WO2021244054A1 - Contract code obfuscation platform and obfuscation method based on smart contract bytecode features - Google Patents

Contract code obfuscation platform and obfuscation method based on smart contract bytecode features Download PDF

Info

Publication number
WO2021244054A1
WO2021244054A1 PCT/CN2021/074634 CN2021074634W WO2021244054A1 WO 2021244054 A1 WO2021244054 A1 WO 2021244054A1 CN 2021074634 W CN2021074634 W CN 2021074634W WO 2021244054 A1 WO2021244054 A1 WO 2021244054A1
Authority
WO
WIPO (PCT)
Prior art keywords
contract
bytecode
instruction
jump
obfuscation
Prior art date
Application number
PCT/CN2021/074634
Other languages
French (fr)
Chinese (zh)
Inventor
周亚金
程镇
吴磊
任奎
Original Assignee
浙江大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 浙江大学 filed Critical 浙江大学
Publication of WO2021244054A1 publication Critical patent/WO2021244054A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation

Definitions

  • the invention relates to the field of smart contracts, in particular to a contract code obfuscation platform and method based on smart contract bytecode features.
  • Smart contracts are an idea put forward by Nick Sabo in the 1990s, almost the same age as the Internet. Due to the lack of a credible execution environment, smart contracts have not been applied to the actual industry. Since the birth of Bitcoin, people have realized that the underlying technology of Bitcoin, the blockchain, can inherently provide a credible execution environment for smart contracts. Smart contract is an assembly language programmed on the blockchain. Usually people don't write bytecode by themselves, but they compile it from a higher-level language.
  • the purpose of the present invention is to provide a smart contract code obfuscation platform for the situation that the existing chain contract code can be easily parsed by various analysis tools, and contract developers can rewrite the contract code through this platform to avoid this before deploying the contract. Case.
  • a contract code obfuscation platform based on smart contract bytecode features which is characterized in that the platform includes:
  • the bytecode/instruction converter is used to receive the original bytecode, and convert the original bytecode into an instruction sequence according to the target obfuscation method, so as to express the executable section;
  • the information extractor is used to extract the injected instruction sequence and the information needed for re-analysis of the jump target according to the obfuscation method, including the instruction position that needs to be rewritten and the original jump target address, and save it, and The instruction position that needs to be rewritten is sent to the bytecode injector, and the original jump target address is sent to the jump target reparser;
  • the bytecode injector generates insert instructions according to the obfuscation method, inserts them at the corresponding positions in the instruction sequence, forms a new instruction sequence, and sends it to the jump target re-parser;
  • Jump target re-parser used to correct the jump address of the new instruction sequence to make it correspond to the correct jump target
  • the instruction/bytecode converter is used to convert the corrected instruction sequence into bytecode, that is, the obfuscated bytecode, and output it.
  • a contract code obfuscation method based on smart contract bytecode features specifically includes the following steps:
  • the contract code obfuscation platform converts the original bytecode into an instruction sequence, and according to the obfuscation method, extracts the instruction position that needs to be rewritten and the original jump target address, and then generates the insert instruction and inserts it in Insert the insert instruction in the corresponding position of the instruction sequence, then correct the jump address of the instruction sequence to make it correspond to the correct jump address, and finally convert the corrected instruction sequence into bytecode, that is, after confusion Bytecode and output it.
  • the S3 specifically includes the following sub-steps:
  • the contract code obfuscation platform executes the contract code step by step, traverses all the branches that can be reached, and identifies the function selector section, contract function section and data section of the contract during the process, and copies the contract The jump instruction and the value used in the jump instruction are marked out;
  • the obfuscation method selects any one of the following methods:
  • the tool can find the initial characteristics of the two contract initialization codes when scanning the bytecode linearly, causing the tool to identify the wrong contract body code;
  • contract developers can use the obfuscation device and method of the present invention to add a layer of confusion to the contract and enhance the unreadableness of the bytecode of their own contracts. Thereby strengthening the protection of the contract code.
  • Figure 1 is a schematic diagram of a contract code obfuscation platform based on smart contract bytecode features
  • Figure 2 is a flowchart of a contract code obfuscation method based on smart contract bytecode features.
  • the contract code obfuscation platform based on smart contract bytecode features of the present invention includes:
  • the bytecode/instruction converter is used to receive the original bytecode, and convert the original bytecode into an instruction sequence according to the target obfuscation method, so as to express the executable section;
  • the information extractor is used to extract the injected instruction sequence and the information required for re-analysis of the jump target according to the obfuscation method, including the instruction position that needs to be rewritten and the original jump target address, and save it, and The instruction position that needs to be rewritten is sent to the bytecode injector, and the original jump target address is sent to the jump target reparser;
  • the bytecode injector generates insert instructions according to the obfuscation method, and inserts them at the corresponding position in the instruction sequence to form a new instruction sequence and send it to the jump target re-parser; because this action will change the size of the original bytecode, As a result, the original jump address no longer corresponds to the correct jump target, so a new instruction sequence will need to be sent to the jump target reparser to correct these misplaced jump addresses.
  • Jump target re-parser used to correct the jump address of the new instruction sequence to make it correspond to the correct jump target
  • the instruction/bytecode converter is used to convert the corrected instruction sequence into bytecode, that is, the obfuscated bytecode, and output it.
  • the contract code obfuscation method based on smart contract bytecode features of the present invention specifically includes the following steps:
  • the contract code obfuscation platform converts the original bytecode into an instruction sequence, and according to the obfuscation method, extracts the instruction position that needs to be rewritten and the original jump target address, and then generates the insert instruction and inserts it in Insert the insert instruction at the corresponding position of the instruction sequence, then correct the jump address of the instruction sequence to make it correspond to the correct jump address, and finally convert the corrected instruction sequence into bytecode, that is, after confusion Bytecode and output it.
  • the specific process is as follows:
  • the contract code obfuscation platform executes the contract code step by step, traverses all the branches that can be reached, and identifies the function selector section, contract function section and data section of the contract during the process, and copies the contract The jump instruction and the value used in the jump instruction are marked out;
  • the tool can find the initial characteristics of the two contract initialization codes when scanning the bytecode linearly, causing the tool to identify the wrong contract body code.

