WO2023274398A1 - Security detection method and apparatus for smart contract - Google Patents

Security detection method and apparatus for smart contract Download PDF

Info

Publication number
WO2023274398A1
WO2023274398A1 PCT/CN2022/103305 CN2022103305W WO2023274398A1 WO 2023274398 A1 WO2023274398 A1 WO 2023274398A1 CN 2022103305 W CN2022103305 W CN 2022103305W WO 2023274398 A1 WO2023274398 A1 WO 2023274398A1
Authority
WO
WIPO (PCT)
Prior art keywords
assignment
parameter
smart contract
type
parameters
Prior art date
Application number
PCT/CN2022/103305
Other languages
French (fr)
Chinese (zh)
Inventor
傅滢
王海军
邬萌
Original Assignee
支付宝(杭州)信息技术有限公司
蚂蚁区块链科技(上海)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司, 蚂蚁区块链科技(上海)有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2023274398A1 publication Critical patent/WO2023274398A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/448Execution paradigms, e.g. implementations of programming paradigms
    • G06F9/4488Object-oriented
    • G06F9/449Object-oriented method invocation or resolution
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a method and device for security detection of smart contracts.
  • Smart contracts are commitments defined in digital form.
  • the blockchain system that deploys smart contracts can ensure that the storage, reading and execution of smart contracts can be traced and cannot be tampered with.
  • Both parties to the transaction registered in the blockchain system can deploy or call smart contracts to exchange resources or other business purposes in a transparent and conflict-free manner.
  • the smart contract itself may have security risks.
  • the smart contract itself may be at risk of being rearranged, and intruders may use rearrangement attacks on the smart contract, so that the transaction initiated by the user to call the smart contract cannot achieve its expected effect.
  • One or more embodiments of this specification provide a smart contract security detection method and device, which can more efficiently detect whether there is a security risk in a smart contract.
  • a security detection method for smart contracts including: determining an inter-procedural control flow graph corresponding to the smart contract; in the inter-procedural control flow graph, determining a number of target parameters for assignment operations using external data, And the operating frequency of the assignment operation for each of the several target parameters, the several target parameters belong to the world state parameters of the block chain, and the external data is input from the outside to the smart contract; according to the corresponding operations of the several target parameters Frequency, to determine whether the smart contract has a security risk.
  • determining whether there is a security risk in the smart contract specifically includes: when there is an operating frequency greater than 1, determining that there is a security risk in the smart contract risk.
  • the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
  • the determining, in the inter-procedural control flow diagram, several target parameters for performing assignment operations using external data includes: determining a plurality of first instruction sequences in the inter-procedural control flow diagram , the first instruction sequence is used to represent the propagation process of external data; a number of second instruction sequences are determined in the inter-process control flow graph, and the second instruction sequence is used to represent the process in which the world state parameters are assigned; according to The overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences determine the plurality of target parameters.
  • determining several first instruction sequences in the inter-procedural control flow graph includes: adding taint marks to parameters corresponding to external data in the inter-procedural control flow graph, along the data The flow direction performs taint tracking, and the instructions corresponding to the parameters added with taint marks are included in the first instruction sequence.
  • determining several second instruction sequences in the inter-procedural control flow graph includes: determining a world state parameter in the inter-procedural control flow graph; , determining an assignment instruction for assigning a world state parameter, and including the assignment instruction into the second instruction sequence.
  • determining the world state parameter in the inter-procedural control flow graph includes: determining a plurality of function call instructions for calling a predetermined function in the inter-procedural control flow graph; calling the function The parameter that the instruction requests to update is determined as the world state parameter.
  • determining the several target parameters includes: setting the world to which the overlapping assignment instructions point The state parameter is used as the target parameter.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data.
  • the determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters specifically includes: determining whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter If it is greater than 1, the process in which the first parameter is assigned includes the first type of assignment process and the second type of assignment process; if yes, it is determined that the smart contract has a security risk.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment.
  • the determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters specifically includes: determining whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, the process in which the second parameter is assigned includes a first-type assignment process and a second-type assignment process, the first-type assignment process and the second-type assignment process of the second parameter, and the control flow between the processes
  • the figure corresponds to different method functions; if so, it is determined that the smart contract has a security risk.
  • the smart contract is a smart contract to be deployed in the blockchain; and/or, the security risk specifically includes the risk of being rearranged and attacked.
  • a security detection device for a smart contract including: an analysis processing unit configured to determine an inter-procedural control flow graph corresponding to the smart contract; an assignment detection unit configured to, in the inter-procedural control flow graph, Determine a number of target parameters for the assignment operation using external data, and the operation frequency of each of the number of target parameters for the assignment operation, the number of target parameters belong to the world state parameters of the blockchain, and the external data is input from the outside to the smart A contract; a risk determination unit configured to determine whether the smart contract has a security risk according to the operation frequency corresponding to each of the several target parameters.
  • the risk determining unit is configured to determine that the smart contract has a security risk when there is an operation frequency greater than 1.
  • the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
  • the assignment detection unit includes: a first determination subunit configured to determine a number of first instruction sequences in the inter-procedural control flow graph, and the first instruction sequences are used to represent external The propagation process of data; the second determination subunit is configured to determine a number of second instruction sequences in the inter-process control flow graph, and the second instruction sequences are used to represent the process in which the world state parameters are assigned; the assignment detection subunit , configured to determine the plurality of target parameters according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
  • the first determining subunit is configured to add taint marks to parameters corresponding to external data in the inter-procedural control flow graph, and perform taint tracking along the data flow direction, adding Instructions corresponding to parameters marked with taints are included in the first instruction sequence.
  • the second determining subunit is configured to determine the world state parameter in the inter-procedural control flow graph; in the inter-procedural control flow graph, determine the An assignment instruction that assigns a value, and puts the assignment instruction into the second instruction sequence.
  • the second determination subunit is specifically configured to determine, in the inter-procedural control flow graph, several function call instructions that call predetermined functions; and request the updated parameters of the function call instructions Determined as a world state parameter.
  • the assignment detection subunit is specifically configured to use the world state parameter pointed to by the overlapping assignment instruction as the target parameter.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data.
  • the risk determination unit is specifically configured to determine whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes a first-type assignment process and the second type of value assignment process; if yes, it is determined that the smart contract has a security risk.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment.
  • the risk determination unit is specifically configured to determine whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type of value assignment process, the first type of value assignment process and the second type of value assignment process of the second parameter correspond to different method functions in the inter-process control flow graph; if yes, determine that the smart contract exists security risk.
  • the smart contract is a smart contract to be deployed in a blockchain; and/or, the security risk specifically includes the risk of being subjected to a rearrangement attack.
  • a computer-readable storage medium on which a computer program/instruction is stored, and when the computer program/instruction is executed in a computing device, the computing device executes the method as described in any one of the first aspect .
  • a computing device including a memory and a processor, where computer programs/instructions are stored in the memory, and when the processor executes the computer programs/instructions, the method according to any one of the first aspect is implemented.
  • Fig. 1 is a flowchart of a security detection method for a smart contract provided in the embodiment of this specification
  • Fig. 2 is a schematic diagram of the process of determining the target parameters of the assignment operation using external data in the embodiment of this specification;
  • FIG. 3 is an exemplary inter-process control flow diagram provided in the embodiment of this specification.
  • Fig. 4 is a schematic diagram of a smart contract security detection device provided in the embodiment of this specification.
  • the smart contract itself may have security risks.
  • the smart contract itself may be at risk of being rearranged, and intruders may use the smart contract to rearrange the attack, so that the transaction used to call the smart contract cannot achieve the expected effect.
  • the smart contract itself allows the use of external data to assign values to the world state parameters, and the intruder may maliciously modify the world state parameters by calling different method functions in the smart contract, so that the transaction used to call the smart contract cannot achieve its expected Effect.
  • the operation frequency of the assignment operation for several target parameters of the world state parameters of the blockchain can reflect the possibility of security risks in the smart contract itself to some extent, where the security risks include but not limited to the risk of being reordered.
  • the embodiments of this specification provide a method and device for detecting security of a smart contract.
  • the method may at least include: step 101, determine the inter-procedural control flow graph corresponding to the smart contract; step 103, in the inter-procedural control flow graph, determine several target parameters for the assignment operation using external data , and the operating frequency of the assignment operation for each of the several target parameters, the several target parameters belong to the world state parameters of the block chain, and the external data is input from the outside to the smart contract; step 105, according to the several target parameters The respective operation frequencies are used to determine whether the smart contract has a security risk.
  • the smart contract for security detection can be the smart contract to be deployed to the blockchain, or it can also be the smart contract that has been deployed to the blockchain.
  • it is preferable to perform security testing on the smart contract to be deployed to the blockchain thus, when it is determined that the smart contract has a security risk, It is helpful for staff to quickly and efficiently modify smart contracts, and it can avoid deploying smart contracts with security risks to the blockchain and causing other security problems for the blockchain.
  • step 101 the inter-process control flow graph corresponding to the smart contract is determined.
  • control flow graph control flow graph
  • CFG is a directed graph with basic blocks as nodes, and a single basic block includes multiple assembly instructions that need to be executed sequentially; the directed edge connecting two nodes in CFG indicates that there is a control transfer between the two nodes, and in CFG Has a unique entry node and exit node. Then, based on the disassembly results, the function call relationship in the smart contract is determined, and the ICFG is constructed using the CFG corresponding to each function according to the function call relationship.
  • ICFG is a directed graph composed of CFG corresponding to each function in the smart contract, several Call edges and several Return edges; Call edges are function call instructions in the CFG corresponding to the calling function, pointing to the corresponding The entry node in the CFG; the Return edges point to the next instruction of the function call instruction in the CFG corresponding to the calling function from the Ret instruction in the CFG corresponding to the called function.
  • the ICFG corresponding to the smart contract is composed of multiple assembly instructions, which at least characterize the arrangement/execution order of the assembly instructions corresponding to the same or different functions.
  • the CFG composed of assembly instructions usually does not directly contain the assigned world state parameters, but represents the world state parameters through the memory address or the address pointer pointing to the memory address, and completes the world state parameter by writing data on the memory address assignment. If it is necessary to ensure that in the subsequent process, based on ICFG, all the assignment operations that use external data to assign values to each world state parameter can be found, it is necessary to ensure that a single world state parameter has a fixed and unique memory address in the memory, that is, the memory address needs to be used as An identifier for the world state parameter.
  • the detected smart contract loaded into the memory it includes the code segment and the data segment stored in the memory, and the data segment includes but not limited to all the world state parameters involved in the smart contract ;
  • the code segment identifies the world state parameter through the base address of the data segment in memory and the address offset corresponding to the world state parameter.
  • ICFG is essentially obtained by disassembling the code segment of the smart contract
  • the memory address identified by the base address and offset in ICFG or the address pointer pointing to the memory address can be used as The identifier of the corresponding world state parameter.
  • step 103 in the inter-procedural control flow graph, determine a number of target parameters that use external data to perform assignment operations, and the operation frequency of each of the number of target parameters to perform the assignment operation, and the number of target parameters belong to The world state parameters of the blockchain, and external data are input to the smart contract from the outside.
  • ICFG Through the analysis of ICFG, it is possible to discover the process of dissemination of external data and the process of assigning values to world state parameters, and then based on the process of dissemination of external data and the process of assigning values to world state parameters, from all the world state parameters involved in the smart contract, determine The target parameter of the assignment operation using external data.
  • the target parameter of the assignment operation using external data In a more specific example, please refer to FIG. 2 , through the following steps 1031 to 1035 , several target parameters for assignment operations using external data may be determined in the ICFG.
  • Step 1031 determining a number of first instruction sequences in the inter-procedural control flow graph, where the first instruction sequences are used to characterize the propagation process of external data.
  • the basic block not shown, represents the directed edge of the control transfer; the direction of the straight arrow indicates the arrangement/execution order of the instructions in the CFG, and the broken line arrow represents the Call edge or Return edge; in addition, it will correspond to the parameter a and parameter b of the external data
  • the instantiated parameter/parameter value is exemplarily expressed as "0Ah (i.e. instantiated parameter/parameter value 10)" and "14h (i.e. instantiated parameter/parameter value 20), which can obviously be other instantiations in actual business scenarios Parameter/parameter value.
  • parameter a and parameter b can be marked, that is, "mov dword ptr[a], 0Ah” and "mov dword ptr[b], 14h” in ptr[a] and ptr[b] are tainted, and then taint tracking is performed along the data flow direction, and the starting point is determined to be "mov dword ptr[a], 0Ah " and the end point is the first instruction sequence of "mov dword ptr[c], eax”. It should be noted that in the first instruction sequence, the instruction sequence that constitutes the CFG corresponding to Int Add(x, y) is located in " call_Add” and "add esp,8".
