CN117688564A - Detection method, device and storage medium for intelligent contract event log - Google Patents
Detection method, device and storage medium for intelligent contract event log Download PDFInfo
- Publication number
- CN117688564A CN117688564A CN202410138372.4A CN202410138372A CN117688564A CN 117688564 A CN117688564 A CN 117688564A CN 202410138372 A CN202410138372 A CN 202410138372A CN 117688564 A CN117688564 A CN 117688564A
- Authority
- CN
- China
- Prior art keywords
- event
- code
- stability
- determining
- variable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003860 storage Methods 0.000 title claims abstract description 28
- 238000001514 detection method Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 claims abstract description 50
- 230000006870 function Effects 0.000 claims description 39
- 238000007781 pre-processing Methods 0.000 claims description 14
- 230000008569 process Effects 0.000 claims description 13
- 230000011218 segmentation Effects 0.000 claims description 11
- 238000004458 analytical method Methods 0.000 claims description 10
- 238000005457 optimization Methods 0.000 claims description 4
- 230000003068 static effect Effects 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 13
- 238000004891 communication Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000002372 labelling Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 239000002699 waste material Substances 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 239000000523 sample Substances 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000005339 levitation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002688 persistence Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000003245 working effect Effects 0.000 description 1
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The application relates to the technical field of computers, and discloses a detection method, a detection device and a storage medium for an intelligent contract event log, wherein the method comprises the following steps: acquiring a target contract; compiling a target contract by adopting a solubility language; analyzing the stability codes of the target contracts, and determining event problem states of the stability codes; the event problem state comprises at least one of the event in the stability code that needs the optimized variable, the event using frequency of the stability code that is greater than the using frequency threshold, the event in the stability code that has parameter information error, the redundant event in the stability code, the used debugging event in the stability code, and the event in the stability code that has calling position error; based on the event problem state, outputting reminding information. Thus, the developer can find the problem of the event in time.
Description
Technical Field
The present application relates to the field of computer technology, for example, to a method, an apparatus, and a storage medium for detecting an intelligent contract event log.
Background
The smart contract, a Turing complete program, runs in an Ethernet virtual machine (Ethereum Virtual Machine, EVM) in the form of EVM bytecodes. In particular, the smart contracts may be programmed in a solubility language (a programming language) that is compiled into EVM bytecodes before being executed by the EVM on the blockchain.
Further, during the programming of the stability, logging may be implemented by an event function. However, the events in current stability codes are problematic in use, and if not avoided in time by the developer, they can result in wastage of gas fees (a cost to pay when performing a particular operation on the ethernet blockchain), and even increase the risk of property loss to the contract account.
In the process of implementing the embodiments of the present disclosure, it is found that at least the following problems exist in the related art:
the events in the current stability code are problematic in use, and if not avoided in time by the developer, the events can result in wastage of gas fees, and even increase the risk of property loss of the contract account.
It should be noted that the information disclosed in the foregoing background section is only for enhancing understanding of the background of the present application and thus may include information that does not form the prior art that is already known to those of ordinary skill in the art.
Disclosure of Invention
The following presents a simplified summary in order to provide a basic understanding of some aspects of the disclosed embodiments. This summary is not an extensive overview, and is intended to neither identify key/critical elements nor delineate the scope of such embodiments, but is intended as a prelude to the more detailed description that follows.
The embodiment of the disclosure provides a detection method, a detection device and a storage medium for an intelligent contract event log, which are used for detecting problems existing in an event in a current stability code when the event is used and reminding in time, so that the waste of gas cost is avoided, and the property loss risk of a contract account is reduced.
In some embodiments, the method for detecting an intelligent contract event log includes:
acquiring a target contract; compiling the target contract by adopting a solubility language;
analyzing the stability codes of the target contracts, and determining event problem states of the stability codes; the event problem state comprises at least one of an event requiring an optimization variable in the stability code, an event with a use frequency of the event of the stability code being greater than a use frequency threshold, an event with a parameter information error in the stability code, a redundant event in the stability code, a used debug event in the stability code, and an event with a call position error in the stability code;
and outputting reminding information based on the event problem state.
In some embodiments, the detection device for the smart contract event log comprises a processor and a memory storing program instructions, wherein the processor is configured to execute the detection method for the smart contract event log when the program instructions are executed.
In some embodiments, the storage medium stores program instructions that, when executed, perform the above-described detection method for smart contract event logs.