Abstract

Disclosed is a contract code obfuscation platform based on smart contract bytecode features. The obfuscation platform comprises a bytecode/instruction converter, an information extractor, a bytecode injector, a jump target re-parser, and an instruction/bytecode converter. In the platform, an original bytecode is converted into an instruction sequence, and according to an obfuscation method, an instruction position needing to be rewritten and an original jump target address are extracted; an insertion instruction is then generated, and the insertion instruction is inserted in a corresponding position of the instruction sequence; a jump address of the instruction sequence is then corrected, so that the jump address corresponds to a correct jump address; and finally, the corrected instruction sequence is converted into a bytecode so that an obfuscated bytecode is obtained, and the obfuscated bytecode is output. In the present invention, by obfuscating a contract bytecode, contract information of a contract creator can be protected from being easily parsed by a tool, thereby reducing the risk of persons freely stealing codes from an on-chain contract.

Description

基于智能合约字节码特征的合约代码混淆平台和混淆方法Contract code obfuscation platform and obfuscation method based on smart contract bytecode features 技术领域Technical field
本发明涉及智能合约领域,尤其涉及一种基于智能合约字节码特征的合约代码混淆平台和混淆方法。The invention relates to the field of smart contracts, in particular to a contract code obfuscation platform and method based on smart contract bytecode features.
背景技术Background technique
智能合约是1990年代由尼克萨博提出的理念,几乎与互联网同龄。由于缺少可信的执行环境,智能合约并没有被应用到实际产业中,自比特币诞生后,人们认识到比特币的底层技术区块链天生可以为智能合约提供可信的执行环境。智能合约是编程在区块链上的汇编语言。通常人们不会自己编写字节码,但是会从更高级的语言来编译它。Smart contracts are an idea put forward by Nick Sabo in the 1990s, almost the same age as the Internet. Due to the lack of a credible execution environment, smart contracts have not been applied to the actual industry. Since the birth of Bitcoin, people have realized that the underlying technology of Bitcoin, the blockchain, can inherently provide a credible execution environment for smart contracts. Smart contract is an assembly language programmed on the blockchain. Usually people don't write bytecode by themselves, but they compile it from a higher-level language.
由于区块链是一个公开的分布式账本,其上的信息所有人都公开可见,时常有代码被复用的情况,而由于链上存储的合约是字节码形式,对人来说是难以阅读的,因此为了了解一个没有公布源代码的合约,人们通常会采用各种分析手段去了解这个合约如何运作以达到不同的目的。对于一个不愿意轻易让别人抄袭甚至找到漏洞攻击自己合约的合约开发者来说,这样的环境是非常恶劣的。Since the blockchain is an open distributed ledger, the information on it is publicly visible to everyone, and the code is often reused, and because the contract stored on the chain is in the form of bytecode, it is difficult for people Read, so in order to understand a contract that has not published the source code, people usually use various analysis methods to understand how the contract works to achieve different purposes. For a contract developer who is unwilling to easily let others copy or even find loopholes to attack his contract, such an environment is very harsh.
发明内容Summary of the invention
本发明的目的在于针对现有链上合约代码能够轻易地被各种分析工具解析的情况,提供一个智能合约代码混淆平台,合约开发者可以在部署合约之前通过这个平台重写合约代码以避免这样的情况。The purpose of the present invention is to provide a smart contract code obfuscation platform for the situation that the existing chain contract code can be easily parsed by various analysis tools, and contract developers can rewrite the contract code through this platform to avoid this before deploying the contract. Case.
本发明的目的是通过以下技术方案来实现的:The purpose of the present invention is achieved through the following technical solutions:
一种基于智能合约字节码特征的合约代码混淆平台,其特征在于,该平台包括:A contract code obfuscation platform based on smart contract bytecode features, which is characterized in that the platform includes:
字节码/指令转换器,用于接收原始字节码,并根据目标混淆方法将所述的原始字节码转换成指令序列,以表示出可执行段;The bytecode/instruction converter is used to receive the original bytecode, and convert the original bytecode into an instruction sequence according to the target obfuscation method, so as to express the executable section;
信息提取器,用于根据混淆方法,提取出注入所述的指令序列和跳转目标重解析所需要的信息,包括需要改写的指令位置和原始跳转目标地址,并将其保存下来,并将需要改写的指令位置发送给字节码注入器,将原始跳转目标地址发送给跳转目标重解析器;The information extractor is used to extract the injected instruction sequence and the information needed for re-analysis of the jump target according to the obfuscation method, including the instruction position that needs to be rewritten and the original jump target address, and save it, and The instruction position that needs to be rewritten is sent to the bytecode injector, and the original jump target address is sent to the jump target reparser;
