Cryptology ePrint Archive: Report 2021/284

The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts

Christof Ferreira Torres and Antonio Ken Iannillo and Arthur Gervais and Radu State

Abstract: In recent years, Ethereum gained tremendously in popularity, growing from a daily transaction average of 10K in January 2016 to an average of 500K in January 2020. Similarly, smart contracts began to carry more value, making them appealing targets for attackers. As a result, they started to become victims of attacks, costing millions of dollars. In response to these attacks, both academia and industry proposed a plethora of tools to scan smart contracts for vulnerabilities before deploying them on the blockchain. However, most of these tools solely focus on detecting vulnerabilities and not attacks, let alone quantifying or tracing the number of stolen assets. In this paper, we present Horus, a framework that empowers the automated detection and investigation of smart contract attacks based on logic-driven and graph-driven analysis of transactions. Horus provides quick means to quantify and trace the flow of stolen assets across the Ethereum blockchain. We perform a large-scale analysis of all the smart contracts deployed on Ethereum until May 2020. We identified 1,888 attacked smart contracts and 8,095 adversarial transactions in the wild. Our investigation shows that the number of attacks did not necessarily decrease over the past few years, but for some vulnerabilities remained constant. Finally, we also demonstrate the practicality of our framework via an in-depth analysis on the recent Uniswap and attacks.

Category / Keywords: implementation / Ethereum, smart contracts, attack detection, forensics

Original Publication (in the same form): 25th International Conference on Financial Cryptography and Data Security 2021

Date: received 4 Mar 2021

Contact author: christof torres at uni lu

Available format(s): PDF | BibTeX Citation

Version: 20210307:022315 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]