The detection method, the device and the storage medium for the intelligent contract event log provided by the embodiment of the disclosure can realize the following technical effects:
after the target contract compiled by the solubility language is acquired, the solubility code of the target contract can be analyzed to determine the event problem state of the solubility code. The event problem state may include at least one of an event in the stability code where a variable needs to be optimized, an event in the stability code where a frequency of use of the event is greater than a frequency of use threshold, an event in the stability code where a parameter information error exists, a redundant event in the stability code, a debug event in the stability code where a used debug event exists, and an event in the stability code where a call position error exists. Then, based on the event problem state, the reminder information can be output. Therefore, the stability codes can be analyzed from the angles of the problem states of the six events so as to detect the events in the stability codes, discover the problems in the stability codes in time, and inform developers in time in a mode of outputting reminding messages, so that the waste of gas cost is avoided as much as possible, and the property loss risk of contract accounts is reduced.
The foregoing general description and the following description are exemplary and explanatory only and are not restrictive of the application.
Drawings
One or more embodiments are illustrated by way of example and not limitation in the figures of the accompanying drawings, in which like references indicate similar elements, and in which like reference numerals refer to similar elements, and in which:
FIG. 1 is a schematic diagram of a method for detecting smart contract event logs, provided by embodiments of the present disclosure;
FIG. 2 is a schematic diagram of a method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of another method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of another method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of another method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 6 is a schematic diagram of another method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 7 is a schematic diagram of another method for determining event problem status of a resolution code provided by an embodiment of the present disclosure;
FIG. 8 is a schematic diagram of a detection apparatus for smart contract event logs, provided by an embodiment of the present disclosure.
Detailed Description
So that the manner in which the features and techniques of the disclosed embodiments can be understood in more detail, a more particular description of the embodiments of the disclosure, briefly summarized below, may be had by reference to the appended drawings, which are not intended to be limiting of the embodiments of the disclosure. In the following description of the technology, for purposes of explanation, numerous details are set forth in order to provide a thorough understanding of the disclosed embodiments. However, one or more embodiments may still be practiced without these details. In other instances, well-known structures and devices may be shown simplified in order to simplify the drawing.
The terms first, second and the like in the description and in the claims of the embodiments of the disclosure and in the above-described figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate in order to describe embodiments of the present disclosure. Furthermore, the terms "comprise" and "have," as well as any variations thereof, are intended to cover a non-exclusive inclusion.
The term "plurality" means two or more, unless otherwise indicated.
In the embodiment of the present disclosure, the character "/" indicates that the front and rear objects are an or relationship. For example, A/B represents: a or B.
The term "and/or" is an associative relationship that describes an object, meaning that there may be three relationships. For example, a and/or B, represent: a or B, or, A and B.
The term "corresponding" may refer to an association or binding relationship, and the correspondence between a and B refers to an association or binding relationship between a and B.
The embodiment of the present disclosure does not limit the execution subject of the detection method for an intelligent contract event log, for example, the detection method for an intelligent contract event log of the embodiment of the present disclosure may be applied to a data processing device such as a terminal device or a server. The terminal device refers to an electronic device with a wireless connection function, and in some embodiments, the terminal device is, for example, a mobile device, a computer, or an in-vehicle device built in a levitation vehicle, or any combination thereof. The mobile device may include, for example, a cell phone, smart home device, wearable device, smart mobile device, virtual reality device, etc., or any combination thereof, wherein the wearable device includes, for example: smart watches, smart bracelets, pedometers, etc.
Referring to fig. 1, an embodiment of the disclosure provides a method for detecting an intelligent contract event log, including:
s101, acquiring a target contract.
Wherein the target contract is compiled in a solubility language.
S102, analyzing the stability codes of the target contracts, and determining event problem states of the stability codes.
In the embodiment of the disclosure, the event problem state includes at least one of an event in the stability code for which a variable needs to be optimized, an event in the stability code for which a frequency of use of the event is greater than a frequency of use threshold, an event in the stability code for which parameter information is wrong, a redundant event in the stability code, a debug event in the stability code for which a used debug event is present, and an event in the stability code for which a call position is wrong.
S103, outputting reminding information based on the event problem state.
In the embodiments of the present disclosure, for convenience of understanding, the determining process of the above-mentioned six event problem states and the outputting of the reminding information may be respectively described by way of example with reference to the accompanying drawings.
Specifically, as shown in fig. 2, for the determination process of the event problem state that there is an event requiring the optimization variable in the stability code, that is, step S102, it may specifically include steps 21A-24A:
step 21A: and performing word segmentation on the solubility code to obtain a word segmentation code.
In practical application, space and line-feed symbols can be used as separators to segment the solubility codes, and punctuation in the solubility codes is filtered to obtain word-segment codes.
