CN116861443A - Security detection method and related device for intelligent contract - Google Patents

Security detection method and related device for intelligent contract Download PDF

Info

Publication number
CN116861443A
CN116861443A CN202310898239.4A CN202310898239A CN116861443A CN 116861443 A CN116861443 A CN 116861443A CN 202310898239 A CN202310898239 A CN 202310898239A CN 116861443 A CN116861443 A CN 116861443A
Authority
CN
China
Prior art keywords
contract
target
test
analysis
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310898239.4A
Other languages
Chinese (zh)
Inventor
华崇鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangxi Kaichuang Digital Technology Co ltd
Original Assignee
Jiangxi Kaichuang Digital Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangxi Kaichuang Digital Technology Co ltd filed Critical Jiangxi Kaichuang Digital Technology Co ltd
Priority to CN202310898239.4A priority Critical patent/CN116861443A/en
Publication of CN116861443A publication Critical patent/CN116861443A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3692Test management for test results analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • G06F8/42Syntactic analysis
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of safety, and discloses a safety detection method and a related device for an intelligent contract, which are used for improving the accuracy and efficiency of intelligent contract safety detection. Comprising the following steps: acquiring a source code of a target intelligent contract to acquire the source code of the target intelligent contract; performing token sequence identification on the source code, and determining a target token sequence; the source codes are subjected to grammar analysis through the target token sequence, grammar analysis results are generated, and contract logic analysis is performed on the source codes to generate contract logic; performing data sensitivity analysis on the target intelligent contract through contract logic to generate a sensitivity analysis result; matching a sensitive data type through a sensitivity analysis result, and determining a test target through the sensitive data type; constructing a test case through a test target to generate a corresponding test case; and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result.

