SIF: A Framework for Solidity Code Instrumentation and Analysis
Solidity is an object-oriented and high-level language for writing smart contracts which are used to execute, verify and enforce credible transactions on permissionless blockchains. In the last few years, analysis of vulnerabilities in smart contracts has raised considerable interest and numerous techniques have been proposed. Current techniques lack traceability in source code and have widely differing work flows. There is no single unifying framework for analysis, instrumentation, optimisation and code generation of Solidity contracts. In this paper, we present SIF, a comprehensive framework for Solidity contract monitoring, instrumenting, and code generation. SIF provides support for Solidity contract developers and testers to build source level techniques for analysis, bug detection, coverage measurement, optimisations and code generation. We show feasibility and applicability of the framework using 51 real smart contracts deployed on the Ethereum network.
READ FULL TEXT