Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
Reads0
Chats0
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Proceedings ArticleDOI
A Deep Dive into Blockchain-based Smart Contract-specific Security Vulnerabilities
Rohini Pise,Sonali Patil +1 more
TL;DR: A detailed study of smart contract-specific vulnerabilities and the defense against those vulnerabilities are presented in this article , where different security measures or precautions to be taken while writing the smart contract code is discussed in this article.
Journal ArticleDOI
Achieving reliable and anti-collusive outsourcing computation and verification based on blockchain in 5G-enabled IoT
TL;DR: Wang et al. as mentioned in this paper proposed a reliable, anti-collusion outsourcing computation and verification protocol, which uses distributed storage solutions in response to the issue of centralized storage, leverages homomorphic encryption to deal with outsourcing computation, and ensures data privacy.
Proceedings ArticleDOI
Blockchain-based Application Security Risks: A Systematic Literature Review
TL;DR: The results of this study could be seen as a preliminary checklist of security risks when implementing blockchain-based applications and highlight the application and technology domains where these security risks are observed.
Journal ArticleDOI
Characterizing Cryptocurrency-themed Malicious Browser Extensions
Kailong Wang,Yuxi Ling,Yanjun Zhang,Zhou Yu,Hao Wang,Guangdong Bai,Beng Chin Ooi,Jin Song Dong +7 more
TL;DR: Wang et al. as discussed by the authors conducted a systematic study to identify and characterize cryptocurrency-themed malicious extensions and revealed their disguises and programmatic features on which detection techniques can be based, which serves as a warning to extension users and an appeal to extension store operators to enact dedicated countermeasures.
Book ChapterDOI
Bye Audit! A Novel Blockchain-Based Automated Data Processing Scheme for Bank Audit Confirmation
TL;DR: This paper adopts blockchain technology to address the low-efficiency and fraud risk in conventional bank confirmation process and integrates smart contract into these processes for automated authorization and automated data acquisition.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.