Description

Security detection method and related device for intelligent contract
Technical Field
The invention relates to the technical field of security, in particular to a security detection method and a related device of an intelligent contract.
Background
Currently, with the continuous development and application of blockchain technology and smart contracts, security issues of smart contracts are attracting attention. In the face of changing network environments and attack means, the traditional security test method is insufficient to meet the security requirements of intelligent contracts, so that new intelligent contract security detection technologies need to be developed. The scheme comprises a plurality of technical links such as source code acquisition, token sequence identification, grammar analysis, contract logic analysis, sensitivity analysis, test case construction, fuzzy test and the like, and specific characteristics and security requirements of the intelligent contract are combined for targeted processing.
At present, intelligent contract security detection techniques have some disadvantages. For example, the complexity and dynamics of smart contracts present significant challenges for security testing; the existing security testing methods and tools are also difficult to fully cover various security problems of intelligent contracts; meanwhile, the development period of the intelligent contract is short, and quick response and solving of the security problem are required, so that more efficient and quick security detection tools and technologies are required to be developed to ensure the security and reliability of the intelligent contract. In the future, with the continuous development and popularization of blockchain technologies, intelligent contract security detection technologies will also continuously advance and perfect to accommodate new security requirements and challenges.
Disclosure of Invention
The invention provides a security detection method and a related device for an intelligent contract, which are used for improving the accuracy and efficiency of security detection of the intelligent contract.
The first aspect of the present invention provides a security detection method for an intelligent contract, where the security detection method for an intelligent contract includes: acquiring a source code of a target intelligent contract, and acquiring the source code of the target intelligent contract; performing token sequence identification on the source code, and determining a target token sequence; carrying out grammar analysis on the source code through the target token sequence to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing; when the grammar analysis result is that the grammar analysis result passes the verification, performing contract logic analysis on the source code to generate corresponding contract logic; performing data sensitivity analysis on the target intelligent contract through the contract logic to generate a sensitivity analysis result; matching the corresponding sensitive data type through the sensitivity analysis result, and determining a test target through the sensitive data type; constructing test cases through the test targets to generate corresponding test cases; and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result.
With reference to the first aspect, in a first implementation manner of the first aspect of the present invention, the acquiring source code of the target smart contract to acquire source code of the target smart contract includes: analyzing a source code storage position of a target intelligent contract, acquiring the source code storage position, and simultaneously, carrying out hash value matching on the target intelligent contract to determine a target hash value; performing database matching based on the source code storage position, and determining a source code database corresponding to the intelligent contract; and acquiring source codes corresponding to the target intelligent contracts from the source code database based on the target hash values.
With reference to the first aspect, in a second implementation manner of the first aspect of the present invention, the parsing the source code through the target token sequence generates a parsing result, where the parsing result includes verification passing and verification failing, and includes: constructing a grammar tree through the target token sequence to generate an abstract grammar tree; performing root node analysis on the abstract syntax tree to obtain a syntax tree node set; and respectively carrying out grammar detection on each grammar tree node in the grammar tree node set to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing.
With reference to the second implementation manner of the first aspect, in a third implementation manner of the first aspect of the present invention, when the result of the syntax analysis is that the syntax analysis is verified, performing contract logic analysis on the source code to generate corresponding contract logic, where the contract logic includes: when the grammar analysis result is that verification is passed, node traversal is carried out on the grammar tree node set, and node types and node meanings corresponding to each grammar tree node are generated; and carrying out contract logic analysis on the source codes through the node types and the node meanings corresponding to each grammar tree node, and generating corresponding contract logic.
With reference to the first aspect, in a fourth implementation manner of the first aspect of the present invention, the performing, by the contract logic, data sensitivity analysis on the target smart contract, to generate a sensitivity analysis result, includes: performing data flow analysis on the contract logic to generate a data flow corresponding to the contract logic; extracting data application types from the data stream to obtain a data application type set; performing data attribute analysis on the data application type set to generate a data attribute set; and carrying out data sensitivity analysis on the target intelligent contract through the data attribute set to generate a sensitivity analysis result.
With reference to the first aspect, in a fifth implementation manner of the first aspect of the present invention, the determining, by the sensitivity analysis result, a test target according to a corresponding sensitivity data type includes: extracting sensitive data attributes through the sensitivity analysis result, and determining corresponding sensitive data attributes; analyzing the sensitive data types through the sensitive data attributes, and determining the corresponding sensitive data types; and performing contract module matching on the target intelligent contract through the sensitive data type to obtain at least one contract module to be tested, and determining a test target through the at least one contract module to be tested.
With reference to the first aspect, in a sixth implementation manner of the first aspect of the present invention, the performing, by the test case, a fuzzy test on the target smart contract, generating a fuzzy test result, and generating, by the fuzzy test result, a security detection report includes: constructing a test environment based on the test case to generate a target test environment; generating configuration information of a preset fuzzy test tool through the target test environment, and determining target configuration information; performing information configuration on the fuzzy test tool through the target configuration information to obtain a target fuzzy test tool; and carrying out fuzzy test on the test case through the target fuzzy test tool to generate a fuzzy test result.
A second aspect of the present invention provides a security inspection system of an intelligent contract, the security inspection system of the intelligent contract comprising:
the code acquisition module is used for acquiring source codes of the target intelligent contracts and acquiring the source codes of the target intelligent contracts;
the sequence identification module is used for carrying out token sequence identification on the source code and determining a target token sequence;
the grammar analysis module is used for carrying out grammar analysis on the source code through the target token sequence to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing;
the logic generation module is used for carrying out contract logic analysis on the source code to generate corresponding contract logic when the grammar analysis result is verified;
the data analysis module is used for carrying out data sensitivity analysis on the target intelligent contract through the contract logic to generate a sensitivity analysis result;
the type matching module is used for matching the corresponding sensitive data type according to the sensitivity analysis result, and determining a test target according to the sensitive data type;
the case generation module is used for constructing the test case through the test target and generating a corresponding test case;
And the fuzzy test module is used for carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result and generating a safety detection report through the fuzzy test result.
A third aspect of the present invention provides a security detection device of an intelligent contract, including: a memory and at least one processor, the memory having instructions stored therein; the at least one processor invokes the instructions in the memory to cause the security detection device of the smart contract to perform the security detection method of the smart contract described above.
A fourth aspect of the present invention provides a computer readable storage medium having instructions stored therein which, when run on a computer, cause the computer to perform the security detection method of a smart contract described above.
In the technical scheme provided by the invention, the source code acquisition is carried out on the target intelligent contract to acquire the source code of the target intelligent contract; performing token sequence identification on the source code, and determining a target token sequence; the source codes are subjected to grammar analysis through the target token sequence, grammar analysis results are generated, and contract logic analysis is performed on the source codes to generate contract logic; performing data sensitivity analysis on the target intelligent contract through contract logic to generate a sensitivity analysis result; matching a sensitive data type through a sensitivity analysis result, and determining a test target through the sensitive data type; constructing a test case through a test target to generate a corresponding test case; and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result. In the embodiment of the invention, the loopholes and hidden dangers existing in the contracts can be effectively discovered by carrying out comprehensive security detection links such as source code acquisition, grammar analysis, contract logic analysis, data sensitivity analysis, fuzzy test and the like on the intelligent contracts, so that the security and stability of the contracts are improved. Through carrying out comprehensive scanning and analysis to intelligent contract, can discern risk point and the problem that probably exists fast, improve test efficiency and accuracy, avoid missing any possible safety problem.
Drawings
FIG. 1 is a diagram illustrating an embodiment of a security detection method for a smart contract according to an embodiment of the present invention;
FIG. 2 is a flow chart of parsing source code through a target token sequence in accordance with an embodiment of the present invention;
FIG. 3 is a flow chart of contract logic analysis for source code in an embodiment of the invention;
FIG. 4 is a flow chart of data sensitivity analysis for a target smart contract in accordance with an embodiment of the invention;
FIG. 5 is a schematic diagram of one embodiment of a security detection system for a smart contract in accordance with an embodiment of the present invention;
FIG. 6 is a schematic diagram of an embodiment of a security detection device for a smart contract in an embodiment of the invention.
Detailed Description
The embodiment of the invention provides a security detection method and a related device for intelligent contracts, which are used for improving circulation planning efficiency and distribution efficiency of rural logistics. The terms "first," "second," "third," "fourth" and the like in the description and in the claims and in the above drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments described herein may be implemented in other sequences than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus.
For ease of understanding, a specific flow of an embodiment of the present invention is described below with reference to fig. 1, where an embodiment of a security detection method for an intelligent contract according to an embodiment of the present invention includes:
s101, acquiring a source code of a target intelligent contract to acquire the source code of the target intelligent contract;
it will be appreciated that the execution subject of the present invention may be a security detection system of an intelligent contract, and may also be a terminal or a server, which is not limited herein. The embodiment of the invention is described by taking a server as an execution main body as an example.
