Formal Analysis of Reentrancy Vulnerabilities in Smart Contract Based on CPN

A smart contract is a special form of computer program that runs on blockchain and provides new way to implement financial business transactions in conflict-free transparent environment. In systems such as Ethereum, contracts can handle autonomously transfer assets considerable value other parties. Hence, it particularly important ensure function intended since bugs or vulnerabilities may lead, indeed have led, substantial economic losses erosion trust for blockchain. While number approaches tools been developed find vulnerabilities, formal methods present the highest level confidence security contracts. this paper, we propose solution model based colored Petri nets (CPNs). Herein, focus most common type contract, i.e., reentrancy bugs, which led serious loss around USD 34 million Cream Finance project 2021. We hierarchical CPN modelling method analyze potential at contract’s source code level. Then, modeling analysis correlation matrix, state space report graph generated via Tools simulation are exploited The example shows full wrong path accordance with our expected results. Finally, conclusion was verified Ethereum network Remix platform.