  • Step 1033 determine a number of second instruction sequences in the inter-process control flow diagram, the second instruction sequences are used to represent the process in which the world state parameters are assigned values.
  • all world state parameters involved in smart contracts can be determined in ICFG.
  • several function call instructions for calling a predetermined function are firstly determined in the ICFG.
  • the predetermined function can be used to update the world state parameters of the blockchain in the non-volatile storage medium.
  • the predetermined function can write the assigned world state parameters into the non-volatile Volatile storage medium; or, the predetermined function can be a method function used in the block chain node to realize the predetermined service, for example, the predetermined service realized by the predetermined function is that when it is called by the smart contract, the block chain node can know The smart contract has completed the assignment of a certain world state parameter, so that the blockchain node can write the assigned world state parameter into the non-volatile storage medium according to the corresponding business logic.
  • search upwards in the ICFG starting from the function call instruction determine the parameter that the function call instruction requests to update, and determine the parameter as the world state parameter.
  • the function call instruction "call_Rt" that calls the predetermined function "_Rt” can be determined first in the ICFG, and then search upwards in the ICFG starting from “call_Rt”, and determine that "call_Rt” requests an update
  • the parameter is the parameter c added to the function stack by "mov eax, dword ptr[c]” and "push eax”, and then the parameter c is determined as the world state parameter, where the parameter c is passed through the address pointer ptr[c in Figure 3 ] for identification.
  • the memory address or address pointer used to identify the world state parameter can be used to determine the world state parameter in ICFG.
  • All assignment instructions for assigning values to the world state parameters Exemplarily, please continue to refer to FIG. 3 , based on the determined address pointer ptr[c] used to identify the world state parameter c, the assignment instruction "mov dword" for assigning ptr[c] can be determined in ICFG ptr[c],eax".
  • all assignment instructions for assigning the world state parameter may be classified into different second instruction sequences. Specifically, for each assignment instruction used to assign a value to a single world state parameter, the assignment instruction can be used as a starting point to search upwards in ICFG until the source of the parameter value directly or indirectly used by the assignment instruction is found, Then, one of the second instruction sequences used to characterize the process in which the world state parameter is assigned is determined. Exemplarily, please continue to refer to Figure 3.
  • the starting point can be determined from ICFG as "mov eax, dword ptr[b]” Or "mov dword ptr[a], 0Ah", the end point is the second instruction sequence of "mov dword ptr[c], eax", the second instruction sequence can completely represent the process of the world state parameter ptr[c] being assigned .
  • a second instruction sequence used to represent the process of ptr[c] being assigned can be determined, but in actual business scenarios, the ICFG corresponding to the smart contract may determine A plurality of second instruction sequences used to characterize the process in which ptr[c] is assigned.
  • the smart contract includes not only the aforementioned method functions Function_A and Int Add(x, y), but also the method function Function_B, where the function implemented by Function_B is to directly assign external data to the world state parameter c, and pass Calling the predetermined function "_Rt" enables the blockchain node to update the world state parameter c in the non-volatile storage medium.
  • the ICFG corresponding to the smart contract may include the CFG corresponding to Function_B on the basis of the ICFG shown in Figure 3, and the CFG corresponding to Function_B also includes an assignment instruction for assigning ptr[c].
  • the CFG corresponding to Function_A and the CFG corresponding to Function_B both include assignment instructions for assigning ptr[c]
  • Step 1035 Determine the number of target parameters according to overlapping assignment instructions between the number of first instruction sequences and the number of second instruction sequences.
  • the last instruction in the second instruction sequence is an assignment instruction used to assign values to world state parameters
  • the first instruction in the first instruction sequence is used to create external data in the function stack or set External data is added to the function stack. Therefore, when the last instruction in the second instruction sequence coincides/is the same as the last instruction in the first instruction sequence, it means that the second instruction sequence may directly or indirectly use external data to assign values to the world state parameters, Therefore, the parameter pointed to by the overlapping assignment instruction can be determined as the target parameter for assignment using external data, that is, the parameter requested by the overlapping assignment instruction for assignment can be determined as the target parameter for assignment using external data.
  • each of the world state parameters corresponding to the The second instruction sequence is to detect whether there is a target instruction sequence in all the determined first instruction sequences, and the last instruction in the target instruction sequence is the same as the last instruction in the second instruction sequence; if so, the world state
  • the parameter is determined as a target parameter for an assignment operation using external data.
  • the aforementioned processing is performed on each second sequence of instructions used to characterize the process in which the world state parameter is assigned a value, and the cumulative number of times the world state parameter is determined as the target parameter can be counted. The number of times is the operation frequency of the assignment operation of the world state parameter using external data.
  • step 105 it is determined whether the smart contract has a security risk according to the operation frequency corresponding to each of the target parameters.
  • the process of assigning the world state parameters represented by the second instruction sequence can also be divided into the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first type of assignment process indicates The external data is used for direct assignment, the second type of assignment process indicates that the operation result of the logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment.
  • the respective assignment types corresponding to the number of second instruction sequences can be determined, and then the statistics corresponding to the world state parameter All assignment types of .
  • step 105 it can specifically be determined whether there is a first parameter among several target parameters, the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes both the first type of assignment process and the second type of assignment process.
  • the assignment type corresponding to the first parameter includes both the first type of assignment process and the second type of assignment process; if the first parameter exists in several target parameters, it is determined that the smart contract has a security risk. In this way, by comprehensively considering the operation frequency of world state parameters using external data for assignment operations, and the assignment type of the process of world state parameters being assigned, it is possible to more accurately determine whether there is a security risk in the smart contract.
  • a second instruction sequence starting from "mov dword ptr[a], 0Ah” and ending with "mov dword ptr[c], eax" represents the process of assigning the world state parameter c. Since the second instruction sequence indicates to use the external data corresponding to the parameters a and b to perform logic operations, and use the operation results obtained after the logic operations to assign values to the world state parameter c, it can be determined that the second instruction sequence belongs to The assignment type of is the second type of assignment process, that is, the assignment process of determining the world state parameter c includes the second type of assignment process, or in other words, the assignment type corresponding to the determination of the world state parameter c includes the second type of assignment process.
  • the smart contract also includes the method function Function_B of the preceding example
  • another method used to represent the process of assigning the world state parameter c can be determined.
  • a second instruction sequence since the second instruction sequence uses external data to directly assign a value to the world state parameter c, it can be determined that the assignment type to which the second instruction sequence belongs is the first type of assignment process, that is, the process of determining the world state parameter c
  • the assignment process includes the first type of assignment process, or in other words, determining the assignment type corresponding to the world state parameter c includes the first type of assignment process.
  • the smart contract also includes the method function Function_C, where the function implemented by Function_C is to assign the preset value to the world state parameter c, and realize the world state parameter c in the non-volatile storage medium by calling the predetermined function "_Rt". to update.
  • the ICFG corresponding to the smart contract may include the CFG corresponding to Function_C, and the CFG corresponding to Function_C includes an assignment instruction for assigning ptr[c].
  • another second instruction sequence for representing the process of assigning the world state parameter c can be determined, the second instruction The sequence uses a preset constant to directly assign a value to the world state parameter c, and does not use external data to assign a value to the world state parameter c, so it can be determined that the assignment type of the second instruction sequence belongs to the third type of assignment process, that is, to determine the world state parameter
  • the assignment process of c includes the third type of assignment process, or in other words, determining the assignment type corresponding to the world state parameter c includes the third type of assignment process.
  • the method functions corresponding to each of the several second instruction sequences can also be determined, for example, the The method function to which the assignment instruction for assigning the world state parameter in the single second instruction sequence belongs is determined as the function corresponding to the second instruction sequence.
  • step 105 it can be specifically determined whether there is a second parameter among several target parameters, the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type Assignment process, the first type of assignment process and the second type of assignment process included in the second parameter correspond to different method functions in the inter-procedural control flow graph; if there is a second parameter in several target parameters, it is determined that the smart contract has a security risk .
  • the smart contract includes the aforementioned method function Function_A, Int Add(x, y) and method function Function_B.
  • the second instruction sequence determined based on the assignment instruction used to assign the world state parameter c in the CFG corresponding to Function_A, its assignment type is the second type of assignment process, and its corresponding function is Function_A, that is, the world state
  • the method function corresponding to the second type of assignment process included in the parameter c is Function_A
  • the second instruction sequence determined based on the assignment instruction used to assign the world state parameter c in the CFG corresponding to Function_B, and its assignment type is the first
  • the corresponding function includes Function_B, that is, the function corresponding to the first type of assignment process of the world state parameter c is Function_B.
  • the world state parameter c is used as the target parameter, and the operation frequency of its assignment operation using external data is 2 times, and its assignment process includes the first type of assignment process and the second type of assignment process, which includes the first
  • the method function Function_A corresponding to the class assignment process is different from the method function Function_B corresponding to the second class assignment process included in it, so the world state parameter c will be determined as the second state parameter, and then it can be determined that there is a security risk in the smart contract .
  • the embodiments of this specification also provide a smart contract security detection device.
  • the device includes: a parsing processing unit 401 configured to determine the inter-procedural control flow graph corresponding to the smart contract; an assignment detection unit 403 configured to determine, in the inter-procedural control flow graph, the Several target parameters of the assignment operation, and the operation frequency of each of the several target parameters for the assignment operation, the several target parameters belong to the world state parameters of the block chain, and external data is input from the outside to the smart contract; the risk determination unit 405, configured to determine whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters.
  • the risk determination unit 405 is configured to determine that the smart contract has a security risk when there is an operation frequency greater than 1.
  • the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
  • the assignment detection unit 403 includes: a first determination subunit configured to determine a number of first instruction sequences in the interprocedural control flow graph, and the first instruction sequences are used to represent The propagation process of external data; the second determination subunit is configured to determine a number of second instruction sequences in the inter-process control flow diagram, and the second instruction sequences are used to represent the process in which the world state parameters are assigned; the assignment detector A unit configured to determine the plurality of target parameters according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
  • the first determining subunit is configured to add taint marks to parameters corresponding to external data in the inter-procedural control flow graph, and perform taint tracking along the data flow direction, adding Instructions corresponding to parameters marked with taints are included in the first instruction sequence.
  • the second determining subunit is configured to determine the world state parameter in the inter-procedural control flow graph; in the inter-procedural control flow graph, determine the An assignment instruction that assigns a value, and puts the assignment instruction into the second instruction sequence.
  • the second determination subunit is specifically configured to determine, in the inter-procedural control flow graph, several function call instructions that call predetermined functions; and request the updated parameters of the function call instructions Determined as a world state parameter.
  • the assignment detection subunit is specifically configured to use the world state parameter pointed to by the overlapping assignment instruction as the target parameter.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data.
  • the risk determination unit 405 is specifically configured to determine whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes the first type of assignment process and the second type of assignment process; if so, it is determined that the smart contract has a security risk.
  • the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment.
  • the risk determination unit 405 is specifically configured to determine whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type of value assignment process, the first type of value assignment process and the second type of value assignment process of the second parameter correspond to different method functions in the inter-procedural control flow graph; if so, determine that the smart contract exists Security Risk.
  • the smart contract is a smart contract to be deployed in a blockchain; and/or, the security risk specifically includes the risk of being subjected to a rearrangement attack.
  • the functions described in this specification may be implemented by hardware, software, firmware or any combination thereof.
  • the computer programs corresponding to these functions can be stored in a computer-readable medium or transmitted as one or more instructions/codes on a computer-readable medium, so that the computer programs corresponding to these functions can be read by the computer During execution, the method described in any one of the embodiments of this specification is realized by a computer.
  • the embodiments of this specification also provide a computer-readable storage medium on which computer programs/instructions are stored.
  • the computing device executes the A security detection method for smart contracts.
  • the embodiments of this specification also provide a computing device, including a memory and a processor, the memory stores computer programs/instructions, and when the processor executes the computer programs/instructions, any one of the embodiments of this specification is realized
  • a computing device including a memory and a processor, the memory stores computer programs/instructions, and when the processor executes the computer programs/instructions, any one of the embodiments of this specification is realized
  • the security detection method of the smart contract provided in .

Abstract

A security detection method and apparatus for a smart contract, related to the technical field of blockchains. The method comprises: determining an inter-process control flow graph corresponding to a smart contract (101); in the inter-process control flow graph, determining a plurality of target parameters for performing assignment operation by using external data, and operation frequencies of respective assignment operation of the plurality of target parameters (103), the plurality of target parameters belonging to world state parameters of the block chain, and the external data being input into the smart contract from the outside; and determining whether the smart contract has a security risk according to the operation frequencies corresponding to the plurality of target parameters (105).

Description

智能合约的安全检测方法及装置Smart contract security detection method and device
本申请要求于2021年7月1日提交中国国家知识产权局、申请号为202110749282.5、申请名称为“智能合约的安全检测方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to a Chinese patent application filed with the State Intellectual Property Office of China on July 1, 2021, with application number 202110749282.5 and titled "Security Detection Method and Device for Smart Contracts", the entire contents of which are hereby incorporated by reference In this application.
技术领域technical field
本说明书一个或多个实施例涉及区块链技术领域,尤其涉及智能合约的安全检测方法及装置。One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a method and device for security detection of smart contracts.
背景技术Background technique
智能合约(Smart contract)是以数字形式定义的承诺(Commitment)。其中可以由部署智能合约的区块链系统,保障智能合约的存储、读取以及执行等过程可跟踪且不可篡改。注册在区块链系统中的交易双方可以对智能合约进行部署或调用,实现通过透明且无冲突的方式交换资源或其它业务目的。Smart contracts are commitments defined in digital form. Among them, the blockchain system that deploys smart contracts can ensure that the storage, reading and execution of smart contracts can be traced and cannot be tampered with. Both parties to the transaction registered in the blockchain system can deploy or call smart contracts to exchange resources or other business purposes in a transparent and conflict-free manner.
经发明人研究发现,智能合约自身可能存在安全风险。例如,智能合约自身可能存在被进行重排攻击的风险,入侵者可能通过对智能合约进行重排攻击,使用户发起的用于调用智能合约的交易无法达到其预期的效果。The inventor found that the smart contract itself may have security risks. For example, the smart contract itself may be at risk of being rearranged, and intruders may use rearrangement attacks on the smart contract, so that the transaction initiated by the user to call the smart contract cannot achieve its expected effect.
希望有一种新的技术方案,以期检测智能合约自身是否存在安全风险。It is hoped that there will be a new technical solution to detect whether the smart contract itself has security risks.
发明内容Contents of the invention
本说明书一个或多个实施例中提供了一种智能合约的安全检测方法及装置,可以更加高效的检测智能合约是否存在安全风险。One or more embodiments of this specification provide a smart contract security detection method and device, which can more efficiently detect whether there is a security risk in a smart contract.
第一方面,提供了一种智能合约的安全检测方法,包括:确定智能合约对应的过程间控制流图;在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。In the first aspect, a security detection method for smart contracts is provided, including: determining an inter-procedural control flow graph corresponding to the smart contract; in the inter-procedural control flow graph, determining a number of target parameters for assignment operations using external data, And the operating frequency of the assignment operation for each of the several target parameters, the several target parameters belong to the world state parameters of the block chain, and the external data is input from the outside to the smart contract; according to the corresponding operations of the several target parameters Frequency, to determine whether the smart contract has a security risk.
在一种可能的实施方式中,根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:当存在大于1的操作频次时,确定所述智能合约存在安全风险。In a possible implementation manner, according to the operating frequencies corresponding to the several target parameters, determining whether there is a security risk in the smart contract specifically includes: when there is an operating frequency greater than 1, determining that there is a security risk in the smart contract risk.
在一种可能的实施方式中,所述智能合约包括存储于内存中的代码段和数据段,所述数据段中包括所述若干目标参数,所述代码段中通过所述数据段在所述内存中的基地址和所述目标参数对应的地址偏移量对所述目标参数进行标识。In a possible implementation manner, the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
在一种可能的实施方式中,所述在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,包括:在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程;在所述过程间控制流图中确定若干第二指令序列,所述第二指令序列用于表征世界状态参数被赋值的过程;根据所述若干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。In a possible implementation manner, the determining, in the inter-procedural control flow diagram, several target parameters for performing assignment operations using external data includes: determining a plurality of first instruction sequences in the inter-procedural control flow diagram , the first instruction sequence is used to represent the propagation process of external data; a number of second instruction sequences are determined in the inter-process control flow graph, and the second instruction sequence is used to represent the process in which the world state parameters are assigned; according to The overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences determine the plurality of target parameters.
在一种可能的实施方式中,在所述过程间控制流图中确定若干第一指令序列,包括:在所述过程间控制流图中,对外部数据对应的参数添加污点标记,沿着数据流向进行污点跟踪,将添加有污点标记的参数对应的指令归入所述第一指令序列。In a possible implementation manner, determining several first instruction sequences in the inter-procedural control flow graph includes: adding taint marks to parameters corresponding to external data in the inter-procedural control flow graph, along the data The flow direction performs taint tracking, and the instructions corresponding to the parameters added with taint marks are included in the first instruction sequence.
在一种可能的实施方式中,在所述过程间控制流图中确定若干第二指令序列,包括:在所述过程间控制流图中确定世界状态参数;在所述过程间控制流图中,确定用于对世界状态参数进行赋值的赋值指令,并将该赋值指令归入所述第二指令序列。In a possible implementation manner, determining several second instruction sequences in the inter-procedural control flow graph includes: determining a world state parameter in the inter-procedural control flow graph; , determining an assignment instruction for assigning a world state parameter, and including the assignment instruction into the second instruction sequence.
在一种可能的实施方式中,在所述过程间控制流图中确定世界状态参数,包括:在所述过程间控制流图中,确定调用预定函数的若干函数调用指令;将所述函数调用指令请求更新的参数确定为世界状态参数。In a possible implementation manner, determining the world state parameter in the inter-procedural control flow graph includes: determining a plurality of function call instructions for calling a predetermined function in the inter-procedural control flow graph; calling the function The parameter that the instruction requests to update is determined as the world state parameter.
在一种可能的实施方式中,根据所述若干第一指令序列和若干第二指令序列之间重合的赋值指令,确定所述若干目标参数,包括:将所述重合的赋值指令所指向的世界状态参数作为所述目标参数。In a possible implementation manner, according to the overlapping assignment instructions between the several first instruction sequences and the several second instruction sequences, determining the several target parameters includes: setting the world to which the overlapping assignment instructions point The state parameter is used as the target parameter.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程用于指示未利用外部数据进行赋值。所述根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:确定所述若干目标参数中是否存在第一参数,其中所述第一参数对应的操作频次大于1,所述第一参数被赋值的过程包括第一类赋值过程和第二类赋值过程;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data. The determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters specifically includes: determining whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter If it is greater than 1, the process in which the first parameter is assigned includes the first type of assignment process and the second type of assignment process; if yes, it is determined that the smart contract has a security risk.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值。所述根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:确定所述若干目标参数中是否存在第二参数,其中所述第二参数对应的操作频次大于1,所述第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,所述第二参数的第一类赋值过程和第二类赋值过程,在所述过程间控制流图中对应不同的方法函数;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment. The determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters specifically includes: determining whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, the process in which the second parameter is assigned includes a first-type assignment process and a second-type assignment process, the first-type assignment process and the second-type assignment process of the second parameter, and the control flow between the processes The figure corresponds to different method functions; if so, it is determined that the smart contract has a security risk.
在一种可能的实施方式中,所述智能合约是待部署到区块链中的智能合约;和/或,所 述安全风险具体包括被进行重排攻击的风险。In a possible implementation manner, the smart contract is a smart contract to be deployed in the blockchain; and/or, the security risk specifically includes the risk of being rearranged and attacked.
第二方面,提供了一种智能合约的安全检测装置,包括:解析处理单元,配置为确定智能合约对应的过程间控制流图;赋值检测单元,配置为在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;风险确定单元,配置为根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。In a second aspect, a security detection device for a smart contract is provided, including: an analysis processing unit configured to determine an inter-procedural control flow graph corresponding to the smart contract; an assignment detection unit configured to, in the inter-procedural control flow graph, Determine a number of target parameters for the assignment operation using external data, and the operation frequency of each of the number of target parameters for the assignment operation, the number of target parameters belong to the world state parameters of the blockchain, and the external data is input from the outside to the smart A contract; a risk determination unit configured to determine whether the smart contract has a security risk according to the operation frequency corresponding to each of the several target parameters.
在一种可能的实施方式中,所述风险确定单元,配置为当存在大于1的操作频次时,确定所述智能合约存在安全风险。In a possible implementation manner, the risk determining unit is configured to determine that the smart contract has a security risk when there is an operation frequency greater than 1.
在一种可能的实施方式中,所述智能合约包括存储于内存中的代码段和数据段,所述数据段中包括所述若干目标参数,所述代码段中通过所述数据段在所述内存中的基地址和所述目标参数对应的地址偏移量对所述目标参数进行标识。In a possible implementation manner, the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
在一种可能的实施方式中,所述赋值检测单元包括:第一确定子单元,配置为在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程;第二确定子单元,配置为在所述过程间控制流图中确定若干第二指令序列,所述第二指令序列用于表征世界状态参数被赋值的过程;赋值检测子单元,配置为根据所述若干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。In a possible implementation manner, the assignment detection unit includes: a first determination subunit configured to determine a number of first instruction sequences in the inter-procedural control flow graph, and the first instruction sequences are used to represent external The propagation process of data; the second determination subunit is configured to determine a number of second instruction sequences in the inter-process control flow graph, and the second instruction sequences are used to represent the process in which the world state parameters are assigned; the assignment detection subunit , configured to determine the plurality of target parameters according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
在一种可能的实施方式中,所述第一确定子单元,配置为在所述过程间控制流图中,对外部数据对应的参数添加污点标记,沿着数据流向进行污点跟踪,将添加有污点标记的参数对应的指令归入所述第一指令序列。In a possible implementation manner, the first determining subunit is configured to add taint marks to parameters corresponding to external data in the inter-procedural control flow graph, and perform taint tracking along the data flow direction, adding Instructions corresponding to parameters marked with taints are included in the first instruction sequence.
在一种可能的实施方式中,所述第二确定子单元,配置为在所述过程间控制流图中确定世界状态参数;在所述过程间控制流图中,确定用于对世界状态参数进行赋值的赋值指令,并将该赋值指令归入所述第二指令序列。In a possible implementation manner, the second determining subunit is configured to determine the world state parameter in the inter-procedural control flow graph; in the inter-procedural control flow graph, determine the An assignment instruction that assigns a value, and puts the assignment instruction into the second instruction sequence.
在一种可能的实施方式中,所述第二确定子单元,具体配置为在所述过程间控制流图中,确定调用预定函数的若干函数调用指令;将所述函数调用指令请求更新的参数确定为世界状态参数。In a possible implementation manner, the second determination subunit is specifically configured to determine, in the inter-procedural control flow graph, several function call instructions that call predetermined functions; and request the updated parameters of the function call instructions Determined as a world state parameter.
在一种可能的实施方式中,所述赋值检测子单元,具体配置为将所述重合的赋值指令所指向的世界状态参数作为所述目标参数。In a possible implementation manner, the assignment detection subunit is specifically configured to use the world state parameter pointed to by the overlapping assignment instruction as the target parameter.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程用于指示未利用外部数据进行赋值。所述风险确定单元,具体配置为确定所述若干目标参数中是否存在第一参数,其中所述第一参数对应的操作频次大于1,所述第一参数被赋值的过程包括第一类赋值过程和第二类赋值过程;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data. The risk determination unit is specifically configured to determine whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes a first-type assignment process and the second type of value assignment process; if yes, it is determined that the smart contract has a security risk.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值。所述风险确定单元,具体配置为确定所述若干目标参数中是否存在第二参数,其中所述第二参数对应的操作频次大于1,所述第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,所述第二参数的第一类赋值过程和第二类赋值过程,在所述过程间控制流图中对应不同的方法函数;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment. The risk determination unit is specifically configured to determine whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type of value assignment process, the first type of value assignment process and the second type of value assignment process of the second parameter correspond to different method functions in the inter-process control flow graph; if yes, determine that the smart contract exists security risk.
在一种可能的实施方式中,所述智能合约是待部署到区块链中的智能合约;和/或,所述安全风险具体包括被进行重排攻击的风险。In a possible implementation manner, the smart contract is a smart contract to be deployed in a blockchain; and/or, the security risk specifically includes the risk of being subjected to a rearrangement attack.
第三方面,提供了一种计算机可读存储介质,其上存储有计算机程序/指令,当计算机程序/指令在计算设备中执行时,计算设备执行如第一方面中任一项所述的方法。In a third aspect, a computer-readable storage medium is provided, on which a computer program/instruction is stored, and when the computer program/instruction is executed in a computing device, the computing device executes the method as described in any one of the first aspect .
第四方面,提供了一种计算设备,包括存储器和处理器,存储器中存储有计算机程序/指令,处理器执行可计算机程序/指令时,实现如第一方面中任一项所述的方法。In a fourth aspect, a computing device is provided, including a memory and a processor, where computer programs/instructions are stored in the memory, and when the processor executes the computer programs/instructions, the method according to any one of the first aspect is implemented.
