A Survey of Attacks on Ethereum Smart Contracts SoK
22 Apr 2017-Vol. 10204, pp 164-186
TL;DR: This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
Abstract: Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
Citations
More filters
10 Jun 2019
TL;DR: A toy voting protocol based on additive homomorphic encryption and two non-colluding parties is demonstrated, which aims at preserving the essential security properties such as election integrity and voter anonymity while being much simpler to explain.
Abstract: Online voting is a challenging socio-technical problem that is still an open research question. Current approaches are based on involved cryptographic solutions that hardly can be explained to the average voter. Still, attackers may be able to circumvent the system without breaking the cryptographic protocols. In this paper, we demonstrate a toy voting protocol based on additive homomorphic encryption and two non-colluding parties. The protocol design aims at preserving the essential security properties such as election integrity and voter anonymity while being much simpler to explain. We propose a RESTful implementation of a web front-end of the proposed system. We highlight the fact that cryptography is only one facet of security. By conducting several web attack scenarios to test the robustness of the web interface, we show that the system may still be compromised without breaking the cryptography.
6 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...Several attacks against smart contracts are surveyed in [1]....
[...]
Posted Content•
TL;DR: A Blockchain-based system that can be used to validate both of these resource types, can work passively and does not require any changes in the inter-domain routing system (BGP, RPKI), and can be combined with currently available systems for the detection and mitigation of routing attacks.
Abstract: Networks (Autonomous Systems-AS) allocate or revoke IP prefixes with the intervention of official Internet resource number authorities, and select and advertise policy-compliant paths towards these prefixes using the inter-domain routing system and its primary enabler, the Border Gateway Protocol (BGP). Securing BGP has been a long-term objective of several research and industrial efforts during the last decades, that have culminated in the Resource Public Key Infrastructure (RPKI) for the cryptographic verification of prefix-to-AS assignments. However, there is still no widely adopted solution for securing IP prefixes and the (AS-)paths leading to them; approaches such as BGPsec have seen minuscule deployment. In this work, we design and implement a Blockchain-based system that (i) can be used to validate both of these resource types, (ii) can work passively and does not require any changes in the inter-domain routing system (BGP, RPKI), and (iii) can be combined with currently available systems for the detection and mitigation of routing attacks. We present early results and insights w.r.t. scalability.
6 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...[2] Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli....
[...]
01 Nov 2018
TL;DR: A tamper-proof incentive scheme for a mobile crowdsensing system that supports open sensing, with both automated and manual participation, and uses a Blockchain so that it can be trusted by every participant is proposed.
Abstract: People are increasingly connected to the Internet through their smartphones and each of these mobile devices has a wide range of sensors. The users themselves can be asked short questions about what they see. This crowdsensing has the potential to improve our daily lives by providing actual data about the environment and the use of services. However, there are significant obstacles to user participation like resource consumption and privacy concerns. There is a need for incentives to motivate the users. In this paper, we propose a tamper-proof incentive scheme for a mobile crowdsensing system that supports open sensing, with both automated and manual participation. We implemented a prototype of the system with server components and a mobile application. The proposed incentive scheme implements a tit-for-tat approach: positive user participation is rewarded with points that are stored in a shared record. This incentive ledger uses a Blockchain so that it can be trusted by every participant. The evaluation results show that the proposed scheme is practical and can be used to motivate increased participation in crowdsensing.
6 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...A recent system [21] is proposing the use of smart contracts [22] to achieve this same end....
[...]
01 Jan 2020
TL;DR: It is concluded that neither QTUM and Ethereum blockchain platforms is suitable for business adoption based on the adapted PA-DSS standard’s evaluation results.
Abstract: Security standards such as the Payment Application Data Security Standard (PA-DSS) have been developed to keep transaction data secured in traditional payment systems. However, blockchain systems are not in the scope of these security standards. In this work, we highlight the differences between traditional and decentralized payment platforms and we present an adaptation of the PA-DSS standards to apply them in transaction-supported, decentralized blockchain platforms. We evaluate the QTUM and Ethereum blockchain platforms by using our adapted standards and we report security gaps on each platform. We conclude that neither platform is suitable for business adoption based on the adapted PA-DSS standard’s evaluation results.