字节码注入器,根据混淆方法生成插入指令,并在指令序列相应位置上插入,形成新的指令序列,并发送给跳转目标重解析器;The bytecode injector generates insert instructions according to the obfuscation method, inserts them at the corresponding positions in the instruction sequence, forms a new instruction sequence, and sends it to the jump target re-parser;
跳转目标重解析器,用于更正新的指令序列的跳转地址,使其与正确的跳转目标相对应;Jump target re-parser, used to correct the jump address of the new instruction sequence to make it correspond to the correct jump target;
指令/字节码转换器,用于将更正后的指令序列转换成字节码,即为混淆后的字节码,并将其输出。The instruction/bytecode converter is used to convert the corrected instruction sequence into bytecode, that is, the obfuscated bytecode, and output it.
一种基于智能合约字节码特征的合约代码混淆方法,该方法具体包括如下步骤:A contract code obfuscation method based on smart contract bytecode features, the method specifically includes the following steps:
S1:合约开发者通过智能合约编译器生成原始的字节码;S1: The contract developer generates the original bytecode through the smart contract compiler;
S2:将所述的原始字节码输入合约代码混淆平台,并选择希望使用的混淆方法;S2: Enter the original bytecode into the contract code obfuscation platform, and select the obfuscation method you want to use;
S3:所述的合约代码混淆平台将所述的原始字节码转换成指令序列,并根据所述的混淆方法,提取出需要改写的指令位置和原始跳转目标地址,然后生成插入指令并在指令序列相应位置上插入所述的插入指令,然后再更正指令序列的跳转地址,使其与正确的跳转地址相对应,最后将更正后的指令序列转换成字节码,即得到混淆后的字节码,并将其输出。S3: The contract code obfuscation platform converts the original bytecode into an instruction sequence, and according to the obfuscation method, extracts the instruction position that needs to be rewritten and the original jump target address, and then generates the insert instruction and inserts it in Insert the insert instruction in the corresponding position of the instruction sequence, then correct the jump address of the instruction sequence to make it correspond to the correct jump address, and finally convert the corrected instruction sequence into bytecode, that is, after confusion Bytecode and output it.
进一步地,所述的S3具体包括如下的子步骤:Further, the S3 specifically includes the following sub-steps:
S3.1:线性扫描所述的原始字节码,在这个过程中通过合约编译器给出的默认合约初始化代码段和Swarm哈希始末特征码识别出合约初始化代码段和Swarm哈希段;S3.1: Linear scan the original bytecode, and in this process, the contract initialization code segment and Swarm hash segment are identified through the default contract initialization code segment and the Swarm hash beginning and end feature codes given by the contract compiler;
S3.2:将所述的原始字节码反编译成以太坊虚拟机的指令和立即数,并用这些信息创建出一个合约副本;S3.2: Decompile the original bytecode into the instructions and immediate data of the Ethereum virtual machine, and use this information to create a copy of the contract;
S3.3:通过维持模拟栈,所述的合约代码混淆平台一步步执行合约代码,遍历所有能够走到的分支,期间识别出合约的函数选择器段、合约函数段和数据段,将合约副本中的跳转指令与跳转指令所用到的值标记出来;S3.3: By maintaining the simulation stack, the contract code obfuscation platform executes the contract code step by step, traverses all the branches that can be reached, and identifies the function selector section, contract function section and data section of the contract during the process, and copies the contract The jump instruction and the value used in the jump instruction are marked out;
S3.4:根据标记的指令,生成并插入所述的混淆方法对应的指令序列;S3.4: Generate and insert the instruction sequence corresponding to the obfuscation method according to the marked instruction;
S3.5:将指令中错位的跳转地址更正,完成混淆。S3.5: Correct the misplaced jump address in the instruction to complete the confusion.
进一步地,所述的混淆方法选择如下方法中的任一种:Further, the obfuscation method selects any one of the following methods:
(1)通过加入一条PUSH指令让工具在线性扫描字节码的时候找到误识别出两个合约初始化代码起始特征,导致工具识别出错误的合约主体代码;(1) By adding a PUSH instruction, the tool can find the initial characteristics of the two contract initialization codes when scanning the bytecode linearly, causing the tool to identify the wrong contract body code;
(2)通过改写Swarm哈希段中的字节码,并且改写合约中的跳转指令附近指令,使得原合约中的所有跳转指令都会经由Swarm哈希段跳转去各自的目标地址,将合约的控制流图扁平化;(2) By rewriting the bytecode in the Swarm hash segment, and rewriting the instructions near the jump instruction in the contract, all the jump instructions in the original contract will jump to their target address through the Swarm hash segment, and Flattening the control flow graph of the contract;
(3)通过打断函数选择器的特征序列阻止合约分析工具获取合约中存有的函数签名;(3) Prevent the contract analysis tool from obtaining the function signature stored in the contract by interrupting the feature sequence of the function selector;
(4)通过插入大量JUMPDEST指令,让使用了符号执行和模拟执行的分析工具被迫维持大量的基本块入口状态,进而使工具运行缓慢甚至崩溃;(4) By inserting a large number of JUMPDEST instructions, the analysis tools that use symbolic execution and simulation execution are forced to maintain a large number of basic block entry states, which makes the tool run slowly or even crash;
