[Research] Prof. Hwang Sung Jae's Research Lab Publishes a papaer in ESEC FSE2023
- 소프트웨어융합대학
- Hit968
- 2023-05-30
황성재 교수 연구실(소프트웨어 보안 연구실, SoftSec@SKKU) ESEC/FSE 2023 논문 게제 승인
소프트웨어 보안 연구실 (지도교수: 황성재)에서 작성한 논문이 소프트웨어 공학 분야의 최상위 국제 학술대회인 FSE 2023 (30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering)에 게재 승인되었습니다. 본 논문 “EtherDiffer: Differential Testing on RPC Services of Ethereum Nodes” 은 2023년 12월 미국 샌프란시스코에서 발표될 예정입니다.
[논문 정보]
- EtherDiffer: Differential Testing on RPC Services of Ethereum Nodes
- Shinhae Kim, and Sungjae Hwang
- 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023)
[논문 요약]
Blockchain is a distributed ledger that records transactions among users on top of a peer-to-peer network. While various blockchain platforms exist, Ethereum is the most popular general-purpose platform and its support of smart contracts led to a new form of applications called decentralized applications (DApps). A typical DApp has an off-chain frontend and on-chain backend architecture, and the frontend often needs interactions with the backend network, e.g., to acquire chain data or make transactions. Therefore, Ethereum nodes implement the official RPC specification and expose a uniform set of RPC methods to the frontend. However, the specification is not sufficient in two points: (1) lack of clarification for non-deterministic event handling, and (2) lack of specification for invalid-as-themselves arguments. To effectively disclose any deviations caused by the insufficiency, this paper introduces EtherDiffer that automatically performs differential testing on four major node implementations in terms of their RPC services. EtherDiffer detected 48 different classes of deviations including 11 implementation bugs such as crash and denial-of-service bugs. We reported 44 of the detected classes to the specification and node developers and received acknowledgements as well as bug patches.