Step 22A: and marking the part of speech of the word segmentation code to obtain a word segmentation marking result.
Specifically, in the embodiment of the present disclosure, a corpus may be preset and the part-of-speech type of the stability code may be stored by the corpus. For example, part-of-speech types may include keywords, state variables, local variables, event names, function names, and class names. Thus, the word-part labeling can be carried out on the word-part codes according to the word-part types, and the word-part labeling result is obtained.
Step 23A: based on the word segmentation annotation result, a first event is determined from the resolution code.
The first event includes a state variable; the state variables are stored in storage type. In practical application, because the storage type variable consumes more gas than the memory type local variable, based on the word segmentation labeling result, an event related to the storage type state variable in the stability code can be identified as a first event, so that the subsequent processing is convenient for the first event consuming gas.
Step 24A: if the first function where the first event is located includes a local variable and the values of the state variable and the local variable are the same, determining that the event problem state is that an event requiring an optimized variable exists in the stability code.
Here, the local variable is stored in a memory type. Since memory type local variables consume less gas than storage type state variables, when the first function includes a local variable and the values of the state variable and the local variable are the same, it can be determined that there is an event in the resolution code that requires the variable to be optimized, that is, the state variable in the first event needs to be optimized.
Based on the above steps 21A-24A, in the embodiment of the present disclosure, the alert information output based on the event question status may specifically include: warning information indicating that variable optimization is possible, information of a state variable of the identified first event, and information of a local variable that can replace the state variable.
Further, after outputting the alert message, the method for detecting an intelligent contract event log may further include: the state variable stored in the storage type in the first event is replaced by the local variable stored in the memory type. As mentioned above, the local variables stored in the memory type consume less gas than the state variables stored in the storage type, and because the values of the state variables and the local variables are the same, replacing the state variables with the local variables does not change the definition and the value of the state variables, nor does it affect the persistence of the state variables on the blockchain. Thus, data resources can be saved by variable substitution.
Referring to fig. 3, the determining process of the event problem status, that is, step S102, that the event usage for the validity code is greater than the usage threshold may specifically include steps 21B-23B:
step 21B: and preprocessing the stability code to obtain a preprocessed code.
In practical applications, preprocessing is used to remove deactivated portions of the solubility code, including notes and/or empty lines in the solubility code.
Step 22B: and performing word frequency analysis on the preprocessing code to obtain the event usage amount in the preprocessing code.
Specifically, in the embodiment of the present disclosure, the total number of lines of the preprocessing code may be calculated first, then the preprocessing code may be segmented, and word frequency analysis may be performed on the segmented preprocessing code to obtain the number of times that the event is invoked. Then, based on the number of times an event is called and the total number of lines of the preprocessing code, the average number of occurrences of the event in each line of the preprocessing code can be determined as the event use frequency. In the solution code, the "emit" keyword is followed by the event name, so that the number of times of calling the event can be determined by counting the number of times of occurrence of the keyword "emit". In addition, the event frequency of use may be obtained by dividing the number of occurrences of the event by the total number of lines of the preprocessing code.
Step 23B: if the event frequency is greater than the frequency threshold, determining that the event problem state is that the event frequency of the stability code is greater than the frequency threshold.
In the embodiment of the present disclosure, the inventors have creatively studied and found that the average value of the event frequency is 0.022, so that in practical application, the value range of the frequency threshold may be 0.03-0.06, and preferably 0.05.
Based on the above steps 21B-23B, in the embodiment of the present disclosure, the alert information output based on the event question status may specifically include: warning information for indicating event abuse. While an event is an effective implementation of interaction with other systems, it also uses a lot of resources and has a large impact on the working effects of the contract, so in the embodiments of the present disclosure, by means of event overwarning, developers can be informed in time to use events with caution, thereby avoiding wasting resources.
Referring to fig. 4, the determining process of the event problem state, that is, step S102, for the event that there is an error in the incoming parameter information in the validity code may specifically include steps 21C-24C:
step 21C: and carrying out static code analysis on the stability codes to obtain an abstract syntax tree of the target contract.
In practical application, the implementation process of static code analysis on the stability code may use any static code analysis algorithm that may exist in the present or future, and is not limited herein.
Step 22C: and determining a second event with the parameter number larger than or equal to the number threshold according to the function statement in the abstract syntax tree, and acquiring parameter information transmitted by the second event.
Here, the number threshold may be 3, thereby avoiding the chance probability that the number of parameters is small. The parameter information may include a parameter name and a parameter value.
Step 23C: from the functions in the abstract syntax tree, a second function is obtained having the same number of parameters as when the second event was invoked.
