SolidityCheck : Quickly Detecting Smart Contract Problems Through Regular Expressions
This addresses security issues for Ethereum developers by providing an efficient detection tool, though it appears incremental as it builds on existing methods.
The paper tackles the problem of detecting vulnerabilities like re-entrancy and integer overflow in Solidity smart contracts by proposing SolidityCheck, an approach using regular expressions and program instrumentation, and shows it is superior to existing methods in experiments.
As a blockchain platform that has developed vigorously in recent years, Ethereum is different from Bitcoin in that it introduces smart contracts into blockchain.Solidity is one of the most mature and widely used smart contract programming language,which is used to write smart contracts and deploy them on blockchain. However, once the data in the blockchain is written, it cannot be modified. Ethereum smart contract is stored in the block chain, which makes the smart contract can no longer repair the code problems such as re-entrancy vulnerabilities or integer overflow problems. Currently, there still lacks of an efficient and effective approach for detecting these problems in Solidity. In this paper, we first classify all the possible problems in Solidity, then propose a smart contract problem detection approach for Solidity, namely SolidityCheck. The approach uses regular expressions to define the characteristics of problematic statements and uses regular matching and program instrumentation to prevent or detect problems. Finally, a large number of experiments is performed to show that SolidityCheck is superior to existing approaches.