xFuzz: Machine Learning Guided Cross-Contract Fuzzing. (arXiv:2111.12423v2 [cs.CR] UPDATED)

Smart contract transactions are increasingly interleaved by cross-contract
calls. While many tools have been developed to identify a common set of
vulnerabilities, the cross-contract vulnerability is overlooked by existing
tools. Cross-contract vulnerabilities are exploitable bugs that manifest in the
presence of more than two interacting contracts. Existing methods are however
limited to analyze a maximum of two contracts at the same time. Detecting
cross-contract vulnerabilities is highly non-trivial. With multiple interacting
contracts, the search space is much larger than that …

contract fuzzing machine machine learning