, thereby obtaining a plurality of tree nodes. Wherein the plurality of tree nodes at least include contract definition nodes and function declaration sub-nodes, each tree node characterizing definition information of one function code in the intelligent contract.
Step S304, whether the plurality of tree nodes contain abnormal tree nodes or not is detected according to preset conditions.
In step S304, the preset condition is used to characterize the code feature of the abnormal function code, where the abnormal function code is a function code with an information security hole, and the code feature of the function code corresponding to the abnormal tree node is matched with the preset condition.
It should be noted that, the above information security hole is a reentrant hole, and the preset condition is used to characterize the code feature of the abnormal function code with the reentrant hole, for example, the gas value required by the call function in the abnormal function code is not limited to 2100 or less when the call function in the abnormal function code is called, and after the call function in the abnormal function code is called, the abnormal function code changes in state, and meanwhile, no reentrant lock exists in the abnormal function code. If a certain function code in the intelligent contract has all code characteristics of the abnormal function code, the function code is also an abnormal function code, and the tree node corresponding to the function code is an abnormal tree node.
In step S305, in the case that an abnormal tree node exists among the plurality of tree nodes, it is determined that the smart contract is an abnormal smart contract having an information security risk.
In step S305, if at least one exception tree node exists in the abstract syntax tree, it is indicated that at least one exception function code exists in the smart contract corresponding to the abstract syntax tree, and since the exception function code has a reentrant vulnerability, the smart contract has an information security risk, and the smart contract is about an exception smart contract.
Based on the foregoing content of steps S301 to S305, in this application, a method of converting a source code of an intelligent contract into an abstract syntax tree and detecting an abnormal tree node in the abstract syntax tree in combination with a preset condition is adopted, the source code corresponding to the intelligent contract is first obtained, then the source code is parsed by a syntax analyzer, the abstract syntax tree corresponding to the source code is generated according to the parsing result, then a plurality of tree nodes in the abstract syntax tree are traversed, whether the plurality of tree nodes contain the abnormal tree node is detected according to the preset condition, and finally, under the condition that the abnormal tree node exists in the plurality of tree nodes, the intelligent contract is determined to be the abnormal intelligent contract with information security risk. The grammar analyzer is used for carrying out grammar analysis on source codes of any version which are not compiled, the tree nodes are used for representing definition information of function codes contained in the intelligent contracts, the preset conditions are used for representing code characteristics of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code characteristics of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions.
According to the method, the system and the device, the intelligent contract source code is converted into the abstract syntax tree, then the abnormal tree node corresponding to the abnormal function code is detected from the abstract syntax tree, whether the intelligent contract has an information security vulnerability or not is judged according to the detection rule (namely, the preset condition), the purpose of automatically detecting the information security risk of the intelligent contract is achieved, the manual detection cost is reduced, and the detection efficiency for the intelligent contract is improved. In addition, the grammar analyzer can carry out grammar analysis on source codes of any version which is not compiled, so that the code compiling process during intelligent contract analysis can be saved, and the detection efficiency of intelligent contracts is further improved.
Therefore, the technical scheme of the application achieves the purpose of automatically detecting whether the intelligent contract has information security risks by using the abstract syntax tree, so that the problems of large repeated workload and excessively complicated work load during artificial audit of the intelligent contract code are solved, and the technical problem of low information security risk detection efficiency of the intelligent contract in the prior art is solved.
In an alternative embodiment, after traversing a plurality of tree nodes in the abstract syntax tree, the intelligent contract detection system first determines each tree node as a function definition object to obtain a plurality of function definition objects, and then the intelligent contract detection system obtains a function body sub-object in each function definition object, wherein the function body sub-object contains at least one statement object, and the statement object contains at least one function expression. The smart contract detection system then detects whether an objective function expression is included in all of the function expressions included in each of the function definition objects, wherein the objective function expression is used to transfer balance funds in the smart contract to a caller of the smart contract. And finally, the intelligent contract detection system determines the function definition object containing the target function expression as a definition object to be checked, and determines the tree node corresponding to the definition object to be checked as a tree node to be checked.
Specifically, the target function expression is a call calling function. After obtaining a plurality of tree nodes, the intelligent contract detection system determines each tree node as a function definition object, and then searches the definition object to be checked, which contains call calling functions, from the plurality of function definition objects.
In order to determine whether a call function is included in a function definition object, the intelligent contract detection system needs to enter a function body sub-object in each function definition object, and since the function body sub-object includes a plurality of statement objects, each statement object includes an expression, and the call function is one of the expressions, the intelligent contract detection system can determine whether the call function is included in the function definition object by traversing all the expressions included in the function definition object and determining whether each expression is a call function. If a call function exists in a function definition object, the function definition object is a definition object to be checked, and meanwhile, a tree node corresponding to the function definition object is a tree node to be checked.
In an alternative embodiment, the smart contract checking system determines that the smart contract is about a normal smart contract without information security risk in the event that there is no tree node to be checked among the plurality of tree nodes. Under the condition that the tree nodes to be checked exist in the plurality of tree nodes, the intelligent contract detection system detects whether the tree nodes to be checked are abnormal tree nodes or not according to preset conditions.
Optionally, if there are no tree nodes to be checked among the plurality of tree nodes in the abstract syntax tree, it is indicated that there are no function definition objects containing call calling functions in the intelligent contract. On this basis, since the reentry vulnerability must be realized by depending on the call function, the smart contract that does not include the call function can determine that the reentry vulnerability does not exist, and the smart contract is a normal smart contract.
In an alternative embodiment, if there are tree nodes to be checked among the plurality of tree nodes in the abstract syntax tree, the intelligent contract checking system needs to determine whether the tree nodes to be checked are abnormal tree nodes in combination with a preset condition. Specifically, under the condition that the tree node to be checked simultaneously meets all the following preset sub-conditions, the intelligent contract detection system determines that the tree node to be checked is an abnormal tree node, wherein the preset sub-conditions at least comprise: the method comprises the steps of a first preset sub-condition, a second preset sub-condition, a third preset sub-condition and a fourth preset sub-condition.
The meaning of each preset sub-condition is specifically as follows:
the first preset sub-condition characterizes that a to-be-checked definition object corresponding to the to-be-checked tree node does not contain a target modifier, wherein the target modifier is used for limiting the number of times that a caller of the intelligent contract repeatedly accesses the to-be-checked definition object;
The second preset sub-condition characterizes that the address variable called by the target function expression in the to-be-checked definition object can be controlled by an external account, wherein the external account is an account without the control authority of the intelligent contract;
the third preset sub-condition characterizes that after the target function expression in the definition object to be checked is called, the state of the definition object to be checked is updated;
the fourth preset sub-condition characterizes that the to-be-checked definition object is not provided with a target resource consumption value smaller than a preset threshold value aiming at the target function expression, wherein the target resource consumption value is used for characterizing the maximum value of computing resources required by the target function expression in running.
It should be noted that the target modifier may be a non-Reentrandom modifier. Wherein the modifier of each function definition object is stored in the modifiers sub-object of the function definition object, so that it can be determined whether the function definition object has a non-Rentrandom modifier by simply traversing the information in the modifiers sub-object of each function definition object.
It should also be noted that the non-Reentrandom modifier may circumvent reentrant vulnerabilities because it is used to limit the number of times a caller of the smart contract repeatedly accesses into the definition object to be checked. On the basis, if the object to be checked contains the target modifier, the intelligent contract detection system can determine that the tree node to be checked is a normal tree node, and the intelligent contract is about a normal intelligent contract without information security risk. If the to-be-checked definition object does not contain the target modifier, the to-be-checked definition object is indicated to have satisfied the first preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the second preset sub-condition, the third preset sub-condition and the fourth preset sub-condition.
In an alternative embodiment, under the condition that tree nodes to be checked exist in a plurality of tree nodes, the intelligent contract detection system acquires address variables called by objective function expressions in the defined objects to be checked, then detects whether the address variables can be controlled by external accounts, and under the condition that the address variables cannot be controlled by the external accounts, the intelligent contract detection system determines the tree nodes to be checked as normal tree nodes, and the intelligent contract is about a normal intelligent contract without information security risks.
Optionally, in order to detect whether the to-be-checked definition object corresponding to the to-be-checked tree node meets the second preset sub-condition. The intelligent contract checking system also needs to acquire the address variable of the call function, then track the address variable upwards, and see if the address variable can be controlled by an external user.
The call calling function is a call function of a membrane type, which means that a method corresponding to the call calling function is a method under an address type, so that an address variable corresponding to the call calling function can be found by accessing an object called by the call calling function. Typically, this address variable is msg.sender, i.e. the caller address, but if it is other, it needs to track up and see if the address variable can be controlled by an external account.
Because one feature of the reentrant vulnerability is that the call calling function can be controlled by the external account, if the address variable called by the call calling function in the to-be-checked definition object cannot be controlled by the external account, the to-be-checked tree node corresponding to the to-be-checked definition object is indicated to be a normal tree node, and the intelligent contract is about to be a normal intelligent contract without information security risk. If the address variable called by the call calling function in the definition object to be checked can be controlled by the external account, the definition object to be checked is indicated to have satisfied the second preset sub-condition, and the intelligent contract detection system needs to continuously detect the definition object to be checked by combining the first preset sub-condition, the third preset sub-condition and the fourth preset sub-condition.
In an alternative embodiment, in order to detect whether the to-be-checked definition object corresponding to the to-be-checked tree node meets the fourth preset sub-condition. And under the condition that tree nodes to be checked exist in the plurality of tree nodes, the intelligent contract detection system also detects whether the to-be-checked definition object is provided with a target resource consumption value smaller than a preset threshold value aiming at the target function expression. Under the condition that the to-be-checked definition object is provided with a target resource consumption value aiming at the target function expression, the intelligent contract detection system determines that the tree node to be checked is a normal tree node, and intelligently closes to a normal intelligent contract without information security risk.
Optionally, the target resource consumption value is a target gas value. Specifically, the intelligent contract detection system firstly judges whether a call calling function in a to-be-checked definition object limits gas, wherein the intelligent contract detection system can find whether the call calling function limits gas or not and how much of the gas is limited in an expression object of the call calling function.
It should be noted that for most cases, as long as gas is limited to within 5000, call functions can be avoided from performing sstore operations at runtime, while sstores with 400gas value only occur under very severe conditions, under which limiting 2100gas can ensure that 100% of no reentry holes occur, in other words, setting the preset threshold to 2100gas can ensure that 100% of no reentry holes occur in the smart contract. Of course, in the present application, the specific setting of the preset threshold may be adjusted according to the severity of the smart contract, which is not limited in particular in the present application.
In addition, it should be noted that, in the case that the preset threshold has been set, if the call calling function in the to-be-checked definition object has been set with the target gas value smaller than the preset threshold (for example 2100 gas), it is indicated that the to-be-checked tree node corresponding to the to-be-checked definition object is a normal tree node, and the intelligent contract is about a normal intelligent contract without information security risk. If the call calling function in the to-be-checked definition object is not set with the target gas value smaller than the preset threshold value (for example, no gas value is set or the set gas value is greater than or equal to the preset threshold value), the to-be-checked definition object is indicated to have met the fourth preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the first preset sub-condition, the second preset sub-condition and the third preset sub-condition.
In an alternative embodiment, in order to detect whether the to-be-checked definition object corresponding to the to-be-checked tree node meets the third preset sub-condition, in the case that the to-be-checked tree node exists in the plurality of tree nodes, the intelligent contract detection system further detects whether the state of the to-be-checked definition object is updated after the objective function expression in the to-be-checked definition object is called. And under the condition that the state of the to-be-checked definition object is not updated, the intelligent contract detection system determines the to-be-checked tree node as a normal tree node, and intelligently closes a normal intelligent contract without information security risk.
Optionally, in order to detect whether the state of the to-be-checked definition object has an update after the target function expression in the to-be-checked definition object is called, the intelligent contract detection system may acquire a plurality of function statements generated by the to-be-checked definition object, and detect whether the plurality of function statements include the target function statement, where the target function statement is an assignment statement including an assignment symbol, and one side of the target function statement is a state variable corresponding to the intelligent contract. Under the condition that the plurality of function sentences comprise target function sentences, the intelligent contract detection system determines that the state of the definition object to be checked is updated; in the case that the objective function statement is not included in the plurality of function statements, the intelligent contract detection system determines that there is no update in the state of the definition object to be checked.
Specifically, in order to check whether the to-be-checked definition object has a state change after the call calling function in the to-be-checked definition object is called, the intelligent contract detection system can obtain all function statements generated after the call calling function is called through the calling object and the function body object of the call calling function.
It should be noted that the statement containing the state change has the following features:
first, a function statement containing a state change is an assignment statement, i.e., there should be an equal sign in the statement, or an assignment symbol such as self-addition, self-multiplication, etc.
Second, in a function statement containing state changes, the left side of the equal sign should be the state variable, and in order to determine whether the left side variable is the state variable, it is necessary to acquire all the state variables in the smart contract. The state variables in the intelligent contract are defined in the variable definition nodes below the contract object, and the state variables in the intelligent contract can be acquired by traversing the variable hostile nodes. But there is a special case where the solubility allows an internal function to have a state variable as a parameter, then this parameter is the state variable in the function body of this function, and this type of state variable can be found in the variable definition in the function definition object.
As can be seen from the above, after all the state variables are obtained, by traversing all the function statements generated after call calling function is called, and determining whether each function statement is an assignment statement, and whether the left value of the assignment statement is a state variable of the intelligent contract, it can be determined whether one function statement is an objective function statement, and further, whether the state of the definition object to be checked is updated after the objective function expression in the definition object to be checked is called.
One feature of the reentrant vulnerability is that after the call function is called, the function definition object where the call function is located changes state. Therefore, if the state of the to-be-checked definition object is not updated after the target function expression in the to-be-checked definition object is called, the to-be-checked tree node corresponding to the to-be-checked definition object is a normal tree node, and the intelligent contract is about to be a normal intelligent contract without information security risk. If the state of the to-be-checked definition object is updated after the target function expression in the to-be-checked definition object is called, the to-be-checked definition object is indicated to have met the third preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the first preset sub-condition, the second preset sub-condition and the fourth preset sub-condition.
Finally, if the tree node to be checked of one abstract syntax tree simultaneously meets a first preset sub-condition, a second preset sub-condition, a third preset sub-condition and a fourth preset sub-condition, the fact that the function definition object corresponding to the tree node to be checked has a reentrant vulnerability is indicated, and the intelligent contract detection system records the position of the reentrant vulnerability, namely the file path, the line number and the line number.
The intelligent contract detection system can collect all scanned reentrant vulnerabilities and analyze the characteristics of the reentrant vulnerabilities, including information such as quantity, file distribution, contract distribution and the like. Then, the intelligent contract detection system uses scripts to make audit reports of the positions of all re-entered vulnerabilities and the information thereof, wherein the audit reports at least comprise summarization information of the scanning, including file trees, vulnerability numbers, project security and the like.
In addition, for each reentrant vulnerability, information such as id, name, description, risk level, code segment, repair suggestion and the like of the reentrant vulnerability should be displayed in the audit report.
Through the technical scheme, under an application scene, a developer can rapidly scan the intelligent contract in the process of developing the intelligent contract and testing the intelligent contract without ensuring that the source code of the intelligent contract must be compiled and passed.
In addition, before the intelligent contract is online, a developer can automatically scan the intelligent contract, so that the intelligent contract is ensured not to have reentry loopholes, and further, the cost of manual audit is reduced. The security vulnerability discovery personnel can also combine the technical scheme and the script of the application, so that reentrant vulnerabilities in intelligent contracts on all deployed or newly deployed open-source Ethernet virtual machine chains are automatically acquired, and the technical effect of low-cost automatic vulnerability discovery is achieved.
Example 2
According to an embodiment of the present application, there is further provided an embodiment of a detection apparatus for an intelligent contract, as shown in fig. 4, including: an obtaining module 401, configured to obtain a source code corresponding to an intelligent contract; the parsing module 402 is configured to parse the source code by using a parser, and generate an abstract syntax tree corresponding to the source code according to a parsing result, where the parser is configured to parse an uncompiled source code of any version; a traversing module 403, configured to traverse a plurality of tree nodes in the abstract syntax tree, where the tree nodes are used to characterize definition information of function codes included in the intelligent contract; the detection module 404 is configured to detect whether an abnormal tree node is included in the plurality of tree nodes according to a preset condition, where the preset condition is used to characterize a code feature of an abnormal function code, the abnormal function code is a function code with an information security hole, and the code feature of the function code corresponding to the abnormal tree node is matched with the preset condition; a determining module 405, configured to determine, in a case where an abnormal tree node exists among the plurality of tree nodes, that the smart contract is an abnormal smart contract that has an information security risk.
Specifically, in the prior art, most static analysis tools of the solubility code use an official solubility compiler solc written in c++ language. The abstract syntax tree corresponding to the json-format intelligent contract source code can be generated through the solc, however, the following problems exist when the solc is used for generating the abstract syntax tree:
first, the problem of compiler version is that the solc has tens of versions, when the solc is used to analyze source code to generate an abstract syntax tree, the version of the compiler must be compatible with the version number declared in the source code, but in the environment of a system, only one version of the solc is needed, and a third party tool is needed to switch versions, so that static analysis tools such as the solc often need to consume a great deal of time and cost to perform environmental configuration before use.
Secondly, when the source code is analyzed by the solc, the source code itself needs to be compiled, if the source code does not pass the compilation, the solc cannot analyze the source code correctly, so when the source code is analyzed by the solc, the source code needs to be compiled with additional labor cost.
To circumvent the above-described problem with solc, the present application uses Antlr4 (parser auto-generation tool) to generate a parser for the sound language. Wherein, antlr4 can generate grammar analyzers of main stream languages such as c++, C#, go, python, java and the like according to g4 grammar files of different languages. And, the parser generated by Antlr4 can parse arbitrary versions of the source code of the solubility, and can parse the source code even if the source code cannot be compiled.
Therefore, the grammar analyzer can carry out grammar analysis on source codes of any version which is not compiled, so that the compiling cost of the source codes and the configuration cost of the grammar analyzer in use can be saved, and the generation efficiency of the abstract grammar tree is improved.
In an alternative embodiment, an intelligent contract checking system may be used as the execution subject of the intelligent contract checking method in the embodiments of the present application. The intelligent contract detection system at least comprises the grammar analyzer.
Specifically, after the intelligent contract detection system analyzes the source code of the intelligent contract through the grammar analyzer and obtains an abstract grammar tree corresponding to the source code, the intelligent contract detection system also traverses the whole abstract grammar tree and obtains all tree nodes related to function call in the abstract grammar.
Each of the solubility source code files generates an abstract syntax tree after being analyzed, wherein the abstract syntax tree comprises a plurality of contract definition nodes, and each contract definition node is used for representing version information, interface statement, contract statement and the like of an intelligent contract. Meanwhile, a plurality of function declaration sub-nodes are contained under the contract definition node.
It should be noted that, when traversing the abstract syntax tree, the intelligent contract detection system traverses at least two layers, so as to obtain a contract definition node in the abstract syntax tree and a function sound sub-node under the contract definition node, thereby obtaining a plurality of tree nodes. Wherein the plurality of tree nodes at least include contract definition nodes and function declaration sub-nodes, each tree node characterizing definition information of one function code in the intelligent contract.
Optionally, the smart contract detecting device further includes: the device comprises a first determining module, a first acquiring module, a first detecting module and a second determining module. The first determining module is used for determining each tree node as a function definition object to obtain a plurality of function definition objects; the first acquisition module is used for acquiring a function body sub-object in each function definition object, wherein the function body sub-object comprises at least one statement object, and the statement object comprises at least one function expression; the first detection module is used for detecting whether all function expressions contained in each function definition object contain objective function expressions or not, wherein the objective function expressions are used for transferring balance funds in the intelligent contract to a caller of the intelligent contract; and the second determining module is used for determining the function definition object containing the target function expression as a definition object to be checked and determining the tree node corresponding to the definition object to be checked as a tree node to be checked.
Specifically, the target function expression is a call calling function. After obtaining a plurality of tree nodes, the intelligent contract detection system determines each tree node as a function definition object, and then searches the definition object to be checked, which contains call calling functions, from the plurality of function definition objects.
In order to determine whether a call function is included in a function definition object, the intelligent contract detection system needs to enter a function body sub-object in each function definition object, and since the function body sub-object includes a plurality of statement objects, each statement object includes an expression, and the call function is one of the expressions, the intelligent contract detection system can determine whether the call function is included in the function definition object by traversing all the expressions included in the function definition object and determining whether each expression is a call function. If a call function exists in a function definition object, the function definition object is a definition object to be checked, and meanwhile, a tree node corresponding to the function definition object is a tree node to be checked.
Optionally, the above detection module further includes: a first determination unit and a first detection unit. The first determining unit is used for determining that the intelligent contract is about a normal intelligent contract without information security risk under the condition that tree nodes to be checked do not exist in the plurality of tree nodes; the first detection unit is used for detecting whether the tree node to be checked is an abnormal tree node according to a preset condition when the tree node to be checked exists in the plurality of tree nodes.
Optionally, if there are no tree nodes to be checked among the plurality of tree nodes in the abstract syntax tree, it is indicated that there are no function definition objects containing call calling functions in the intelligent contract. On this basis, since the reentry vulnerability must be realized by depending on the call function, the smart contract that does not include the call function can determine that the reentry vulnerability does not exist, and the smart contract is a normal smart contract.
Optionally, the first detection unit further includes: the first determining subunit is configured to determine, when the tree node to be checked simultaneously meets all of the following preset sub-conditions, that the tree node to be checked is an abnormal tree node, where the preset sub-conditions at least include: the method comprises the steps of a first preset sub-condition, a second preset sub-condition, a third preset sub-condition and a fourth preset sub-condition; the first preset sub-condition characterizes that a to-be-checked definition object corresponding to the to-be-checked tree node does not contain a target modifier, wherein the target modifier is used for limiting the number of times that a caller of the intelligent contract repeatedly accesses the to-be-checked definition object; the second preset sub-condition characterizes that the address variable called by the target function expression in the to-be-checked definition object can be controlled by an external account, wherein the external account is an account without the control authority of the intelligent contract; the third preset sub-condition characterizes that after the target function expression in the definition object to be checked is called, the state of the definition object to be checked is updated; the fourth preset sub-condition characterizes that the to-be-checked definition object is not provided with a target resource consumption value smaller than a preset threshold value aiming at the target function expression, wherein the target resource consumption value is used for characterizing the maximum value of computing resources required by the target function expression in running.
It should be noted that the target modifier may be a non-Reentrandom modifier. Wherein the modifier of each function definition object is stored in the modifiers sub-object of the function definition object, so that it can be determined whether the function definition object has a non-Rentrandom modifier by simply traversing the information in the modifiers sub-object of each function definition object.
Optionally, the first detection unit further includes: a first detection subunit and a second determination subunit. The first detection subunit is configured to detect, when a tree node to be checked exists in the plurality of tree nodes, whether a target modifier is included in a to-be-checked definition object corresponding to the tree node to be checked; and the second determining subunit is used for determining the tree node to be checked as a normal tree node under the condition that the target modifier is contained in the definition object to be checked, and intelligently closing the normal intelligent contract without information security risk.
Since the nonReentrandom modifier is used to limit the number of times a caller of the smart contract repeatedly accesses into the definition object to be checked, the nonReentrandom modifier can avoid reentry holes. On the basis, if the object to be checked contains the target modifier, the intelligent contract detection system can determine that the tree node to be checked is a normal tree node, and the intelligent contract is about a normal intelligent contract without information security risk. If the to-be-checked definition object does not contain the target modifier, the to-be-checked definition object is indicated to have satisfied the first preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the second preset sub-condition, the third preset sub-condition and the fourth preset sub-condition.
Optionally, the first detection unit further includes: the first acquisition subunit, the second detection subunit and the third determination subunit. The first obtaining subunit is used for obtaining address variables called by the target function expression in the definition object to be checked under the condition that tree nodes to be checked exist in the plurality of tree nodes; a second detection subunit for detecting whether the address variable can be controlled by an external account; and the third determining subunit is used for determining the tree node to be checked as a normal tree node under the condition that the address variable cannot be controlled by the external account, and intelligently closing a normal intelligent contract without information security risk.
Optionally, in order to detect whether the to-be-checked definition object corresponding to the to-be-checked tree node meets the second preset sub-condition. The intelligent contract checking system also needs to acquire the address variable of the call function, then track the address variable upwards, and see if the address variable can be controlled by an external user.
The call calling function is a call function of a membrane type, which means that a method corresponding to the call calling function is a method under an address type, so that an address variable corresponding to the call calling function can be found by accessing an object called by the call calling function. Typically, this address variable is msg.sender, i.e. the caller address, but if it is other, it needs to track up and see if the address variable can be controlled by an external account.
Because one feature of the reentrant vulnerability is that the call calling function can be controlled by the external account, if the address variable called by the call calling function in the to-be-checked definition object cannot be controlled by the external account, the to-be-checked tree node corresponding to the to-be-checked definition object is indicated to be a normal tree node, and the intelligent contract is about to be a normal intelligent contract without information security risk. If the address variable called by the call calling function in the definition object to be checked can be controlled by the external account, the definition object to be checked is indicated to have satisfied the second preset sub-condition, and the intelligent contract detection system needs to continuously detect the definition object to be checked by combining the first preset sub-condition, the third preset sub-condition and the fourth preset sub-condition.
Optionally, the first detection unit further includes: a third detection subunit and a fourth determination subunit. The third detection subunit is configured to detect, when a tree node to be checked exists in the plurality of tree nodes, whether the state of the defined object to be checked is updated after the objective function expression in the defined object to be checked is called; and the fourth determining subunit is used for determining the tree node to be checked as a normal tree node under the condition that the state of the definition object to be checked is not updated, and intelligently closing the normal intelligent contract without information security risk.
Optionally, the third detection subunit further includes: the device comprises a first acquisition sub-module, a first detection sub-module, a first determination sub-module and a second determination sub-module. The first acquisition submodule is used for acquiring a plurality of function sentences generated by the definition object to be checked after the target function expression in the definition object to be checked is called; the first detection submodule is used for detecting whether an objective function statement is contained in the plurality of function statements, wherein the objective function statement is an assignment statement containing an assignment symbol, and one side of the objective function statement is a state variable corresponding to the intelligent contract; the first determining submodule is used for determining that the state of the definition object to be checked is updated under the condition that the target function sentences are contained in the function sentences; and the second determining submodule is used for determining that the state of the definition object to be checked is not updated under the condition that the objective function statement is not contained in the function statements.
Specifically, in order to check whether the to-be-checked definition object has a state change after the call calling function in the to-be-checked definition object is called, the intelligent contract detection system can obtain all function statements generated after the call calling function is called through the calling object and the function body object of the call calling function.
It should be noted that the statement containing the state change has the following features:
first, a function statement containing a state change is an assignment statement, i.e., there should be an equal sign in the statement, or an assignment symbol such as self-addition, self-multiplication, etc.
Second, in a function statement containing state changes, the left side of the equal sign should be the state variable, and in order to determine whether the left side variable is the state variable, it is necessary to acquire all the state variables in the smart contract. The state variables in the intelligent contract are defined in the variable definition nodes below the contract object, and the state variables in the intelligent contract can be acquired by traversing the variable hostile nodes. But there is a special case where the solubility allows an internal function to have a state variable as a parameter, then this parameter is the state variable in the function body of this function, and this type of state variable can be found in the variable definition in the function definition object.
As can be seen from the above, after all the state variables are obtained, by traversing all the function statements generated after call calling function is called, and determining whether each function statement is an assignment statement, and whether the left value of the assignment statement is a state variable of the intelligent contract, it can be determined whether one function statement is an objective function statement, and further, whether the state of the definition object to be checked is updated after the objective function expression in the definition object to be checked is called.
One feature of the reentrant vulnerability is that after the call function is called, the function definition object where the call function is located changes state. Therefore, if the state of the to-be-checked definition object is not updated after the target function expression in the to-be-checked definition object is called, the to-be-checked tree node corresponding to the to-be-checked definition object is a normal tree node, and the intelligent contract is about to be a normal intelligent contract without information security risk. If the state of the to-be-checked definition object is updated after the target function expression in the to-be-checked definition object is called, the to-be-checked definition object is indicated to have met the third preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the first preset sub-condition, the second preset sub-condition and the fourth preset sub-condition.
Optionally, the first detection unit further includes: a fourth detection subunit and a fifth determination subunit. The fourth detection subunit is configured to detect, when a tree node to be checked exists among the plurality of tree nodes, whether a target resource consumption value smaller than a preset threshold value is set for the target function expression by the definition object to be checked; and the fifth determining subunit is used for determining the tree node to be checked as a normal tree node under the condition that the to-be-checked definition object is provided with a target resource consumption value aiming at the target function expression, and intelligently integrating normal intelligent contracts without information security risks.
Optionally, the target resource consumption value is a target gas value. Specifically, the intelligent contract detection system firstly judges whether a call calling function in a to-be-checked definition object limits gas, wherein the intelligent contract detection system can find whether the call calling function limits gas or not and how much of the gas is limited in an expression object of the call calling function.
It should be noted that for most cases, as long as gas is limited to within 5000, call functions can be avoided from performing sstore operations at runtime, while sstores with 400gas value only occur under very severe conditions, under which limiting 2100gas can ensure that 100% of no reentry holes occur, in other words, setting the preset threshold to 2100gas can ensure that 100% of no reentry holes occur in the smart contract. Of course, in the present application, the specific setting of the preset threshold may be adjusted according to the severity of the smart contract, which is not limited in particular in the present application.
In addition, it should be noted that, in the case that the preset threshold has been set, if the call calling function in the to-be-checked definition object has been set with the target gas value smaller than the preset threshold (for example 2100 gas), it is indicated that the to-be-checked tree node corresponding to the to-be-checked definition object is a normal tree node, and the intelligent contract is about a normal intelligent contract without information security risk. If the call calling function in the to-be-checked definition object is not set with the target gas value smaller than the preset threshold value (for example, no gas value is set or the set gas value is greater than or equal to the preset threshold value), the to-be-checked definition object is indicated to have met the fourth preset sub-condition, and the intelligent contract detection system needs to continuously detect the to-be-checked definition object by combining the first preset sub-condition, the second preset sub-condition and the third preset sub-condition.
The foregoing embodiment numbers of the present application are merely for describing, and do not represent advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology content may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, for example, may be a logic function division, and may be implemented in another manner, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, including several instructions to cause a computer device (which may be a personal computer, a server or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely a preferred embodiment of the present application and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present application and are intended to be comprehended within the scope of the present application.

Claims (10)

1. A method for detecting an intelligent contract, comprising:
acquiring a source code corresponding to the intelligent contract;
analyzing the source code through a grammar analyzer, and generating an abstract grammar tree corresponding to the source code according to an analysis result, wherein the grammar analyzer is used for carrying out grammar analysis on the source code of any version which is not compiled;
traversing a plurality of tree nodes in the abstract syntax tree, wherein the tree nodes are used for representing definition information of function codes contained in the intelligent contracts;
detecting whether a plurality of tree nodes contain abnormal tree nodes or not according to preset conditions, wherein the preset conditions are used for representing code characteristics of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code characteristics of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions;
And under the condition that the abnormal tree nodes exist in a plurality of tree nodes, determining that the intelligent contract is an abnormal intelligent contract with information security risks.
2. The method of claim 1, wherein after traversing the plurality of tree nodes in the abstract syntax tree, the method further comprises:
determining each tree node as a function definition object to obtain a plurality of function definition objects;
obtaining a function body sub-object in each function definition object, wherein the function body sub-object comprises at least one statement object, and the statement object comprises at least one function expression;
detecting whether all function expressions contained in each function definition object contain objective function expressions or not, wherein the objective function expressions are used for transferring balance funds in the intelligent contract to a caller of the intelligent contract;
and determining the function definition object containing the target function expression as a definition object to be checked, and determining the tree node corresponding to the definition object to be checked as a tree node to be checked.
3. The method of claim 2, wherein detecting whether an abnormal tree node is included in the plurality of tree nodes according to a preset condition comprises:
Under the condition that the tree nodes to be checked do not exist in a plurality of tree nodes, determining that the intelligent contract is about a normal intelligent contract without the information security risk;
and under the condition that the tree nodes to be checked exist in a plurality of tree nodes, detecting whether the tree nodes to be checked are abnormal tree nodes or not according to the preset conditions.
4. A method according to claim 3, wherein detecting whether the tree node to be checked is the abnormal tree node according to the preset condition comprises:
and under the condition that the tree node to be checked simultaneously meets all the following preset sub-conditions, determining the tree node to be checked as the abnormal tree node, wherein the preset sub-conditions at least comprise: the method comprises the steps of a first preset sub-condition, a second preset sub-condition, a third preset sub-condition and a fourth preset sub-condition;
the first preset sub-condition characterizes that a target modifier is not contained in the definition object to be checked corresponding to the tree node to be checked, wherein the target modifier is used for limiting the number of times that a caller of the intelligent contract repeatedly accesses the definition object to be checked;
the second preset sub-condition characterizes that the address variable called by the target function expression in the to-be-checked definition object can be controlled by an external account, wherein the external account is an account without the control authority of the intelligent contract;
The third preset sub-condition characterizes that after the target function expression in the to-be-checked definition object is called, the state of the to-be-checked definition object is updated;
the fourth preset sub-condition characterizes that the to-be-checked definition object is not provided with a target resource consumption value smaller than a preset threshold value aiming at the target function expression, wherein the target resource consumption value is used for characterizing the maximum value of computing resources required by the target function expression in operation.
5. The method of claim 4, wherein detecting whether the tree node to be checked is the abnormal tree node according to the preset condition comprises:
detecting whether the target modifier is contained in a to-be-checked definition object corresponding to the to-be-checked tree node under the condition that the to-be-checked tree node exists in a plurality of tree nodes;
and under the condition that the target modifier is contained in the to-be-checked definition object, determining the to-be-checked tree node as a normal tree node, wherein the intelligent contract is about a normal intelligent contract without the information security risk.
6. The method of claim 4, wherein detecting whether the tree node to be checked is the abnormal tree node according to the preset condition comprises:
Under the condition that the tree nodes to be checked exist in a plurality of tree nodes, acquiring address variables called by objective function expressions in the defined objects to be checked;
detecting whether the address variable is controllable by the external account;
and under the condition that the address variable cannot be controlled by the external account, determining the tree node to be checked as a normal tree node, wherein the intelligent contract is about a normal intelligent contract without the information security risk.
7. The method of claim 4, wherein detecting whether the tree node to be checked is the abnormal tree node according to the preset condition comprises:
under the condition that the tree nodes to be checked exist in a plurality of tree nodes, detecting whether the state of the definition object to be checked is updated after the target function expression in the definition object to be checked is called;
and under the condition that the state of the to-be-checked definition object is not updated, determining the to-be-checked tree node as a normal tree node, wherein the intelligent contract is about a normal intelligent contract without the information security risk.
8. The method of claim 7, wherein detecting whether the state of the definition object to be checked is updated after the object function expression in the definition object to be checked is invoked comprises:
After the target function expression in the definition object to be checked is called, a plurality of function sentences generated by the definition object to be checked are obtained;
detecting whether an objective function statement is contained in the function statements, wherein the objective function statement is an assignment statement containing an assignment symbol, and one side of the objective function statement is a state variable corresponding to the intelligent contract;
under the condition that the target function sentences are contained in the function sentences, determining that the state of the to-be-checked definition object is updated;
and under the condition that the objective function statement is not contained in the function statements, determining that the state of the definition object to be checked is not updated.
9. The method of claim 4, wherein detecting whether the tree node to be checked is the abnormal tree node according to the preset condition comprises:
detecting whether the to-be-checked definition object is provided with a target resource consumption value smaller than the preset threshold value aiming at the target function expression under the condition that the to-be-checked tree nodes exist in a plurality of tree nodes;
and under the condition that the target resource consumption value is set by the to-be-checked definition object aiming at the target function expression, determining the to-be-checked tree node as a normal tree node, wherein the intelligent contract is about a normal intelligent contract without the information security risk.
10. An intelligent contract checking apparatus, comprising:
the acquisition module is used for acquiring source codes corresponding to the intelligent contracts;
the parsing module is used for parsing the source code through a parser and generating an abstract syntax tree corresponding to the source code according to a parsing result, wherein the parser is used for parsing the source code of any version which is not compiled;
the traversing module is used for traversing a plurality of tree nodes in the abstract syntax tree, wherein the tree nodes are used for representing definition information of function codes contained in the intelligent contract;
the detection module is used for detecting whether the plurality of tree nodes contain abnormal tree nodes or not according to preset conditions, wherein the preset conditions are used for representing code characteristics of abnormal function codes, the abnormal function codes are function codes with information security holes, and the code characteristics of the function codes corresponding to the abnormal tree nodes are matched with the preset conditions;
and the determining module is used for determining that the intelligent contract is an abnormal intelligent contract with information security risk under the condition that the abnormal tree nodes exist in the plurality of tree nodes.
CN202211698899.XA 2022-12-28 2022-12-28 Intelligent contract detection method and device Pending CN116028495A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211698899.XA CN116028495A (en) 2022-12-28 2022-12-28 Intelligent contract detection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211698899.XA CN116028495A (en) 2022-12-28 2022-12-28 Intelligent contract detection method and device

Publications (1)

Publication Number Publication Date
CN116028495A true CN116028495A (en) 2023-04-28

Family

ID=86078800

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211698899.XA Pending CN116028495A (en) 2022-12-28 2022-12-28 Intelligent contract detection method and device

Country Status (1)

Country Link
CN (1) CN116028495A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117688564A (en) * 2024-02-01 2024-03-12 山东大学 Detection method, device and storage medium for intelligent contract event log

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117688564A (en) * 2024-02-01 2024-03-12 山东大学 Detection method, device and storage medium for intelligent contract event log
CN117688564B (en) * 2024-02-01 2024-05-03 山东大学 Detection method, device and storage medium for intelligent contract event log

Similar Documents

Publication Publication Date Title
Tikhomirov et al. Smartcheck: Static analysis of ethereum smart contracts
US9715593B2 (en) Software vulnerabilities detection system and methods
US20180330102A1 (en) Using the Same Query Language for Static and Dynamic Application Security Testing Tools
CN101661543B (en) Method and device for detecting security flaws of software source codes
US20040205411A1 (en) Method of detecting malicious scripts using code insertion technique
US11669623B2 (en) Method for detecting vulnerabilities in software
CN110225029B (en) Injection attack detection method, device, server and storage medium
CN113497809B (en) MIPS framework vulnerability mining method based on control flow and data flow analysis
Liao et al. Smartdagger: a bytecode-based static analysis approach for detecting cross-contract vulnerability
Hejderup et al. Can we trust tests to automate dependency updates? a case study of java projects
Pérez et al. Lapse+ static analysis security software: Vulnerabilities detection in java ee applications
CN113312618A (en) Program vulnerability detection method and device, electronic equipment and medium
KR101696694B1 (en) Method And Apparatus For Analysing Source Code Vulnerability By Using TraceBack
CN116028495A (en) Intelligent contract detection method and device
Hough et al. A practical approach for dynamic taint tracking with control-flow relationships
Bodell III et al. Proxy hunting: Understanding and characterizing proxy-based upgradeable smart contracts in blockchains
CN112131120B (en) Source code defect detection method and device
CN114036526A (en) Vulnerability testing method and device, computer equipment and storage medium
CN112131122B (en) Method and device for source code defect detection tool misinformation evaluation
CN112445706A (en) Program abnormal code acquisition method and device, electronic equipment and storage medium
Al Kassar et al. Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications.
Xi et al. When they go low: Automated replacement of low-level functions in Ethereum smart contracts
KR102341137B1 (en) Code converting method based on intermediate language and electronic device including the same
Staderini et al. Security Evaluation and Improvement of Solidity Smart Contracts
CN116775040B (en) Pile inserting method for realizing code vaccine and application testing method based on code vaccine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination