“An arrow piercing the cloud, thousands of troops and horses to meet each other”.

After a three-month “long bear market”, a pullback in EOS since mid-April has created a spectacular bull market in the digital currency market. However, after the smart contract vulnerability in BeautyChain (BEC) was exploited by hackers and the currency was swiped at will, the same vulnerability was exposed again in SmartMesh (SMT) smart contract, and a large number of abnormal transactions occurred on OKex, the whole market immediately entered into a situation of severe volatility. As we understand what happened, we can’t help but ask, how could a small leak cause such a big fuss?

1

Technical defects and solutions of smart contracts

Two drawbacks of smart contracts

In fact, this incident highlights two shortcomings of blockchain 2.0 technology represented by Ethereum:

  • Smart contracts are not smart enough;

  • Smart contracts lack safeguards and security tools.

The core of blockchain 2.0 is the smart contract, and when hackers can easily take advantage of the vulnerability of the smart contract to do whatever they want, it essentially shakes the foundation of the entire building, thus causing panic in the digital currency market is inevitable.

Addition Overflow vulnerability: An addition brings blood!

We can sum up SMT vulnerability into one sentence: use the overflow vulnerability of addition to evade security checks and gain huge profits. Take a look at this code first. The key is line 206 in Figure 1:

Figure 1 SMT vulnerability code

Etherscan links are as follows:

https://etherscan.io/tx/0x1abab4c8db9a30e703114528e31dee129a3a758f7f8abc3b6494aad3d304e43f

The methods and results of hacker attacks are as follows:

Function: transferProxy(address _from, address _to, uint256 _value, uint256 _feeSmt, uint8 _v, bytes32 _r, bytes32 _s) MethodID: 0 xeb502d45 [0] : 000000000000000000000000 df31a499a5a8358b74564f1e2214b31bb34eb46f (_from, transfer to address) [1] : 000000000000000000000000 df31a499a5a8358b74564f1e2214b31bb34eb46f (_to, transfer the address) [2] : 8 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF (_value) [3] : 7000000000000000000000000000000000000000000000000000000000000001 (_value) [4] : 000000000000000000000000000000000000000000000000000000000000001 b (_v) [5] : 87790587c256045860b8fe624e5807a658424fad18c2348460e40ecf10fc8799 (_r) [6] : 6 c879b1e8a0a62f23b47aa57a3369d416dd783966bd1dda0394c04163a98d8d8 (_s)Copy the code

Hackers gain wealth by:

The amount of the hackers’ balances[_To], which can be seen as a huge amount of wealth, exceeds the total amount of money issued in the world. Beautiful wealth! But as a result, the smartMesh currency pool suddenly collapsed. This wealth instantly exceeds the total SMT limit.

SMT event can be summed up as a simple sentence: “a murder case brought by addition!”

Multiplication Overflow vulnerability: a multiplication caused by blood!

Again, the BEC process is the same. Line 257 in Figure 2 has a huge integer multiplication overflow problem:

Figure 2 BEC vulnerability code

Contract code address: https://etherscan.io/address/0xc5d105e63711398af9bbff092d4b6769c82f793d#code

The attacks constructed by hackers are as follows, and the transfer records are as follows:

https://etherscan.io/tx/0xad89ff16fd1ebe3a0a7cf4ed282302c06626c1af33221ebe0d3a470aba4a660f

Suddenly, the whole world belongs to this hacker. “A multiplication-induced murder!” .

In this sense, the security of smart contracts will greatly shake the foundation of blockchain 2.0.

The current smart contract, from the user’s point of view, is essentially an unattended, mechanically executed application with automatic guarantees that release and transfer funds automatically when certain conditions are met. Smart contract is technically a network service that performs specific contract procedures through blockchain consensus. Since it is a consensus, any smart contract code and status on the blockchain must be made public and tested by history. Any hacker can look at every line of code that could be slaughtered, just as the fierce lions of jungle society roam the depths of the prairie, but occasionally look at the poor antelope. Even if the contract is eaten and wiped clean by hackers, these pitiful data are still hanging there in disgrace. You may feel pity, laugh at, or sigh deeply, and maybe even one or two teenagers here say, “A man should be so!” .

We know that open source code contains roughly one security vulnerability per 1,000 lines of code, with the best-performing Linux Kernel version 2.6 having a rate of 0.127 security bugs per 1,000 lines of code. Smart contracts are new, and their programmers have not been trained and tested, so the reliability of their code can be imagined. Table 1 shows the statistical results of internal function calls of more than 8,000 ethereum contracts deployed from January to April 2018.

