Wed 17 Jul 2024 17:30 - 17:39 at Acerola - Program Analysis and Performance 1 Chair(s): Alessandra Gorla

Crosschain bridges have become a key solution to connect independent blockchains and enable the transfer of assets and information between them. However, recent bridge hacks have exposed severe security issues and these bridges provide new strategic weapons for malicious activities. Thus, it is crucial to fully understand and identify the security issues of crosschain bridges in the real world. To achieve our goal, we define a novel abstraction called \emph{inconsistency behavior} to comprehensively summarize the crosschain security issues. Then, we further developed XGuard, a static analyzer, to find the inconsistency behavior of cross-chain bridges in the real world. Specifically, XGuard first extracts the crosschain semantic information in the bridge contract on both the source chain and destination chain, and then identifies inconsistency behaviors that occur on multiple blockchains. Our results show that XGuard can successfully identify vulnerable crosschain bridges in the real world. The demonstration of the tool is available at https://youtu.be/UMASWldZHgg, the online service is available at https://xguard.sh, and the related code is available at https://github.com/seccross/xguard.

Wed 17 Jul

Displayed time zone: Brasilia, Distrito Federal, Brazil change

16:00 - 18:00
Program Analysis and Performance 1Research Papers / Industry Papers / Demonstrations / Ideas, Visions and Reflections at Acerola
Chair(s): Alessandra Gorla IMDEA Software Institute
16:00
18m
Talk
DyPyBench: A Benchmark of Executable Python Software
Research Papers
Islem BOUZENIA University of Stuttgart, Bajaj Piyush Krishan University of Stuttgart, Michael Pradel University of Stuttgart
16:18
18m
Talk
Fast Graph Simplification for Path-Sensitive Typestate Analysis through Tempo-Spatial Multi-Point SlicingDistinguished Paper Award
Research Papers
DOI Pre-print
16:36
18m
Talk
PBE-based Selective Abstraction and Refinement for Efficient Property Falsification of Embedded Software
Research Papers
Yoel Kim Kyungpook National University, Yunja Choi Kyungpook National University
DOI File Attached
16:54
18m
Talk
Predictive Program Slicing via Execution Knowledge-Guided Dynamic Dependence LearningDistinguished Paper Award
Research Papers
Aashish Yadavally University of Texas at Dallas, Yi Li University of Texas at Dallas, Tien N. Nguyen University of Texas at Dallas
Pre-print
17:12
18m
Talk
Checking Complex Source Code-level Constraints using Runtime Verification
Industry Papers
Joshua Heneage Dawes University of Luxembourg, Domenico Bianculli University of Luxembourg
17:30
9m
Talk
XGuard: Detecting Inconsistency Behaviors of Crosschain Bridges
Demonstrations
Ke Wang Peking University, Yue Li Peking University, Che Wang Peking University, China, Jianbo Gao Peking University, Zhi Guan Peking University, Zhong Chen
17:39
9m
Talk
Rapid Taint Assisted Concolic Execution (TACE)
Demonstrations
Ridhi Jain Technology Innovation Institute (TII), Abu Dhabi, UAE, Norbert Tihanyi Technology Innovation Institute, Mthandazo Ndhlovu Technology Innovation Institute, Mohamed Amine Ferrag Technology Innovation Institute, Lucas C. Cordeiro University of Manchester, UK
DOI
17:48
9m
Talk
Verification of Programs with Common Fragments
Ideas, Visions and Reflections
Ivan Postolski University of Buenos Aires, Víctor Braberman ICC (UBA-CONICET), Diego Garbervetsky Departamento de Computación, FCEyN, UBA, Sebastian Uchitel Imperial College and University of Buenos Aires