In the realm of decentralized applications, smart contracts play a pivotal role in managing an extensive array of digital assets within blockchain networks. Ensuring the security of these digital assets hinges upon the adept detection of vulnerabilities present within smart contracts. Extensive research efforts have scrutinized and elucidated numerous smart contract vulnerabilities. However, certain vulnerabilities, including signature malleability, hash collision, and inconsequential code segments, remain relatively unexplored and devoid of dedicated detection tools. In response to this research gap, this paper addresses these three previously understudied vulnerabilities. We contribute to the field by creating a labeled dataset comprising vulnerable smart contracts. This dataset serves as a valuable resource for further scientific inquiries, enabling the testing and validation of various detection frameworks. Additionally, we present SmartSentry a static vulnerability detection framework capable of identifying these vulnerabilities. Using both dataflow and control flow analysis, our framework exhibits exceptional performance, successfully identifying labeled vulnerabilities and real-world vulnerabilities within production smart contracts with speed and efficiency. These efforts collectively enhance our understanding of smart contract vulnerabilities and contribute to the broader advancement of blockchain security.

Abstract syntax trees analysis; Blockchain security; Dataflow analysis; Smart contract vulnerability; Static analysis