(5)通过将用于跳转的立即数改换为一系列立即数的运算结果,使得默认跳转目标地址一定是立即数的工具无法解析合约中的跳转地址;(5) By changing the immediate value used for the jump to the result of a series of immediate operations, the tool whose default jump target address must be the immediate value cannot resolve the jump address in the contract;
(6)通过将用于跳转的目标地址放入内存并通过调用预编译合约的方式取回,让静态分析工具误以为调用了一个链上的合约,从而丢失跳转目标地址信息。(6) By putting the target address used for jumping into memory and retrieving it by calling the pre-compiled contract, the static analysis tool mistakenly believes that a contract on the chain is called, thus losing the jump target address information.
本发明的有益效果如下:The beneficial effects of the present invention are as follows:
针对可能有人用已有的分析工具解析智能合约字节码这样的情况,合约开发者可以采用本发明的混淆装置和混淆方法为合约加一层混淆,加强自己合约字节码的不可读性,从而加强对合约代码的保护。In view of the situation that some people may use existing analysis tools to parse the bytecode of smart contracts, contract developers can use the obfuscation device and method of the present invention to add a layer of confusion to the contract and enhance the unreadableness of the bytecode of their own contracts. Thereby strengthening the protection of the contract code.
附图说明Description of the drawings
图1为基于智能合约字节码特征的合约代码混淆平台的示意图;Figure 1 is a schematic diagram of a contract code obfuscation platform based on smart contract bytecode features;
图2是基于智能合约字节码特征的合约代码混淆方法的流程图。Figure 2 is a flowchart of a contract code obfuscation method based on smart contract bytecode features.
具体实施方式detailed description
下面根据附图和优选实施例详细描述本发明,本发明的目的和效果将变得更加明白,应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。The following describes the present invention in detail based on the accompanying drawings and preferred embodiments. The purpose and effects of the present invention will become more apparent. It should be understood that the specific embodiments described here are only used to explain the present invention and are not intended to limit the present invention.
如图1所示,本发明的基于智能合约字节码特征的合约代码混淆平台包括:As shown in Figure 1, the contract code obfuscation platform based on smart contract bytecode features of the present invention includes:
字节码/指令转换器,用于接收原始字节码,并根据目标混淆方法将所述的原始字节码转换成指令序列,以表示出可执行段;The bytecode/instruction converter is used to receive the original bytecode, and convert the original bytecode into an instruction sequence according to the target obfuscation method, so as to express the executable section;
信息提取器,用于根据混淆方法,提取出注入所述的指令序列和跳转目标重解析所需要的信息,包括需要改写的指令位置和原始跳转目标地址,并将其保存下来,并将需要改写的指令位置发送给字节码注入器,将原始跳转目标地址发送给跳转目标重解析器;The information extractor is used to extract the injected instruction sequence and the information required for re-analysis of the jump target according to the obfuscation method, including the instruction position that needs to be rewritten and the original jump target address, and save it, and The instruction position that needs to be rewritten is sent to the bytecode injector, and the original jump target address is sent to the jump target reparser;
字节码注入器,根据混淆方法生成插入指令,并在指令序列相应位置上插入,形成新的指令序列,并发送给跳转目标重解析器;由于此举会改变原始字节码的大小,导致原本的跳转地址不再对应正确的跳转目标,所以会需要将新的指令序列发送给跳转目标重解析器将这些错位的跳转地址更正过来。The bytecode injector generates insert instructions according to the obfuscation method, and inserts them at the corresponding position in the instruction sequence to form a new instruction sequence and send it to the jump target re-parser; because this action will change the size of the original bytecode, As a result, the original jump address no longer corresponds to the correct jump target, so a new instruction sequence will need to be sent to the jump target reparser to correct these misplaced jump addresses.
跳转目标重解析器,用于更正新的指令序列的跳转地址,使其与正确的跳转目标相对应;Jump target re-parser, used to correct the jump address of the new instruction sequence to make it correspond to the correct jump target;
指令/字节码转换器,用于将更正后的指令序列转换成字节码,即为混淆后的字节码,并将其输出。The instruction/bytecode converter is used to convert the corrected instruction sequence into bytecode, that is, the obfuscated bytecode, and output it.
如图2所示,本发明的基于智能合约字节码特征的合约代码混淆方法,具体包括如下步骤:As shown in Figure 2, the contract code obfuscation method based on smart contract bytecode features of the present invention specifically includes the following steps:
S1:合约开发者通过智能合约编译器生成原始的字节码;S1: The contract developer generates the original bytecode through the smart contract compiler;
S2:将所述的原始字节码输入合约代码混淆平台,并选择希望使用的混淆方法;S2: Enter the original bytecode into the contract code obfuscation platform, and select the obfuscation method you want to use;
