Open this publication in new window or tab >>Show others...
2024 (English)In: PROCEEDINGS OF 2024 39TH ACM/IEEE INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING, ASE 2024, Association for Computing Machinery (ACM) , 2024, p. 2378-2381Conference paper, Published paper (Refereed)
Abstract [en]
Logical flaws in smart contracts are often exploited, leading to significant financial losses. Our tool, HighGuard, detects transactions that violate business logic specifications of smart contracts. HighGuard employs dynamic condition response (DCR) graph models as formal specifications to verify contract execution against these models. It is capable of operating in a cross-chain environment for detecting business logic flaws across different blockchain platforms. We demonstrate HighGuard's effectiveness in identifying deviations from specified behaviors in smart contracts without requiring code instrumentation or incurring additional gas costs. By using precise specifications in the monitor, HighGuard achieves detection without false positives. Our evaluation, involving 54 exploits, confirms HighGuard's effectiveness in detecting business logic vulnerabilities. Our open-source implementation of HighGuard and a screencast of its usage are available at: https://github.com/mojtaba-eshghie/HighGuard https://www.youtube.com/watch?v=sZYVV-slDaY
Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2024
Series
IEEE ACM International Conference on Automated Software Engineering, ISSN 1527-1366
Keywords
Smart Contracts, DCR Graphs, Runtime Monitoring, Blockchain, Security
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-361338 (URN)10.1145/3691620.3695356 (DOI)001353105400217 ()2-s2.0-85211650421 (Scopus ID)
Conference
39th ACM/IEEE International Conference on Automated Software Engineering (ASE), OCT 28-NOV 01, 2024, Sacramento, CA
Note
Part of ISBN 979-8-4007-1248-7
QC 20250317
2025-03-172025-03-172025-05-07Bibliographically approved