It can be seen that only a few contracts adopt security functions for addition, subtraction, multiplication and division, and basically every contract has transfer functions. In all probability, hackers’ best days are yet to come, and a security upheaval in the digital currency market must be more timely than a period of menstruation. Ethereum is currently just a blockchain that records the results of DApp execution, and does not itself provide the UXTO model required for crypto double entry. Ethereum’s own Ethereum currency also uses balance to represent account balances, which is in essence the most primitive ancient single accounting method. And have seen similar “the world granary” TV play, all know this is based on the financial account is difficult to find the place.

So how can we change this? Lu Xun once said, “A brave man has the courage to face the bleak life.” As practitioners of blockchain, we firmly believe that smart contract is an idea that transcending The Times, but the existing way of implementation does need to be changed.

Three challenges for smart contracts

Existing smart contracts need to address three issues:

  • Security issues;

  • Reliability problem;

  • Usability issues.

Reliability and ease of use problems, we can rely on artificial intelligence and other related technologies to solve, this paper focuses on how to solve the security.

Smart contract solution — smart contract

In order to truly solve the security problems of smart contracts, a complete and comprehensive protection system must be designed and continuously improved, including:

  • Pre-protection: vulnerability detection of standardization in code writing and code release;

  • In-process verification: complete code execution and dynamic security detection in smart contract VIRTUAL machine;

  • After-the-fact remediation: Audit the execution results of smart contracts to ensure that there is no deviation in the execution and the execution results are in the credible category. Interested parties can initiate complaints in time and make decisions.

We call this kind of smart contract that supports complete security protection system smart contract.

If the BEC and SMT are deployed in a smart contract mode, they will have multiple protection and thus have multiple “God give me another chance”. Typical opportunities include:

  • ** Validation and inspection of code finalization and release. ** Whether the designer wants it or not, every code released will be subject to automatic rule validation checks to ensure that static code reviews pass, leaving no place for classic overflow rules to hide;

  • ** Nodes perform dynamic validation in contracts. ** The dynamic verification will cover the verification of this contract and associated contracts, and review the status in the execution process, so as to realize the remedy of various execution loopholes. Even if hackers create loopholes, each contract implementer will closely examine and suspend the execution operation;

  • ** Reasonable judgment of completion of contract execution. ** The result of contract execution will be judged by certain rules, and artificial intelligence will be introduced to analyze the reasonable range of contract execution, so as to determine the final result output; For example, double audit or higher dimensional audit of accounts;

  • The appeal mechanism and automatic decision technology of relevant parties. On nodes deployed with smart contracts, rules-based decision mechanism and artificial intelligence review mechanism are built into each node to support automatic voting, so as to ensure certain opportunities to recover losses.

In fact, smart contracts must be completed by the following types of technologies:

  • Grammar checking based on rule knowledge base

  • Transaction model recognition and security Check based on semantic analysis

  • Intelligent contract security Check based on AI formal verification

  • Dynamic verification and security optimization based on deep neural network

2

Advanced technology implementation of MATRIX smart contract

MATRIX is a block chain + the advocates and leaders of artificial intelligence, the team with the AI scientist professor Deng Angdong, chip when scientists Dr Xin and CTO qing-hua li and so on a large number of professional talents, based on artificial intelligence and block chain chain research, make a lot of basic research work, and obtained a large number of breakthroughs and technology patents; The consensus algorithm of MATRIX innovatively uses “wormhole network” to ensure that MATRIX can support commercial applications of millions of TPS in the future and also ensure the security of the system.

Smart contracts are another important feature of MATRIX. The following will briefly introduce the research progress of MATRIX on smart contract from the perspective of technical implementation, and give countermeasures for various defects of current smart contract.

Grammar checking based on rule knowledge base

The core principle is to build an abstract syntax tree (AST) based on BNF paradigm for the contract through the built-in compilation tool of the original code file. Through this abstract syntax tree, the content of the contract can be expanded for syntax recognition and simple contract security recognition. At present, it is suggested to check the syntax abstraction tree based on the knowledge rule base according to the recursive descent analysis method, so as to determine whether there are security risks.

Although the general description of smart contract is Turing complete and can be represented as diversity in the abstract syntax tree, it is easy to find that a secure smart contract should in fact be a typical closed self-consistent description with a finite state space or a finite state machine that ensures detection of termination. Therefore, we can determine whether smart contracts have basic security by detecting the balance and closure of syntax abstraction trees.

