Smart contract vulnerabilities have resulted in substantial financial losses in recent years. Fuzzing, an effective technique for detecting vulnerabilities, has rapidly emerged as a key approach for safeguarding the security of smart contracts. However, due to the complexity and unique stateful nature of smart contracts, existing fuzzing tools struggle to detect sophisticated vulnerabilities, particularly those requiring specific transaction sequences to trigger. In this work, we propose fFuzz, a novel function-level fuzzer for smart contract vulnerability detection. Unlike conventional fuzzers that generate transaction sequences for the entire smart contract, fFuzz targets precise and effective sequences at the function level, streamlining and improving the fuzzing process. In addition, fFuzz incorporates a state-aware signature generation mechanism and a historical transaction-guided strategy to effectively generate vulnerable transaction sequences, which are further used to trigger vulnerabilities. We evaluated fFuzz on real-world smart contracts, and the experimental results demonstrate that it outperforms state-of-the-art methods in both effectiveness and efficiency.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

fFuzz: A State-Aware Function-Level Fuzzing Framework for Smart Contract Vulnerabilities Detection

  • Chang Li,
  • Binqin Lu,
  • Wenyang Zhang,
  • Kaixuan Yang,
  • Huijuan Zhu

摘要

Smart contract vulnerabilities have resulted in substantial financial losses in recent years. Fuzzing, an effective technique for detecting vulnerabilities, has rapidly emerged as a key approach for safeguarding the security of smart contracts. However, due to the complexity and unique stateful nature of smart contracts, existing fuzzing tools struggle to detect sophisticated vulnerabilities, particularly those requiring specific transaction sequences to trigger. In this work, we propose fFuzz, a novel function-level fuzzer for smart contract vulnerability detection. Unlike conventional fuzzers that generate transaction sequences for the entire smart contract, fFuzz targets precise and effective sequences at the function level, streamlining and improving the fuzzing process. In addition, fFuzz incorporates a state-aware signature generation mechanism and a historical transaction-guided strategy to effectively generate vulnerable transaction sequences, which are further used to trigger vulnerabilities. We evaluated fFuzz on real-world smart contracts, and the experimental results demonstrate that it outperforms state-of-the-art methods in both effectiveness and efficiency.