Saved in:
Bibliographic Details
Main Authors: Callens, Valerian, Meghji, Zeeshan, Gorzny, Jan
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2405.09084
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866929343842746368
author Callens, Valerian
Meghji, Zeeshan
Gorzny, Jan
author_facet Callens, Valerian
Meghji, Zeeshan
Gorzny, Jan
contents In this work we explore ways to restrict the ability to call Solidity smart contract functions for a specified duration. We describe methods to restrict functions from being called twice in the same transaction, block, or time period. This is related to the notion of non-reentrant functions, which are functions that can be called within a previous execution. These methods can be used to restrict interactions with entire sets of functions of smart contracts. We are motivated to revisit this topic for two reasons. First, we note that sixteen real-world smart contracts exploits in 2023 resulting in over $136M USD lost or stolen that could have been prevented by restricting function calls. As part of this survey, we dissect a new class of exploit that involves so-called read-only reentrancy: exploits that re-enter read-only functions to make smart contract state inconsistent in order to enable their exploitation. Second, while some of these approaches are simple, they may not always behave the same across different blockchains that support Solidity.
format Preprint
id arxiv_https___arxiv_org_abs_2405_09084
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Temporarily Restricting Solidity Smart Contract Interactions
Callens, Valerian
Meghji, Zeeshan
Gorzny, Jan
Cryptography and Security
In this work we explore ways to restrict the ability to call Solidity smart contract functions for a specified duration. We describe methods to restrict functions from being called twice in the same transaction, block, or time period. This is related to the notion of non-reentrant functions, which are functions that can be called within a previous execution. These methods can be used to restrict interactions with entire sets of functions of smart contracts. We are motivated to revisit this topic for two reasons. First, we note that sixteen real-world smart contracts exploits in 2023 resulting in over $136M USD lost or stolen that could have been prevented by restricting function calls. As part of this survey, we dissect a new class of exploit that involves so-called read-only reentrancy: exploits that re-enter read-only functions to make smart contract state inconsistent in order to enable their exploitation. Second, while some of these approaches are simple, they may not always behave the same across different blockchains that support Solidity.
title Temporarily Restricting Solidity Smart Contract Interactions
topic Cryptography and Security
url https://arxiv.org/abs/2405.09084