Smart contract transactions associated with security attacks often exhibit distinct behavioral patterns compared with historical benign transactions before the attacking events. While many runtime monitoring and guarding mechanisms have been proposed to validate invariants and stop anomalous transactions on the fly, the empirical effectiveness of the invariants used remains largely unexplored. In this paper, we studied 23 prevalent invariants of 8 categories, which are either deployed in high-profile protocols or endorsed by leading auditing firms and security experts. Using these well-established invariants as templates, we developed a tool Trace2Inv which dynamically generates new invariants customized for a given contract based on its historical transaction data. We evaluated Trace2Inv on 42 smart contracts that fell victim to 27 distinct exploits on the Ethereum blockchain. Our findings reveal that the most effective invariant guard alone can successfully block 18 of the 27 identified exploits with minimal gas overhead. Our analysis also shows that most of the invariants remain effective even when the experienced attackers attempt to bypass them. Additionally, we studied the possibility of combining multiple invariant guards, resulting in blocking up to 23 of the 27 benchmark exploits and achieving false positive rates as low as 0.32%. Trace2Inv outperforms current state-of-the-art works on smart contract invariant mining and transaction attack detection in terms of both practicality and accuracy. Though Trace2Inv is not primarily designed for transaction attack detection, it surprisingly found two previously unreported exploit transactions, earlier than any reported exploit transactions against the same victim contracts.

翻译：与安全攻击相关的智能合约交易，相较于攻击事件前的历史良性交易，往往展现出独特的交互行为模式。尽管已有众多运行时监控与防护机制被提出，用于实时验证不变量并即时阻止异常交易，但这些不变量在实际应用中的有效性仍鲜有系统探究。本文研究了8个类别中23种主流不变量，这些不变量或已部署于知名协议中，或受领先审计机构与安全专家认可。基于这些成熟不变量模板，我们开发了工具Trace2Inv，该工具可根据给定合约的历史交易数据动态生成定制化新不变量。我们在Ethereum区块链上遭遇27种不同攻击的42个智能合约上评估了Trace2Inv。研究结果表明：单一最有效的不变量防护措施即可成功阻止27种已识别攻击中的18种，且gas开销极低。分析还显示，即使经验丰富的攻击者试图绕过这些不变量，其中大多数仍能保持有效性。此外，我们研究了联合部署多个不变量防护的可能性，成功阻止了27个基准攻击中的23个，且误报率低至0.32%。Trace2Inv在实用性与准确性方面均优于当前智能合约不变量挖掘与交易攻击检测领域的最新技术。尽管Trace2Inv并非专为交易攻击检测而设计，但其却意外发现了两个此前未报告的利用交易，其发现时间早于针对同一受害合约的任何已知攻击事件报告。