S3:所述的合约代码混淆平台将所述的原始字节码转换成指令序列,并根据所述的混 淆方法,提取出需要改写的指令位置和原始跳转目标地址,然后生成插入指令并在指令序列相应位置上插入所述的插入指令,然后再更正指令序列的跳转地址,使其与正确的跳转地址相对应,最后将更正后的指令序列转换成字节码,即得到混淆后的字节码,并将其输出。具体过程如下:S3: The contract code obfuscation platform converts the original bytecode into an instruction sequence, and according to the obfuscation method, extracts the instruction position that needs to be rewritten and the original jump target address, and then generates the insert instruction and inserts it in Insert the insert instruction at the corresponding position of the instruction sequence, then correct the jump address of the instruction sequence to make it correspond to the correct jump address, and finally convert the corrected instruction sequence into bytecode, that is, after confusion Bytecode and output it. The specific process is as follows:
S3.1:线性扫描所述的原始字节码,在这个过程中通过合约编译器给出的默认合约初始化代码段和Swarm哈希始末特征码识别出合约初始化代码段和Swarm哈希段;S3.1: Linear scan the original bytecode, and in this process, the contract initialization code segment and Swarm hash segment are identified through the default contract initialization code segment and the Swarm hash beginning and end feature codes given by the contract compiler;
S3.2:将所述的原始字节码反编译成以太坊虚拟机的指令和立即数,并用这些信息创建出一个合约副本;S3.2: Decompile the original bytecode into the instructions and immediate data of the Ethereum virtual machine, and use this information to create a copy of the contract;
S3.3:通过维持模拟栈,所述的合约代码混淆平台一步步执行合约代码,遍历所有能够走到的分支,期间识别出合约的函数选择器段、合约函数段和数据段,将合约副本中的跳转指令与跳转指令所用到的值标记出来;S3.3: By maintaining the simulation stack, the contract code obfuscation platform executes the contract code step by step, traverses all the branches that can be reached, and identifies the function selector section, contract function section and data section of the contract during the process, and copies the contract The jump instruction and the value used in the jump instruction are marked out;
S3.4:根据标记的指令,生成并插入所述的混淆方法对应的指令序列;S3.4: Generate and insert the instruction sequence corresponding to the obfuscation method according to the marked instruction;
S3.5:将指令中错位的跳转地址更正,完成混淆。S3.5: Correct the misplaced jump address in the instruction to complete the confusion.
特别地,在这里用到的混淆方法有六种:In particular, there are six obfuscation methods used here:
(1)通过加入一条PUSH指令让工具在线性扫描字节码的时候找到误识别出两个合约初始化代码起始特征,导致工具识别出错误的合约主体代码。(1) By adding a PUSH instruction, the tool can find the initial characteristics of the two contract initialization codes when scanning the bytecode linearly, causing the tool to identify the wrong contract body code.
(2)通过改写Swarm哈希段中的字节码,并且改写合约中的跳转指令附近指令,使得原合约中的所有跳转指令都会经由Swarm哈希段跳转去各自的目标地址,将合约的控制流图扁平化。(2) By rewriting the bytecode in the Swarm hash segment, and rewriting the instructions near the jump instruction in the contract, all the jump instructions in the original contract will jump to their target address through the Swarm hash segment, and The control flow graph of the contract is flattened.
(3)通过打断函数选择器的特征序列阻止合约分析工具获取合约中存有的函数签名。(3) By interrupting the feature sequence of the function selector, the contract analysis tool is prevented from obtaining the function signature stored in the contract.
(4)通过插入大量JUMPDEST指令,让使用了符号执行和模拟执行的分析工具被迫维持大量的基本块入口状态,进而使工具运行缓慢甚至崩溃。(4) By inserting a large number of JUMPDEST instructions, the analysis tools that use symbolic execution and simulation execution are forced to maintain a large number of basic block entry states, which makes the tool run slowly or even crash.
(5)通过将用于跳转的立即数改换为一系列立即数的运算结果,使得默认跳转目标地址一定是立即数的工具无法解析合约中的跳转地址。(5) By changing the immediate value used for the jump to the result of a series of immediate operations, the tool whose default jump target address must be the immediate value cannot resolve the jump address in the contract.
(6)通过将用于跳转的目标地址放入内存并通过调用预编译合约的方式取回,让静态分析工具误以为调用了一个链上的合约(也就是智能合约场景下的动态信息,静态分析工具认为这样的信息无从得知),丢失跳转目标地址信息。(6) By putting the target address used for jumping into the memory and retrieving it by calling the precompiled contract, the static analysis tool mistakenly believes that a contract on the chain is called (that is, the dynamic information in the smart contract scenario, The static analysis tool believes that such information cannot be known), and the jump destination address information is lost.
本领域普通技术人员可以理解,以上所述仅为发明的优选实例而已,并不用于限制发明,尽管参照前述实例对发明进行了详细的说明,对于本领域的技术人员来说,其依然可以对前述各实例记载的技术方案进行修改,或者对其中部分技术特征进行等同替换。凡在发明的精神和原则之内,所做的修改、等同替换等均应包含在发明的保护范围之内。Those of ordinary skill in the art can understand that the above descriptions are only preferred examples of the invention and are not intended to limit the invention. Although the invention has been described in detail with reference to the foregoing examples, for those skilled in the art, they can still The technical solutions recorded in the foregoing examples are modified, or some of the technical features are equivalently replaced. All modifications and equivalent substitutions made within the spirit and principle of the invention shall be included in the protection scope of the invention.

