Testing and Security Analysis of Smart Contracts

Overview of Research

Smart contracts are immutable programs on the Blockchain that enforce legal and financial contracts. There are many reported cases of security exploits of smart contracts resulting in millions of dollars in lost coins. In this project, we are developing a variety of tools, including but not limited to combinations of static and symbolic analysis, fuzzing, and verification methods, aimed at detecting security vulnerabilities in smart contracts.

Some of the projects we are working on include:

1. Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
2. MPro (formerly known as M-Pro) : Combining Static and Symbolic Analysis for Scalable Testing of Smart Contracts

Publications:

1. Behkish Nassirzadeh, Huaiying Sun, Sebastian Banescu, and Vijay Ganesh
   Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
   MARBLE 2022 The 3rd International Conference on Mathematical Research for Blockchain Economy, Vilamoura, Portugal, July 12 - 14, 2022.
   [pdf][bib]

2. William Zhang, Sebastian Banescu, Leodardo Pasos, Steven Stewart, and Vijay Ganesh
   MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract
   The 30th International Symposium on Software Reliability Engineering (ISSRE 2019), Berlin, Germany, Nov 01 , 2019.
   [pdf][bib]