EVM-Shield: In-Contract State Access Control for Fast Vulnerability Detection and Prevention

Recently, smart contracts have been widely applied in security-sensitive fields yet are fragile to various vulnerabilities and attacks. Regarding this, existing research efforts either statically scrutinize smart contracts code or detect suspicious transaction execution flows. However, they either fail to timely protect contracts or only handle a small subset of well-known vulnerabilities. In the paper, we propose EVMShield that secures vulnerable smart contracts in real-time via fine-grained access control over sensitive states. The behind rationale is most of attacks aim to manipulate money-related states (e.g., tokens) for profits. Specifically, transaction-level state access control policies are first defined by developers and then translated into EVM-level policies with contract-aware function-level state access permissions. In policy enforcement, EVM-Shield introduces a hybrid storage analyzer to accurately identify (dynamic-allocated) storage locations for policy-involved states and a multi-stage cache based filter to fast revert bad transactions with unexpected state access behaviors. Finally, we conduct thorough experiments using 12 types of real-world contract vulnerabilities and all open-source smart contracts on the first 8M blocks of Ethereum. The results demonstrate that EVM-Shield outperforms two state-of-the-art runtime analysis tools in terms of attack detection. Extensive performance evaluations with 185M real-world transactions show that EVMShield can block 100% unexpected state accesses at the cost of 8% throughput degradation (compared with the native EVM).