A Survey of Attacks on Ethereum Smart Contracts SoK
22 Apr 2017-Vol. 10204, pp 164-186
TL;DR: This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
Abstract: Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
Citations
More filters
TL;DR: A security type verification framework for smart contracts based on type systems is presented, a formal calculus for reasoning smart contract operations and interactions is introduced, and a lightweight type system for checking secure information flow in Solidity is designed.
5 citations
TL;DR: This literature review focused on the security solutions to several vulnerabilities presented by the IoT with centralized architecture, accompanied by ongoing industrial advancement and academic research to comprehend these difficulties and successfully use BC to ensure a secure platform without any centralized management in IoT.
Abstract: Blockchain (BC) technology is a promising answer for providing security and ensuring protection in a distributed way. It has transformed the digital currency platform with the revolutionary crypto-currency known as Bitcoin. From a theoretical point of view, a BC is a distributed series of blocks linked with each other where every block is an immutable record of some form of data exchange occurring in a network. Recently, numerous literature reviews and research articles have been published on the combination of BC with the Internet of Things (IoT). However, they are restricted to shallow conversations of specialized possibilities, and not many of them have an exhaustive investigation of the difficulties in creating BC for IoT at implementation levels. Within this frame of reference, the BC is viewed as the important link for creating a genuinely secure, decentralized, and trustless platform designed to be used in IoT and, in this literature review, we mean to figure out an intelligent and thorough image of the present progressive research works toward this path. We begin with the security vulnerabilities presented by the different IoT layers. Then we focused on the central working principle of BC and how BC-based frameworks accomplish the feature of security, decentralization, and auditability. From that point, we focused on the security solutions to several vulnerabilities presented by the IoT with centralized architecture, accompanied by ongoing industrial advancement and academic research to comprehend these difficulties and successfully use BC to ensure a secure platform without any centralized management in IoT.
5 citations
02 Nov 2020
TL;DR: This paper focuses on the issues of Ethereum smart contracts implementation (made with the Turing-complete language Solidity), providing a comprehensive systematization of such vulnerabilities basing on a slice of the Common Weakness Enumeration (CWE).
Abstract: Blockchain technology is having an ever-increasing impact on distributed applications domain, since the adoption of Blockchain 2.0 led to the spread of smart contracts. In such a context, Ethereum is the framework with the highest diffusion in terms of smart contract’s development, with a consequent rise of exploitation of code vulnerabilities, some of which causing bad financial losses. For this reason, this paper focuses on the issues of Ethereum smart contracts implementation (made with the Turing-complete language Solidity), providing a comprehensive systematization of such vulnerabilities basing on a slice of the Common Weakness Enumeration (CWE). Moreover, some relevant propagation cases among different vulnerabilities and CWE groups, observed in exploited contracts, are highlighted.
5 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...[2] have, for the first time, deeply analyzed vulnerabilities, providing a taxonomy....
[...]
...Since miners control the blocks of the blockchain, a malicious one could craft a block to bias specific values [2], [14], thus discovering the randomness and managing to manipulate events....
[...]
...2) Exceptions Disorder (ED): Exceptions can be raised in different situations, such as out-of-gas conditions, call stack limit reaching, throw clause execution [2]....
[...]
...To have a global view on the topic, before focusing on code-related vulnerabilities, we have examined several papers, among which [1], [2], [7], [8], that analyze platform-related vulnerabilities, well-known exploits (e....
[...]
...2) Blockhash Usage (BU) and Timestamp Dependency (TD) [2], [14]: these two vulnerabilities result from the usage, in critical operations, of blockhash and global timestamp variables, respectively....
[...]
Posted Content•
TL;DR: This paper extends BitML with a new primitive for contract renegotiation, and this primitive can be used to write recursive contracts, which was not possible in the original BitML.
Abstract: BitML is a process calculus to express smart contracts that can be run on Bitcoin. One of its current limitations is that, once a contract has been stipulated, the participants cannot renegotiate its terms: this prevents expressing common financial contracts, where funds have to be added by participants at run-time. In this paper, we extend BitML with a new primitive for contract renegotiation. At the same time, the new primitive can be used to write recursive contracts, which was not possible in the original BitML. We show that, despite the increased expressiveness, it is still possible to execute BitML on standard Bitcoin, preserving the security guarantees of BitML.