通过本说明书一个或多个实施例中提供的方法及装置,可以通过确定出智能合约对应的过程间控制流图,然后基于过程间控制流图,确定智能合约中利用外部数据进行赋值操作的若干目标参数各自对应的操作频次,进而基于若干目标参数各自对应的操作频次,快速且高效的确定智能合约是否存在安全风险。Through the methods and devices provided in one or more embodiments of this specification, it is possible to determine the inter-procedural control flow graph corresponding to the smart contract, and then based on the inter-procedural control flow graph, determine a number of assignment operations using external data in the smart contract. The operation frequency corresponding to each target parameter, and then based on the corresponding operation frequency of several target parameters, quickly and efficiently determine whether there is a security risk in the smart contract.
附图说明Description of drawings
为了更清楚地说明本说明书实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。In order to illustrate the technical solutions of the embodiments of this specification more clearly, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.
图1为本说明书实施例中提供的一种智能合约的安全检测方法的流程图;Fig. 1 is a flowchart of a security detection method for a smart contract provided in the embodiment of this specification;
图2为本说明书实施例中确定利用外部数据进行赋值操作的目标参数的过程示意图;Fig. 2 is a schematic diagram of the process of determining the target parameters of the assignment operation using external data in the embodiment of this specification;
图3为本说明书实施例中提供的示例性的过程间控制流图;FIG. 3 is an exemplary inter-process control flow diagram provided in the embodiment of this specification;
图4为本说明书实施例中提供的一种智能合约的安全检测装置的示意图。Fig. 4 is a schematic diagram of a smart contract security detection device provided in the embodiment of this specification.
具体实施方式detailed description
下面结合附图,对本说明书所提供的各个非限制性实施例进行详细描述。Various non-limiting embodiments provided in this specification will be described in detail below with reference to the accompanying drawings.
经发明人研究发现,智能合约自身可能存在安全风险。例如,智能合约自身可能存在被进行重排攻击的风险,入侵者可能通过对智能合约进行重排攻击,使用于调用智能合约的交易无法达到预期的效果。又如,智能合约自身允许利用外部数据对世界状态参数进行赋值,入侵者可能通过调用智能合约中不同的方法函数,对世界状态参数进行恶意修改, 使用于调用智能合约的交易无法达到其预期的效果。The inventor found that the smart contract itself may have security risks. For example, the smart contract itself may be at risk of being rearranged, and intruders may use the smart contract to rearrange the attack, so that the transaction used to call the smart contract cannot achieve the expected effect. As another example, the smart contract itself allows the use of external data to assign values to the world state parameters, and the intruder may maliciously modify the world state parameters by calling different method functions in the smart contract, so that the transaction used to call the smart contract cannot achieve its expected Effect.
经发明人研究发现,确定智能合约的过程间控制流图(inter procedural control flow graph,ICFG)之后,可以通过对ICFG进行静态分析,获知智能合约中利用自外部输入智能合约的外部数据,对属于区块链的世界状态参数的若干目标参数分别进行赋值操作的操作频次。若干目标参数各自对应的操作频次,能够在某种程度上反映智能合约自身存在安全风险的可能性,其中该安全风险包括但不限于被进行重排攻击的风险。According to the research of the inventors, after determining the inter-procedural control flow graph (ICFG) of the smart contract, it is possible to statically analyze the ICFG to know that the external data input into the smart contract from the outside is used in the smart contract. The operation frequency of the assignment operation for several target parameters of the world state parameters of the blockchain. The operation frequency corresponding to several target parameters can reflect the possibility of security risks in the smart contract itself to some extent, where the security risks include but not limited to the risk of being reordered.
与之相应的,为了实现快速且高效的检测智能合约是否存在安全风险,本说明书实施例中提供了一种智能合约的安全检测方法及装置。如图1所示,该方法至少可以包括:步骤101,确定智能合约对应的过程间控制流图;步骤103,在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;步骤105,根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。Correspondingly, in order to quickly and efficiently detect whether there is a security risk in a smart contract, the embodiments of this specification provide a method and device for detecting security of a smart contract. As shown in Figure 1, the method may at least include: step 101, determine the inter-procedural control flow graph corresponding to the smart contract; step 103, in the inter-procedural control flow graph, determine several target parameters for the assignment operation using external data , and the operating frequency of the assignment operation for each of the several target parameters, the several target parameters belong to the world state parameters of the block chain, and the external data is input from the outside to the smart contract; step 105, according to the several target parameters The respective operation frequencies are used to determine whether the smart contract has a security risk.
其中进行安全检测的智能合约可以是待部署到区块链的智能合约,或者还可以是已经部署到区块链的智能合约。鉴于智能合约部署到区块链之后,具有不可修改或者说是难以修改的特点,因此优选对待部署到区块链的智能合约进行安全检测;如此,当确定该智能合约存在安全风险的情况下,有利于于工作人员对智能合约快速且高效的进行修改,而且能够避免将存在安全风险的智能合约部署到区块链而为区块链带来其它安全问题。The smart contract for security detection can be the smart contract to be deployed to the blockchain, or it can also be the smart contract that has been deployed to the blockchain. In view of the fact that the smart contract is unmodifiable or difficult to modify after it is deployed to the blockchain, it is preferable to perform security testing on the smart contract to be deployed to the blockchain; thus, when it is determined that the smart contract has a security risk, It is helpful for staff to quickly and efficiently modify smart contracts, and it can avoid deploying smart contracts with security risks to the blockchain and causing other security problems for the blockchain.
下面对如图1所示实施例中的各方法步骤进行详细描述。Each method step in the embodiment shown in FIG. 1 will be described in detail below.
首先,在步骤101,确定智能合约对应的过程间控制流图。First, in step 101, the inter-process control flow graph corresponding to the smart contract is determined.
可以通过对加载到内存中的智能合约进行反汇编,首先基于反汇编的结果对智能合约中的每个函数分别构建其对应的控制流图(control flow graph,CFG)。其中,CFG是以基本块为节点的有向图,单个基本块中包括需要顺序执行的多条汇编指令;CFG中连接两个节点的有向边表征两个节点间存在控制转移,而且CFG中具有唯一的入口节点和出口节点。接着基于反汇编的结果确定智能合约中的函数调用关系,并根据函数调用关系利用每个函数分别对应的CFG构建ICFG。其中,ICFG是由智能合约中的每个函数各自对应的CFG、若干Call edges和若干Return edges组成的有向图;Call edges由主调函数对应的CFG中的函数调用指令,指向被调用函数对应的CFG中的入口节点;Return edges由被调用函数对应的CFG中的Ret指令,指向主调函数对应的CFG中的函数调用指令的下一条指令。换而言之,智能合约对应的ICFG由多条汇编指令组成,其至少表征了对应相同或不同函数的汇编指令的排列/执行顺序。It is possible to disassemble the smart contract loaded into the memory, and first construct the corresponding control flow graph (control flow graph, CFG) for each function in the smart contract based on the disassembly result. Among them, CFG is a directed graph with basic blocks as nodes, and a single basic block includes multiple assembly instructions that need to be executed sequentially; the directed edge connecting two nodes in CFG indicates that there is a control transfer between the two nodes, and in CFG Has a unique entry node and exit node. Then, based on the disassembly results, the function call relationship in the smart contract is determined, and the ICFG is constructed using the CFG corresponding to each function according to the function call relationship. Among them, ICFG is a directed graph composed of CFG corresponding to each function in the smart contract, several Call edges and several Return edges; Call edges are function call instructions in the CFG corresponding to the calling function, pointing to the corresponding The entry node in the CFG; the Return edges point to the next instruction of the function call instruction in the CFG corresponding to the calling function from the Ret instruction in the CFG corresponding to the called function. In other words, the ICFG corresponding to the smart contract is composed of multiple assembly instructions, which at least characterize the arrangement/execution order of the assembly instructions corresponding to the same or different functions.
由汇编指令组成的CFG中通常并不直接包含被赋值的世界状态参数,而是通过内存地址或者指向内存地址的地址指针表征世界状态参数,通过在内存地址上写入数据来完成对世界状态参数的赋值。如需确保后续过程中能够基于ICFG,发现利用外部数据对各世界状态参数进行赋值的全部赋值操作,则需要确保单个世界状态参数在内存中具有固定且唯 一的内存地址,即需要将内存地址作为世界状态参数的标识。鉴于以上需要,在一些实施例中,对于加载到内存中的被检测的智能合约,其包括存储于内存中的代码段和数据段,数据段中包括但不限于智能合约涉及的全部世界状态参数;对于单个世界状态参数而言,代码段中通过数据段在内存中的基地址,以及该世界状态参数对应的地址偏移量,对该世界状态参数进行标识。与之相应的是,由于ICFG实质上是对智能合约的代码段进行反汇编得到,因此在ICFG中由基地址和偏移量进行标识的内存地址或者指向该内存地址的地址指针,即可作为相应世界状态参数的标识。The CFG composed of assembly instructions usually does not directly contain the assigned world state parameters, but represents the world state parameters through the memory address or the address pointer pointing to the memory address, and completes the world state parameter by writing data on the memory address assignment. If it is necessary to ensure that in the subsequent process, based on ICFG, all the assignment operations that use external data to assign values to each world state parameter can be found, it is necessary to ensure that a single world state parameter has a fixed and unique memory address in the memory, that is, the memory address needs to be used as An identifier for the world state parameter. In view of the above needs, in some embodiments, for the detected smart contract loaded into the memory, it includes the code segment and the data segment stored in the memory, and the data segment includes but not limited to all the world state parameters involved in the smart contract ; For a single world state parameter, the code segment identifies the world state parameter through the base address of the data segment in memory and the address offset corresponding to the world state parameter. Correspondingly, since ICFG is essentially obtained by disassembling the code segment of the smart contract, the memory address identified by the base address and offset in ICFG or the address pointer pointing to the memory address can be used as The identifier of the corresponding world state parameter.
接着,在步骤103,在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约。Next, in step 103, in the inter-procedural control flow graph, determine a number of target parameters that use external data to perform assignment operations, and the operation frequency of each of the number of target parameters to perform the assignment operation, and the number of target parameters belong to The world state parameters of the blockchain, and external data are input to the smart contract from the outside.
通过对ICFG进行分析,可以发现外部数据的传播过程和世界状态参数被赋值的过程,进而基于外部数据的传播过程和世界状态参数被赋值的过程,从智能合约涉及的全部世界状态参数中,确定利用外部数据进行赋值操作的目标参数。在一个较为具体的示例中,请参考图2,可以通过如下步骤1031-步骤1035,在ICFG中确定利用外部数据进行赋值操作的若干目标参数。Through the analysis of ICFG, it is possible to discover the process of dissemination of external data and the process of assigning values to world state parameters, and then based on the process of dissemination of external data and the process of assigning values to world state parameters, from all the world state parameters involved in the smart contract, determine The target parameter of the assignment operation using external data. In a more specific example, please refer to FIG. 2 , through the following steps 1031 to 1035 , several target parameters for assignment operations using external data may be determined in the ICFG.
步骤1031,在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程。 Step 1031 , determining a number of first instruction sequences in the inter-procedural control flow graph, where the first instruction sequences are used to characterize the propagation process of external data.
通过在ICFG中对外部数据对应的参数添加污点标记,然后沿着数据流向进行污点跟踪,即可依次确定出添加有污点标记的参数所对应的多个指令,依次确定的多个指令即可组成用于表征外部数据的传播过程的第一指令序列。示例性的,请参考图3中示例并简化的ICFG,智能合约中的方法函数Function_A和Int Add(x,y)各自对应的CFG由不同的指令序列组成,其中未图示CFG中由指令组成的基本块,未图示表征控制转移的有向边;直线箭头的方向指示CFG中指令的排列/执行顺序,折线箭头表征Call edge或者Return edge;此外将对应外部数据的参数a和参数b的实例化参数/参数值,示例性的表述为“0Ah(即实例化参数/参数值10)”和“14h(即实例化参数/参数值20),在实际业务场景中显然可以为其它实例化参数/参数值。那么,通过对该ICFG进行分析以确定出参数a和参数b是对应外部数据的参数后,即可对参数a和参数b进行标记,即对“mov dword ptr[a],0Ah”和“mov dword ptr[b],14h”中的ptr[a]和ptr[b]进行污点标记,然后沿着数据流向进行污点跟踪,确定出起点为“mov dword ptr[a],0Ah”并且终点为“mov dword ptr[c],eax”的第一指令序列。其中需要特别说明的是在该第一指令序列中,组成Int Add(x,y)对应的CFG的指令序列位于“call_Add”和“add esp,8”之间。By adding taint marks to the parameters corresponding to the external data in ICFG, and then performing taint tracking along the data flow direction, multiple instructions corresponding to the parameters added with taint marks can be sequentially determined, and multiple instructions determined in sequence can be composed A first sequence of instructions for characterizing the propagation process of external data. As an example, please refer to the example and simplified ICFG in Figure 3. The CFGs corresponding to the method functions Function_A and Int Add(x, y) in the smart contract are composed of different instruction sequences, which are not shown in the CFG. The basic block, not shown, represents the directed edge of the control transfer; the direction of the straight arrow indicates the arrangement/execution order of the instructions in the CFG, and the broken line arrow represents the Call edge or Return edge; in addition, it will correspond to the parameter a and parameter b of the external data The instantiated parameter/parameter value is exemplarily expressed as "0Ah (i.e. instantiated parameter/parameter value 10)" and "14h (i.e. instantiated parameter/parameter value 20), which can obviously be other instantiations in actual business scenarios Parameter/parameter value. Then, after analyzing the ICFG to determine that parameter a and parameter b are parameters corresponding to external data, parameter a and parameter b can be marked, that is, "mov dword ptr[a], 0Ah" and "mov dword ptr[b], 14h" in ptr[a] and ptr[b] are tainted, and then taint tracking is performed along the data flow direction, and the starting point is determined to be "mov dword ptr[a], 0Ah " and the end point is the first instruction sequence of "mov dword ptr[c], eax". It should be noted that in the first instruction sequence, the instruction sequence that constitutes the CFG corresponding to Int Add(x, y) is located in " call_Add" and "add esp,8".
步骤1033,在所述过程间控制流图中确定若干第二指令序列,所述第二指令序列用于表征世界状态参数被赋值的过程。Step 1033, determine a number of second instruction sequences in the inter-process control flow diagram, the second instruction sequences are used to represent the process in which the world state parameters are assigned values.