Step 24C: if the parameter information of any parameter and the parameter information of the second function are different when the second event is called, and the parameter information of other parameters except any parameter is the same as the parameter information of the second function, determining that the event problem state is an event with parameter information errors in the stability code.
Therefore, the second event with the parameter number larger than or equal to 3 is determined, and the parameter names and the parameter values transmitted by the second event are acquired, so that the subsequent positioning to a specific function is facilitated as much as possible. When the parameter information of the second event and the parameter information of the second function are different, the parameter error is indicated.
Based on the above steps 21C-24C, in the embodiment of the present disclosure, the alert information output based on the event problem status may specifically include: warning information for indicating parameter information errors, and related information of the second event and the second function. When an event is called, if the input error parameters are consistent with the parameter types in definition, the compiler cannot find errors of the parameter information. The intelligent contract is difficult to change after being deployed, so that a developer can be timely informed by detecting the error of the input parameter and warning, thereby helping to reduce the risk of contract loopholes as much as possible.
Referring to fig. 5, the determining process for the event problem state that there is a redundant event in the redundancy code, that is, step S102, may specifically include steps 21D-22D:
step 21D: for a third event called in the stability code, determining a fourth event containing all parameters of the third event from the called events except the third event included in the stability code.
Specifically, the number of the fourth events may be 1 or a plurality of fourth events. The fourth event includes all parameters of the third event, which may mean that the parameters of the third event are the same, or that the parameters of the fourth event include parameters of the third event. Based on this, in the embodiment of the disclosure, for the third event, it may be queried in the stability code whether there are other parameters of the invoked event including the parameters of the third event, and if so, the event may be determined as the fourth event. In addition, since the alias analysis algorithm is a technique for identifying name sets of program variables, which may cause the same memory location during program execution, and the same parameters of the memory location may also be regarded as the same parameters, in the embodiment of the present disclosure, the parameters of the third event may be further analyzed by the alias analysis algorithm to determine the same parameters of the memory location, and further determine the corresponding fourth event based on the same parameters of the memory location.
Step 22D: and when the parameter value of the third event is the same as the corresponding parameter value in the fourth event, determining that the event problem state is that a redundant event exists in the redundancy code.
As mentioned above, the fourth event includes the third event, and thus, when the parameter value of the third event and the parameter value of the fourth event are also the same, it may be explained that the third event is a redundant event for the fourth event.
Based on the above steps 21D-22D, in the embodiment of the present disclosure, the alert information output based on the event issue status may specifically include: warning information indicating the existence of a redundant event, and related information of the third event and the fourth event. Because the third event is a redundant event, which is contained by the fourth event and has the same parameter value, the developer can be timely informed by detecting the redundant event and warning, thereby being beneficial to canceling the calling of the redundant event as soon as possible and reducing the consumption of data resources.
Referring to fig. 6, the determining process for the event problem status of the used debug event in the stability code, that is, step S102, may specifically include steps 21E-22E:
step 21E: the stability code is analyzed to determine whether at least one of a fifth event, a sixth event, and a seventh event is present in the stability code.
Wherein the fifth event is an empty event; the sixth event is an event which is called at a different position and records the same variable; the seventh event is an event including a character string parameter, and the character string parameter includes a preset keyword. In practical application, a developer may use an event to debug, where the debug event may be in the form of a null event, an event that is called at a different location and records the same variable, or an event that includes a string parameter, where the string parameter includes a preset keyword, that is, at least one of a fifth event, a sixth event, and a seventh event. In practical applications, the preset keyword may be embodied as at least one of "unbuckling", "test" and "hellp".
Step 22E: if at least one of the fifth event, the sixth event and the seventh event exists in the stability code, determining that the event issue status is that there is a used debug event in the stability code.
Based on the above, when at least one of the fifth event, the sixth event, and the seventh event exists in the resolution code, it may be explained that the developer does not delete the used debug event after debugging the resolution code.
Based on the above steps 21E to 22E, in the embodiment of the present disclosure, the alert information output based on the event problem status may specifically include: warning information for indicating debug events that have been used in the resolution code. After debugging the code by using the event, if the debugging event which is not needed is not deleted in time, the code readability is negatively affected, and redundant data resource consumption is caused, so that the developer can be informed in time by detecting the used debugging event in the stability code and warning, thereby being beneficial to deleting the used debugging event as soon as possible and reducing the consumption of the data resource.
Referring to fig. 7, the determining process for the event problem state that there is an event of calling a position error in the stability code, that is, step S102, may specifically include steps 21F-24F:
step 21F: in the running process of the stability code, an execution path and an operation code of the stability code are acquired.
In the disclosed embodiments, in order for the resolution code to run, an Anvil (a blockchain running tool) may be used first to build a network testing environment for the local blockchain and to deploy the target contract in the network testing environment. Next, valid inputs may be randomly generated for the function of the target contract. Specifically, the target contract can be compiled first to generate a JSON format file corresponding to an application binary interface (Application Binary Interface, ABI), then the ABI file is analyzed to obtain the function description and the data types of parameters in the file, and then the input fields of the parameters of each data type are determined according to the stability official document.
For example, parameters for a fixed length data type, such as int, uint, bytes and fixed array type parameters, may randomly generate an input within its valid input field.
For parameters of data types with non-fixed length, for example, string type parameters, positive integers in the effective range can be randomly generated as the length, and then character strings with the length can be randomly generated as input.
For the address type parameter, ABI function feature analysis is required, that is, all function signatures declared in ABI are extracted, and then a function selector of each function signature, that is, keccak hash (SHA-3) of the first four bytes of the function signature is calculated to determine the function selector used by each common ABI function. Next, a map can be constructed and stored with function selectors as keys, with addresses of all intelligent contracts with the same function selector as values. Through this mapping, for each function selector, all smart contract addresses supporting that function selector can be found in a search mapping manner, and thus a random input is generated for the parameters of the address data type of each ABI function of the smart contract.
Step 22F: after the eighth event in the resolution code is invoked, it is detected, through the execution path and the opcode, whether the variable entered by the eighth event is reassigned.
Here, the eighth event is any event in the stability code. In the disclosed embodiment, program piling techniques may be employed to acquire execution paths using branch coverage probes and conditional coverage probes and monitor the object for opcodes that are approximately at the time of execution at the EVM to detect whether the variable entered by the eighth event is reassigned after the eighth event is invoked.
Step 23F: if the variable transmitted by the eighth event is reassigned, detecting whether a ninth event for recording reassignment results of the eighth event exists in the stability code.
In practice, an event is typically invoked after an operation is completed, for example, to record information such as a transaction, assignment, or authorization. Based on this, by detecting a ninth event, that is, an event for recording the reassigned variable, it can be determined whether the event is called again after the corresponding operation is performed.
Step 24F: if the ninth event does not exist in the stability code, determining that the event problem state is an event with calling position errors in the stability code.
If the ninth event does not exist, it may be stated that the eighth event is called, but is not called again, i.e. its call location is wrong, although it is reassigned.
Based on the above steps 21F-24F, in the embodiment of the present disclosure, the alert information output based on the event problem status may specifically include: and warning information for indicating that calling position errors exist in the stability code. In this way, by detecting the calling position error of the event and warning, the developer can be timely informed, so that the risk of contract loopholes can be reduced as much as possible.
By adopting the detection method for the intelligent contract event log provided by the embodiment of the disclosure, after the target contract compiled by the solubility language is acquired, the solubility code of the target contract can be analyzed to determine the event problem state of the solubility code. The event problem state may include at least one of an event in the stability code where a variable needs to be optimized, an event in the stability code where a frequency of use of the event is greater than a frequency of use threshold, an event in the stability code where a parameter information error exists, a redundant event in the stability code, a debug event in the stability code where a used debug event exists, and an event in the stability code where a call position error exists. Then, based on the event problem state, the reminder information can be output. Therefore, the stability codes can be analyzed from the angles of the problem states of the six events so as to detect the events in the stability codes, discover the problems in the stability codes in time, and inform developers in time in a mode of outputting reminding information, so that the waste of data resources is avoided as much as possible, and the property loss risk of contract accounts is reduced.
As shown in connection with fig. 8, an embodiment of the present disclosure provides a detection apparatus 300 for smart contract event logs, including a processor (processor) 304 and a memory (memory) 301. Optionally, the apparatus may further comprise a communication interface (Communication Interface) 302 and a bus 303. The processor 304, the communication interface 302, and the memory 301 may communicate with each other through the bus 303. The communication interface 302 may be used for information transfer. The processor 304 may call logic instructions in the memory 301 to perform the detection method for the smart contract event log of the above-described embodiments.
Further, the logic instructions in the memory 301 may be implemented in the form of software functional units and stored in a computer readable storage medium when sold or used as a stand alone product.
The memory 301 is used as a computer readable storage medium for storing a software program, a computer executable program, such as program instructions/modules corresponding to the methods in the embodiments of the present disclosure. The processor 304 executes the functional applications and data processing by running the program instructions/modules stored in the memory 301, i.e. implements the detection method for smart contract event logs in the above-described embodiments.
