Open Access

ARTICLE

An Adversarial Smart Contract Honeypot in Ethereum

Yu Han¹, Tiantian Ji¹, Zhongru Wang^1,2,*, Hao Liu^3,*, Hai Jiang⁴, Wendi Wang¹, Xiang Cui⁵

1 Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing University of Posts and Telecommunications, Beijing, 100876, China
2 Chinese Academy of Cyberspace Studies, Beijing, 100010, China
3 Qianxin Technology Group Co., Ltd., Beijing, 100088, China
4 Beijing DigApis Technology Co., Ltd., Beijing, 100081, China
5 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China

* Corresponding Authors: Zhongru Wang. Email: ; Hao Liu. Email:

(This article belongs to the Special Issue: Blockchain Security)

Computer Modeling in Engineering & Sciences 2021, 128(1), 247-267. https://doi.org/10.32604/cmes.2021.015809

Received 15 January 2021; Accepted 11 March 2021; Issue published 28 June 2021

Abstract

A smart contract honeypot is a special type of smart contract. This type of contract seems to have obvious vulnerabilities in contract design. If a user transfers a certain amount of funds to the contract, then the user can withdraw the funds in the contract. However, once users try to take advantage of this seemingly obvious vulnerability, they will fall into a real trap. Consequently, the user’s investment in the contract cannot be retrieved. The honeypot induces other accounts to launch funds, which seriously threatens the security of property on the blockchain. Detection methods for honeypots are available. However, studying the manner by which to defend existing honeypots is insufficient to fight against honeypots. The new honeypots that may appear in the future from the perspective of an attacker must also be predicted. Therefore, we propose a type of adversarial honeypot. The code and behavioral features of honeypots are obtained through a comparative analysis of the 158,568 non-honeypots and 352 honeypots. To build an adversarial honeypot, we try to separately hide these features and make the honeypot bypass the existing detection technology. We construct 18 instances on the basis of the proposed adversarial honeypot and use an open-source honeypot detection tool to detect these instances. The experimental result shows that the proposed honeypot can bypass the detection tool with a 100% ratio. Therefore, this type of honeypot should be given attention, and defensive measures should be proposed as soon as possible.

---

Keywords

---