Syscoin is a crypto currency that is universally merge-mineable and offers a unique variety of services including decentralized identities, asset token issuance platform capabilities directly on the blockchain and trustless 0-counterparty interoptibility with the Ethereum blockchain

Stars: ✭ 152 (+560.87%)

Mutual labels: smart-contracts

orbs-starter-kit

The starting point for writing a new application on Orbs platform

Stars: ✭ 19 (-17.39%)

Mutual labels: smart-contracts

SQL Injection Payload

SQL Injection Payload List

Stars: ✭ 62 (+169.57%)

Mutual labels: vulnerability-detection

clp-contracts

AMM and Continous Liquidity Provider smart contracts on NEAR blockchain

Stars: ✭ 25 (+8.7%)

Mutual labels: smart-contracts

avain

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Stars: ✭ 56 (+143.48%)

Mutual labels: vulnerability-detection

ShonyDanza

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Stars: ✭ 86 (+273.91%)

Mutual labels: vulnerability-detection

nft-contracts

Open-source NFT contracts used by buildship.dev

Stars: ✭ 60 (+160.87%)

Mutual labels: smart-contracts

grunt-retire

Grunt plugin for retire.

Stars: ✭ 89 (+286.96%)

Mutual labels: vulnerability-detection

NSE-scripts

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Stars: ✭ 105 (+356.52%)

Mutual labels: vulnerability-detection

Smart-Contract-Security-Audits

Certified Smart Contract Audits (Ethereum, Hyperledger, xDAI, Huobi ECO Chain, Binance Smart Chain, Fantom, EOS, Tezos) by Chainsulting

Stars: ✭ 325 (+1313.04%)

Mutual labels: smart-contracts

interbit

To the end of servers

Stars: ✭ 23 (+0%)

Mutual labels: smart-contracts

View All Similar Projects ➔

AMEVulDetector

This repo is a python implementation of our AMEVulDetector for smart contract vulnerability detection, which combines the global graph feature and local expert patterns.

Overview

The overall architecture of our proposed method is illustrated in the Figure, which consists of three components: (a) a local expert pattern extraction tool, which extracts vulnerability-specific expert patterns from the code; (b) a graph construction and normalization module, which transforms the source code into a global semantic graph; and (c) an attentive multi-encoder network that combines expert patterns and the graph feature for vulnerability detection and outputs explainable weights.

Citation

Please use this citation if you want to cite our paper or codebase in your paper:

@inproceedings{liu2021smart,
  title={Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion},
  author={Liu, Zhenguang and Qian, Peng and Wang, Xiang and Zhu, Lei and He, Qinming and Ji, Shouling},
   booktitle={IJCAI},
  pages={2751--2759},
  year={2021}
}

Required Packages

python 3 or above
TensorFlow 2.0 or above
sklearn for model evaluation
numpy 1.18 or above

Run the following script to install the required packages.

pip install --upgrade pip
pip install tensorflow==2.0
pip install scikit-learn
pip install numpy==1.18

Dataset

We empirically evaluate our proposed method on two benchmark datasets, namely Ethereum smart contract (ESC) and VNT Chain smart contract (VSC). Following Zhuang et al., 2020, we conduct experiments for reentrancy and timestamp dependence vulnerability on ESC, and evaluate infinite loop vulnerability on VSC.

The specific description of the two datasets can be found in Zhuang et al., 2020, while the datasets and source code are released on Github.

More details for the dataset instruction can be found on our dataset page at Smart-Contract-Dataset, which is continuously improving.

Getting started

To run program, use this command: python AMEVulDetector.py.
Also, you can use specific hyper-parameters to train the model. All the hyper-parameters can be found in parser.py.

Examples:

python AMEVulDetector.py
python AMEVulDetector.py --model EncoderWeight --lr 0.002 --dropout 0.2 --epochs 100 --batch_size 32

Case Study

We further present a case study in the following Figure, where the withdraw function is a real-world smart contract function that is vulnerable to reentrancy vulnerability. Particularly, we characterize the function code as both the global graph and three local patterns for reentrancy (respectively corresponding to the enoughBalance, callValueInvoc, balanceDeduction), which are shown in the left of the following figure. Intuitively, The weights of the global graph feature and each local pattern feature are illustrated in the right of the following figure, where our system is able to clearly explain the reasons behind our prediction.

Reference

Zhuang, Yuan and Liu, Zhenguang and Qian, Peng, et al. Smart Contract Vulnerability Detection using Graph Neural Network. IJCAI, 2020. GNNSCVulDetector
Qian P, Liu Z, He Q, et al. Towards automated reentrancy detection for smart contracts based on sequential models. 2020. ReChecker

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Messi-Q / AMEVulDetector

Programming Languages

Labels

Projects that are alternatives of or similar to AMEVulDetector

AMEVulDetector

Overview

Citation

Required Packages

Dataset

Getting started

Case Study

Reference