English

Detecting Standard Violation Errors in Smart Contracts

Cryptography and Security 2019-02-20 v2

Abstract

We present SOLAR, a new analysis tool for automatically detecting standard violation errors in Ethereum smart contracts.Given the Ethereum Virtual Machine (EVM) bytecode of a smart contract and a user specified constraint or invariant derived from a technical standard such as ERC-20,SOLAR symbolically executes the contract, explores all possible execution paths, and checks whether it is possible to initiate a sequence of malicious transactions to violate the specified constraint or invariant. Our experimental results highlight the effectiveness of SOLAR in finding new errors in smart con-tracts. Out of the evaluated 779 ERC-20 and 310 ERC-721smart contracts, SOLAR found 255 standard violation errors in 197 vulnerable contracts with only three false positives.237 out of the 255 errors are zero-day errors that are not re-ported before. Our results sound the alarm on the prevalence of standard violation errors in critical smart contracts that manipulate publicly traded digital assets

Keywords

Cite

@article{arxiv.1812.07702,
  title  = {Detecting Standard Violation Errors in Smart Contracts},
  author = {Ao Li and Fan Long},
  journal= {arXiv preprint arXiv:1812.07702},
  year   = {2019}
}
R2 v1 2026-06-23T06:47:10.331Z