Decentralized cryptocurrencies feature the use of blockchain to transfer values among peers on networks without central agency. Smart contracts are programs running on top of the blockchain consensus protocol to enable people make agreements while minimizing trusts. Millions of smart contracts have been deployed in various decentralized applications. The security vulnerabilities within those smart contracts pose significant threats to their applications. Indeed, many critical security vulnerabilities within smart contracts on Ethereum platform have caused huge financial losses to their users. In this work, we present ContractFuzzer, a novel fuzzer to test Ethereum smart contracts for security vulnerabilities. ContractFuzzer generates fuzzing inputs based on the ABI specifications of smart contracts, defines test oracles to detect security vulnerabilities, instruments the EVM to log smart contracts runtime behaviors, and analyzes these logs to report security vulnerabilities. Our fuzzing of 6991 smart contracts has flagged more than 459 vulnerabilities with high precision. In particular, our fuzzing tool successfully detects the vulnerability of the DAO contract that leads to USD 60 million loss and the vulnerabilities of Parity Wallet that have led to the loss of USD 30 million and the freezing of USD 150 million worth of Ether.
With the popularity of blockchain and smart contract technique, millions of smart contracts have been deployed on blockchain platforms to enable the building of decentralized applications. However, the security vulnerabilities of the smart contracts pose big threat to their future. In this work, they proposed ContractFuzzer, a precise and comprehensive fuzzing framework to detect 7 types of Ethereum smart contract vulnerabilities. Their experiment with 6991 real world smart contracts shows that the input generation and test oracle analysis strategies of ContractFuzzer are effective to trigger and detect security vulnerabilities with very high precision. Their tool reported 459 vulnerabilities in total out of the 6991 smart contracts tested, including the infamous the DAO bug and the Parity Wallet bug. When compared with the state of art security verification tool Oyente, the ContractFuzzer not only can detect more types of vulnerabilities but it also has much lower false positives.