The memory 301 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, at least one application program required for a function; the storage data area may store data created according to the use of the terminal device, etc. In addition, the memory 301 may include a high-speed random access memory, and may also include a nonvolatile memory.
Embodiments of the present disclosure provide a computer-readable storage medium storing computer-executable instructions configured to perform the above-described detection method for smart contract event logs.
The computer readable storage medium may be a transitory computer readable storage medium or a non-transitory computer readable storage medium.
Embodiments of the present disclosure may be embodied in a software product stored on a storage medium, including one or more instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of a method according to embodiments of the present disclosure. And the aforementioned storage medium may be a non-transitory storage medium including: a plurality of media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or a transitory storage medium.
The above description and the drawings illustrate embodiments of the disclosure sufficiently to enable those skilled in the art to practice them. Other embodiments may involve structural, logical, electrical, process, and other changes. The embodiments represent only possible variations. Individual components and functions are optional unless explicitly required, and the sequence of operations may vary. Portions and features of some embodiments may be included in, or substituted for, those of others. Moreover, the terminology used in the present application is for the purpose of describing embodiments only and is not intended to limit the claims. As used in the description of the embodiments and the claims, the singular forms "a," "an," and "the" (the) are intended to include the plural forms as well, unless the context clearly indicates otherwise. Similarly, the term "and/or" as used in this application is meant to encompass any and all possible combinations of one or more of the associated listed. Furthermore, when used in this application, the terms "comprises," "comprising," and/or "includes," and variations thereof, mean that the stated features, integers, steps, operations, elements, and/or components are present, but that the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof is not precluded. Without further limitation, an element defined by the phrase "comprising one …" does not exclude the presence of other like elements in a process, method or apparatus comprising such elements. In this context, each embodiment may be described with emphasis on the differences from the other embodiments, and the same similar parts between the various embodiments may be referred to each other. For the methods, products, etc. disclosed in the embodiments, if they correspond to the method sections disclosed in the embodiments, the description of the method sections may be referred to for relevance.
Those of skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. The skilled artisan may use different methods for each particular application to achieve the described functionality, but such implementation should not be considered to be beyond the scope of the embodiments of the present disclosure. It will be clearly understood by those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.
In the embodiments disclosed herein, the disclosed methods, articles of manufacture (including but not limited to devices, apparatuses, etc.) may be practiced in other ways. For example, the apparatus embodiments described above are merely illustrative, and for example, the division of the units may be merely a logical function division, and there may be additional divisions when actually implemented, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. In addition, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form. The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to implement the present embodiment. In addition, each functional unit in the embodiments of the present disclosure may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. In the description corresponding to the flowcharts and block diagrams in the figures, operations or steps corresponding to different blocks may also occur in different orders than that disclosed in the description, and sometimes no specific order exists between different operations or steps. For example, two consecutive operations or steps may actually be performed substantially in parallel, they may sometimes be performed in reverse order, which may be dependent on the functions involved. Each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Claims (10)
1. A method for detecting an intelligent contract event log, comprising:
acquiring a target contract; compiling the target contract by adopting a solubility language;
analyzing the stability codes of the target contracts, and determining event problem states of the stability codes; the event problem state comprises at least one of an event requiring an optimization variable in the stability code, an event with a use frequency of the event of the stability code being greater than a use frequency threshold, an event with a parameter information error in the stability code, a redundant event in the stability code, a used debug event in the stability code, and an event with a call position error in the stability code;
and outputting reminding information based on the event problem state.
2. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
performing word segmentation on the stability code to obtain a word segmentation code;
part of speech tagging is carried out on the word segmentation codes, and word segmentation tagging results are obtained;
determining a first event from the stability code based on the word segmentation annotation result; the parameters when the first event is invoked include a state variable; the state variables are stored in a storage type;
if the first function where the first event is located includes a local variable and the values of the state variable and the local variable are the same, determining that the event problem state is that an event requiring an optimized variable exists in the stability code; the local variables are stored in a memory type.
3. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
preprocessing the stability code to obtain a preprocessed code; the preprocessing is used for removing a deactivated portion in the solubility code, wherein the deactivated portion comprises notes and/or blank lines in the solubility code;
word frequency analysis is carried out on the preprocessing codes, so that event use frequency in the preprocessing codes is obtained;
and if the event using frequency is larger than the using frequency threshold value, determining that the event problem state is that the event using frequency of the stability code is larger than the using frequency threshold value.
4. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
performing static code analysis on the stability code to obtain an abstract syntax tree of the target contract;
determining a second event with the parameter number larger than or equal to a number threshold according to the function statement in the abstract syntax tree, and acquiring parameter information transmitted by the second event;
determining a second function with the same number of parameters as the second event is called in the stability code based on the abstract syntax tree;
and if the parameter information of any parameter when the second event is called is different from the parameter information of the second function, and the parameter information of other parameters except for any parameter is the same as the parameter information of the second function, determining that the event problem state is an event with parameter information errors in the stability code.
5. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
for a third event called in the stability code, determining a fourth event containing all parameters of the third event from the called events except the third event included in the stability code;
and when the parameter value of the third event is the same as the corresponding parameter value in the fourth event, determining that the event problem state is that a redundant event exists in the stability code.
6. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
analyzing the stability code to determine whether at least one of a fifth event, a sixth event and a seventh event exists in the stability code; the fifth event is an empty event; the sixth event is an event which is called at a different position and records the same variable; the seventh event is an event comprising a character string parameter, and the character string parameter comprises a preset keyword;
and if at least one of a fifth event, a sixth event and a seventh event exists in the stability code, determining that the event problem state is that the used debugging event exists in the stability code.
7. The method of claim 1, wherein analyzing the validity code of the target contract to determine an event problem status of the validity code comprises:
acquiring an execution path and an operation code of the stability code in the running process of the stability code;
after an eighth event in the stability code is called, detecting whether a variable transmitted by the eighth event is reassigned or not through the execution path and the operation code;
if the variable transmitted by the eighth event is reassigned, detecting whether a ninth event for recording reassignment results of the eighth event exists in the stability code;
and if the ninth event does not exist in the stability code, determining that the event problem state is an event with a calling position error in the stability code.
8. The method according to claim 2, wherein after outputting the alert information based on the event question status, the method further comprises:
and replacing the state variable stored in the storage type in the first event with the local variable stored in the memory type.
9. A detection apparatus for a smart contract event log, comprising a processor and a memory storing program instructions, wherein the processor is configured, when executing the program instructions, to perform the detection method for a smart contract event log as claimed in any one of claims 1 to 8.
10. A storage medium storing program instructions which, when executed, perform the method for detecting a smart contract event log according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410138372.4A CN117688564B (en) | 2024-02-01 | 2024-02-01 | Detection method, device and storage medium for intelligent contract event log |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410138372.4A CN117688564B (en) | 2024-02-01 | 2024-02-01 | Detection method, device and storage medium for intelligent contract event log |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117688564A true CN117688564A (en) | 2024-03-12 |
| CN117688564B CN117688564B (en) | 2024-05-03 |
Family
ID=90135646
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410138372.4A Active CN117688564B (en) | 2024-02-01 | 2024-02-01 | Detection method, device and storage medium for intelligent contract event log |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117688564B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102012991A (en) * | 2010-11-09 | 2011-04-13 | 北京神舟航天软件技术有限公司 | Static analysis-based checking method of safety rules of C language |
| CN102831004A (en) * | 2012-07-13 | 2012-12-19 | 天津国芯科技有限公司 | Method for optimizing compiling based on C*core processor and compiler |
| US20140068567A1 (en) * | 2012-09-05 | 2014-03-06 | Microsoft Corporation | Determining relevant events in source code analysis |
| CN109684838A (en) * | 2018-11-23 | 2019-04-26 | 电子科技大学 | A kind of static code auditing system and method for ether mill intelligence contract |
| CN110096338A (en) * | 2019-05-10 | 2019-08-06 | 百度在线网络技术(北京)有限公司 | Intelligent contract executes method, apparatus, equipment and medium |
| KR20200094618A (en) * | 2019-01-30 | 2020-08-07 | 주식회사 린아레나 | Method for auditing source code using smart contract similarity analysis and apparatus thereof |
| CN115022026A (en) * | 2022-05-31 | 2022-09-06 | 电子科技大学 | Block chain intelligent contract threat detection device and method |
| CN115794103A (en) * | 2022-10-25 | 2023-03-14 | 网易(杭州)网络有限公司 | Variable compiling method and device, electronic equipment and readable storage medium |
| CN116028495A (en) * | 2022-12-28 | 2023-04-28 | 山石网科通信技术股份有限公司 | Intelligent contract detection method and device |
| CN116166747A (en) * | 2023-01-10 | 2023-05-26 | 杭州溪塔科技有限公司 | Block chain intelligent contract data processing method and device |
| CN116185805A (en) * | 2021-11-26 | 2023-05-30 | 北京有竹居网络技术有限公司 | Code detection method, device, equipment and storage medium |
| CN116841906A (en) * | 2023-07-26 | 2023-10-03 | 山石网科通信技术股份有限公司 | Intelligent contract detection method and device and electronic equipment |
-
2024
- 2024-02-01 CN CN202410138372.4A patent/CN117688564B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102012991A (en) * | 2010-11-09 | 2011-04-13 | 北京神舟航天软件技术有限公司 | Static analysis-based checking method of safety rules of C language |
| CN102831004A (en) * | 2012-07-13 | 2012-12-19 | 天津国芯科技有限公司 | Method for optimizing compiling based on C*core processor and compiler |
| US20140068567A1 (en) * | 2012-09-05 | 2014-03-06 | Microsoft Corporation | Determining relevant events in source code analysis |
| CN109684838A (en) * | 2018-11-23 | 2019-04-26 | 电子科技大学 | A kind of static code auditing system and method for ether mill intelligence contract |
| KR20200094618A (en) * | 2019-01-30 | 2020-08-07 | 주식회사 린아레나 | Method for auditing source code using smart contract similarity analysis and apparatus thereof |
| CN110096338A (en) * | 2019-05-10 | 2019-08-06 | 百度在线网络技术(北京)有限公司 | Intelligent contract executes method, apparatus, equipment and medium |
| CN116185805A (en) * | 2021-11-26 | 2023-05-30 | 北京有竹居网络技术有限公司 | Code detection method, device, equipment and storage medium |
| CN115022026A (en) * | 2022-05-31 | 2022-09-06 | 电子科技大学 | Block chain intelligent contract threat detection device and method |
| CN115794103A (en) * | 2022-10-25 | 2023-03-14 | 网易(杭州)网络有限公司 | Variable compiling method and device, electronic equipment and readable storage medium |
| CN116028495A (en) * | 2022-12-28 | 2023-04-28 | 山石网科通信技术股份有限公司 | Intelligent contract detection method and device |
| CN116166747A (en) * | 2023-01-10 | 2023-05-26 | 杭州溪塔科技有限公司 | Block chain intelligent contract data processing method and device |
| CN116841906A (en) * | 2023-07-26 | 2023-10-03 | 山石网科通信技术股份有限公司 | Intelligent contract detection method and device and electronic equipment |
Non-Patent Citations (1)
| Title |
|---|
| 郑忠斌;王朝栋;蔡佳浩;: "智能合约的安全研究现状与检测方法分析综述", 信息安全与通信保密, no. 07, 10 July 2020 (2020-07-10) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117688564B (en) | 2024-05-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kim et al. | Shared execution for efficiently testing product lines | |
| CN109783346B (en) | Keyword-driven automatic testing method and device and terminal equipment | |
| US8997065B2 (en) | Automatic modularization of source code | |
| CN101853200B (en) | High-efficiency dynamic software vulnerability exploiting method | |
| CN110474900B (en) | Game protocol testing method and device | |
| CN111124479B (en) | Method and system for analyzing configuration file and electronic equipment | |
| CN105630656A (en) | Log model based system robustness analysis method and apparatus | |
| CN110287700B (en) | iOS application security analysis method and device | |
| US20190094300A1 (en) | Ensuring completeness of interface signal checking in functional verification | |
| CN117688564B (en) | Detection method, device and storage medium for intelligent contract event log | |
| CN114826793B (en) | ROP chain detection method, device and medium | |
| CN116841906A (en) | Intelligent contract detection method and device and electronic equipment | |
| CN115840707A (en) | Flash test method, device and medium | |
| CN113703753B (en) | Method and device for product development and product development system | |
| CN115033489A (en) | Code resource detection method and device, electronic equipment and storage medium | |
| CN114462381A (en) | Data processing method, device, equipment and storage medium | |
| CN113467815A (en) | Application repair method and device for hot update, terminal equipment and storage medium | |
| CN113742208A (en) | Software detection method, device, equipment and computer readable storage medium | |
| EP0365186A2 (en) | Apparatus for enhanced tagged data processing in a generalized computer execution unit | |
| CN115640236B (en) | Script quality detection method and computing device | |
| CN112115046B (en) | Software fault positioning method, device and terminal | |
| CN113721916B (en) | Compiling method, device and equipment of operating system and readable storage medium | |
| CN112612471B (en) | Code processing method, device, equipment and storage medium | |
| CN118152293A (en) | Interface testing method, device, electronic equipment and computer readable storage medium | |
| CN106874182B (en) | Code exception handling method and device, and code execution method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |