SPLASH 2022
Mon 5 - Sat 10 December 2022 Auckland, New Zealand
Fri 9 Dec 2022 12:00 - 12:30 at Seminar Room LG004 - OOPSLA Papers Chair(s): Manas Thakur

We present a static analysis approach that combines concrete values and symbolic expressions. This symbolic value-flow (“symvalic”) analysis models program behavior with high precision, e.g., full path sensitivity. To achieve deep modeling of program semantics, the analysis relies on a symbiotic relationship between a traditional static analysis fixpoint computation and a symbolic solver: the solver does not merely receive a complex “path condition” to solve, but is instead invoked repeatedly (often tens or hundreds of thousands of times), in close cooperation with the flow computation of the analysis.

The result of the symvalic analysis architecture is a static modeling of program behavior that is much more complete than symbolic execution, much more precise than conventional static analysis, and domain-agnostic: no special-purpose definition of anti-patterns is necessary in order to compute violations of safety conditions with high precision.

We apply the analysis to the domain of Ethereum smart contracts. This domain represents a fundamental challenge for program analysis approaches: despite numerous publications, research work has not been effective at uncovering vulnerabilities of high real-world value.

In systematic comparison of symvalic analysis with past tools, we find significantly increased completeness (shown as 83-96% statement coverage and more true error reports) combined with much higher precision, as measured by rate of true positive reports. In terms of real-world impact, since the beginning of 2021, the analysis has resulted in the discovery and disclosure of several critical vulnerabilities, over funds in the many millions of dollars. Six separate bug bounties totaling over $350K have been awarded for these disclosures.

Fri 9 Dec

Displayed time zone: Auckland, Wellington change

10:30 - 12:30
OOPSLA PapersCOVID Time Papers In Person at Seminar Room LG004
Chair(s): Manas Thakur IIT Bombay
10:30
30m
Talk
Label dependent lambda calculus and gradual typing
COVID Time Papers In Person
Weili Fu University of Freiburg, Germany, Fabian Krause University of Freiburg, Peter Thiemann University of Freiburg, Germany
Link to publication DOI
11:00
30m
Talk
Modular Specification and Verification of Closures in Rust
COVID Time Papers In Person
Fabian Wolff , Aurel Bílý ETH Zurich, Christoph Matheja ETH Zurich, Peter Müller ETH Zurich, Alexander J. Summers University of British Columbia
Link to publication DOI
11:30
30m
Talk
Revisiting Iso-Recursive SubtypingVirtual
COVID Time Papers In Person
Yaoda Zhou University of Hong Kong, Bruno C. d. S. Oliveira University of Hong Kong, Jinxu Zhao University of Hong Kong
Link to publication DOI
12:00
30m
Talk
Symbolic value-flow static analysis: deep, precise, complete modeling of Ethereum smart contracts
COVID Time Papers In Person
Yannis Smaragdakis University of Athens, Neville Grech University of Malta, Sifis Lagouvardos University of Athens, Konstantinos Triantafyllou ETH Zurich, Ilias Tsatiris University of Athens
Link to publication DOI