SmartShield is an automated bytecode rectification system to fix three typical security-related bugs
(i.e., state changes after external calls, missing checks for out-of-bound arithmetic operations, and missing checks for failing external calls)
in Ethereum Smart Contract.
SmartShield guarantees that the rectified contract is not only immune to certain attacks but also gas-friendly (i.e., a slightly increase of gas cost).
We applied SmartShield to 28,621 real-world buggy contracts on Ethereum blockchain (as of January 2nd 2019). Experiment results demonstrated that among 95,502 insecure cases in those contracts, 87,346 (91.5%) of them were automatically fixed. Moreover, the rectification only introduced a 0.2% gas increment for each contract on average.
The source code of SmartShield is available at: src.7z
The test cases used in our evaluation is partially available here: test cases
Our paper "SmartShield: Automatic Smart Contract Protection Made Easy" has won the Best Paper Award (1/42) @ SANER’20