Skip to content

Messi-Q/RNVulDet

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

dataset

dataset

 
 

figs

figs

 
 

README.md

README.md

 
 

disassembler.py

disassembler.py

 
 

engine.py

engine.py

 
 

instruction.py

instruction.py

 
 

instruction_instance.py

instruction_instance.py

 
 

main.py

main.py

 
 

opcodes.py

opcodes.py

 
 

structures.py

structures.py

 
 

tracker.py

tracker.py

 
 

Repository files navigation

RNVulDet

This repo is a python implementation of our RNVulDet – a tool that incorporates taint analysis techniques to automatically unearth random number vulnerabilities and detect attack transactions.

Overview

*RNVulDet* comprises preprocessing and simulated execution. This Figure depicts the overall architecture of our proposed *RNVulDet*. In particular, RNVulDet engages in four main components to perform taint analysis, i.e., stack state examination, memory segmentation, storage key-value pair comparison, and transaction replay.

Usage

python3.10 main.py BYTECODE_FILE [-o OUTPUT_FILE]

Dataset

Dataset_1 contains 34 smart contracts reported to possess the random number bug.

Dataset_2 includes a total of 214 smart contracts that do not have random number vulnerabilities.

Dataset_3 consists of 4,617 potential victim contracts, 43,051 potential malicious contracts, and 49,951 suspicious transactions for experiments.

About

Demystifying Random Number in Ethereum Smart Contract: Taxonomy, Vulnerability Identification, and Attack Detection (TSE Accepted)

Topics

ethereum smart-contracts vulnerability-detection attack-detection random-number-generation

Resources

Readme
Activity

Stars

17 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages