Smart contracts are self-executing programs on a blockchain to ensure immutable and transparent agreements without the involvement of intermediaries. Despite the growing popularity of smart contracts for many blockchain platforms like Ethereum, smart contract developers cannot prevent copying their smart contracts from competitors due to the absence of technical means available. However, applying existing software watermarking techniques is challenging because of the unique properties of smart contracts, such as a code size constraint, non-free execution cost, and no support for dynamic allocation under a virtual machine environment. This paper introduces a novel software watermarking scheme, dubbed SmartMark, aiming to protect the piracy of smart contracts. SmartMark builds the control flow graph of a target contract runtime bytecode and locates a series of bytes randomly selected from a collection of opcodes to represent a watermark. We implement a full-fledged prototype for Ethereum, applying SmartMark to 27,824 unique smart contract bytecodes. Our empirical results demonstrate that SmartMark can effectively embed a watermark into smart contracts and verify its presence, meeting the requirements of credibility and imperceptibility while incurring a slight performance degradation. Furthermore, our security analysis shows that SmartMark is resilient against foreseeable watermarking corruption attacks; e.g., a large number of dummy opcodes are needed to disable a watermark effectively, resulting in producing illegitimate smart contract clones that are not economical.

翻译：智能合约是在区块链上自动执行的程序，旨在无需中介的情况下确保不可篡改且透明的协议。尽管以太坊等区块链平台的智能合约日益普及，但由于缺乏可用的技术手段，智能合约开发者仍无法阻止竞争对手复制其合约。然而，由于智能合约具有代码大小限制、非免费执行成本以及虚拟机环境下不支持动态分配等独特属性，现有软件水印技术的应用面临挑战。本文提出一种新颖的软件水印方案，称为SmartMark，旨在保护智能合约免遭盗版。SmartMark构建目标合约运行时字节码的控制流图，并从操作码集合中随机选取字节序列以表示水印。我们为以太坊实现了完整的原型系统，并将SmartMark应用于27,824个独特的智能合约字节码。实验结果表明，SmartMark能够有效将水印嵌入智能合约并验证其存在性，在满足可信性与不可感知性要求的同时，仅带来轻微的性能损耗。此外，安全分析表明SmartMark能够抵御可预见的水印破坏攻击——例如，需注入大量伪操作码才能有效禁用水印，这会使得生成的非法智能合约克隆不具备经济可行性。