Yibo Wang and Yuzhe Tang, Syracuse University; Kai Li, San Diego State University; Wanning Ding and Zhihua Yang, Syracuse University
In blockchains, mempool controls transaction flow before consensus, denial of whose service hurts the health and security of blockchain networks. This paper presents MPFUZZ, the first mempool fuzzer to find asymmetric DoS bugs by exploring the space of symbolized mempool states and optimistically estimating the promisingness of an intermediate state in reaching bug oracles. Compared to the baseline blockchain fuzzers, MPFUZZ achieves a > 100× speedup in f inding known DETER exploits. Running MPFUZZ on major Ethereum clients leads to discovering new mempool vulnerabilities, which exhibit a wide variety of sophisticated patterns, including stealthy mempool eviction and mempool locking. Rule-based mitigation schemes are proposed against all newly discovered vulnerabilities.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Yibo Wang and Yuzhe Tang and Kai Li and Wanning Ding and Zhihua Yang},
title = {Understanding Ethereum Mempool Security under Asymmetric {DoS} by Symbolized Stateful Fuzzing},
booktitle = {33rd USENIX Security Symposium (USENIX Security 24)},
year = {2024},
isbn = {978-1-939133-44-1},
address = {Philadelphia, PA},
pages = {4747--4764},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/wang-yibo},
publisher = {USENIX Association},
month = aug
}