Specifically, the acquisition of the source code of the target intelligent contract refers to acquiring the original code of the target intelligent contract. An intelligent contract is an automated protocol executing on a blockchain that can define and enforce specific rules and conditions. The intelligent contract source code collection may be performed in a number of ways. Several common methods are described in detail below: 1. a blockchain browser: many blockchain platforms provide a blockchain browser that can be used to view transactions and smart contracts. Through the browser, the transaction history of the contract may be retrieved and its source code obtained. Typically, the source code of the smart contract is publicly visible, but private contracts may exist that require specific rights to access. 2. A code repository: the smart contracts are typically stored in a code repository, such as GitHub, gitLab, in the form of source code. These repositories may be looked up through links shared by the developers in the search engine or blockchain community. Once the repository is found, the source code of the contract can be browsed and downloaded. Api call: some blockchain platforms provide APIs to obtain information of smart contracts, including source code. The source code of the contract may be obtained by calling the corresponding API. This requires authentication and authorization using the appropriate API document and access key. 4. Contract issuers or developers: if the smart contract is issued by a particular entity or developer, the request source code may be contacted directly with them.
S102, performing token sequence identification on a source code, and determining a target token sequence;
specifically, token sequence identification in source code refers to the process of identifying and determining a target token sequence in source code. In programming, a token is the smallest unit in source code and may be a key, identifier, operator, separator, constant, or the like. By identifying and extracting token sequences, the server obtains specific grammar structures and logic information in the source code. The token sequence identification of the source code needs to be carried out through the following steps: 1. lexical Analysis (Lexical Analysis): lexical analysis is the process of decomposing source code into individual token. In this step, the source code is split into a series of tokens, and each token is assigned a corresponding lexical element. These lexical elements may be keywords (e.g., if, for, while, etc.), identifiers (variable names, function names, etc.), operators (+, -, etc.), separators (brackets, semicolons, etc.), and constants (numbers, strings, etc.). 2. Syntax Analysis (syncax Analysis): syntax analysis is the process of building a syntax tree from a token sequence. The syntax tree represents the syntax structure and relationships in the source code. Through parsing, the server identifies the different syntax elements (e.g., functions, classes, loops, etc.) in the source code and the nesting and dependency relationships between them. 3. Determination of the target token sequence: during the parsing process, the server defines and identifies specific grammar rules to determine the target token sequence. These rules may be matched and filtered based on keywords, identifiers, operators, etc. By defining appropriate rules, the server filters out token sequences that satisfy certain conditions, thereby obtaining target token sequences. After determining the target token sequences, the server further analyzes and processes the sequences. This includes, but is not limited to, the following: 1. semantic analysis: by analyzing the target token sequence, the server performs semantic analysis to understand the meaning and logic in the source code. This may involve the definition and use of variables, function calls, control flow statements, and the like. Through semantic analysis, the server verifies the correctness of the code, detects potential errors and vulnerabilities, and optimizes and improves. 2. Code generation and execution: after determining the target token sequence, the server uses it for code generation and execution. Based on the target token sequence, corresponding machine code or intermediate code may be generated and then run in the appropriate execution environment. This enables us to actually execute the source code and verify its behavior and functionality. 3. Code optimization and reconstruction: by analyzing the target token sequence, the server performs code optimization and reconstruction. This includes reducing redundant code, improving performance, improving readability, etc. By analyzing the target token sequence, potential problems and improvement points in the code can be identified, and corresponding optimization and reconstruction operations can be performed. This helps to improve the efficiency, maintainability and scalability of the code. 4. Safety analysis: by analyzing the target token sequence, the server performs security analysis. This involves identifying potential security vulnerabilities, risks, and attack facets. By carrying out security analysis on the target token sequence, proper security measures and protection mechanisms can be adopted to ensure the security and reliability of codes. 5. Code understanding and debugging: after determining the target token sequence, the server better understands the structure and logic of the code. This helps debug the code and solves potential errors and problems. By analyzing the target token sequence, bugs in the code can be located and repaired faster and better code readability and maintainability are provided. It should be noted that token sequence identification of source code is a complex and critical process. It requires good lexical analysis and grammatical analysis skills and requires consideration of the grammar rules and semantics of the programming language. Different programming languages may have different lexical and grammatical rules and thus require processing for a particular programming language when performing token sequence recognition.
S103, carrying out grammar analysis on the source code through the target token sequence to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing;
specifically, the parsing of the source code through the target token sequence refers to a process of parsing the source code using the target token sequence as an input. Syntax analysis is one of the important steps in the compiling process, which is responsible for verifying the syntax correctness of the code and generating the syntax analysis result. This result includes a portion that passes verification and a portion that does not pass verification. In parsing, the server employs different methods and techniques, such as context-free grammar, parse tree, and parser, among others. The process of parsing and the generated parsing result will be described in detail as follows: 1. context-free grammar definition: before parsing, an appropriate Context-Free Grammar (CFG) needs to be defined to describe the Grammar rules of the programming language. A context-free grammar consists of a set of production rules defining legal grammar structures and grammar rules. 2. Lexical analysis: prior to parsing, lexical analysis is typically performed to break the source code into a series of token. These token are basic units of syntax analysis for constructing a syntax analysis tree. The lexical analyzer may divide the source code into different token types, e.g., keywords, identifiers, operators, constants, etc., according to predefined lexical rules. 3. Syntax analyzer: the parser is the component responsible for performing the parsing. It constructs a parse tree based on the definition of context-free grammar and token sequences generated at the lexical analysis stage. Common parsing algorithms include LL (k) parsing, LR (k) parsing, and grammar guided translation, among others. 4. Syntax analysis tree: the parse tree is a tree structure representing the source code syntax structure. It consists of non-terminals representing the left side of the grammar rules and terminals representing the actual code segments or token. The parse tree construction process involves the application of production rules and matching token sequences until a complete parse tree is generated. 5. Syntax analysis results: the result of the syntax analysis is the output after the syntax verification of the source code. It includes a portion that passes verification and a portion that does not pass verification. The verified portion represents a portion of the source code that complies with the grammar rules, and the non-verified portion represents a portion that has a grammar error or does not comply with the grammar rules. Different strategies may be employed in generating the parsing result. One common strategy is to detect grammar errors during the grammar parsing process and report error information on the fly. Another strategy is to make a complete parse and then mark or separate the portions that pass and fail the verification to generate the parse result. The portions that pass verification may be used to perform further compiling or performing operations, while the portions that do not pass verification may require error repair or prompting to the developer.
S104, when the grammar analysis result is that the grammar analysis result passes the verification, performing contract logic analysis on the source code to generate corresponding contract logic;
specifically, when the result of the syntax analysis passes the verification, the server performs the contract logic analysis to generate the corresponding contract logic. Contract logic analysis is the process of understanding and deriving source code in depth to identify behavior, functionality, and interaction logic of a contract. The purpose of contract logic analysis is to understand the business logic of a contract and convert it into a formal description or model. This helps verify the correctness of the contract, detect potential logic errors, and design test cases of the contract. The process and resulting results of the contract logic analysis are described in detail below: 1. service understanding: prior to performing contract logic analysis, a thorough understanding of the traffic involved in the contract is required. This includes knowing the goal, function, role, and interaction flow of the contract. Background knowledge about contracts and business requirements can be obtained through communication and research with business domain specialists. 2. Contract logic derivation: from the business understanding and the syntactic structure of the source code, the logical behavior of the contract can be deduced. This includes identifying states, events, functions, conditional statements, loop structures, etc. of the contract. By performing an in-depth analysis of the source code, it is possible to understand the behavior and execution flow in various situations. 3. State transition analysis: contracts typically have different states, and there may be a transition relationship between the states. In contract logic analysis, the states of a contract and transition conditions between the states need to be identified. This helps understand the state machine behavior of the contract and check the logic correctness at various states. 4. Interaction analysis: contracts generally involve interactions with other parties (e.g., users, other contracts, etc.). In contract logic analysis, interaction logic between contracts and other parties needs to be analyzed, including event triggering, data transmission, rights verification, etc. By analyzing the interaction logic, proper execution of the contract and expected interaction behavior may be ensured. 5. And (3) generating a logic model: the results of the contract logic analysis may be converted into a formal description or model. This may be a model to create a contract using formal specification languages (e.g., resolution, UML, etc.), or a logical behavior to represent a contract using logical expressions, state diagrams, flowcharts, etc. The generated logic model may be used to verify correctness of contracts, perform simulation, and test generation.
S105, performing data sensitivity analysis on the target intelligent contract through contract logic to generate a sensitivity analysis result;
specifically, the server performing data sensitivity analysis on the target intelligent contract through contract logic refers to analyzing data in the contract to determine which data is sensitive to the behavior and security of the contract. Sensitivity analysis is intended to help discover data privacy risks, data leakage vulnerabilities, and the need for data protection that may exist in contracts. The process of performing the data sensitivity analysis and the resulting sensitivity analysis results will be described in detail below: 1. and (3) data identification: first, it is necessary to identify data in the target smart contract. This includes variables, parameters, stored data used in the contract, data interacting with external contracts or users, and the like. By analyzing the source code of the contract, the data elements involved in the contract may be determined. 2. Data classification: the identified data is classified according to the nature and sensitivity of the data. For example, data may be categorized into different categories of personal identification information, financial data, transaction records, and the like. This helps to better understand the sensitivity of the data and the extent of the impact on privacy. 3. Data flow analysis: the data flow in the contract is analyzed, and the transfer and processing process of the data in the contract is tracked. By analyzing the operations of reading, writing, transferring, and operating the data, the change and flow direction of the data during the execution of the contract can be determined. This helps to understand the way data is used and how sensitive data is processed. 4. Sensitivity evaluation: sensitivity evaluation is performed on the identified sensitive data. The sensitivity level of data can be assessed by considering the value, privacy, sensitivity level, and possibly risk of the data. The sensitivity assessment may be qualitative, e.g., marking the data as highly sensitive, moderately sensitive, or poorly sensitive; or may be quantitative, scoring the data based on a sensitivity index. 5. Data access and control analysis: the access and control mechanisms for sensitive data in the contract are analyzed. This includes security mechanisms such as rights control, access restrictions, data encryption and desensitization for read, write and update operations of the data. By analyzing these mechanisms, the degree of protection and security of sensitive data in the contract can be determined. 6. Sensitivity analysis results: the sensitivity analysis results provide information and advice regarding sensitive data in the contract. It may include a summary of sensitivity level assessment, data access and control analysis, and possible risk and safety advice for each data element. The sensitivity analysis results can help developers and security specialists to know the sensitivity of data in contracts and take corresponding protective measures.