5 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...This flexibility has a drawback in that it may open the door to attacks that steal or tamper with the assets controlled by vulnerable contracts [4,21]....
[...]
13 May 2019
TL;DR: Protean is a general-purpose decentralized computing platform that addresses limitations of smart contracts by moving from a monolithic execution model, where all participating nodes store all the state and execute every computation, to a modular execution-model.
Abstract: While showing great promise, smart contracts are difficult to program correctly, as they need a deep understanding of cryptography and distributed algorithms, and offer limited functionality, as they have to be deterministic and cannot operate on secret data. In this paper we present Protean, a general-purpose decentralized computing platform that addresses these limitations by moving from a monolithic execution model, where all participating nodes store all the state and execute every computation, to a modular execution-model. Protean employs secure specialized modules, called functional units, for building decentralized applications that are currently insecure or impossible to implement with smart contracts. Each functional unit is a distributed system that provides a special-purpose functionality by exposing atomic transactions to the smart-contract developer. Combining these transactions into arbitrarily-defined workflows, developers can build a larger class of decentralized applications, such as provably-secure and fair lotteries or e-voting.
5 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...However, researchers have shown that this practice causes vulnerabilities [10, 39, 43] in smart contracts as malicious users can manipulate the source of randomness....
[...]
References
More filters
Book•
01 Jan 2002TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Abstract: Elementary Techniques.- 1. The Basics.- 2. Functional Programming in HOL.- 3. More Functional Programming.- 4. Presenting Theories.- Logic and Sets.- 5. The Rules of the Game.- 6. Sets, Functions, and Relations.- 7. Inductively Defined Sets.- Advanced Material.- 8. More about Types.- 9. Advanced Simplification, Recursion, and Induction.- 10. Case Study: Verifying a Security Protocol.
2,964 citations
01 Jan 2013
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Abstract: The blockchain paradigm when coupled with cryptographically-secured transactions has demonstrated its
utility through a number of projects, not least Bitcoin. Each such project can be seen as a simple application on a decentralised, but singleton, compute resource. We can call this paradigm a transactional singleton machine with shared-state.
Ethereum implements this paradigm in a generalised manner. Furthermore it provides a plurality of such resources, each with a distinct state and operating code but able to interact through a message-passing framework with others. We discuss its design, implementation issues, the opportunities it provides and the future hurdles we envisage.
2,755 citations
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Abstract: Smart contracts combine protocols with user interfaces to formalize and secure relationships over computer networks. Objectives and principles for the design of these systems are derived from legal principles, economic theory, and theories of reliable and secure protocols. Similarities and differences between smart contracts and traditional business procedures based on written contracts, controls, and static forms are discussed. By using cryptographic and other security mechanisms, we can secure many algorithmically specifiable relationships from breach by principals, and from eavesdropping or malicious interference by third parties, up to considerations of time, user interface, and completeness of the algorithmic specification. This article discusses protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer.
1,495 citations
24 Oct 2016
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Abstract: Proof of Work (PoW) powered blockchains currently account for more than 90% of the total market capitalization of existing digital cryptocurrencies. Although the security provisions of Bitcoin have been thoroughly analysed, the security guarantees of variant (forked) PoW blockchains (which were instantiated with different parameters) have not received much attention in the literature. This opens the question whether existing security analysis of Bitcoin's PoW applies to other implementations which have been instantiated with different consensus and/or network parameters. In this paper, we introduce a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains. Based on our framework, we devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints such as network propagation, different block sizes, block generation intervals, information propagation mechanism, and the impact of eclipse attacks. Our framework therefore allows us to capture existing PoW-based deployments as well as PoW blockchain variants that are instantiated with different parameters, and to objectively compare the tradeoffs between their performance and security provisions.
1,258 citations
24 Oct 2016
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.
Abstract: Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins. In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.
1,232 citations