Abstract

In a blockchain-based data trading platform, data users can purchase data sets and computing power through encrypted smart contracts. The security of smart contracts is important as it relates to that of the data platform. However, due to the inability to apply to detection rules with complex structures and the inefficiency of detection, existing malicious code detection methods are not suitable for the encrypted smart contracts in blockchain-based data trading platforms with high transaction rate requirements. In this paper, a practical and privacy-preserving malicious code detection method is proposed for encrypted smart contract in blockchain-based data trading platform. Specifically, we design two kinds of miners to act as the malicious rule processor and the detector respectively for inspecting the encrypted smart contract. The rule processor generates an obfuscated map with the original open-source malicious rule set. The detector performs a malicious inspection algorithm by inputting the obfuscated map and the randomized tokens, where the latter is generated from smart contract. Then, we theoretically analyze the security syntax of the proposed method. The analysis results demonstrate the proposed scheme can achieve <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$\mathcal {L}$</tex-math></inline-formula> -secure against adaptive attacks. Extensive experiments are carried out through the open-source real rule sets, which show that the proposed scheme can reduce communication time and communication overhead.