Claims (4)

  1. 一种基于智能合约字节码特征的合约代码混淆平台,其特征在于,该平台包括:A contract code obfuscation platform based on smart contract bytecode features, which is characterized in that the platform includes:
    字节码/指令转换器,用于接收原始字节码,并根据目标混淆方法将所述的原始字节码转换成指令序列,以表示出可执行段;The bytecode/instruction converter is used to receive the original bytecode, and convert the original bytecode into an instruction sequence according to the target obfuscation method, so as to express the executable section;
    信息提取器,用于根据混淆方法,提取出注入所述的指令序列和跳转目标重解析所需要的信息,包括需要改写的指令位置和原始跳转目标地址,并将其保存下来,并将需要改写的指令位置发送给字节码注入器,将原始跳转目标地址发送给跳转目标重解析器;The information extractor is used to extract the injected instruction sequence and the information needed for re-analysis of the jump target according to the obfuscation method, including the instruction position that needs to be rewritten and the original jump target address, and save it, and The instruction position that needs to be rewritten is sent to the bytecode injector, and the original jump target address is sent to the jump target reparser;
    字节码注入器,根据混淆方法生成插入指令,并在指令序列相应位置上插入,形成新的指令序列,并发送给跳转目标重解析器;The bytecode injector generates insert instructions according to the obfuscation method, inserts them at the corresponding positions in the instruction sequence, forms a new instruction sequence, and sends it to the jump target re-parser;
    跳转目标重解析器,用于更正新的指令序列的跳转地址,使其与正确的跳转目标相对应;Jump target re-parser, used to correct the jump address of the new instruction sequence to make it correspond to the correct jump target;
    指令/字节码转换器,用于将更正后的指令序列转换成字节码,即为混淆后的字节码,并将其输出。The instruction/bytecode converter is used to convert the corrected instruction sequence into bytecode, that is, the obfuscated bytecode, and output it.
  2. 一种基于智能合约字节码特征的合约代码混淆方法,其特征在于,该方法具体包括如下步骤:A contract code obfuscation method based on smart contract bytecode features, which is characterized in that the method specifically includes the following steps:
    S1:合约开发者通过智能合约编译器生成原始的字节码;S1: The contract developer generates the original bytecode through the smart contract compiler;
    S2:将所述的原始字节码输入权利要求1中的所述的合约代码混淆平台,并选择希望使用的混淆方法;S2: Input the original bytecode into the contract code obfuscation platform in claim 1, and select the desired obfuscation method;
    S3:所述的合约代码混淆平台将所述的原始字节码转换成指令序列,并根据所述的混淆方法,提取出需要改写的指令位置和原始跳转目标地址,然后生成插入指令并在指令序列相应位置上插入所述的插入指令,然后再更正指令序列的跳转地址,使其与正确的跳转地址相对应,最后将更正后的指令序列转换成字节码,即得到混淆后的字节码,并将其输出。S3: The contract code obfuscation platform converts the original bytecode into an instruction sequence, and according to the obfuscation method, extracts the instruction position that needs to be rewritten and the original jump target address, and then generates the insert instruction and inserts it in Insert the insert instruction in the corresponding position of the instruction sequence, then correct the jump address of the instruction sequence to make it correspond to the correct jump address, and finally convert the corrected instruction sequence into bytecode, that is, after confusion Bytecode and output it.
  3. 根据权利要求2所述的基于智能合约字节码特征的合约代码混淆方法,其特征在于,所述的S3具体包括如下的子步骤:The contract code obfuscation method based on smart contract bytecode features according to claim 2, wherein said S3 specifically includes the following sub-steps:
    S3.1:线性扫描所述的原始字节码,在这个过程中通过合约编译器给出的默认合约初始化代码段和Swarm哈希始末特征码识别出合约初始化代码段和Swarm哈希段;S3.1: Linear scan the original bytecode, and in this process, the contract initialization code segment and Swarm hash segment are identified through the default contract initialization code segment and the Swarm hash beginning and end feature codes given by the contract compiler;