S106, matching the corresponding sensitive data types through the sensitivity analysis result, and determining a test target through the sensitive data types;
specifically, the server matches the corresponding sensitive data type through the sensitivity analysis result, and determines the test target through the sensitive data type, namely, matches the identified sensitive data with the predefined sensitive data type according to the sensitivity analysis result, and determines the key point and the target of the test according to the matching result. The steps and function of this process will be described in detail below: 1. sensitive data type definition: first, a set of sensitive data types needs to be predefined. These sensitive data types may be defined in accordance with common data protection requirements and privacy regulations, such as personal identity information, financial data, medical records, and the like. Each sensitive data type should contain a corresponding sensitive data attribute and protection requirement. 2. Sensitive data matching: the identified sensitive data is matched to a predefined sensitive data type by the result of the sensitivity analysis. Sensitive data is associated with the most matching sensitive data type based on its attributes, content and context. The matching process may be based on keyword matching, data structure matching, rule matching, or the like. 3. Test target determination: and determining the key points and targets of the test according to the matching result of the sensitive data types. For each successfully matched sensitive data type, a corresponding test scheme and test strategy can be formulated. For example, for sensitive data types containing personal identity information, the goal of the test may be to verify whether the encryption and protection mechanisms of the data are valid; for sensitive data types containing financial data, the goal of the test may be to verify the access rights and tamper-proof mechanisms of the data, etc. 4. Test design and execution: based on the determined test targets, corresponding test cases and test schemes are designed. The test cases should cover different sensitive data types and possible test scenarios. The test scheme should take into account various aspects of data protection and security, including reading, writing, transmitting, and processing of data, among others. In performing the test, an important concern is concerning the operation and flow of sensitive data and verifying whether the protection and security mechanisms of the data meet the expected requirements. 5. Analysis of test results: and analyzing the test coverage rate and the security assessment according to the execution result of the test. Check if all the matching successful sensitive data types are covered and evaluate the validity and feasibility of the test. Based on the analysis results, further testing and repair measures are determined.
S107, constructing a test case through a test target, and generating a corresponding test case;
specifically, the server builds test cases through the test targets, and generating corresponding test cases refers to designing and building specific test cases aiming at target intelligent contracts according to the determined test targets. These test cases are intended to cover different functions, boundary conditions, and possible anomalies of the contract to verify the correctness, security, and stability of the contract. The process of test case construction and the importance of the generated corresponding test case will be described in detail below: 1. understanding test targets: first, the determined test targets are understood in depth. The test objectives may include verifying specific functions of the contract, testing boundary conditions, detecting potential security vulnerabilities or error handling conditions, and the like. Ensuring clear understanding of test targets is the basis for test case construction. 2. Determining test requirements: based on the test targets, corresponding test requirements are determined. The test requirements are specific descriptions and refinements of the test objectives, including the functional points that need to be covered, the range of input data, the expected output and expected behavior, etc. This helps to define the scope and goal of the test, providing guidance for subsequent test case construction. 3. Designing a testing strategy: and according to the test targets and the requirements, formulating a test strategy. The test strategy includes selecting appropriate test techniques, defining test environments, determining test data, designing test methods, and the like. The goal of the test strategy is to ensure the integrity, validity and repeatability of the test. 4. Generating a test case: and starting to generate test cases according to the test requirements and the test strategies. Test cases should cover individual functional modules, boundary conditions, and anomalies. According to different test targets, different test design technologies, such as equivalence class division, boundary value analysis, decision tables and the like, can be adopted to generate specific test cases. 5. Writing test cases: and converting the generated test case into an actual test script or test case document. The test cases should contain detailed steps, input data, and expected results. The readability and ease of execution of the test cases are ensured so that the tester can accurately perform the test. 6. Covering the test range: ensuring that test cases can cover the entire range of tests. And checking whether the generated test case covers all the functional modules, different input conditions, boundary conditions and abnormal conditions according to the test targets and the test requirements. This helps ensure the integrity and effectiveness of the test. 7. Test case review: and evaluating the generated test cases to ensure the integrity, accuracy and feasibility of the test cases. Test case reviews may be conducted internally by the test team or in collaboration with the development team. Test cases may be reviewed and discussed during review to obtain different perspectives and feedback. Through test case review, potential defects, missing test scenes or test cases requiring further optimization can be found. 8. Executing the test case: and executing the written test cases in the test environment. And gradually executing the test according to the steps and the expected results of the test cases, and recording the actual results and the observed behaviors. Ensure the accuracy and repeatability of the test and record any problems or anomalies in the test execution process. 9. Result analysis and repair: and according to the result of test execution, carrying out result analysis and problem positioning. If the test case execution finds an error, abnormal behavior or unexpected result, the problem is recorded and communicated with a development team. The development team may fix problems or vulnerabilities in the contract based on the test results. 10. Repeating the test and iteration: and repeatedly executing the test case according to the repaired contract version. By repeating the test, the effectiveness of the repair is verified and the function, safety and stability of the combination in several aspects are ensured to be verified. If problems still exist, iterations are required to update the test cases or take other test strategies.
S108, performing fuzzy test on the target intelligent contract through the test case to generate a fuzzy test result, and generating a safety detection report through the fuzzy test result.
Specifically, the server performs fuzzy test on the target intelligent contract through the test case, generates a fuzzy test result, and generates a security detection report through the fuzzy test result, which means the process of simulating malicious input and abnormal conditions by using a fuzzy test technology and performing security evaluation and vulnerability detection on the target intelligent contract. The steps and function of this process will be described in detail below. 1. Understanding the target smart contracts: first, the functionality, data flow, and security requirements of the target smart contract are well understood. Knowledge of the design and implementation details of contracts, as well as possible security risks and vulnerabilities, helps to guide the subsequent fuzzy test design and evaluation process. 2. Designing a fuzzy test case: and designing a fuzzy test case according to the understanding of the target intelligent contract. Fuzzy test cases simulate the behavior of an attacker by constructing anomalies, boundary conditions, and illegal inputs. Test cases should cover different functions and data types of contracts, including various transactions, state transitions, and contract invocations, among others. 3. Performing a blur test: and starting to execute the fuzzy test according to the designed fuzzy test case. The test tools and frameworks can generate random, variant, and malformed inputs according to predefined test cases to trigger potential vulnerabilities and security issues in contracts. During test execution, inputs, operations, and observed behavior of the test are recorded. 4. Generating a fuzzy test result: and generating a fuzzy test result according to the execution condition and the observed behavior of the fuzzy test. Results include successfully triggered vulnerabilities, abnormal behavior, crashes or denial of service, etc. These results can be used to evaluate the security of the contract and provide a reference for subsequent bug fixes and improvements. 5. Analyzing a fuzzy test result: and analyzing and sorting the generated fuzzy test result. The severity and scope of impact of each triggered vulnerability and anomaly are evaluated. This helps determine the security issues to prioritize and provides repair advice and improvement measures. 6. Generating a security detection report: and generating a safety detection report according to the analysis of the fuzzy test result. The report should include an overall security assessment of the contract, a detailed description of the vulnerabilities and problems found, repair suggestions, and improvements. The goal of the report is to provide the operation and maintenance personnel with comprehensive information and guidance regarding contract security. 7. Vulnerability restoration and improvement: and performing bug fixes and contract improvements according to suggestions and guidance in the security detection report. The development team should prioritize each vulnerability according to the vulnerability and problem description provided in the report and formulate a corresponding repair plan. The repair measures may involve modification of contract code, enhancement of input validation, improvement of exception handling, and the like. After the repair is completed, a second round of fuzzy test is performed to verify the effectiveness of the bug repair and ensure that no new security problems are introduced. When the second round of fuzzy test is executed, a focus test can be performed on the loopholes and the problems discovered before so as to verify whether the repair is successful.
In the embodiment of the invention, the source code acquisition is carried out on the target intelligent contract to acquire the source code of the target intelligent contract; performing token sequence identification on the source code, and determining a target token sequence; the source codes are subjected to grammar analysis through the target token sequence, grammar analysis results are generated, and contract logic analysis is performed on the source codes to generate contract logic; performing data sensitivity analysis on the target intelligent contract through contract logic to generate a sensitivity analysis result; matching a sensitive data type through a sensitivity analysis result, and determining a test target through the sensitive data type; constructing a test case through a test target to generate a corresponding test case; and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result. In the embodiment of the invention, the loopholes and hidden dangers existing in the contracts can be effectively discovered by carrying out comprehensive security detection links such as source code acquisition, grammar analysis, contract logic analysis, data sensitivity analysis, fuzzy test and the like on the intelligent contracts, so that the security and stability of the contracts are improved. Through carrying out comprehensive scanning and analysis to intelligent contract, can discern risk point and the problem that probably exists fast, improve test efficiency and accuracy, avoid missing any possible safety problem.
In a specific embodiment, the process of executing step S101 may specifically include the following steps:
(1) Analyzing a source code storage position of a target intelligent contract, acquiring the source code storage position, and simultaneously, carrying out hash value matching on the target intelligent contract to determine a target hash value;
(2) Database matching is carried out based on the source code storage position, and a source code database corresponding to the intelligent contract is determined;
(3) And acquiring the source code corresponding to the target intelligent contract from the source code database based on the target hash value.
