Introduction to Smart Contract Automated Audit

With the increasing popularity of blockchain technology, it has been applied in different industries, such as finance, games, copyright, traceability, etc. There have been many security problems, especially the development of blockchain smart contracts. There are many problems exposed, and the correctness and security of smart contracts are facing huge problems; among the massive smart contracts, the best idea is to reduce the complexity of manual auditing through automated auditing. At the same time, there are security companies in the market that have also launched their own smart contract automated security auditing platforms, so today we will introduce smart contract automated auditing.

We divide automated auditing into three parts:

The first is feature code matching; the second is automated auditing based on morphological verification; the last is automated auditing based on symbolic execution and symbolic abstraction.

1) Feature code matching

First a specific code matches. From the name, you should be able to understand that, in fact, it is to extract and abstract malicious code. Like the static code detection we did before, we sampled it into a semantic match, and then matched its static source code.

The advantages of this auditing method are obvious, for example, it is fast, because it is a string matching on the source code. The second is that it can quickly respond to new vulnerabilities, because most of this auditing method is developed in the form of plug-ins. For example, when a new vulnerability appears, we can quickly submit some new matching patterns.

So what are its shortcomings? We understand that the current blockchain should be open and transparent, but the actual situation is not the case. We have made a statistic. At present, more than half of the smart contracts on Ethereum are not open source, and only one is exposed. OPCODE.

The analysis of OPCODE also faces huge challenges for security personnel. Some people spend a lot of effort to reverse OPCODE, which leads to its extremely limited scope of application.

The second is the high false positive rate. Because some of its static audit methods are actually not consistent with traditional static code audit methods, traditional static audit methods, such as APP detection, will call the library to determine some stable functions to audit it, but smart contracts Some of its functions, some of its features, etc., are still more variable, so its false negative rate will be relatively high.

2) Automated auditing based on formal verification

Use formal verification to audit the security of smart contracts, convert some OPCODEs compiled by EVM into a formal model through a specific description language, and then judge whether there is a problem with the logic in the code through the verification of the formal model.

3) Automated auditing based on symbolic execution and symbolic abstraction

The data detected by automated auditing based on symbolic execution and symbolic abstraction still requires manual secondary confirmation, which is actually very cumbersome.

What conditions should an excellent smart contract automated audit system meet?

1) Automation

It is required that the smart contract audit of smart contracts should be fully automatic, or at least semi-automatic, that is, upload the contract source code or provide the token address of the smart contract, and the system can automatically scan the security of the contract. And it can be configured for periodic scheduling (such as monthly, half-yearly) to automatically conduct scheduling audits as needed.

2) Accuracy

A security audit of smart contracts is required, with a low false positive rate.

3) High efficiency

It is required that the security audit of smart contracts must be efficient, that is, the audit time should not be too long, the sooner the better.

4) No risk

A security audit of smart contracts is required not to break or modify the functionality of the original contract.

Only when the above 4 points are achieved can it be a basically qualified smart contract automatic audit system.

In addition, if you want to be more professional and better, you also need to meet the following four requirements:

First, the system has the current standard specification management of smart contracts; in this way, users can upload and download standard specifications in the system for reference. It is best if the audited security issues can correspond to the standard specifications and locate the standard specifications, but when the standards and specifications for smart contract security audits are not detailed or lacking, it is too difficult to do so.

Second, the operating experience of the system is better; a simple example:

(1) A wizard can be used to guide users to familiarize themselves with the functional operation of the system.

(2) Industry classification with user-defined contracts and manufacturer classification.

(3) The audited security problems can be located in the ranks, and can at least provide the correction security of this security problem. Of course, it is better to have automatic correction, with automatic correction function, and correspondingly provide a version that retains the original content, so that it can be returned. Back and compare.

Third, easy to expand; at present, the platform technology of blockchain and the check list of security experts for the security problems discovered by blockchain smart contracts are constantly evolving. A nice and easily extensible design requirement.

Fourth, the security audit result report is richly displayed; it is necessary to export PDF, EXCEL, WORD, and HTML formats. The presentation of the report should have charts and table elements. Of course, to do this well, you need to have a good understanding of the system. If the user (user) has more understanding, bsc smart contract audit it will be even more brilliant to customize the reports they are concerned about for the user; the function of the report can also be the analysis of audit history, comparison and trend in the report.