Enforcing Control Flow Integrity on Smart Contracts
University of Toronto (Remote)
Aug 2024 - Sep 2024 | Research Intern |
This project was initiated by Zhiyang Chen, a Ph.D. student at the University of Toronto, under the supervision of Prof. Fan Long. I contributed to this project as a research intern.
Purpose
The purpose of this project was to enforce control flow integrity on Ethereum smart contracts by analyzing the control flow of the contract using the bytecode. The project is implemented as a plugin for the Heimdall toolkit, which contains a symbolic execution engine for Ethereum smart contracts.
My role in this project was to implement an algorithm that detects self-reverting storage slots in Ethereum smart contracts. A self-reverting storage slot is a storage slot that is modified in a transaction and then reverted back to its original value in the same transaction. Reentrancy guards and cache storage slots are examples of self-reverting storage slots.
Implementation
The implementation was carried out in Rust and the repository for the implementation can be found here. My contributions to the project are available in the feat/reentrancy-detection branch of the repository.
Challenges
I encountered several challenges during the algorithm’s implementation. First, the algorithm needed to be flexible enough to detect various types of self-reverting storage slots with different access patterns. Second, since the contract’s execution is symbolic, the initial values of the storage slots are unknown, and all unknown values are interpreted as zero. This made it difficult to distinguish between the original value of a storage slot and an actual zero value.
To address this challenge, we provided the initial values of the storage slots as input to the symbolic execution engine. This allowed us to differentiate between the original value of a storage slot and a real zero value.
Outcome
The algorithm successfully detected self-reverting storage slots in Ethereum smart contracts. My role in this project focused on a specific aspect of the larger goal of enforcing control flow integrity in smart contracts, which involved several other components and challenges.
The project has now been completed, and the paper, titled “Enforcing Control Flow Integrity on DeFi Smart Contracts,” has been submitted for publication at FSE 2025.