6 citations
TL;DR: E X G EN successfully outperforms state-of-the-art tool, namely teEther, in generating exploits for vulnerable Ethereum (Solidity) contracts and is able to exploit zero-day vulnerabilities of 24 EOS smart contracts.
Abstract: Smart contracts, just like other computer programs, are prone to a variety of vulnerabilities, which lead to severe consequences including massive token and coin losses. Prior works have explored automated exploit generation for vulnerable Ethereum contracts. However, the scopes of prior works are limited in both vulnerability types and contract platforms. In this paper, we propose a cross-platform framework, called ExGen, to generate multiple transactions as exploits to given vulnerable smart contracts. ExGen first translates either Ethereum or EOS contracts to an intermediate representation (IR). Then, ExGen generates symbolic attack contracts with transactions in a partial order and then symbolically executes the attack contracts together with the target to find and solve all the constraints. Lastly, ExGen concretizes all the symbols, generates attack contracts with multiple transactions, and verifies the generated contracts’ exploitability on a private chain with values crawled from the public chain. We implemented a prototype of ExGen and evaluated it on Ethereum and EOS benchmarks. ExGen successfully exploits 1,258/1,399 (89.9%) Ethereum and 126/130 (96.9%) EOS vulnerabilities. ExGen is also able to exploit zero-day vulnerabilities on EOS.
6 citations
References
More filters
Book•
01 Jan 2002TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Abstract: Elementary Techniques.- 1. The Basics.- 2. Functional Programming in HOL.- 3. More Functional Programming.- 4. Presenting Theories.- Logic and Sets.- 5. The Rules of the Game.- 6. Sets, Functions, and Relations.- 7. Inductively Defined Sets.- Advanced Material.- 8. More about Types.- 9. Advanced Simplification, Recursion, and Induction.- 10. Case Study: Verifying a Security Protocol.
2,964 citations
01 Jan 2013
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Abstract: The blockchain paradigm when coupled with cryptographically-secured transactions has demonstrated its
utility through a number of projects, not least Bitcoin. Each such project can be seen as a simple application on a decentralised, but singleton, compute resource. We can call this paradigm a transactional singleton machine with shared-state.
Ethereum implements this paradigm in a generalised manner. Furthermore it provides a plurality of such resources, each with a distinct state and operating code but able to interact through a message-passing framework with others. We discuss its design, implementation issues, the opportunities it provides and the future hurdles we envisage.
2,755 citations
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Abstract: Smart contracts combine protocols with user interfaces to formalize and secure relationships over computer networks. Objectives and principles for the design of these systems are derived from legal principles, economic theory, and theories of reliable and secure protocols. Similarities and differences between smart contracts and traditional business procedures based on written contracts, controls, and static forms are discussed. By using cryptographic and other security mechanisms, we can secure many algorithmically specifiable relationships from breach by principals, and from eavesdropping or malicious interference by third parties, up to considerations of time, user interface, and completeness of the algorithmic specification. This article discusses protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer.
1,495 citations
24 Oct 2016
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Abstract: Proof of Work (PoW) powered blockchains currently account for more than 90% of the total market capitalization of existing digital cryptocurrencies. Although the security provisions of Bitcoin have been thoroughly analysed, the security guarantees of variant (forked) PoW blockchains (which were instantiated with different parameters) have not received much attention in the literature. This opens the question whether existing security analysis of Bitcoin's PoW applies to other implementations which have been instantiated with different consensus and/or network parameters. In this paper, we introduce a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains. Based on our framework, we devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints such as network propagation, different block sizes, block generation intervals, information propagation mechanism, and the impact of eclipse attacks. Our framework therefore allows us to capture existing PoW-based deployments as well as PoW blockchain variants that are instantiated with different parameters, and to objectively compare the tradeoffs between their performance and security provisions.
1,258 citations
24 Oct 2016
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
Abstract: Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins. In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.
1,232 citations