Typical examples include:

  • Complete complement to all conditional selection statements to prevent contract execution defects due to imperfect conditions;

  • Conduct reference object analysis on all public members and functions to determine the risk level exposed to the contract.

  • Check the completeness of transaction steps to make sure that the conditional action description of each counterparty is complete.

Transaction model recognition and security Check based on semantic analysis

Syntactically based security check rules can only statically identify contract defects, while semantic analytics-based transaction model recognition and security check can mainly identify non-compliant or unsafe operations in smart contracts through contextual review. Currently supported security checks include:

  • Type checking includes checking the objects and methods that need to be exposed in the contract, examining the necessity of their actions, and potential defects.

  • Control flow checks, including checking the completeness of the various alternative branches of the contract or processing for ORACLE, and determining whether there are other exceptions when the contract is invoked.

  • Conformance checks, specifically including the same contract conditions, appear in different selection combinations; Various branches appear combination coverage, etc., to avoid contract exceptions caused by the different order of miner invocation due to distributed execution.

Through the static semantic analysis above, it can basically eliminate all kinds of superficial logic defects caused by artificial writing of smart contract, but can not solve all kinds of logic problems in dynamic execution. These issues include:

  • Inaccuracy and incompleteness of writing code resulting in the absence of contract combination conditions;

  • There’s a lot of difference between designing for personal contract purposes and actually writing code;

  • Due to the distributed execution of the contract, the execution sequence of the code by each node is different. As a result, when the contract is abnormal, other contracts can call or change various states of the contract, resulting in various non-security problems.

The core of MATRIX is ai-assisted computing, and AI capabilities are built into all levels. Therefore, ai-assisted formal verification and dynamic constraint checking are adopted to solve the security problems mentioned above in contract verification. Its core ideas include:

  • Using pattern matching to obtain users’ real demand constraints: Basic pattern matching is carried out based on the abstract tree of compliance grammar formed by semantic analysis to obtain users’ possible transaction basic model. This method can obtain local matching of most abstract branches of syntax statically. MATRIX confirms the candidate model or model combination according to the specific matching degree, thus adding transaction constraints and transaction assertions according to the model.

  • For the abstract tree formed by static semantic analysis, the model is classified according to the AI engine of MATRIX — Bayesian classifier, and each branch in the tree is determined to belong to the corresponding genus. In the MATRIX, for each transaction category, there are corresponding static and dynamic constraints.

  • According to pattern matching results and artificial intelligence classification results, all static and dynamic constraints of the current contract can be obtained, and assertions of the contract code can be generated based on the constraints, and formal verification and dynamic verification can be carried out based on the results.

For contracts that fail to match models or fail to categorize, MATRIX raises unreliable security alarms and performs more stringent boundary checks during execution.

MATRIX support Bytecode level semantic review, the core is still disassembly, and then produce syntax abstract tree, and then use AI for syntax tree matching.

Intelligent contract security Check based on AI formal verification

MATRIX uses formal verification technology to automate checks on the security of smart contracts. The formal verification model is established by F* Functional programming Language, which integrates Z3 SMT solution tools and has rich type and condition checking functions. It has been used for verification of various software and encryption programs.

FIG. 3 Formal verification of smart contracts

The flow chart of smart contract formal verification is shown in Figure 3. The formal validation tool chain can handle source-level smart contracts where source code is translated into equivalent F function programs; It can also process smart contracts compiled into bytecode. In this case, the bytecode needs to be decompiled to form an equivalent F function program. The grammar structure of smart contract and corresponding function program of Matrix blockchain platform is shown in Figure 4. For user-written smart contracts, we can also perform equivalence checks on the source code model and compiled code model to find compiler errors or undesirable side effects.

After establishing a functional programming language-based model, the basic approach to formal verification is to define the security attributes that the model needs to satisfy (i.e., property, such as whether the return value of send() function is checked), and then use a theorem proving tool or satisfiability tool to find out if there are counterexamples that make the above conditions not true. However, accurately defining a complete set of security attributes is extremely difficult even for professional smart contract programmers, and nearly impossible for the average user.

A key feature of MATRIX is the use of artificial intelligence methods to automatically identify program semantics and discover typical patterns within them, thereby generating self-generated attributes needed to meet security requirements. When the user provides the smart contract code or the compiled execution code, the AI engine of MATRIX will automatically complete the local similarity matching and global similarity matching of the code, so as to predict the behavior model of the code. The behavior model is obtained according to AI, and corresponding formal verification constraints are generated, so as to carry out deep behavior verification and realize code security.

MATRIX can also perform pattern mining on Ethereum’s existing open source contracts, thanks to its use of a functional programming language as a formal representation of internal validation. These patterns can take the form of semantic or structural (and a combination of the two), with the former generally being specific syntax and function characteristics and the latter being syntactic structural characteristics.

Dynamic verification and security optimization based on deep neural network

Table 2 lists the vulnerabilities of ethereum smart contracts at the three levels of high-level programming language, bytecode and blockchain, the main current attack methods and the characteristics of the corresponding vulnerabilities when they are attacked.

To solve the above problems, MATRIX plans to develop two types of security tools to solve the above problems, including:

  • Security verification based on adversarial network;

  • Dynamic model validation based on distributed concurrency.

Gan-based security verification

How do you design smart contract code that works correctly and safely in an uncertain distributed environment? Matrix platform only requires users to explain contract intent (input, output, trading conditions, etc.) in the form of script language, and then use code generation technology based on neural network to convert script into smart contract code, as shown below. Then, the method similar to anti-network is adopted, that is, on the one hand, the code generation network is used to generate hacker codes and attack conditions, on the other hand, the existing code is modified and optimized, and at the same time, the above code is combated and performance evaluated on the simulated blockchain network until the smart contract code with sufficient security is generated.

Figure 4. Smart contract code generation

The smart contract code generation process in Figure 4 uses a code generation tool based on recursive neural network to convert scripts into smart contract codes. The recursive neural network requires existing smart contract programs and their input and output results as training samples.

Dynamic model validation based on distributed concurrency

The attack means and protection means of smart contract have been discussed in detail above. MATRIX also provides dynamic model verification based on distributed concurrency to protect against the following means:

Trade contract order attack

The nature of contract order attacks is that execution of smart contracts is asynchronous and can change dynamically. Even if the contract itself is statically secure, such dynamic attacks cannot be prevented unless the contract itself is designed to be dynamic and immutable. For MATRIX smart contract, through the dynamic protection of AI, including the overall relevance review of the miner’s execution contract set, through loop discovery, related contract transactions based on this type can be found. In addition, MATRIX provides an asynchronous simulator based on multi-node execution. By setting up multiple nodes (currently 5 nodes) in an out-of-order and concurrent manner, contracts are executed asynchronously. By observing each execution sequence, it can determine whether there is any abnormality to exclude sequential attacks on trading contracts.

Timestamp – dependent attacks

The nature of timestamp dependence is that miners have too much autonomy. Therefore, MATRIX dynamically examines timestamp dependence or random number dependence through AI to avoid corresponding dependency behavior in the contract. MATRIX also designed an additional two-stage random number mechanism and corresponding intelligent election solution.

Misoperation exceptions and reentrant attacks

The above attack actually triggers an exception state during a contract call. MATRIX will, through deep learning, find out the encoding method of such behavior features, obtain the codebook feature database similar to hacker’s modus operandi, and conduct static and dynamic review of the code base. Dynamic review is based on constraints in formal verification, dynamic production of feature vectors, and targeted testing to find defects.

3

conclusion

And with the fierce competition in the market, various requirements change rapidly, and the life cycle of each new technology is very short. From the perspective of the blockchain industry, digital contracts are a “torrent world” and no one knows what will happen next. However, we know that the core means to deal with the “torrent world” is to find the constant things in the changing world, so as to calmly face the challenges that happen all the time. And the core solution is intelligent contract, a security risk control method based on artificial intelligence and that has passed the test of traditional finance.

Introduction of the author: Domestic top chip design expert, with a number of chip patents, as the main designer, he designed the first WiFi chip in China. At the same time, as a member of the chief engineering team and chief engineer of baseband project, HE designed the communication scheduling and command system of China’s first large surface ship. Personally led the design of a number of commercial chips for mass production, and won provincial and ministerial science and technology awards for many times. His book “Communication IC Design” has ranked first in the sales list of similar books on JD, and has been adopted as a teaching material for graduate chip design courses by first-class universities such as Beijing University of Posts and Telecommunications.

Author: MATRIX CTO Li Qinghua

Activity recommended

** May 25-27, Blockathon2018 Beijing station, recruit 100 developers to challenge blockchain development.

Developers free, registration is subject to review. To register, identify the QR code below or click “Read the original text”.

Click “Read the original” to sign up.