pith. sign in

Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks

· 2018 · cs.CR · arXiv 1812.05934

3 Pith papers cite this work. Polarity classification is still indexing.

3 Pith papers citing it
open full Pith review browse 3 citing papers arXiv PDF
abstract

Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this paper, we address this problem in the context of re-entrancy exploits and propose a novel smart contract security technology, dubbed Sereum (Secure Ethereum), which protects existing, deployed contracts against re-entrancy attacks in a backwards compatible way based on run-time monitoring and validation. Sereum does neither require any modification nor any semantic knowledge of existing contracts. By means of implementation and evaluation using the Ethereum blockchain, we show that Sereum covers the actual execution flow of a smart contract to accurately detect and prevent attacks with a false positive rate as small as 0.06% and with negligible run-time overhead. As a by-product, we develop three advanced re-entrancy attacks to demonstrate the limitations of existing offline vulnerability analysis tools.

fields

cs.CR 3

years

2025 1 2024 1 2023 1

verdicts

UNVERDICTED 2 CONDITIONAL 1

representative citing papers

Enforcing Control Flow Integrity on DeFi Smart Contracts

cs.CR · 2025-04-07 · conditional · novelty 6.0

CrossGuard applies control flow whitelisting to block 35 of 37 historical DeFi attacks with 0.26% false positives and low gas overhead after one-time configuration at contract deployment.

citing papers explorer

Showing 3 of 3 citing papers.

  • Enforcing Control Flow Integrity on DeFi Smart Contracts cs.CR · 2025-04-07 · conditional · none · ref 74 · internal anchor

    CrossGuard applies control flow whitelisting to block 35 of 37 historical DeFi attacks with 0.26% false positives and low gas overhead after one-time configuration at contract deployment.

  • Count of Monte Crypto: Accounting-based Defenses for Cross-Chain Bridges cs.CR · 2024-10-01 · unverdicted · none · ref 36 · internal anchor

    An accounting invariant that balances cross-chain inflows and outflows detects every known attack on bridges in a 10M-transaction dataset and can be added to existing designs for broad protection.

  • Usenix'23 Extended Version: Smart Learning to Find Dumb Contracts cs.CR · 2023-04-21 · unverdicted · none · ref 59 · internal anchor

    DLVA trains neural networks on bytecode to match Slither source labels at 92.7% accuracy and 0.2 seconds per contract while outperforming nine other tools at 99.7% average accuracy.