Vol.128, No.1, 2021, pp.247-267, doi:10.32604/cmes.2021.015809
An Adversarial Smart Contract Honeypot in Ethereum
  • Yu Han1, Tiantian Ji1, Zhongru Wang1,2,*, Hao Liu3,*, Hai Jiang4, Wendi Wang1, Xiang Cui5
1 Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing University of Posts and Telecommunications, Beijing, 100876, China
2 Chinese Academy of Cyberspace Studies, Beijing, 100010, China
3 Qianxin Technology Group Co., Ltd., Beijing, 100088, China
4 Beijing DigApis Technology Co., Ltd., Beijing, 100081, China
5 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510006, China
* Corresponding Authors: Zhongru Wang. Email: ; Hao Liu. Email:
(This article belongs to this Special Issue: Blockchain Security)
Received 15 January 2021; Accepted 11 March 2021; Issue published 28 June 2021
A smart contract honeypot is a special type of smart contract. This type of contract seems to have obvious vulnerabilities in contract design. If a user transfers a certain amount of funds to the contract, then the user can withdraw the funds in the contract. However, once users try to take advantage of this seemingly obvious vulnerability, they will fall into a real trap. Consequently, the user’s investment in the contract cannot be retrieved. The honeypot induces other accounts to launch funds, which seriously threatens the security of property on the blockchain. Detection methods for honeypots are available. However, studying the manner by which to defend existing honeypots is insufficient to fight against honeypots. The new honeypots that may appear in the future from the perspective of an attacker must also be predicted. Therefore, we propose a type of adversarial honeypot. The code and behavioral features of honeypots are obtained through a comparative analysis of the 158,568 non-honeypots and 352 honeypots. To build an adversarial honeypot, we try to separately hide these features and make the honeypot bypass the existing detection technology. We construct 18 instances on the basis of the proposed adversarial honeypot and use an open-source honeypot detection tool to detect these instances. The experimental result shows that the proposed honeypot can bypass the detection tool with a 100% ratio. Therefore, this type of honeypot should be given attention, and defensive measures should be proposed as soon as possible.
Honeypot; smart contract; adversarial; bypass detection
Cite This Article
Han, Y., Ji, T., Wang, Z., Liu, H., Jiang, H. et al. (2021). An Adversarial Smart Contract Honeypot in Ethereum. CMES-Computer Modeling in Engineering & Sciences, 128(1), 247–267.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.