首先,可以在ICFG中确定智能合约涉及的全部世界状态参数。在一个较为具体的示例中,首先在ICFG中确定调用预定函数的若干函数调用指令。其中,该预定函数可以用 于在非易失性存储介质中更新区块链的世界状态参数,例如该预定函数可以通过其自身或调用其它方法函数,实现将赋值后的世界状态参数写入非易失性存储介质;或者,该预定函数可以是区块链节点中用于实现预定业务的方法函数,例如该预定函数实现的预定业务是,其被智能合约调用时可以使区块链节点获知智能合约已经完成对某个世界状态参数进行赋值,从而使区块链节点可以按照相应的业务逻辑将完成赋值的世界状态参数写入到非易失性存储介质中。接着,对已确定的每个函数调用指令,以该函数调用指令为起点在ICFG中进行向上搜索,确定该函数调用指令请求更新的参数,并将该参数确定为世界状态参数。示例性的,请继续参考图3,可以首先在ICFG中确定调用预定函数“_Rt”的函数调用指令“call_Rt”,然后以“call_Rt”为起点在ICFG中进行向上搜索,确定“call_Rt”请求更新的参数是由“mov eax,dword ptr[c]”和“push eax”加入函数栈中的参数c,进而将参数c确定为世界状态参数,其中参数c在图3中通过地址指针ptr[c]进行标识。First, all world state parameters involved in smart contracts can be determined in ICFG. In a more specific example, several function call instructions for calling a predetermined function are firstly determined in the ICFG. Among them, the predetermined function can be used to update the world state parameters of the blockchain in the non-volatile storage medium. For example, the predetermined function can write the assigned world state parameters into the non-volatile Volatile storage medium; or, the predetermined function can be a method function used in the block chain node to realize the predetermined service, for example, the predetermined service realized by the predetermined function is that when it is called by the smart contract, the block chain node can know The smart contract has completed the assignment of a certain world state parameter, so that the blockchain node can write the assigned world state parameter into the non-volatile storage medium according to the corresponding business logic. Next, for each determined function call instruction, search upwards in the ICFG starting from the function call instruction, determine the parameter that the function call instruction requests to update, and determine the parameter as the world state parameter. Exemplarily, please continue to refer to FIG. 3 , the function call instruction "call_Rt" that calls the predetermined function "_Rt" can be determined first in the ICFG, and then search upwards in the ICFG starting from "call_Rt", and determine that "call_Rt" requests an update The parameter is the parameter c added to the function stack by "mov eax, dword ptr[c]" and "push eax", and then the parameter c is determined as the world state parameter, where the parameter c is passed through the address pointer ptr[c in Figure 3 ] for identification.
接着,由于ICFG中通过内存地址或者地址指针标识世界状态参数,因此对于已确定的每个世界状态参数而言,可以通过用于标识该世界状态参数的内存地址或者地址指针,在ICFG中确定用于对该世界状态参数进行赋值的全部赋值指令。示例性的,请继续参考图3,可以基于已确定的用于标识世界状态参数c的地址指针ptr[c],在ICFG中确定出用于对ptr[c]进行赋值的赋值指令“mov dword ptr[c],eax”。Next, since the world state parameter is identified by the memory address or address pointer in ICFG, for each determined world state parameter, the memory address or address pointer used to identify the world state parameter can be used to determine the world state parameter in ICFG. All assignment instructions for assigning values to the world state parameters. Exemplarily, please continue to refer to FIG. 3 , based on the determined address pointer ptr[c] used to identify the world state parameter c, the assignment instruction "mov dword" for assigning ptr[c] can be determined in ICFG ptr[c],eax".
最后,对于已确定的每个世界状态参数,可以将用于对该世界状态参数进行赋值的全部赋值指令分别归入不同的第二指令序列。具体地,针对用于对单个世界状态参数进行赋值的每个赋值指令,可以将该赋值指令作为起点在ICFG中进行向上搜索,直到搜索到该赋值指令直接或间接的使用的参数值的来源,进而确定用于表征该世界状态参数被赋值的过程的其中一个第二指令序列。示例性的,请继续参考图3,当确定用于对ptr[c]进行赋值的“mov dword ptr[c],eax”时,则可以在ICFG中以“mov dword ptr[c],eax”为起点进行向上搜索,直到搜索到“mov dword ptr[c],eax”间接使用的参数a和参数b。其中“mov eax,dword ptr[b]”和“push eax”用于将参数b的实例化参数ptr[b]加入函数栈,“mov ecx,dword ptr[a]”和“push ecx”用于将参数a的实例化参数ptr[a]加入函数栈,因此可以将搜索到的这四条指令作为“mov dword ptr[c],eax”间接使用的参数值的来源;或者,前述四条指令用于将实例化参数ptr[a]、ptr[b]加入函数栈,但是并未表明ptr[a]和ptr[b]在ICFG中如何被创建,因此可以在ICFG中继续进行向上搜索,直到搜索到用于在函数栈中创建ptr[a]和ptr[b]的“mov dword ptr[a],0Ah”和“mov dword ptr[b],14h”,然后将“mov dword ptr[a],0Ah”和“mov dword ptr[b],14h”作为“mov dword ptr[c],eax”间接使用的参数值的来源。与之相应的是,针对用于对世界状态参数ptr[c]进行赋值的赋值指令“mov dword ptr[c],eax”,可以从ICFG中确定起点为“mov eax,dword ptr[b]”或者“mov dword ptr[a],0Ah”、终点为“mov dword ptr[c],eax”的第二指令序列,该第二指令序列能够完整的表征世界状态参数ptr[c]被赋值的过程。Finally, for each determined world state parameter, all assignment instructions for assigning the world state parameter may be classified into different second instruction sequences. Specifically, for each assignment instruction used to assign a value to a single world state parameter, the assignment instruction can be used as a starting point to search upwards in ICFG until the source of the parameter value directly or indirectly used by the assignment instruction is found, Then, one of the second instruction sequences used to characterize the process in which the world state parameter is assigned is determined. Exemplarily, please continue to refer to Figure 3. When the "mov dword ptr[c], eax" used to assign a value to ptr[c] is determined, you can use "mov dword ptr[c], eax" in ICFG Search upwards for the starting point until the parameters a and b indirectly used by "mov dword ptr[c], eax" are found. Among them, "mov eax, dword ptr[b]" and "push eax" are used to add the instantiation parameter ptr[b] of parameter b to the function stack, and "mov ecx, dword ptr[a]" and "push ecx" are used to The instantiation parameter ptr[a] of the parameter a is added to the function stack, so the searched four instructions can be used as the source of the parameter value indirectly used by "mov dword ptr[c], eax"; or, the above four instructions are used for Add the instantiation parameters ptr[a] and ptr[b] to the function stack, but it does not indicate how ptr[a] and ptr[b] are created in ICFG, so you can continue to search upwards in ICFG until you find "mov dword ptr[a], 0Ah" and "mov dword ptr[b], 14h" used to create ptr[a] and ptr[b] in the function stack, and then "mov dword ptr[a], 0Ah " and "mov dword ptr[b], 14h" as the source of the parameter value indirectly used by "mov dword ptr[c], eax". Correspondingly, for the assignment instruction "mov dword ptr[c], eax" used to assign values to the world state parameter ptr[c], the starting point can be determined from ICFG as "mov eax, dword ptr[b]" Or "mov dword ptr[a], 0Ah", the end point is the second instruction sequence of "mov dword ptr[c], eax", the second instruction sequence can completely represent the process of the world state parameter ptr[c] being assigned .
需要特别说明的是,图3示例的ICFG中可以确定出1个用于表征ptr[c]被赋值的过程 的第二指令序列,但是在实际业务场景中,智能合约对应的ICFG中可能确定出多个用于表征ptr[c]被赋值的过程的第二指令序列。示例性的,假设智能合约中除了包括前述的方法函数Function_A和Int Add(x,y)以外,还包括方法函数Function_B,其中Function_B实现的功能为将外部数据直接赋值给世界状态参数c,并通过调用预定函数“_Rt”,使得区块链节点实现对非易失性存储介质中的世界状态参数c进行更新。那么,该智能合约对应的ICFG中,可以在图3示例的ICFG的基础上,还包括Function_B对应的CFG,Function_B对应的CFG中同样包括用于对ptr[c]进行赋值的赋值指令。与之相应的是,由于Function_A对应的CFG和Function_B对应的CFG中均包括用于对ptr[c]进行赋值的赋值指令,因此可以从ICFG中确定出2个用于表征世界状态参数c被赋值的过程的第二指令序列。It should be noted that in the ICFG of the example in Figure 3, a second instruction sequence used to represent the process of ptr[c] being assigned can be determined, but in actual business scenarios, the ICFG corresponding to the smart contract may determine A plurality of second instruction sequences used to characterize the process in which ptr[c] is assigned. As an example, assume that the smart contract includes not only the aforementioned method functions Function_A and Int Add(x, y), but also the method function Function_B, where the function implemented by Function_B is to directly assign external data to the world state parameter c, and pass Calling the predetermined function "_Rt" enables the blockchain node to update the world state parameter c in the non-volatile storage medium. Then, the ICFG corresponding to the smart contract may include the CFG corresponding to Function_B on the basis of the ICFG shown in Figure 3, and the CFG corresponding to Function_B also includes an assignment instruction for assigning ptr[c]. Correspondingly, since the CFG corresponding to Function_A and the CFG corresponding to Function_B both include assignment instructions for assigning ptr[c], it can be determined from ICFG that two parameters representing the world state c are assigned The second instruction sequence of the process.
步骤1035,根据所述若干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。Step 1035: Determine the number of target parameters according to overlapping assignment instructions between the number of first instruction sequences and the number of second instruction sequences.
参照前述示例不难发现,第二指令序列中的最后一条指令是用于对世界状态参数进行赋值的赋值指令,第一指令序列中的第一条指令用于在函数栈中创建外部数据或者将外部数据加入函数栈。因此,当第二指令序列中的最后一条指令和第一指令序列中的最后一条指令重合/相同时,则说明第二指令序列中可能直接或间接的使用了外部数据对世界状态参数进行赋值,因而可以将重合的赋值指令指向的参数确定为使用外部数据进行赋值的目标参数,即将重合的赋值指令请求赋值的参数确定为使用外部数据进行赋值的目标参数。在一个较为具体的示例中,对于智能合约涉及的每个世界状态参数,确定出用于表征该世界状态参数被赋值的过程的全部第二指令序列后,可以对该世界状态参数对应的每个第二指令序列,检测已确定的全部第一指令序列中是否存在目标指令序列,该目标指令序列中的最后一条指令与该第二指令序列中的最后一条指令相同;如果是则将该世界状态参数确定为利用外部数据进行赋值操作的目标参数。与之相应的是,对用于表征该世界状态参数被赋值的过程的每个第二指令序列均执行前述的处理,即可统计出该世界状态参数被确定为目标参数的累计次数,该累计次数即为该世界状态参数利用外部数据进行赋值操作的操作频次。Referring to the previous example, it is not difficult to find that the last instruction in the second instruction sequence is an assignment instruction used to assign values to world state parameters, and the first instruction in the first instruction sequence is used to create external data in the function stack or set External data is added to the function stack. Therefore, when the last instruction in the second instruction sequence coincides/is the same as the last instruction in the first instruction sequence, it means that the second instruction sequence may directly or indirectly use external data to assign values to the world state parameters, Therefore, the parameter pointed to by the overlapping assignment instruction can be determined as the target parameter for assignment using external data, that is, the parameter requested by the overlapping assignment instruction for assignment can be determined as the target parameter for assignment using external data. In a more specific example, for each world state parameter involved in the smart contract, after determining all the second instruction sequences used to characterize the process of assigning the world state parameter, each of the world state parameters corresponding to the The second instruction sequence is to detect whether there is a target instruction sequence in all the determined first instruction sequences, and the last instruction in the target instruction sequence is the same as the last instruction in the second instruction sequence; if so, the world state The parameter is determined as a target parameter for an assignment operation using external data. Correspondingly, the aforementioned processing is performed on each second sequence of instructions used to characterize the process in which the world state parameter is assigned a value, and the cumulative number of times the world state parameter is determined as the target parameter can be counted. The number of times is the operation frequency of the assignment operation of the world state parameter using external data.
下面回到图1,在步骤105,根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。Returning to Fig. 1, in step 105, it is determined whether the smart contract has a security risk according to the operation frequency corresponding to each of the target parameters.
在一种可能的实施方式中,当若干目标参数各自对应的操作频次中存在大于1的操作频次时,即可确定智能合约存在安全风险。In a possible implementation, when there is an operation frequency greater than 1 among the operation frequencies corresponding to several target parameters, it can be determined that the smart contract has a security risk.
在一些实施例中,还可以将第二指令序列表征的世界状态参数被赋值的过程,划分为第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值。对于单个世界状态参数而言,在确定出表征该世界状态参数被赋值的过程的若干第二指令序列时,可以确定该若干第二指令 序列各自对应的赋值类型,进而统计出该世界状态参数对应的全部赋值类型。与之相应的,步骤105中具体可以确定若干目标参数中是否存在第一参数,该第一参数对应的操作频次大于1,该第一参数被赋值的过程同时包括第一类赋值过程和第二类赋值过程两种赋值类型,即该第一参数对应的赋值类型同时包括第一类赋值过程和第二类赋值过程;如果若干目标参数中存在第一参数,则确定智能合约存在安全风险。如此,通过综合考虑世界状态参数利用外部数据进行赋值操作的操作频次,以及世界状态参数被赋值的过程所属的赋值类型,可以更加准确的确定智能合约是否存在安全风险。In some embodiments, the process of assigning the world state parameters represented by the second instruction sequence can also be divided into the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first type of assignment process indicates The external data is used for direct assignment, the second type of assignment process indicates that the operation result of the logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment. For a single world state parameter, when determining a number of second instruction sequences that characterize the assignment process of the world state parameter, the respective assignment types corresponding to the number of second instruction sequences can be determined, and then the statistics corresponding to the world state parameter All assignment types of . Correspondingly, in step 105, it can specifically be determined whether there is a first parameter among several target parameters, the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes both the first type of assignment process and the second type of assignment process. There are two types of assignments in the class assignment process, that is, the assignment type corresponding to the first parameter includes both the first type of assignment process and the second type of assignment process; if the first parameter exists in several target parameters, it is determined that the smart contract has a security risk. In this way, by comprehensively considering the operation frequency of world state parameters using external data for assignment operations, and the assignment type of the process of world state parameters being assigned, it is possible to more accurately determine whether there is a security risk in the smart contract.
示例性的,请继续参考图3。以“mov dword ptr[a],0Ah”为起点且以“mov dword ptr[c],eax”为终点的一个第二指令序列,表征世界状态参数c被赋值的过程。由于该第二指令序列指示了利用参数a和参数b各自对应的外部数据进行逻辑运算,并利用进行逻辑运算后得到的运算结果对世界状态参数c进行赋值,因此可以确定该第二指令序列所属的赋值类型为第二类赋值过程,即确定世界状态参数c的赋值过程包括第二类赋值过程,或者说确定世界状态参数c对应的赋值类型包括第二类赋值过程。For example, please continue to refer to FIG. 3 . A second instruction sequence starting from "mov dword ptr[a], 0Ah" and ending with "mov dword ptr[c], eax" represents the process of assigning the world state parameter c. Since the second instruction sequence indicates to use the external data corresponding to the parameters a and b to perform logic operations, and use the operation results obtained after the logic operations to assign values to the world state parameter c, it can be determined that the second instruction sequence belongs to The assignment type of is the second type of assignment process, that is, the assignment process of determining the world state parameter c includes the second type of assignment process, or in other words, the assignment type corresponding to the determination of the world state parameter c includes the second type of assignment process.
继续假设智能合约中还包括前述示例的方法函数Function_B,那么基于Function_B对应的CFG中用于对世界状态参数c进行赋值的赋值指令,可以确定出用于表征世界状态参数c被赋值的过程的另一个第二指令序列,该第二指令序列由于使用外部数据对世界状态参数c进行直接赋值,因此可以确定该第二指令序列所属的赋值类型为第一类赋值过程,即确定世界状态参数c的赋值过程包括第一类赋值过程,或者说确定世界状态参数c对应的赋值类型包括第一类赋值过程。Continuing to assume that the smart contract also includes the method function Function_B of the preceding example, then based on the assignment instruction used to assign the world state parameter c in the CFG corresponding to Function_B, another method used to represent the process of assigning the world state parameter c can be determined. A second instruction sequence, since the second instruction sequence uses external data to directly assign a value to the world state parameter c, it can be determined that the assignment type to which the second instruction sequence belongs is the first type of assignment process, that is, the process of determining the world state parameter c The assignment process includes the first type of assignment process, or in other words, determining the assignment type corresponding to the world state parameter c includes the first type of assignment process.
继续假设智能合约中还包括方法函数Function_C,其中Function_C实现的功能为将预设数值赋值给世界状态参数c,并通过调用预定函数“_Rt”实现对非易失性存储介质中的世界状态参数c进行更新。那么智能合约对应的ICFG中可以包括Function_C对应的CFG,Function_C对应的CFG中包括用于对ptr[c]进行赋值的赋值指令。与之相应的,基于Function_C对应的CFG中用于对世界状态参数c进行赋值的赋值指令,可以确定出用于表征世界状态参数c被赋值的过程的又一个第二指令序列,该第二指令序列使用预设常数对世界状态参数c进行直接赋值,未利用外部数据对世界状态参数c进行赋值,因此可以确定该第二指令序列所属的赋值类型为第三类赋值过程,即确定世界状态参数c的赋值过程包括第三类赋值过程,或者说确定世界状态参数c对应的赋值类型包括第三类赋值过程。Continue to assume that the smart contract also includes the method function Function_C, where the function implemented by Function_C is to assign the preset value to the world state parameter c, and realize the world state parameter c in the non-volatile storage medium by calling the predetermined function "_Rt". to update. Then the ICFG corresponding to the smart contract may include the CFG corresponding to Function_C, and the CFG corresponding to Function_C includes an assignment instruction for assigning ptr[c]. Correspondingly, based on the assignment instruction for assigning the world state parameter c in the CFG corresponding to Function_C, another second instruction sequence for representing the process of assigning the world state parameter c can be determined, the second instruction The sequence uses a preset constant to directly assign a value to the world state parameter c, and does not use external data to assign a value to the world state parameter c, so it can be determined that the assignment type of the second instruction sequence belongs to the third type of assignment process, that is, to determine the world state parameter The assignment process of c includes the third type of assignment process, or in other words, determining the assignment type corresponding to the world state parameter c includes the third type of assignment process.
在一些实施例中,对于单个世界状态参数而言,当确定出表征该世界状态参数被赋值的过程的若干第二指令序列时,还可以确定若干第二指令序列各自对应的方法函数,例如将单个第二指令序列中用于对该世界状态参数进行赋值的赋值指令所属的方法函数,确定为该第二指令序列对应的函数。与之相应的,步骤105中具体可以确定若干目标参数中是否存在第二参数,该第二参数对应的操作频次大于1,该第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,该第二参数包括的第一类赋值过程和第二类赋值过程在过程间控制流图中对应不同的方法函数;如果若干目标参数中存在第二参数,则确定智能合 约存在安全风险。如此,通过综合考虑世界状态参数利用外部数据进行赋值操作的操作频次,世界状态参数被赋值的过程所属的赋值类型,不同赋值类型的指令序列各自对应的方法函数,可以更加准确的确定智能合约是否存在安全风险。In some embodiments, for a single world state parameter, when several second instruction sequences representing the process of assigning the world state parameter are determined, the method functions corresponding to each of the several second instruction sequences can also be determined, for example, the The method function to which the assignment instruction for assigning the world state parameter in the single second instruction sequence belongs is determined as the function corresponding to the second instruction sequence. Correspondingly, in step 105, it can be specifically determined whether there is a second parameter among several target parameters, the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type Assignment process, the first type of assignment process and the second type of assignment process included in the second parameter correspond to different method functions in the inter-procedural control flow graph; if there is a second parameter in several target parameters, it is determined that the smart contract has a security risk . In this way, by comprehensively considering the operation frequency of the world state parameter using external data for assignment operations, the assignment type of the world state parameter assigned process, and the method functions corresponding to the instruction sequences of different assignment types, it is possible to more accurately determine whether the smart contract is There is a security risk.
示例性的,请继续参考图3。假设智能合约中包括前述的方法函数Function_A、Int Add(x,y)和方法函数Function_B。那么,基于Function_A对应的CFG中用于对世界状态参数c进行赋值的赋值指令而确定的第二指令序列,其所属的赋值类型为第二类赋值过程,其对应的函数为Function_A,即世界状态参数c包括的第二类赋值过程所对应的方法函数是Function_A;基于Function_B对应的CFG中用于对世界状态参数c进行赋值的赋值指令而确定的第二指令序列,其所属的赋值类型为第一类赋值过程,其对应的函数包括Function_B,即世界状态参数c的第一类赋值过程所对应的函数为Function_B。此种情况下,世界状态参数c作为目标参数,其利用外部数据进行赋值操作的操作频次是2次,其被赋值的过程包括第一类赋值过程和第二类赋值过程,其包括的第一类赋值过程所对应的方法函数Function_A,不同于其包括的第二类赋值过程所对应的方法函数Function_B,因此世界状态参数c将会被确定为第二状态参数,进而可以确定智能合约存在安全风险。For example, please continue to refer to FIG. 3 . Assume that the smart contract includes the aforementioned method function Function_A, Int Add(x, y) and method function Function_B. Then, the second instruction sequence determined based on the assignment instruction used to assign the world state parameter c in the CFG corresponding to Function_A, its assignment type is the second type of assignment process, and its corresponding function is Function_A, that is, the world state The method function corresponding to the second type of assignment process included in the parameter c is Function_A; the second instruction sequence determined based on the assignment instruction used to assign the world state parameter c in the CFG corresponding to Function_B, and its assignment type is the first One type of assignment process, the corresponding function includes Function_B, that is, the function corresponding to the first type of assignment process of the world state parameter c is Function_B. In this case, the world state parameter c is used as the target parameter, and the operation frequency of its assignment operation using external data is 2 times, and its assignment process includes the first type of assignment process and the second type of assignment process, which includes the first The method function Function_A corresponding to the class assignment process is different from the method function Function_B corresponding to the second class assignment process included in it, so the world state parameter c will be determined as the second state parameter, and then it can be determined that there is a security risk in the smart contract .
需要说明的是,前述图3中示例并简化的ICFG仅用于辅助描述本说明书实施例中提供的技术方案,说明书中未详细描述图3中部分常用指令所需要实现的功能,但是这并不影响本领域技术人员对图3所示例的ICFG进行正确理解。在实际业务场景中,实现相同功能的指令可以具有不同的表达形式,可以通过更多或更少的指令来实现图3中的一个或多个指令所需要实现的功能。It should be noted that the exemplified and simplified ICFG in Figure 3 above is only used to assist in describing the technical solutions provided in the embodiments of this specification. The specification does not describe in detail the functions that some commonly used instructions in Figure 3 need to implement, but this does not It will affect those skilled in the art to correctly understand the ICFG illustrated in FIG. 3 . In an actual business scenario, instructions that implement the same function may have different expressions, and more or fewer instructions may be used to implement the functions required by one or more instructions in FIG. 3 .
与前述方法实施例基于相同的构思,本说明书实施例中还提供了一种智能合约的安全检测装置。如图4所示,该装置包括:解析处理单元401,配置为确定智能合约对应的过程间控制流图;赋值检测单元403,配置为在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;风险确定单元405,配置为根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。Based on the same idea as the foregoing method embodiments, the embodiments of this specification also provide a smart contract security detection device. As shown in Figure 4, the device includes: a parsing processing unit 401 configured to determine the inter-procedural control flow graph corresponding to the smart contract; an assignment detection unit 403 configured to determine, in the inter-procedural control flow graph, the Several target parameters of the assignment operation, and the operation frequency of each of the several target parameters for the assignment operation, the several target parameters belong to the world state parameters of the block chain, and external data is input from the outside to the smart contract; the risk determination unit 405, configured to determine whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the several target parameters.
在一种可能的实施方式中,所述风险确定单元405,配置为当存在大于1的操作频次时,确定所述智能合约存在安全风险。In a possible implementation manner, the risk determination unit 405 is configured to determine that the smart contract has a security risk when there is an operation frequency greater than 1.
在一种可能的实施方式中,所述智能合约包括存储于内存中的代码段和数据段,所述数据段中包括所述若干目标参数,所述代码段中通过所述数据段在所述内存中的基地址和所述目标参数对应的地址偏移量对所述目标参数进行标识。In a possible implementation manner, the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment uses the data segment in the The base address in memory and the address offset corresponding to the target parameter identify the target parameter.
在一种可能的实施方式中,所述赋值检测单元403包括:第一确定子单元,配置为在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程;第二确定子单元,配置为在所述过程间控制流图中确定若干第二指令序列,所述第二指令序列用于表征世界状态参数被赋值的过程;赋值检测子单元,配置为根据所述若 干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。In a possible implementation manner, the assignment detection unit 403 includes: a first determination subunit configured to determine a number of first instruction sequences in the interprocedural control flow graph, and the first instruction sequences are used to represent The propagation process of external data; the second determination subunit is configured to determine a number of second instruction sequences in the inter-process control flow diagram, and the second instruction sequences are used to represent the process in which the world state parameters are assigned; the assignment detector A unit configured to determine the plurality of target parameters according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
在一种可能的实施方式中,所述第一确定子单元,配置为在所述过程间控制流图中,对外部数据对应的参数添加污点标记,沿着数据流向进行污点跟踪,将添加有污点标记的参数对应的指令归入所述第一指令序列。In a possible implementation manner, the first determining subunit is configured to add taint marks to parameters corresponding to external data in the inter-procedural control flow graph, and perform taint tracking along the data flow direction, adding Instructions corresponding to parameters marked with taints are included in the first instruction sequence.
在一种可能的实施方式中,所述第二确定子单元,配置为在所述过程间控制流图中确定世界状态参数;在所述过程间控制流图中,确定用于对世界状态参数进行赋值的赋值指令,并将该赋值指令归入所述第二指令序列。In a possible implementation manner, the second determining subunit is configured to determine the world state parameter in the inter-procedural control flow graph; in the inter-procedural control flow graph, determine the An assignment instruction that assigns a value, and puts the assignment instruction into the second instruction sequence.
在一种可能的实施方式中,所述第二确定子单元,具体配置为在所述过程间控制流图中,确定调用预定函数的若干函数调用指令;将所述函数调用指令请求更新的参数确定为世界状态参数。In a possible implementation manner, the second determination subunit is specifically configured to determine, in the inter-procedural control flow graph, several function call instructions that call predetermined functions; and request the updated parameters of the function call instructions Determined as a world state parameter.
在一种可能的实施方式中,所述赋值检测子单元,具体配置为将所述重合的赋值指令所指向的世界状态参数作为所述目标参数。In a possible implementation manner, the assignment detection subunit is specifically configured to use the world state parameter pointed to by the overlapping assignment instruction as the target parameter.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程用于指示未利用外部数据进行赋值。所述风险确定单元405,具体配置为确定所述若干目标参数中是否存在第一参数,其中所述第一参数对应的操作频次大于1,所述第一参数被赋值的过程包括第一类赋值过程和第二类赋值过程;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logic operation is used for external data, and the third type of assignment process is used for assignment without external data. The risk determination unit 405 is specifically configured to determine whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes the first type of assignment process and the second type of assignment process; if so, it is determined that the smart contract has a security risk.
在一种可能的实施方式中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值。所述风险确定单元405,具体配置为确定所述若干目标参数中是否存在第二参数,其中所述第二参数对应的操作频次大于1,所述第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,所述第二参数的第一类赋值过程和第二类赋值过程,在所述过程间控制流图中对应不同的方法函数;如果是,确定所述智能合约存在安全风险。In a possible implementation manner, the process in which a single world state parameter represented by the second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process, or the third type of assignment process; wherein the first type of assignment The process indicates that external data is used for direct assignment, the second type of assignment process indicates that the operation result of logical operation is used for external data, and the third type of assignment process indicates that no external data is used for assignment. The risk determination unit 405 is specifically configured to determine whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type of value assignment process, the first type of value assignment process and the second type of value assignment process of the second parameter correspond to different method functions in the inter-procedural control flow graph; if so, determine that the smart contract exists Security Risk.
在一种可能的实施方式中,所述智能合约是待部署到区块链中的智能合约;和/或,所述安全风险具体包括被进行重排攻击的风险。In a possible implementation manner, the smart contract is a smart contract to be deployed in a blockchain; and/or, the security risk specifically includes the risk of being subjected to a rearrangement attack.
本领域技术人员应该可以意识到,在上述一个或多个示例中,本说明书所描述的功能可以用硬件、软件、固件或它们的任意组合来实现。当使用软件实现时,可以将这些功能所对应的计算机程序存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令/代码进行传输,以便这些功能所对应的计算机程序被计算机执行时,通过计算机实现本说明书任意一个实施例中所述的方法。Those skilled in the art should be aware that in one or more of the above examples, the functions described in this specification may be implemented by hardware, software, firmware or any combination thereof. When implemented in software, the computer programs corresponding to these functions can be stored in a computer-readable medium or transmitted as one or more instructions/codes on a computer-readable medium, so that the computer programs corresponding to these functions can be read by the computer During execution, the method described in any one of the embodiments of this specification is realized by a computer.
本说明书实施例中还提供了一种计算机可读存储介质,其上存储有计算机程序/指令, 当所述计算机程序/指令在计算设备中执行时,计算设备执行本说明书任意一个实施例中提供的智能合约的安全检测方法。The embodiments of this specification also provide a computer-readable storage medium on which computer programs/instructions are stored. When the computer programs/instructions are executed in a computing device, the computing device executes the A security detection method for smart contracts.
本说明书实施例中还提供了一种计算设备,包括存储器和处理器,所述存储器中存储有计算机程序/指令,所述处理器执行所述计算机程序/指令时,实现本说明书任意一个实施例中提供的智能合约的安全检测方法。The embodiments of this specification also provide a computing device, including a memory and a processor, the memory stores computer programs/instructions, and when the processor executes the computer programs/instructions, any one of the embodiments of this specification is realized The security detection method of the smart contract provided in .
本说明书中的各个实施例均采用递进的方式描述,各个实施例中相同、相似的部分互相参见即可,每个实施例中重点说明的都是与其他实施例的不同之处。尤其,对于装置实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, the same and similar parts in each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other implementations are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in an order different from that in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. Multitasking and parallel processing are also possible or may be advantageous in certain embodiments.
以上所述的具体实施方式,对本发明的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所述仅为本发明的具体实施方式而已,并不用于限定本发明的保护范围,凡在本发明的技术方案的基础之上,所做的任何修改、等同替换、改进等,均应包括在本发明的保护范围之内。The specific embodiments described above have further described the purpose, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above descriptions are only specific embodiments of the present invention and are not intended to limit the scope of the present invention. Protection scope, any modification, equivalent replacement, improvement, etc. made on the basis of the technical solution of the present invention shall be included in the protection scope of the present invention.

Claims (24)

  1. 一种智能合约的安全检测方法,包括:A security detection method for smart contracts, comprising:
    确定智能合约对应的过程间控制流图;Determine the inter-process control flow graph corresponding to the smart contract;
    在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;In the inter-process control flow diagram, determine a number of target parameters using external data for assignment operations, and the operation frequency of each of the number of target parameters for the assignment operation, and the number of target parameters belong to the world state of the blockchain Parameters, external data is input from the outside to the smart contract;
    根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。According to the operating frequency corresponding to each of the several target parameters, it is determined whether there is a security risk in the smart contract.
  2. 根据权利要求1所述的方法,其中,根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:当存在大于1的操作频次时,确定所述智能合约存在安全风险。The method according to claim 1, wherein, according to the operating frequency corresponding to each of the several target parameters, determining whether the smart contract has a security risk, specifically includes: when there is an operating frequency greater than 1, determining whether the smart contract There is a security risk.
  3. 根据权利要求1所述的方法,其中,所述智能合约包括存储于内存中的代码段和数据段,所述数据段中包括所述若干目标参数,所述代码段中通过所述数据段在所述内存中的基地址和所述目标参数对应的地址偏移量对所述目标参数进行标识。The method according to claim 1, wherein the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the several target parameters, and the code segment passes the data segment in the The base address in the memory and the address offset corresponding to the target parameter identify the target parameter.
  4. 根据权利要求1所述的方法,其中,所述在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,包括:The method according to claim 1, wherein, in the inter-procedural control flow graph, determining a number of target parameters using external data for assignment operations includes:
    在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程;Determining several first instruction sequences in the inter-procedural control flow graph, the first instruction sequences are used to characterize the propagation process of external data;
    在所述过程间控制流图中确定若干第二指令序列,所述第二指令序列用于表征世界状态参数被赋值的过程;Determining a number of second instruction sequences in the inter-process control flow graph, the second instruction sequences being used to represent a process in which world state parameters are assigned values;
    根据所述若干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。The plurality of target parameters are determined according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
  5. 根据权利要求4所述的方法,其中,在所述过程间控制流图中确定若干第一指令序列,包括:在所述过程间控制流图中,对外部数据对应的参数添加污点标记,沿着数据流向进行污点跟踪,将添加有污点标记的参数对应的指令归入所述第一指令序列。The method according to claim 4, wherein determining a plurality of first instruction sequences in the inter-procedural control flow graph comprises: adding taint marks to parameters corresponding to external data in the inter-procedural control flow graph, along the Perform taint tracking along the data flow, and include instructions corresponding to parameters with taint marks added into the first instruction sequence.
  6. 根据权利要求4所述的方法,其中,在所述过程间控制流图中确定若干第二指令序列,包括:在所述过程间控制流图中确定世界状态参数;在所述过程间控制流图中,确定用于对世界状态参数进行赋值的赋值指令,并将该赋值指令归入所述第二指令序列。The method of claim 4, wherein determining a plurality of second instruction sequences in the interprocedural control flow graph comprises: determining a world state parameter in the interprocedural control flow graph; In the figure, an assignment instruction for assigning a world state parameter is determined, and the assignment instruction is included in the second instruction sequence.
  7. 根据权利要求6所述的方法,其中,在所述过程间控制流图中确定世界状态参数,包括:在所述过程间控制流图中,确定调用预定函数的若干函数调用指令;将所述函数调用指令请求更新的参数确定为世界状态参数。The method according to claim 6, wherein determining the world state parameters in the inter-procedural control flow graph comprises: determining a plurality of function call instructions for calling a predetermined function in the inter-procedural control flow graph; The parameters requested by the function call instruction to be updated are determined as world state parameters.
  8. 根据权利要求4所述的方法,其中,根据所述若干第一指令序列和若干第二指令序列之间重合的赋值指令,确定所述若干目标参数,包括:将所述重合的赋值指令所指向的世界状态参数作为所述目标参数。The method according to claim 4, wherein, according to the overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences, determining the plurality of target parameters includes: directing the overlapping assignment instructions to The world state parameter of is used as the target parameter.
  9. 根据权利要求4所述的方法,其中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类 赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程用于指示未利用外部数据进行赋值;The method according to claim 4, wherein the process in which the world state parameter represented by the single second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first The class assignment process indicates direct assignment using external data, the second class assignment process indicates assignment of the operation result after logical operation using external data, and the third class assignment process is used to indicate that no external data is used for assignment;
    所述根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:The determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the target parameters includes:
    确定所述若干目标参数中是否存在第一参数,其中所述第一参数对应的操作频次大于1,所述第一参数被赋值的过程包括第一类赋值过程和第二类赋值过程;Determining whether there is a first parameter among the plurality of target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes a first type of assignment process and a second type of assignment process;
    如果是,确定所述智能合约存在安全风险。If yes, it is determined that the smart contract has a security risk.
  10. 根据权利要求4所述的方法,其中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值;The method according to claim 4, wherein the process in which the world state parameter represented by the single second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first The class assignment process indicates direct assignment using external data, the second class assignment process indicates the use of external data to perform logical operation results for assignment, and the third class assignment process indicates not using external data for assignment;
    所述根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险,具体包括:The determining whether there is a security risk in the smart contract according to the operation frequency corresponding to each of the target parameters includes:
    确定所述若干目标参数中是否存在第二参数,其中所述第二参数对应的操作频次大于1,所述第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,所述第二参数的第一类赋值过程和第二类赋值过程,在所述过程间控制流图中对应不同的方法函数;Determining whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, the process of assigning the second parameter includes a first type of assignment process and a second type of assignment process, the The first type of assignment process and the second type of assignment process of the second parameter correspond to different method functions in the inter-procedural control flow graph;
    如果是,确定所述智能合约存在安全风险。If yes, it is determined that the smart contract has a security risk.
  11. 根据权利要求1-10中任一项所述的方法,其中,所述智能合约是待部署到区块链中的智能合约;和/或,所述安全风险具体包括被进行重排攻击的风险。The method according to any one of claims 1-10, wherein the smart contract is a smart contract to be deployed in the blockchain; and/or, the security risk specifically includes the risk of being rearranged and attacked .
  12. 一种智能合约的安全检测装置,包括:A security detection device for smart contracts, comprising:
    解析处理单元,配置为确定智能合约对应的过程间控制流图;The analysis processing unit is configured to determine the inter-process control flow graph corresponding to the smart contract;
    赋值检测单元,配置为在所述过程间控制流图中,确定利用外部数据进行赋值操作的若干目标参数,以及所述若干目标参数各自进行所述赋值操作的操作频次,所述若干目标参数属于区块链的世界状态参数,外部数据自外部输入所述智能合约;The assignment detection unit is configured to determine, in the inter-procedural control flow graph, a number of target parameters that use external data to perform assignment operations, and an operation frequency for each of the number of target parameters to perform the assignment operation, and the number of target parameters belong to The world state parameters of the blockchain, external data are input from the outside to the smart contract;
    风险确定单元,配置为根据所述若干目标参数各自对应的操作频次,确定所述智能合约是否存在安全风险。The risk determining unit is configured to determine whether the smart contract has a security risk according to the operating frequency corresponding to each of the several target parameters.
  13. 根据权利要求12所述的装置,其中,所述风险确定单元,配置为当存在大于1的操作频次时,确定所述智能合约存在安全风险。The device according to claim 12, wherein the risk determining unit is configured to determine that the smart contract has a security risk when there is an operation frequency greater than 1.
  14. 根据权利要求12所述的装置,其中,所述智能合约包括存储于内存中的代码段和数据段,所述数据段中包括所述若干目标参数,所述代码段中通过所述数据段在所述内存中的基地址和所述目标参数对应的地址偏移量对所述目标参数进行标识。The device according to claim 12, wherein the smart contract includes a code segment and a data segment stored in the memory, the data segment includes the plurality of target parameters, and the code segment passes the data segment in the The base address in the memory and the address offset corresponding to the target parameter identify the target parameter.
  15. 根据权利要求12所述的装置,其中,所述赋值检测单元包括:The apparatus according to claim 12, wherein the assignment detection unit comprises:
    第一确定子单元,配置为在所述过程间控制流图中确定若干第一指令序列,所述第一指令序列用于表征外部数据的传播过程;The first determination subunit is configured to determine a plurality of first instruction sequences in the inter-process control flow graph, and the first instruction sequences are used to represent the propagation process of external data;
    第二确定子单元,配置为在所述过程间控制流图中确定若干第二指令序列,所述第二 指令序列用于表征世界状态参数被赋值的过程;The second determination subunit is configured to determine a number of second instruction sequences in the inter-process control flow diagram, and the second instruction sequences are used to represent the process in which the world state parameter is assigned;
    赋值检测子单元,配置为根据所述若干第一指令序列和所述若干第二指令序列之间重合的赋值指令,确定所述若干目标参数。The assignment detection subunit is configured to determine the plurality of target parameters according to overlapping assignment instructions between the plurality of first instruction sequences and the plurality of second instruction sequences.
  16. 根据权利要求15所述的装置,其中,所述第一确定子单元,配置为在所述过程间控制流图中,对外部数据对应的参数添加污点标记,沿着数据流向进行污点跟踪,将添加有污点标记的参数对应的指令归入所述第一指令序列。The device according to claim 15, wherein the first determining subunit is configured to add taint marks to parameters corresponding to external data in the inter-procedural control flow graph, and perform taint tracking along the data flow direction, and Instructions corresponding to parameters added with taint marks are included in the first instruction sequence.
  17. 根据权利要求15所述的装置,其中,所述第二确定子单元,配置为在所述过程间控制流图中确定世界状态参数;在所述过程间控制流图中,确定用于对世界状态参数进行赋值的赋值指令,并将该赋值指令归入所述第二指令序列。The device according to claim 15, wherein the second determining subunit is configured to determine the world state parameter in the inter-procedural control flow graph; in the inter-procedural control flow graph, determine An assignment instruction for assigning values to state parameters, and the assignment instruction is included in the second instruction sequence.
  18. 根据权利要求17所述的装置,其中,所述第二确定子单元,具体配置为在所述过程间控制流图中,确定调用预定函数的若干函数调用指令;将所述函数调用指令请求更新的参数确定为世界状态参数。The device according to claim 17, wherein the second determination subunit is specifically configured to determine a number of function call instructions for calling a predetermined function in the inter-procedural control flow graph; and request an update of the function call instructions The parameters of are determined as world state parameters.
  19. 根据权利要求15所述的装置,其中,所述赋值检测子单元,具体配置为将所述重合的赋值指令所指向的世界状态参数作为所述目标参数。The device according to claim 15, wherein the assignment detection subunit is specifically configured to use the world state parameter pointed to by the overlapping assignment instruction as the target parameter.
  20. 根据权利要求15所述的装置,其中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程用于指示未利用外部数据进行赋值;The device according to claim 15, wherein the process in which the world state parameter represented by the single second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first The class assignment process indicates direct assignment using external data, the second class assignment process indicates assignment of the operation result after logical operation using external data, and the third class assignment process is used to indicate that no external data is used for assignment;
    所述风险确定单元,具体配置为确定所述若干目标参数中是否存在第一参数,其中所述第一参数对应的操作频次大于1,所述第一参数被赋值的过程包括第一类赋值过程和第二类赋值过程;如果是,确定所述智能合约存在安全风险。The risk determination unit is specifically configured to determine whether there is a first parameter among the several target parameters, wherein the operation frequency corresponding to the first parameter is greater than 1, and the process of assigning the first parameter includes a first-type assignment process and the second type of value assignment process; if yes, it is determined that the smart contract has a security risk.
  21. 根据权利要求15所述的装置,其中,单个所述第二指令序列表征的世界状态参数被赋值的过程,属于第一类赋值过程、第二类赋值过程或者第三类赋值过程;其中第一类赋值过程指示利用外部数据进行直接赋值,第二类赋值过程指示利用外部数据进行逻辑运算后的运算结果进行赋值,第三类赋值过程指示未利用外部数据进行赋值;The device according to claim 15, wherein the process in which the world state parameter represented by the single second instruction sequence is assigned a value belongs to the first type of assignment process, the second type of assignment process or the third type of assignment process; wherein the first The class assignment process indicates direct assignment using external data, the second class assignment process indicates the use of external data to perform logical operation results for assignment, and the third class assignment process indicates not using external data for assignment;
    所述风险确定单元,具体配置为确定所述若干目标参数中是否存在第二参数,其中所述第二参数对应的操作频次大于1,所述第二参数被赋值的过程包括第一类赋值过程和第二类赋值过程,所述第二参数的第一类赋值过程和第二类赋值过程,在所述过程间控制流图中对应不同的方法函数;如果是,确定所述智能合约存在安全风险。The risk determination unit is specifically configured to determine whether there is a second parameter among the several target parameters, wherein the operation frequency corresponding to the second parameter is greater than 1, and the process of assigning the second parameter includes the first type of assignment process and the second type of value assignment process, the first type of value assignment process and the second type of value assignment process of the second parameter correspond to different method functions in the inter-process control flow graph; if yes, determine that the smart contract exists security risk.
  22. 根据权利要求12-21中任一项所述的装置,其中,所述智能合约是待部署到区块链中的智能合约;和/或,所述安全风险具体包括被进行重排攻击的风险。The device according to any one of claims 12-21, wherein the smart contract is a smart contract to be deployed in a blockchain; and/or, the security risk specifically includes the risk of being subjected to a rearrangement attack .
  23. 一种计算机可读存储介质,其上存储有计算机程序,当所述计算机程序在计算设备中执行时,计算设备执行权利要求1-11中任一项所述的方法。A computer-readable storage medium on which a computer program is stored, and when the computer program is executed in a computing device, the computing device executes the method according to any one of claims 1-11.
  24. 一种计算设备,包括存储器和处理器,所述存储器中存储有计算机程序,所述处理器执行所述计算机程序时,实现权利要求1-11中任一项所述的方法。A computing device, comprising a memory and a processor, wherein a computer program is stored in the memory, and when the processor executes the computer program, the method according to any one of claims 1-11 is realized.
PCT/CN2022/103305 2021-07-01 2022-07-01 Security detection method and apparatus for smart contract WO2023274398A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110749282.5 2021-07-01
CN202110749282.5A CN113435893B (en) 2021-07-01 2021-07-01 Security detection method and device for intelligent contract

Publications (1)

Publication Number Publication Date
WO2023274398A1 true WO2023274398A1 (en) 2023-01-05

Family

ID=77758665

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/103305 WO2023274398A1 (en) 2021-07-01 2022-07-01 Security detection method and apparatus for smart contract

Country Status (2)

Country Link
CN (1) CN113435893B (en)
WO (1) WO2023274398A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113435893B (en) * 2021-07-01 2022-05-17 支付宝(杭州)信息技术有限公司 Security detection method and device for intelligent contract

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115472A (en) * 2020-08-12 2020-12-22 北京智融云河科技有限公司 Data management and control oriented intelligent contract code checking method and system
CN112711760A (en) * 2020-12-29 2021-04-27 华南师范大学 Detection method and device for detecting vulnerability of intelligent contract malicious elimination reentry influence
CN112749389A (en) * 2020-12-29 2021-05-04 华南师范大学 Detection method and device for detecting vulnerability of intelligent contract damage sensitive data
CN113435893A (en) * 2021-07-01 2021-09-24 支付宝(杭州)信息技术有限公司 Security detection method and device for intelligent contract

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11144893B2 (en) * 2017-10-30 2021-10-12 Nec Corporation Method and system for securing smart contracts in blockchains
EP3837660A4 (en) * 2018-08-17 2022-03-30 Telefonaktiebolaget LM ERICSSON (PUBL) Method and system for prediction of smart contract violation using dynamic state space creation
CN111125716B (en) * 2019-12-19 2022-05-31 中国人民大学 Method and device for detecting Ethernet intelligent contract vulnerability
CN111524007A (en) * 2020-04-16 2020-08-11 广州拉卡拉信息技术有限公司 Embedded intrusion detection method and device for intelligent contract
CN112631611B (en) * 2021-01-06 2022-06-03 中山大学 Intelligent Pompe deception contract identification method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115472A (en) * 2020-08-12 2020-12-22 北京智融云河科技有限公司 Data management and control oriented intelligent contract code checking method and system
CN112711760A (en) * 2020-12-29 2021-04-27 华南师范大学 Detection method and device for detecting vulnerability of intelligent contract malicious elimination reentry influence
CN112749389A (en) * 2020-12-29 2021-05-04 华南师范大学 Detection method and device for detecting vulnerability of intelligent contract damage sensitive data
CN113435893A (en) * 2021-07-01 2021-09-24 支付宝(杭州)信息技术有限公司 Security detection method and device for intelligent contract

Also Published As

Publication number Publication date
CN113435893B (en) 2022-05-17
CN113435893A (en) 2021-09-24

Similar Documents

Publication Publication Date Title
EP3472707B1 (en) Update coordination in a multi-tenant cloud computing environment
CN110297689B (en) Intelligent contract execution method, device, equipment and medium
US10924347B1 (en) Networking device configuration value persistence
US10055585B2 (en) Hardware and software execution profiling
US11693962B2 (en) Malware clustering based on function call graph similarity
TWI438690B (en) Method and apparatus for performing virtual machine migration between a plurality of information handling systems, and information technology system
US10042654B2 (en) Computer-based distribution of large sets of regular expressions to a fixed number of state machine engines for products and services
US20120144488A1 (en) Computer virus detection systems and methods
JP2022504030A (en) How, systems, and programs to detect security risks associated with software components
US11055168B2 (en) Unexpected event detection during execution of an application
WO2022180702A1 (en) Analysis function addition device, analysis function addition program, and analysis function addition method
US11586735B2 (en) Malware clustering based on analysis of execution-behavior reports
WO2023274398A1 (en) Security detection method and apparatus for smart contract
CN110298173A (en) The detection Malware hiding by the delay circulation of software program
US11868465B2 (en) Binary image stack cookie protection
US9064042B2 (en) Instrumenting computer program code by merging template and target code methods
WO2020111482A1 (en) Reverse engineering method and system utilizing big data based on program execution context
CN111221573B (en) Management method of register access time sequence, processor, electronic equipment and computer readable storage medium
US20220335135A1 (en) Vulnerability analysis and reporting for embedded systems
Thomas et al. Cutting through the complexity of reverse engineering embedded devices
US9256423B2 (en) Software product licensing based on a content space
US11636205B2 (en) Method and system for detecting malware using memory map
Liu et al. VD-Guard: DMA Guided Fuzzing for Hypervisor Virtual Device
EP4361859A1 (en) Systems and methods for api security integration
US20230367911A1 (en) Analyzing scripts to create and enforce security policies in dynamic development pipelines

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22832210

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE