Periodic Reporting for period 1 - CONSEC (Secure Execution of Smart Contracts)
Reporting period: 2022-11-01 to 2025-04-30
Cryptocurrencies like Bitcoin introduce a decentralized mechanism for digital payments by removing the need for a central authority, such as a bank. At the core of cryptocurrencies is the blockchain, a distributed ledger that records all transactions. Blocks are linked and secured through cryptographic hashes, ensuring integrity and decentralization across peer-to-peer networks.
While cryptocurrencies remain speculative, blockchain technology has clear practical applications across various industries, including decentralized finance, supply chain management, and digital identity. A key feature of blockchains is smart contracts which are self-executing programs that enforce agreements automatically. These programs transfer values and rights without human intervention but, like all software, are prone to vulnerabilities.
High-profile attacks, such as The DAO hack in 2016, highlight these risks. In this case, a security flaw in an Ethereum smart contract allowed attackers to steal over 50 million USD in crypto funds. This incident, along with others like the Parity wallet attack, taught three key lessons. First, smart contract bugs can cause irreversible financial losses. Second, contracts are vulnerable immediately after public disclosure of flaws, as they cannot be shut down. Third, smart contract errors differ from traditional software bugs, and the security landscape is still evolving.
The CONSEC (CONtract SECurity) project addresses these challenges by enabling secure smart contract development, deployment, and analysis. Its main goal is the development of a holistic framework to:
1. Detect vulnerabilities early in the development phase.
2. Apply effective patches to deployed contracts.
3. Mitigate attacks during contract execution.
4. Perform forensic analysis of existing contracts and blockchain transactions.
CONSEC introduces several innovations:
- A smart contract compiler that automatically detects and patches vulnerabilities.
- A novel execution engine that monitors transactions to prevent runtime attacks.
- A dynamic analysis framework for assessing security of already deployed contracts.
By tackling these issues, CONSEC aims to improve the reliability and security of smart contracts in both public and enterprise blockchains.
While cryptocurrencies remain speculative, blockchain technology has clear practical applications across various industries, including decentralized finance, supply chain management, and digital identity. A key feature of blockchains is smart contracts which are self-executing programs that enforce agreements automatically. These programs transfer values and rights without human intervention but, like all software, are prone to vulnerabilities.
High-profile attacks, such as The DAO hack in 2016, highlight these risks. In this case, a security flaw in an Ethereum smart contract allowed attackers to steal over 50 million USD in crypto funds. This incident, along with others like the Parity wallet attack, taught three key lessons. First, smart contract bugs can cause irreversible financial losses. Second, contracts are vulnerable immediately after public disclosure of flaws, as they cannot be shut down. Third, smart contract errors differ from traditional software bugs, and the security landscape is still evolving.
The CONSEC (CONtract SECurity) project addresses these challenges by enabling secure smart contract development, deployment, and analysis. Its main goal is the development of a holistic framework to:
1. Detect vulnerabilities early in the development phase.
2. Apply effective patches to deployed contracts.
3. Mitigate attacks during contract execution.
4. Perform forensic analysis of existing contracts and blockchain transactions.
CONSEC introduces several innovations:
- A smart contract compiler that automatically detects and patches vulnerabilities.
- A novel execution engine that monitors transactions to prevent runtime attacks.
- A dynamic analysis framework for assessing security of already deployed contracts.
By tackling these issues, CONSEC aims to improve the reliability and security of smart contracts in both public and enterprise blockchains.
In the first two years of the project, we achieved significant breakthroughs in smart contract security, contributing to the development of secure compilation, execution, and dynamic analysis.
One of our core achievements is the Hardening Contract Compiler (HCC), a compiler that automatically integrates security checks into smart contract source code. HCC models contract logic into Code Property Graphs (CPGs), allowing vulnerability detection across different languages and platforms. Our prototype supports the Solidity language for Ethereum and Hyperledger Fabric, mitigating critical issues such as reentrancy attacks, integer bugs, and unchecked calls. We evaluated HCC on a dataset of 10k Solidity contracts, including top Ethereum contracts, demonstrating its effectiveness in protecting complex real-world applications.
We also developed Brigade, a system that mitigates cross-chain attacks—a growing threat in decentralized finance. Brigade secures cross-chain transactions by employing event detection systems to prevent token losses across blockchains like Ethereum, Solana, and Binance Smart Chain. It successfully identified and mitigated eight real-world attacks across these networks.
Based on dynamic program analysis techniques, our EF/CF fuzzer introduces a novel approach for smart contract vulnerability detection. Unlike existing fuzzers, EF/CF leverages conventional software fuzzing tools (e.g. AFL++), made possible through a transpilation pipeline that converts contract bytecode into native C++ code. This approach enables high-throughput fuzzing for complex contracts, identifying vulnerabilities related to reentrancy and cross-contract interactions.
We also investigated security vulnerabilities of smart contracts developed for the Solana blockchain. Solana differs significantly from Ethereum, requiring new dynamic analysis tools. We developed FuzzDelSol, the first binary-only, coverage-guided fuzzer for Solana smart contracts. It detects Solana-specific bugs like missing signer checks and cross-program invocation issues. In an evaluation of 6,049 Solana programs, FuzzDelSol found 92 bugs across 52 contracts.
One of our core achievements is the Hardening Contract Compiler (HCC), a compiler that automatically integrates security checks into smart contract source code. HCC models contract logic into Code Property Graphs (CPGs), allowing vulnerability detection across different languages and platforms. Our prototype supports the Solidity language for Ethereum and Hyperledger Fabric, mitigating critical issues such as reentrancy attacks, integer bugs, and unchecked calls. We evaluated HCC on a dataset of 10k Solidity contracts, including top Ethereum contracts, demonstrating its effectiveness in protecting complex real-world applications.
We also developed Brigade, a system that mitigates cross-chain attacks—a growing threat in decentralized finance. Brigade secures cross-chain transactions by employing event detection systems to prevent token losses across blockchains like Ethereum, Solana, and Binance Smart Chain. It successfully identified and mitigated eight real-world attacks across these networks.
Based on dynamic program analysis techniques, our EF/CF fuzzer introduces a novel approach for smart contract vulnerability detection. Unlike existing fuzzers, EF/CF leverages conventional software fuzzing tools (e.g. AFL++), made possible through a transpilation pipeline that converts contract bytecode into native C++ code. This approach enables high-throughput fuzzing for complex contracts, identifying vulnerabilities related to reentrancy and cross-contract interactions.
We also investigated security vulnerabilities of smart contracts developed for the Solana blockchain. Solana differs significantly from Ethereum, requiring new dynamic analysis tools. We developed FuzzDelSol, the first binary-only, coverage-guided fuzzer for Solana smart contracts. It detects Solana-specific bugs like missing signer checks and cross-program invocation issues. In an evaluation of 6,049 Solana programs, FuzzDelSol found 92 bugs across 52 contracts.
Our hardening contract compiler (HCC) is the first compiler that automatically protects smart contract code against a wide variety of attacks. In addition, HCC is the first compiler that supports protecting contracts written in different programming languages and blockchain technologies by design. We believe that HCC significantly aids developers in implementing secure smart contracts. Next, we aim to extend HCC to cover more types of vulnerabilities.
Our fuzzer EF/CF follows a drastically different approach than existing fuzzers: it enables the re-use of existing, highly efficient and effective fuzzers from the Desktop World to smart contracts. This is made possible by our development of a transpilation pipeline that reliably outputs native C++ code of smart contracts developed in Solidity. We believe that this will inspire the research community to utilize established mitigation techniques for smart contracts. In our future work, we will investigate testing methods based on fuzzing for emerging cross-chain platforms. Our goal is to mitigate cross-chain vulnerabilities.
Given the rise of the Solana blockchain, we were among the first to explore its security. In contrast to traditional blockchains such as Bitcoin and Ethereum, Solana offers a significantly higher transaction throughput. Further, many new developers joined the Solana ecosystem recently. Thus, it is crucial to investigate potential security vulnerabilities and the security awareness of Solana developers. With our fuzzer FuzzDelSol, we introduced the first testing framework based on fuzzing to aid Solana developers and maintainers in validating the security of Solana smart contracts. We also conducted a developer study to assess Solana developers' security awareness, revealing that most could not detect critical vulnerabilities during code reviews. Our findings have helped highlight gaps in security practices across emerging blockchain platforms. We are currently investigating testing methods based on symbolic execution techniques to improve vulnerability detection in Solana.
Our fuzzer EF/CF follows a drastically different approach than existing fuzzers: it enables the re-use of existing, highly efficient and effective fuzzers from the Desktop World to smart contracts. This is made possible by our development of a transpilation pipeline that reliably outputs native C++ code of smart contracts developed in Solidity. We believe that this will inspire the research community to utilize established mitigation techniques for smart contracts. In our future work, we will investigate testing methods based on fuzzing for emerging cross-chain platforms. Our goal is to mitigate cross-chain vulnerabilities.
Given the rise of the Solana blockchain, we were among the first to explore its security. In contrast to traditional blockchains such as Bitcoin and Ethereum, Solana offers a significantly higher transaction throughput. Further, many new developers joined the Solana ecosystem recently. Thus, it is crucial to investigate potential security vulnerabilities and the security awareness of Solana developers. With our fuzzer FuzzDelSol, we introduced the first testing framework based on fuzzing to aid Solana developers and maintainers in validating the security of Solana smart contracts. We also conducted a developer study to assess Solana developers' security awareness, revealing that most could not detect critical vulnerabilities during code reviews. Our findings have helped highlight gaps in security practices across emerging blockchain platforms. We are currently investigating testing methods based on symbolic execution techniques to improve vulnerability detection in Solana.