ÐArcher: detecting on-chain-off-chain synchronization bugs in decentralized applications

  title={ÐArcher: detecting on-chain-off-chain synchronization bugs in decentralized applications},
  author={Wuqi Zhang and Lili Wei and Shuqing Li and Yepang Liu and S. C. Cheung},
  journal={Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
  • Wuqi Zhang, Lili Wei, S. Cheung
  • Published 17 June 2021
  • Computer Science
  • Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
Since the emergence of Ethereum, blockchain-based decentralized applications (DApps) have become increasingly popular and important. To balance the security, performance, and costs, a DApp typically consists of two layers: an on-chain layer to execute transactions and store crucial data on the blockchain and an off-chain layer to interact with users. A DApp needs to synchronize its off-chain layer with the on-chain layer proactively. Otherwise, the inconsistent data in the off-chain layer could… 

Figures and Tables from this paper

Overview of Blockchain Oracle Research
A bibliometric analysis is undertaken by highlighting institutions and authors that are actively contributing to the oracle literature to show that although worldwide collaboration is still lacking, various authors and institutions have been working in similar directions.
DETER: Denial of Ethereum Txpool sERvices
This work designs non-trivial measurement methods against blackbox mainnet nodes and conduct light probes to confirm that popular mainnet services are exploitable under DETER attacks and proposes mitigation schemes that reduce a DETER attack's success rate down to zero while preserving the miners' revenue.


A first look at blockchain‐based decentralized applications
This paper presents the first comprehensive empirical study of blockchain-based DApps to date, based on an extensive dataset of 995 Ethereum DApps and 29,846,075 transaction logs over them, and proposes some implications for DApp users to select proper DApps, for D app developers to improve the efficiency of D apps, and for blockchain vendors to enhance the support of DApps.
An Empirical Study of Blockchain-based Decentralized Applications
The popularity of dapps is analyzed, and the patterns of how smart contracts are organized in a dapp are summarized, to help dapp developers and users better understand and deploy dapps.
Kaya: A Testing Framework for Blockchain-based Decentralized Applications
Kaya is a testing framework for DApps that formulate automatically executed test cases that cover both front-end behaviors and back-end logics with simple setting, and provides a flexible and convenient way for test engineers to set the blockchain pre-states.
Exploiting the laws of order in smart contracts
EthRacer, an automatic analysis tool that runs directly on Ethereum bytecode and requires no hints from users, is built, providing compact event traces (witnesses) that human analysts can examine in only a few minutes per contract.
Making Smart Contracts Smarter
This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
Towards Blockchain Tactics: Building Hybrid Decentralized Software Architectures
It is argued that further research and validation is necessary for gaining more qualitative and quantitative insights to make informed architectural design decisions when using blockchain technology and a first outline on how to achieve this is given.
Vandal: A Scalable Security Analysis Framework for Smart Contracts
Vandal is both fast and robust, successfully analysing over 95% of all 141k unique contracts with an average runtime of 4.15 seconds; outperforming the current state of the art tools---Oyente, EthIR, Mythril, and Rattle---under equivalent conditions.
On the Security and Performance of Proof of Work Blockchains
This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Detecting nondeterministic payment bugs in Ethereum smart contracts
A methodical approach to understanding the inherent nondeterminism in the Ethereum blockchain system and its (unwanted) influence on contract payments is introduced and a practical tool named NPChecker (Nondeterministic Payment Checker) is implemented.
Analysis of the main consensus protocols of blockchain