As decentralized applications (DApps) proliferate, the increased complexity and usage of smart contracts have heightened their susceptibility to security incidents and financial losses. Although various vulnerability detection tools have been developed to mitigate these issues, they often suffer poor performance in detecting vulnerabilities, as they either rely on simplistic and general-purpose oracles that may be inadequate for vulnerability detection, or require user-specified oracles, which are labor-intensive to create. In this paper, we introduce SmartOracle, a dynamic invariant detector that automatically generates fine-grained invariants as application-specific oracles for vulnerability detection. From historical transactions, SmartOracle uses pattern-based detection and advanced inference to construct comprehensive properties, and mines multi-layer likely invariants to accommodate the complicated contract functionalities. After that, SmartOracle identifies smart contract vulnerabilities by hunting the violated invariants in new transactions. In the field of invariant detection, SmartOracle detects 50% more ERC20 invariants than existing dynamic invariant detection and achieves 96% precision rate. Furthermore, we build a dataset that contains vulnerable contracts from real-world security incidents. SmartOracle successfully detects 466 abnormal transactions with an acceptable precision rate 96%, involving 31 vulnerable contracts. The experimental results demonstrate its effectiveness in detecting smart contract vulnerabilities, especially those related to complicated contract functionalities.

翻译：随着去中心化应用（DApps）的普及，智能合约的复杂性和使用频率不断攀升，使其面临更高的安全事件与财务损失风险。尽管已有多种漏洞检测工具被开发用于缓解此类问题，但其检测性能往往不佳。这些工具要么依赖过于简化且通用的预言机，难以有效检测漏洞；要么需要用户手动指定预言机，而此类人工构建过程耗时费力。本文提出SmartOracle，一种动态不变性检测器，能够自动生成细粒度不变式作为应用特定的预言机以进行漏洞检测。SmartOracle从历史交易记录出发，通过基于模式的检测与高级推理构建完备的属性集合，并挖掘多层可能不变式以适应复杂的合约功能逻辑。随后，SmartOracle通过在新交易中捕捉被违反的不变式来识别智能合约漏洞。在不变性检测领域，SmartOracle检测到的ERC20不变式数量比现有动态不变性检测方法多50%，且精确率达到96%。此外，我们构建了一个包含真实世界安全事件中漏洞合约的数据集。SmartOracle成功检测出466笔异常交易，涉及31个存在漏洞的合约，且保持96%的可接受精确率。实验结果验证了该方法在检测智能合约漏洞方面的有效性，尤其对于涉及复杂合约功能的漏洞类型具有显著优势。