[en] The Ethereum blockchain enables the execution of so-called smart contracts. These are programs that facilitate the automated transfer of funds according to a given business logic without the participants requiring to trust one another. However, recently attackers started using smart contracts to lure users into traps by deploying contracts that pretend to give away funds but in fact contain hidden traps. This new type of scam is commonly referred to as honeypots. In this paper, we propose a system that aims to protect users from falling into these traps. The system consists of a plugin for MetaMask and a back-end service that continuously scans the Ethereum blockchain for honeypots. Whenever a user is about to perform a transaction through MetaMask, our plugin sends a request to the back-end and warns the user if the target contract is a honeypot.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
FERREIRA TORRES, Christof ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
STEICHEN, Mathis ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
STATE, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
Towards Usable Protection Against Honeypots
Date de publication/diffusion :
2020
Nom de la manifestation :
2nd IEEE International Conference on Blockchain and Cryptocurrency
Date de la manifestation :
from 03-05-2020 to 06-05-2020
Titre de l'ouvrage principal :
IEEE International Conference on Blockchain and Cryptocurrency, Toronto, Canada 3-6 May 2020
