A directed fuzzer for Ethereum smart contracts
Some details about the repository structure as following:
-
countSubTreesCpp.zip
includes the implementations of the sub-paths counting tool in section 4.2.2 of the paper. -
DFierSFuzz.zip
is used to directly fuzzing the testing smart contracts with given target lines, which is implemented based on sFuzz[1]. -
Datasets
includes all experimental datasets. Specifically,-
contractfuzzer_DataSet.zip
is the ground-truth dataset provided by contractFuzzer[2]. -
etherscanDataset.zip
includes the contracts downloaded from the etherscan website[3], a blockchain explorer. -
OsirisResultsOnEtherscanData.zip
includes the Osiris detection results onetherscanDataset.zip
. By using Osiris[4], an integer vulnerabilities detection tool, the target potential vulnerable lines are given.
-
- Prepare the data for the system: in the DFierSFuzz/contracts, put the testing contract including the source codes (.sol file) and the path constraint file (.json file). Several examples are put in the directory.
- Launch the system: go to the directory: DFierSFuzz/build/fuzzer, execute the command: ./fuzzer -g -r 0 -d 120 && chmod +x fuzzMe && ./fuzzMe
[1] Nguyen T D , Pham L H , Sun J ,et al.sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts[C]//ICSE '20: 42nd International Conference on Software Engineering.2020.DOI:10.1145/3377811.3380334.
[2] Bo Jiang, Ye Liu, and W. K. Chan. 2018. ContractFuzzer: fuzzing smart contracts for vulnerability detection. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE '18), 2018, pp.259–269.
[3]Etherscan, the Ethereum Blockchain Explorer. https://goto.etherscan.com/.
[4] Torres, C. F., Schütte, J., & State, R. Osiris: Hunting for integer bugs in ethereum smart contracts. In Proceedings of the 34th Annual Computer Security Applications Conference, 2018, pp. 664-676.