Specifically, (1) analyzing a source code storage position of a target intelligent contract, acquiring the source code storage position, and simultaneously, performing hash value matching on the target intelligent contract to determine a target hash value: in source code storage location analysis of a target smart contract, we need to determine where the source code file of the contract is stored. This may be in a local file system, code hosting platform (e.g., gitHub, gitLab, etc.), version control system, or other code repository. By analyzing the deployment process of the contract, the metadata of the contract, or the configuration file associated with the contract, a hint of the source code storage location may be found. Meanwhile, by performing hash value matching on the target smart contract, the server determines the unique identifier of the contract, i.e., the target hash value. The hash value is a fixed-length string calculated by performing a hash function on the source code file. It has uniqueness, i.e. the hash values generated by different source code files must be different. The hash value of the target contract can be obtained by performing hash value calculation on the source code file of the target contract. (2) Database matching is carried out based on the source code storage positions, and a source code database corresponding to the intelligent contract is determined: once the source code storage location of the target smart contract is determined, the next step is to perform a database match based on the location to determine the source code database to which the smart contract corresponds. The source code database may be a centralized code hosting platform or a local or proprietary code repository. By matching with the source code storage location, the server determines which database contains the source code of the target contract. Database matching may involve analyzing and comparing storage structures, directory structures, naming rules, etc. in the database. In addition, factors such as version information and time stamps of the contracts may also need to be considered to ensure that the retrieved source code is consistent with the version of the target contract. (3) Based on the target hash value, collecting source codes corresponding to the target intelligent contracts from a source code database: after determining the source code database to which the smart contract corresponds, the server then collects the source code of the target smart contract from the database based on the target hash value. By using the hash value of the target contract as an index or key, a query and search is performed in the source code database to obtain the source code file of the target contract. This may involve a database query language, API call, or other query mechanism to obtain source code files from the database that conform to the target hash value. Once the source code file of the target contract is obtained, it is further analyzed, reviewed, and validated by the server. This ensures that the source code obtained is consistent with the target contract and may provide a basis for auditing, security assessment, version management, etc. of the contract.
In a specific embodiment, as shown in fig. 2, the process of performing step S103 may specifically include the following steps:
s201, constructing a grammar tree through a target token sequence to generate an abstract grammar tree;
s202, analyzing root nodes of an abstract syntax tree to obtain a syntax tree node set;
s203, respectively carrying out grammar detection on each grammar tree node in the grammar tree node set to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing.
Specifically, (1) constructing a grammar tree through a target token sequence, and generating an abstract grammar tree: before parsing, the code or input of the object first needs to be converted into a series of token. Token is a basic unit of parsing, representing lexical elements in the code, such as keywords, identifiers, operators, etc. The target token sequence is obtained by dividing codes or inputs according to a certain rule. Based on the target token sequence, the server builds a grammar tree. A syntax tree is a tree structure used to describe code structures and syntax relationships. It consists of nodes and edges, each node representing a syntax element, and edges representing the relation between syntax elements. And analyzing and organizing the target token sequence through grammar rules and context information, and gradually constructing an abstract grammar tree. The abstract syntax tree is an abstract representation of the code structure, removes specific details and syntax redundancy, and highlights the logical structure and semantics of the code. (2) Root node analysis is carried out on the abstract syntax tree to obtain a syntax tree node set: once the abstract syntax tree is generated, the server performs root node analysis on it. The root node is the topmost node of the syntax tree, which represents the starting point of the entire code. By analyzing the root node, the server obtains a node set of the entire syntax tree. Root node analysis involves traversal and parsing of an abstract syntax tree to identify and extract individual nodes in the syntax tree. In the traversal process, the server classifies and generalizes the nodes in the syntax tree into different sets according to the type, attribute, or other characteristics of the nodes. Through root node analysis, the server acquires all node sets including the root node to form an ordered node structure. This set of nodes will provide the basis for subsequent syntax detection. (3) Respectively carrying out grammar detection on each grammar tree node in the grammar tree node set to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing: once the set of syntax tree nodes is obtained, the server performs syntax checking on each syntax tree node therein. Grammar checking refers to verifying the grammar rules of the code to ensure that the code complies with predefined grammar specifications and grammar constraints. For each syntax tree node, the server checks its degree of matching with the rules according to predefined syntax rules. If the structure and attributes of the node meet the requirements of the grammar rules, the node passes grammar detection and generates a grammar analysis result passing verification. In contrast, if the structure or attribute of a node does not meet the requirements of the grammar rules, the node fails the grammar detection and generates a grammar analysis result that fails the verification. The parse result is a summary of the verification result for each syntax tree node. It may include authentication status, error information, location information, etc. for each node. For verified nodes, their location in the code and corresponding semantic information may be recorded for subsequent program processing and analysis. Through the result of the parsing, the server gets an assessment of the overall grammar correctness of the object code or input. The validated syntax tree nodes represent that the code is syntactically compliant, while the validated nodes indicate portions of the code that are present in the code that are syntactically incorrect or non-compliant. The result of the parsing is very important for the software development and code censoring process. The method can help developers to find and repair potential grammar errors in time, and improve readability, maintainability and reliability of codes. And meanwhile, the grammar analysis result can also be used for constructing, integrating and testing an automation tool and a system so as to ensure the correctness and quality of codes.
In a specific embodiment, as shown in fig. 3, the process of executing step S104 may specifically include the following steps:
s301, when the grammar analysis result is that verification is passed, node traversal is carried out on the grammar tree node set, and node types and node meanings corresponding to each grammar tree node are generated;
s302, performing contract logic analysis on the source codes through the node types and the node meanings corresponding to each grammar tree node, and generating corresponding contract logic.
Specifically, (1) when the result of the syntax analysis is that the syntax analysis passes through the verification, node traversal is performed on the syntax tree node set, and node types and node meanings corresponding to each syntax tree node are generated: once the result of the syntax analysis passes the verification, the server performs node traversal on the syntax tree node set to obtain the node type and the node meaning of each syntax tree node. Node traversal refers to accessing nodes in a syntax tree one by one according to a certain traversal policy. Common traversal approaches include depth-first traversal (DFS) and breadth-first traversal (BFS). In the node traversal process, the server examines and analyzes each node and records its node type and node meaning. The node type represents a classification or class of syntax tree nodes. It may be a type defined in a predefined grammar rule, such as a variable declaration, a function call, an assignment statement, etc. Node types may be used to identify and distinguish between different types of syntax elements, thereby facilitating subsequent contract logic analysis. The node meaning refers to the meaning or meaning represented by the syntax tree node. It describes the role, function or purpose of a node in code. Node meanings may be derived and analyzed by grammar rules and context information. By understanding the meaning of each node, the server understands the logical structure and semantics of the code in depth. Through node traversal of the set of nodes of the syntax tree, the server determines for each node its node type and node meaning and records it. This provides a basis for subsequent analysis of the contract logic. (2) Performing contract logic analysis on the source codes through the node types and the node meanings corresponding to each grammar tree node to generate corresponding contract logic: once the node type and node meaning of the syntax tree node are determined, the server performs a contract logic analysis on the source code based on the information to generate a corresponding contract logic. Contract logic analysis is a process that provides an in-depth understanding and analysis of the function and behavior of contract code. By analyzing the node type and the node meaning, the server understands the role and the function of each grammar tree node in the code, and further deduces the logical relation, state transition and business logic of the contract. In the contract logic analysis process, the server performs pattern recognition and rule matching according to the node type and the node meaning. By identifying specific combinations of nodes, grammatical structures, and code patterns, specific behavior and logic of the contract can be determined. Contract logic analysis may also include analysis of control flows such as conditional statements, loop statements, and function calls, as well as analysis of usage of variables, state transitions, and processing of data. By performing contract logic analysis on the source code, the server understands the function and behavior of the contract in depth, and discovers potential logic errors, security leaks and business logic problems. Contract logic analysis can help us identify potential errors and defects, optimize the logic structure and performance of code, and ensure correctness and security of contracts. During contract logic analysis, the server uses relevant analysis tools and techniques, such as static code analysis, symbolic execution, model detection, etc. These tools and techniques can automatically analyze contract codes, discover potential problems and vulnerabilities, and provide corresponding repair suggestions. The results of the contract logic analysis may be presented in a variety of forms, such as block diagrams, flowcharts, state transition diagrams, and the like. These graphical representations may more intuitively expose the logical relationships and behavior of the contract. Meanwhile, the contract logic analysis can also generate a corresponding analysis report, and provide detailed analysis results and suggestions for reference and application of developers.
In a specific embodiment, as shown in fig. 4, the process of performing step S105 may specifically include the following steps:
s401, carrying out data flow analysis on contract logic to generate a data flow corresponding to the contract logic;
s402, extracting data application types of the data stream to obtain a data application type set;
s403, carrying out data attribute analysis on the data application type set to generate a data attribute set;
s404, performing data sensitivity analysis on the target intelligent contract through the data attribute set to generate a sensitivity analysis result.
