Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Book ChapterDOI
Translation Certification for Smart Contracts
TL;DR: In this paper , the authors propose a translation certification framework for a functional smart contract language, implemented in Coq, to verify the correctness of a compiler implementation of a given piece of low-level code.
Journal ArticleDOI
Daml: A Smart Contract Language for Securely Automating Real-World Multi-Party Business Workflows
Alexander Bernauer,Sofia Abreu Faro,Rémy Haemmerlé,Martin Huschenbett,Moritz Kiefer,Andreas Lochbihler,Jussi Olavi Aleksis Mäki,Francesco Mazzoli,Simon Meier,Neil Mitchell,Ratko G. Veprek +10 more
TL;DR: Daml as mentioned in this paper is an open-source smart contract language based on Haskell with strict evaluation, which is wellsuited for orchestrating business workflows across multiple, otherwise heterogeneous parties. But it does not support the composition of simple workflows into complex ones.
Proceedings ArticleDOI
On the Use of Deep Neural Networks for Security Vulnerabilities Detection in Smart Contracts
TL;DR: In this article , the authors investigated the use of deep learning techniques to identify and classify smart contract code vulnerabilities using a large-scale dataset of smart contracts that they used to train different CNNs models.
Proceedings ArticleDOI
Implementation and Execution of Blockchain Technology in the Field of Education
Radha Raman Chandan,Melanie Elizabeth Lourens,Krishna Ramachandran,Shaik Vaseem Akram,Rohit Bansal,Dhiraj Kapila +5 more
TL;DR: In this paper , the authors employ blockchain technology to address security concerns about the sharing of student educational credentials, and describe how to implement it as a decentralized application (DApp) based on the trials run, cost and performance analyses are also done.
Proceedings ArticleDOI
Deploying Transactional Smart Contracts using Multisignature Boolean Formulas
TL;DR: This paper explores an alternative mechanism based on propositional calculus, using multisignature and lock-based boolean variables, which is not confined to blockchain transactions, but can be easily integrated into other application domains.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.