    S3.2:将所述的原始字节码反编译成以太坊虚拟机的指令和立即数,并用这些信息创建出一个合约副本;S3.2: Decompile the original bytecode into the instructions and immediate data of the Ethereum virtual machine, and use this information to create a copy of the contract;
    S3.3:通过维持模拟栈,所述的合约代码混淆平台一步步执行合约代码,遍历所有能 够走到的分支,期间识别出合约的函数选择器段、合约函数段和数据段,将合约副本中的跳转指令与跳转指令所用到的值标记出来;S3.3: By maintaining the simulation stack, the contract code obfuscation platform executes the contract code step by step, traverses all the branches that can be reached, and identifies the function selector section, contract function section and data section of the contract during the process, and copies the contract The jump instruction and the value used in the jump instruction are marked out;
    S3.4:根据标记的指令,生成并插入所述的混淆方法对应的指令序列;S3.4: Generate and insert the instruction sequence corresponding to the obfuscation method according to the marked instruction;
    S3.5:将指令中错位的跳转地址更正,完成混淆。S3.5: Correct the misplaced jump address in the instruction to complete the confusion.
  4. 根据权利要求2所述的基于智能合约字节码特征的合约代码混淆方法,其特征在于,所述的混淆方法选择如下方法中的任一种:The contract code obfuscation method based on smart contract bytecode features according to claim 2, wherein the obfuscation method selects any one of the following methods:
    (1)通过加入一条PUSH指令让工具在线性扫描字节码的时候找到误识别出两个合约初始化代码起始特征,导致工具识别出错误的合约主体代码;(1) By adding a PUSH instruction, the tool can find the initial characteristics of the two contract initialization codes when scanning the bytecode linearly, causing the tool to identify the wrong contract body code;
    (2)通过改写Swarm哈希段中的字节码,并且改写合约中的跳转指令附近指令,使得原合约中的所有跳转指令都会经由Swarm哈希段跳转去各自的目标地址,将合约的控制流图扁平化;(2) By rewriting the bytecode in the Swarm hash segment, and rewriting the instructions near the jump instruction in the contract, all the jump instructions in the original contract will jump to their target address through the Swarm hash segment, and Flattening the control flow graph of the contract;
    (3)通过打断函数选择器的特征序列阻止合约分析工具获取合约中存有的函数签名;(3) Prevent the contract analysis tool from obtaining the function signature stored in the contract by interrupting the feature sequence of the function selector;
    (4)通过插入大量JUMPDEST指令,让使用了符号执行和模拟执行的分析工具被迫维持大量的基本块入口状态,进而使工具运行缓慢甚至崩溃;(4) By inserting a large number of JUMPDEST instructions, the analysis tools that use symbolic execution and simulation execution are forced to maintain a large number of basic block entry states, which makes the tool run slowly or even crash;
    (5)通过将用于跳转的立即数改换为一系列立即数的运算结果,使得默认跳转目标地址一定是立即数的工具无法解析合约中的跳转地址;(5) By changing the immediate value used for the jump to the result of a series of immediate operations, the tool whose default jump target address must be the immediate value cannot resolve the jump address in the contract;
    (6)通过将用于跳转的目标地址放入内存并通过调用预编译合约的方式取回,让静态分析工具误以为调用了一个链上的合约,从而丢失跳转目标地址信息。(6) By putting the target address used for the jump into the memory and retrieving it by calling the precompiled contract, the static analysis tool mistakenly believes that a contract on the chain is called, thus losing the jump target address information.
PCT/CN2021/074634 2020-06-02 2021-02-01 Contract code obfuscation platform and obfuscation method based on smart contract bytecode features WO2021244054A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010489637.7 2020-06-02
CN202010489637.7A CN111680271A (en) 2020-06-02 2020-06-02 Contract code obfuscation platform and method based on intelligent contract byte code characteristics