Specifically, (1) performing data flow analysis on contract logic to generate a data flow corresponding to the contract logic: data flow analysis is a static analysis technique that aims to analyze the flow and conversion of data in a program. Performing data flow analysis based on contract logic analysis may help us understand the source, delivery, and use of data in contracts. By performing data flow analysis on the contract logic, the server builds a data flow graph in which nodes represent data sources, variables, functions, etc., and edges represent the flow paths of the data. The dataflow graph reflects the transfer and dependency of data in contracts. Data flow analysis can help us identify the input and output points of data, determine the flow path of data in a contract, and find potential data errors and unsafe data manipulation. It can also be used to detect problems such as data leakage, data contention, and data dependence. Through data flow analysis, the server generates a data flow corresponding to contract logic, and provides a basis for subsequent data application type extraction and data attribute analysis. (2) Extracting data application types of the data stream to obtain a data application type set: based on the data stream analysis, the server performs data application type extraction on the data stream to obtain a data application type set. The data application type refers to a specific purpose or application scenario in which data is used in a contract. For example, the data may be used as input parameters, state variables, transaction information, and the like. By identifying the application type of the data, the server better understands the purpose and role of the data in the contract. Data application type extraction of the data stream may be achieved through static analysis techniques and rule matching. The server determines the application type of the data according to the grammar rule, function call relation, variable declaration and other information of the contract, and classifies and records the application type of the data. The data application type extraction can help us to establish an application model of data, and provides basis for subsequent data attribute analysis and data sensitivity analysis. (3) Performing data attribute analysis on the data application type set to generate a data attribute set: after the set of data application types is obtained, the server performs data attribute analysis on the set of data application types to generate the set of data attributes. Data attributes refer to features, attributes, or characteristics that data has. By analyzing the set of data application types, the server identifies attributes of the data, such as the type of data, scope, constraints, etc. Data attribute analysis may be implemented by static analysis techniques, type derivation, constraint analysis, and the like. The server extracts the data attribute from the declaration statement, assignment statement, function call and other information of the contract, and performs inference and analysis. The results of the data attribute analysis may include information of data type, data scope, validity check, boundary conditions, etc. These attributes can help us understand the nature and behavior of the data for subsequent data sensitivity analysis and security analysis. Performing data sensitivity analysis on the target intelligent contract through the data attribute set to generate a sensitivity analysis result: after the collection of data attributes is obtained, the server uses these attributes to perform data sensitivity analysis on the target intelligent contract to evaluate how sensitive the contract is to different types of data. The data sensitivity analysis aims to determine the protection level and the risk level of contracts for different data. By analyzing the data attributes, the server identifies which data is critical to the correctness, security, and privacy of the contract. The data sensitivity analysis may be developed based on the following aspects: 1. sensitive data type identification: the sensitive data types involved in the contract are identified by type information in the data attribute set. For example, personal identification information, payment related data, etc. all belong to a sensitive data type. 2. Data access rights: access rights and control mechanisms for different data in the contract are analyzed. It is determined which data can be publicly accessed and which data requires access control and rights verification. 3. Data transmission and storage security: and analyzing the transmission and storage modes of the data in the contract, and evaluating the security of the data. Ensure that data is encrypted and protected during transmission and properly kept and access controlled during storage. 4. Data processing and operational security: the analysis contracts are used for processing and operating modes of the data, and whether potential data risks and vulnerabilities exist or not is checked. For example, it is checked whether there are security problems of data injection, overflow, replay, etc. 5. Data disclosure and privacy protection: risk and privacy protection measures for sensitive data leakage in contracts are evaluated. It is ensured that contracts do not accidentally reveal sensitive data while appropriate privacy protection measures are taken, such as data desensitization, anonymization, etc. Through data sensitivity analysis, the server determines the strength and weakness of the target smart contract in processing and protecting sensitive data, and provides corresponding improvement suggestions and security measures. The sensitivity analysis results can help operators to learn about data risks in contracts, thereby enhancing the security and trustworthiness of the contracts.
In a specific embodiment, the process of executing step S106 may specifically include the following steps:
(1) Extracting sensitive data attributes through a sensitivity analysis result, and determining corresponding sensitive data attributes;
(2) Analyzing the sensitive data types through sensitive data attributes, and determining the corresponding sensitive data types;
(3) And performing contract module matching on the target intelligent contract through the sensitive data type to obtain at least one contract module to be tested, and determining a test target through the at least one contract module to be tested.
It should be noted that, (1) sensitive data attribute extraction is performed through a sensitivity analysis result, and corresponding sensitive data attributes are determined: during the sensitivity analysis we have obtained sensitivity analysis results for the target smart contracts. These results indicate which data has higher sensitivity and risk in the contract. By further analyzing the sensitivity analysis results, the server extracts attributes of the sensitive data. Sensitive data attributes may include information of the type, scope, validity check, boundary conditions, etc. of the data. For example, if the sensitivity analysis result indicates that a certain variable stores personal identity information of a user in a contract, the server extracts the data type of the variable as a character string, the range is a specific length, and the validity check, encryption storage and other attributes are required. By extracting the attribute of the sensitive data, the server better understands the characteristics and requirements of the sensitive data and provides basis for subsequent sensitive data type analysis. (2) Sensitive data type analysis is carried out through sensitive data attributes, and corresponding sensitive data types are determined: after obtaining the sensitive data attributes, the server further performs sensitive data type analysis to determine the specific type to which the sensitive data belongs. The sensitive data types are the result of classification and generalization based on the attributes and features of the sensitive data. Through analysis of the sensitive data attributes, the server identifies different sensitive data types, such as personal identity information, financial data, health records, and the like. Through analysis of the sensitive data types, the server classifies and identifies sensitive data involved in the contract. This helps us to better understand the nature and importance of sensitive data in contracts and provide a basis for subsequent contract module matching and test objective determination. (3) Performing contract module matching on the target intelligent contract through the sensitive data type to obtain at least one contract module to be tested, and determining a test target through the at least one contract module to be tested: after determining the sensitive data type, the server uses the type information to perform contract module matching for the target smart contract. Contract modules refer to specific functional units or modules in a contract that generally relate to a set of related functions or operations. By matching the contract modules, the server determines which modules are associated with the sensitive data type, thereby determining the contract module to be tested. By matching the contract modules, the server selects at least one contract module to be tested, which is closely related to the sensitive data type and may have an impact on the processing and use of the sensitive data. By selecting the contract module to be tested, the server definitely tests the target and the range, and the construction and execution of the test cases are carried out in a targeted manner. In this way, the efficiency and coverage of the test can be improved. After determining the contract module to be tested, the server determines a test target according to the function and operation of the contract module to be tested. The test targets may include the following aspects: 1. data operation: data operations in the contract module associated with the sensitive data, such as read, write, modify, delete, etc., are determined. These operations involve the processing and transfer of sensitive data, with major concerns about its correctness, security, and compliance. 2. Logic flow: and analyzing logic flow in the contract module, and determining condition judgment, circulation, branch statement and the like related to the sensitive data. These logic flows may affect the access and usage rights of sensitive data, requiring verification of its logic correctness and security. 3. Exception handling: abnormal conditions and error handling mechanisms that may occur for sensitive data operations in the contract module are determined. This includes exception handling, error code return, logging, etc., which requires verification of whether the contract module is reasonable and safe for handling of sensitive data exceptions. 4. Interface interaction: interaction of the contract module with the external interface is analyzed to determine interface calls and data transmissions associated with the sensitive data. These interfaces may involve the transmission and storage of sensitive data, which requires verification of its security and safeguards. By determining the test targets, the server builds test cases in a targeted manner, and covers functions and operations related to sensitive data in the contract module to be tested. Test cases should include normal scenarios, boundary conditions, and anomalies, etc., to verify correctness and security when processing sensitive data.
In a specific embodiment, the process of executing step S108 may specifically include the following steps:
(1) Constructing a test environment based on the test cases to generate a target test environment;
generating configuration information of a preset fuzzy test tool through a target test environment, and determining target configuration information;
(2) Performing information configuration on the fuzzy test tool through the target configuration information to obtain a target fuzzy test tool;
(3) And carrying out fuzzy test on the test case through a target fuzzy test tool to generate a fuzzy test result.
Specifically, (1) constructing a test environment based on the test case, and generating a target test environment: before performing the fuzzy test, we need to construct an environment suitable for the test, i.e. the target test environment. The target test environment is to simulate the actual running environment and provide necessary conditions and resources to execute the test cases. Based on the test cases, the server analyzes the environmental requirements required in the test cases, such as operating systems, dependency libraries, network configurations, and the like. According to the requirements, the server builds a corresponding test environment, so that the test cases can be operated in the correct environment. The construction of the test environment may comprise the following steps: installing and configuring an operating system, installing necessary dependency libraries and software, setting up a network environment, configuring a database, and the like. The purpose of these steps is to meet the operational requirements of the test case and to ensure the accuracy and reliability of the test. By constructing the target test environment, the server provides a stable and controllable execution environment for subsequent fuzzy tests. (2) Generating configuration information of a preset fuzzy test tool through a target test environment, and determining target configuration information: prior to performing the fuzzy test, we need to configure preset fuzzy test tools to ensure that they can properly execute test cases and generate valid fuzzy test results. And generating configuration information suitable for the target environment by the server according to the characteristics and requirements of the target test environment. Such configuration information includes, but is not limited to, the following: version and setting of test tools, path and parameters of target contracts, input generation policies, test case generation rules, etc. By generating configuration information according to the target test environment, the server ensures that the fuzzy test tool is configured in the correct environment so as to accurately execute the test cases. (3) Performing information configuration on the fuzzy test tool through the target configuration information to obtain a target fuzzy test tool: and according to the target configuration information, the server carries out corresponding information configuration on the preset fuzzy test tools so as to ensure that the fuzzy test tools can execute test cases according to target requirements. Information configuration includes, but is not limited to, the following: setting parameters and options of the test tool, specifying paths and parameters of the target contract, defining input generation policies and generation rules, and the like. By configuring the information of the fuzzy test tool, the server ensures that the fuzzy test tool can execute the fuzzy test according to the requirement of the target configuration information and generates a corresponding fuzzy test result. The fuzzy test tool is configured to ensure the accuracy and effectiveness of the test. By correctly configuring the fuzzy test tool, the server ensures that the test cases are subjected to fuzzy test according to target requirements and generate meaningful test results.
The above describes a security detection method of an intelligent contract in an embodiment of the present invention, and the following describes a security detection system of an intelligent contract in an embodiment of the present invention, referring to fig. 5, an embodiment of the security detection system of an intelligent contract in an embodiment of the present invention includes:
the code acquisition module 501 is configured to acquire a source code of a target intelligent contract, and acquire the source code of the target intelligent contract;
the sequence recognition module 502 is configured to perform token sequence recognition on the source code, and determine a target token sequence;
a parsing module 503, configured to parse the source code through the target token sequence to generate a parsed result, where the parsed result includes a verification pass and a verification fail;
the logic generation module 504 is configured to perform contract logic analysis on the source code to generate corresponding contract logic when the syntax analysis result is verified;
the data analysis module 505 is configured to perform data sensitivity analysis on the target intelligent contract through the contract logic, and generate a sensitivity analysis result;
a type matching module 506, configured to match the corresponding sensitive data type according to the sensitivity analysis result, and determine a test target according to the sensitive data type;
The case generation module 507 is configured to perform test case construction through the test target, and generate a corresponding test case;
and the fuzzy test module 508 is used for performing fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a security detection report through the fuzzy test result.
The source code acquisition is carried out on the target intelligent contract through the cooperative cooperation of the components, so that the source code of the target intelligent contract is obtained; performing token sequence identification on the source code, and determining a target token sequence; the source codes are subjected to grammar analysis through the target token sequence, grammar analysis results are generated, and contract logic analysis is performed on the source codes to generate contract logic; performing data sensitivity analysis on the target intelligent contract through contract logic to generate a sensitivity analysis result; matching a sensitive data type through a sensitivity analysis result, and determining a test target through the sensitive data type; constructing a test case through a test target to generate a corresponding test case; and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result. In the embodiment of the invention, the loopholes and hidden dangers existing in the contracts can be effectively discovered by carrying out comprehensive security detection links such as source code acquisition, grammar analysis, contract logic analysis, data sensitivity analysis, fuzzy test and the like on the intelligent contracts, so that the security and stability of the contracts are improved. Through carrying out comprehensive scanning and analysis to intelligent contract, can discern risk point and the problem that probably exists fast, improve test efficiency and accuracy, avoid missing any possible safety problem.
The above fig. 5 describes the security detection system of the smart contract in the embodiment of the present invention in detail from the point of view of the modularized functional entity, and the security detection device of the smart contract in the embodiment of the present invention is described in detail from the point of view of hardware processing.
Fig. 6 is a schematic structural diagram of a security detection device of a smart contract according to an embodiment of the present invention, where the security detection device 600 of the smart contract may have a relatively large difference due to different configurations or performances, and may include one or more processors (central processing units, CPU) 610 (e.g., one or more processors) and a memory 620, and one or more storage media 630 (e.g., one or more mass storage devices) storing applications 633 or data 632. Wherein the memory 620 and the storage medium 630 may be transitory or persistent storage. The program stored on the storage medium 630 may include one or more modules (not shown), each of which may include a series of instruction operations in the security detection device 600 of the smart contract. Still further, the processor 610 may be configured to communicate with the storage medium 630 to execute a series of instruction operations in the storage medium 630 on the security detection device 600 of the smart contract.
The security detection device 600 of the smart contract may also include one or more power supplies 640, one or more wired or wireless network interfaces 650, one or more input/output interfaces 660, and/or one or more operating systems 631, such as Windows Serve, macOS X, unix, linux, freeBSD, and the like. It will be appreciated by those skilled in the art that the security check device configuration of the smart contract illustrated in fig. 6 does not constitute a limitation of the security check device of the smart contract, and may include more or fewer components than illustrated, or may combine certain components, or may be a different arrangement of components.
The present invention also provides a security inspection device for a smart contract, where the security inspection device for a smart contract includes a memory and a processor, and the memory stores computer readable instructions that, when executed by the processor, cause the processor to execute the steps of the security inspection method for a smart contract in the above embodiments.
The present invention also provides a computer readable storage medium, which may be a non-volatile computer readable storage medium, and may also be a volatile computer readable storage medium, where instructions are stored in the computer readable storage medium, which when executed on a computer, cause the computer to perform the steps of the security detection method of the smart contract.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (randomacceS memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments is still modified or some technical features thereof are replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A security detection method for an intelligent contract, the security detection method for an intelligent contract comprising:
acquiring a source code of a target intelligent contract, and acquiring the source code of the target intelligent contract;
performing token sequence identification on the source code, and determining a target token sequence;
carrying out grammar analysis on the source code through the target token sequence to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing;
when the grammar analysis result is that the grammar analysis result passes the verification, performing contract logic analysis on the source code to generate corresponding contract logic;
performing data sensitivity analysis on the target intelligent contract through the contract logic to generate a sensitivity analysis result;
Matching the corresponding sensitive data type through the sensitivity analysis result, and determining a test target through the sensitive data type;
constructing test cases through the test targets to generate corresponding test cases;
and carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result, and generating a safety detection report through the fuzzy test result.
2. The security detection method of a smart contract according to claim 1, wherein the acquiring the source code of the target smart contract, and acquiring the source code of the target smart contract, includes:
analyzing a source code storage position of a target intelligent contract, acquiring the source code storage position, and simultaneously, carrying out hash value matching on the target intelligent contract to determine a target hash value;
performing database matching based on the source code storage position, and determining a source code database corresponding to the intelligent contract;
and acquiring source codes corresponding to the target intelligent contracts from the source code database based on the target hash values.
3. The security detection method of an intelligent contract according to claim 1, wherein the parsing the source code through the target token sequence generates a parsed result, wherein the parsed result includes a pass verification and a fail verification, and the method comprises:
Constructing a grammar tree through the target token sequence to generate an abstract grammar tree;
performing root node analysis on the abstract syntax tree to obtain a syntax tree node set;
and respectively carrying out grammar detection on each grammar tree node in the grammar tree node set to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing.
4. The security detection method of an intelligent contract according to claim 3, wherein when the syntax analysis result is that the syntax analysis result is verified, performing contract logic analysis on the source code to generate corresponding contract logic, including:
when the grammar analysis result is that verification is passed, node traversal is carried out on the grammar tree node set, and node types and node meanings corresponding to each grammar tree node are generated;
and carrying out contract logic analysis on the source codes through the node types and the node meanings corresponding to each grammar tree node, and generating corresponding contract logic.
5. The security inspection method of smart contracts according to claim 1, wherein said performing data sensitivity analysis on said target smart contract by said contract logic generates sensitivity analysis results comprising:
Performing data flow analysis on the contract logic to generate a data flow corresponding to the contract logic;
extracting data application types from the data stream to obtain a data application type set;
performing data attribute analysis on the data application type set to generate a data attribute set;
and carrying out data sensitivity analysis on the target intelligent contract through the data attribute set to generate a sensitivity analysis result.
6. The security detection method of an intelligent contract according to claim 1, wherein the matching of the corresponding sensitive data type by the sensitivity analysis result, and the determination of the test target by the sensitive data type, comprises:
extracting sensitive data attributes through the sensitivity analysis result, and determining corresponding sensitive data attributes;
analyzing the sensitive data types through the sensitive data attributes, and determining the corresponding sensitive data types;
and performing contract module matching on the target intelligent contract through the sensitive data type to obtain at least one contract module to be tested, and determining a test target through the at least one contract module to be tested.
7. The security detection method of a smart contract according to claim 1, wherein the performing a fuzzy test on the target smart contract by the test case, generating a fuzzy test result, and generating a security detection report by the fuzzy test result, includes:
Constructing a test environment based on the test case to generate a target test environment;
generating configuration information of a preset fuzzy test tool through the target test environment, and determining target configuration information;
performing information configuration on the fuzzy test tool through the target configuration information to obtain a target fuzzy test tool;
and carrying out fuzzy test on the test case through the target fuzzy test tool to generate a fuzzy test result.
8. A security inspection system for a smart contract, the security inspection system comprising:
the code acquisition module is used for acquiring source codes of the target intelligent contracts and acquiring the source codes of the target intelligent contracts;
the sequence identification module is used for carrying out token sequence identification on the source code and determining a target token sequence;
the grammar analysis module is used for carrying out grammar analysis on the source code through the target token sequence to generate a grammar analysis result, wherein the grammar analysis result comprises verification passing and verification failing;
the logic generation module is used for carrying out contract logic analysis on the source code to generate corresponding contract logic when the grammar analysis result is verified;
The data analysis module is used for carrying out data sensitivity analysis on the target intelligent contract through the contract logic to generate a sensitivity analysis result;
the type matching module is used for matching the corresponding sensitive data type according to the sensitivity analysis result, and determining a test target according to the sensitive data type;
the case generation module is used for constructing the test case through the test target and generating a corresponding test case;
and the fuzzy test module is used for carrying out fuzzy test on the target intelligent contract through the test case, generating a fuzzy test result and generating a safety detection report through the fuzzy test result.
9. A security inspection device of a smart contract, the security inspection device of the smart contract comprising: a memory and at least one processor, the memory having instructions stored therein;
the at least one processor invoking the instructions in the memory to cause the security detection device of the smart contract to perform the security detection method of the smart contract of any of claims 1-7.
10. A computer readable storage medium having instructions stored thereon, which when executed by a processor implement the security detection method of a smart contract according to any of claims 1-7.
CN202310898239.4A 2023-07-21 2023-07-21 Security detection method and related device for intelligent contract Pending CN116861443A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310898239.4A CN116861443A (en) 2023-07-21 2023-07-21 Security detection method and related device for intelligent contract

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310898239.4A CN116861443A (en) 2023-07-21 2023-07-21 Security detection method and related device for intelligent contract

Publications (1)

Publication Number Publication Date
CN116861443A true CN116861443A (en) 2023-10-10

Family

ID=88232045

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310898239.4A Pending CN116861443A (en) 2023-07-21 2023-07-21 Security detection method and related device for intelligent contract

Country Status (1)

Country Link
CN (1) CN116861443A (en)

Similar Documents

Publication Publication Date Title
Martin et al. Finding application errors and security flaws using PQL: a program query language
Liang et al. AntMiner: mining more bugs by reducing noise interference
Ko Execution Monitoring of security-critical programs in a distributed system: a specification-based approach
Yao et al. Statsym: vulnerable path discovery through statistics-guided symbolic execution
Kim et al. DAPP: automatic detection and analysis of prototype pollution vulnerability in Node. js modules
Xue et al. xfuzz: Machine learning guided cross-contract fuzzing
Muntean et al. Intrepair: Informed repairing of integer overflows
Ren et al. Making smart contract development more secure and easier
CN112131120B (en) Source code defect detection method and device
Reger Automata based monitoring and mining of execution traces
Chiari et al. Static analysis of infrastructure as code: a survey
Ognawala et al. Automatically assessing vulnerabilities discovered by compositional analysis
Homaei et al. Athena: A framework to automatically generate security test oracle via extracting policies from source code and intended software behaviour
CN112131122A (en) Method and device for source code defect detection tool misinformation evaluation
Hough et al. A practical approach for dynamic taint tracking with control-flow relationships
Pinconschi et al. A comparative study of automatic program repair techniques for security vulnerabilities
Ren et al. Scstudio: a secure and efficient integrated development environment for smart contracts
Hao et al. Constructing benchmarks for supporting explainable evaluations of static application security testing tools
Borzykh et al. Detecting Code Security Breaches by Means of Dataflow Analysis
Di Nardo et al. Augmenting field data for testing systems subject to incremental requirements changes
Han et al. An optimized static propositional function model to detect software vulnerability
Hao et al. E&v: Prompting large language models to perform static analysis by pseudo-code execution and verification
Awalurahman et al. Security Aspect in Software Testing Perspective: A Systematic Literature Review.
Staderini et al. Security Evaluation and Improvement of Solidity Smart Contracts
CN116861443A (en) Security detection method and related device for intelligent contract

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination