Aroc: An Automatic Repair Framework for On-chain Smart Contracts

Ongoing smart contract attack events have seriously impeded the practical application of blockchain. Although lots of researches have been conducted, they mostly focus on off-chain vulnerability detection. However, smart contract cannot be modified once they have been deployed on chain, and thus existing techniques cannot protect those deployed contracts from being attacked. To mitigate this problem, we propose Aroc, a general repairer that can automatically patch vulnerable deployed smart contracts. The core insight of Aroc is to generate a patch contract leveraging static analysis techniques to verify whether transactions obey secure states of the vulnerable contracts, and then abort those deviated transactions in advance. Take the three most serious bug types (i.e., reentrancy, arithmetic bugs, and unchecked low-level checks) as examples, we present how Aroc is able to automatically repairs them on chain. Experimental results show that Aroc can automatically repair 84.95% of the vulnerable contracts with an average correctness ratio of 91.43%. Meanwhile, Aroc introduces acceptable additional overheads to smart contract users and blockchain miners.