The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts

Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across the decentralised blockchain network. As smart contracts become more popular and carry more value, they become more of an interesting target for attackers. In the past few years, several smart contracts have been found to be vulnerable and thus exploited by attackers. However, a new trend towards a more proactive approach seems to be on the rise where attackers do not search for vulnerable contracts anymore. Instead, they try to lure their victims into traps by deploying vulnerable-looking contracts that contain hidden traps. This type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic analysis of honeypots, by investigating their prevalence, behaviour and impact on the Ethereum blockchain. We develop a taxonomy of honeypot techniques and use this to build HONEYBADGER - a tool that employs symbolic execution and well defined heuristics to expose smart contract honeypots. We perform a large-scale analysis of more than 2 million smart contracts and show that our tool not only achieves high precision, but also high scalability. We identify 690 honeypots as well as 240 victims in the wild, with an accumulated profit of more than $90,000 for the honeypot creators. Our manual validation shows that 87% of the reported contracts are indeed honeypots.