Identifying and mitigating vulnerabilities in smart contracts is crucial, especially considering the rapid growth and increasing complexity of Decentralized Finance (DeFi) platforms. To address the challenges associated with securing these contracts, we introduce a versatile dynamic analysis framework specifically designed for the Ethereum Virtual Machine (EVM). This comprehensive framework focuses on tracking contract executions, capturing valuable runtime information, while introducing and employing the Execution Property Graph (EPG) to propose a unique graph traversal technique that swiftly detects potential smart contract attacks. Our approach showcases its efficacy with rapid average graph traversal time per transaction and high true positive rates. The successful identification of a zero-day vulnerability affecting Uniswap highlights the framework's potential to effectively uncover smart contract vulnerabilities in complex DeFi systems.

翻译：识别并缓解智能合约中的漏洞至关重要，尤其是在去中心化金融（DeFi）平台快速扩张且复杂度日益提升的背景下。为应对保障合约安全的相关挑战，我们提出了一种专为以太坊虚拟机（EVM）设计的通用动态分析框架。该综合框架聚焦于追踪合约执行过程，捕获有价值的运行时信息，同时引入并采用执行属性图（EPG）提出了一种独特的图遍历技术，能够快速检测潜在的智能合约攻击。我们的方法在每笔交易的平均图遍历速度和较高的真阳性率方面展现了其高效性。成功识别出影响Uniswap的零日漏洞，凸显了该框架在复杂DeFi系统中有效发现智能合约漏洞的潜力。