Publications (1)

Publication Number Publication Date
WO2021244054A1 true WO2021244054A1 (en) 2021-12-09

Family

ID=72453031

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/074634 WO2021244054A1 (en) 2020-06-02 2021-02-01 Contract code obfuscation platform and obfuscation method based on smart contract bytecode features

Country Status (2)

Country Link
CN (1) CN111680271A (en)
WO (1) WO2021244054A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114357389A (en) * 2021-12-31 2022-04-15 北京大学 Instruction flower adding confusion method and device based on LLVM
CN115718922A (en) * 2022-11-28 2023-02-28 暨南大学 High-availability intelligent contract byte code rewriting method, medium and device

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111680271A (en) * 2020-06-02 2020-09-18 浙江大学 Contract code obfuscation platform and method based on intelligent contract byte code characteristics
CN113190850B (en) * 2021-05-24 2022-10-11 电子科技大学 Method for realizing intelligent contract short address attack detection tool

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853357A (en) * 2010-04-28 2010-10-06 北京飞天诚信科技有限公司 Software protection method
CN101986326A (en) * 2010-12-01 2011-03-16 浙江核新同花顺网络信息股份有限公司 Method and device for protecting software security
CN103544414A (en) * 2013-10-25 2014-01-29 苏州通付盾信息技术有限公司 Deep code obfuscation method for Android system applications
US9164754B1 (en) * 2013-12-18 2015-10-20 Amazon Technologies, Inc. Runtime patching of native-code programs
CN111680271A (en) * 2020-06-02 2020-09-18 浙江大学 Contract code obfuscation platform and method based on intelligent contract byte code characteristics

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573427B (en) * 2015-01-06 2017-09-08 北京邮电大学 Method and apparatus are obscured in a kind of executable application
US9501301B2 (en) * 2015-02-26 2016-11-22 Nxp B.V. Flexible instruction sets for obfuscated virtual machines
CN107103213B (en) * 2017-03-23 2018-08-31 中国航天系统科学与工程研究院 A kind of software code based on genetic algorithm obscures operation selection method
CN110175454B (en) * 2019-04-19 2021-03-26 佛山市微风科技有限公司 Intelligent contract security vulnerability mining method and system based on artificial intelligence

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853357A (en) * 2010-04-28 2010-10-06 北京飞天诚信科技有限公司 Software protection method
CN101986326A (en) * 2010-12-01 2011-03-16 浙江核新同花顺网络信息股份有限公司 Method and device for protecting software security
CN103544414A (en) * 2013-10-25 2014-01-29 苏州通付盾信息技术有限公司 Deep code obfuscation method for Android system applications
US9164754B1 (en) * 2013-12-18 2015-10-20 Amazon Technologies, Inc. Runtime patching of native-code programs
CN111680271A (en) * 2020-06-02 2020-09-18 浙江大学 Contract code obfuscation platform and method based on intelligent contract byte code characteristics

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114357389A (en) * 2021-12-31 2022-04-15 北京大学 Instruction flower adding confusion method and device based on LLVM
CN114357389B (en) * 2021-12-31 2024-04-16 北京大学 LLVM (logical Low level virtual machine) -based instruction flower adding confusion method and device
CN115718922A (en) * 2022-11-28 2023-02-28 暨南大学 High-availability intelligent contract byte code rewriting method, medium and device
CN115718922B (en) * 2022-11-28 2023-05-26 暨南大学 High-availability intelligent contract byte code rewriting method, medium and device

Also Published As

Publication number Publication date
CN111680271A (en) 2020-09-18

Similar Documents

Publication Publication Date Title
WO2021244054A1 (en) Contract code obfuscation platform and obfuscation method based on smart contract bytecode features
CN108932406B (en) Virtualization software protection method and device
CN108733988A (en) The guard method of executable program on Android platform
JP2013507670A (en) System and method for aggressive automatic correction in a dynamic function call system
TW200841209A (en) Obfuscating computer program code
US20080022260A1 (en) Method for accessing internal states of objects in object oriented programming
CN111563237B (en) Intelligent contract security enhancement method
KR101356676B1 (en) Translating expressions in a computing environment
CN103927164B (en) A kind of script obscures method and system
CN105930694A (en) Flexible Instruction Sets For Obfuscated Virtual Machines
CN113366474A (en) System, method and storage medium for obfuscating a computer program by representing control flow of the computer program as data
US7269828B2 (en) Method for safely instrumenting large binary code
CN109543368B (en) Cross-platform source code virtualization protection method based on intermediate language interpreter
EP2856378B1 (en) Method, system and device for protection against reverse engineering and/or tampering with programs
CN107408054A (en) Flow control for the language embedded programming in general-purpose computations graphics processing unit
CN113626773B (en) Code protection method based on intermediate language
KR102209151B1 (en) Method and device for patching security vulnerable executable binaries
Raffelsieper et al. A transformational approach to prove outermost termination automatically
Downen et al. Continuations, processes, and sharing
JP2021103354A (en) Program testing method
Green How to write unmaintainable code
US20040111721A1 (en) Method for branch slamming as a safe mechanism for binary code editing
Ploeg et al. The Key monad: type-safe unconstrained dynamic typing
Mughal et al. Java Actually: A comprehensive primer in programming
Pessaux Another Tutorial for FoCaLize: Playing with Proofs

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21818608

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21818608

Country of ref document: EP

Kind code of ref document: A1