UROP Proceedings 2021-22

School of Engineering Department of Computer Science and Engineering 113 Building a Blockchain and Smart Contract Application Supervisor: CHEUNG Shing Chi / CSE Student: SON Hangyul / CPEG Course: UROP1100, Spring As the blockchain ecosystem grows, the amount of hacked cryptocurrencies has significantly grown over the years. Based on 2022 Crypto Crime Report, total sum of 14 billion us dollars have been received by illicit addresses in 2021, which nearly doubled from 7.88 billion USD in 2020. In order to fully adopt and enjoy the benefits that blockchain technology can bring to the world, the security guarantees must be held. Therefore, a phd candidate, Wuqi ZHANG, is conducting a research to propose a new approach to analyze smart contracts of Ethereum Blockchain. The existing security analysis tools each face various limitations, unable to fully safeguard against the historical attacks. A benchmark must exist so to quantify the performance of the existing tools in comparison to the new approach, which is yet to be implemented. This project focuses on implementing tools which would be used to create a benchmark based on historical attacks that occurred on the Ethereum Blockchain. Building a Blockchain and Smart Contract Application Supervisor: CHEUNG Shing Chi / CSE Student: YU Chi Kai / QSA Course: UROP1000, Summer Event-ordering bugs (EO bugs) are intimately associated with the dynamic ordering of contract events. The past techniques to detect EO bugs have been restricted to bugs which just involve 1 or 2 event orderings. Ethracer could runs directly on Ethereum bytecode without the necessity of source code to detect EO bugs automatically. Due to limited time because of internship and GRE preparation, I apologized that I did not have enough time to explore Ethracer’s branch coverage on dynamic symbolic execution. However, I did try to run Ethracer on the Ethereum smart contracts to see its performance and limitations. I would briefly summarized what I have learnt in this UROP. Files could be found in my Github.

RkJQdWJsaXNoZXIy NDk5Njg=