Published September 6, 2023 | Version v1
Conference paper Open

Fuzz on the Beach: Fuzzing Solana Smart Contracts

  • 1. ROR icon University of Duisburg-Essen
  • 2. Ruhr University Bochum

Description

Solana has quickly emerged as a popular platform for building decentralized applications (DApps), such as marketplaces for nonfungible tokens (NFTs). A key reason for its success are Solana’s low transaction fees and high performance, which is achieved in part due to its stateless programming model. Although the literature features extensive tooling support for smart contract security, current solutions are largely tailored for the Ethereum Virtual Machine. Unfortunately, the very stateless nature of Solana’s execution environment introduces novel attack patterns specific to Solana requiring a rethinking for building vulnerability analysis methods.

In this paper, we address this gap and propose FuzzDelSol, the first binary-only coverage-guided fuzzing architecture for Solana
smart contracts. FuzzDelSol faithfully models runtime specifics such as smart contract interactions. Moreover, since source code is
not available for the large majority of Solana contracts, FuzzDelSol operates on the contract’s binary code. Hence, due to the lack of semantic information, we carefully extracted low-level program and state information to develop a diverse set of bug oracles covering all major bug classes in Solana. Our extensive evaluation on 6049 smart contracts shows that FuzzDelSol’s bug oracles finds impactful vulnerabilities with a high precision and recall. To the best of our knowledge, this is the largest evaluation of the security landscape on the Solana mainnet.

Files

Solana_Fuzzing_Paper__camera_.pdf

Files (844.8 kB)

Name Size Download all
md5:6ebdff5054be92efe4ae077aafbd7010
844.8 kB Preview Download