A Survey of Attacks on Ethereum Smart Contracts SoK
Citations
479 citations
467 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...foreach segin codeSeg: //iterate over code segments 11 foreach line in seg: //iterate each line 12 if line.startswith("PUSH4") 13 //extract one function selector 14 selector.add(line.split()[1]) 15 if len(selector) >0: //ensure selector not empty 16 M[f]=selector 17 return M //return the map As discussed in previous sections, we have stored the addresses of all smart contracts with the s...
[...]
...machine game. Table 10. An Exploitable Slot Machine Smart Contract 1 contract SlotMachine { 2 … 3 function(){ 4 uint nr = now; //now is the block timestamp 5 uint y = nr & 3; 6 … 7 if(y==1) { wins[1]++; win = (msg.value * 2) + (msg.value / 2);} 8 earnings += int(msg.value); 9 if(win > 0) { 10 bool res = msg.sender.send(win); 11 earnings -= int(win); 12 }}} At line 4, the block timestamp is rea...
[...]
...l, and smart contract level. In this work, we are focusing on security vulnerabilities of smart contracts, which we will briefly review in this section. We will follow the vulnerabilities taxonomy of [1] and [9]. Gasless Send. The gasless send vulnerability is due to the fact that when using send the recipient contract’s fallback function will be invoked but with a fixed gas stipend as determined by ...
[...]
...] audited the source code of smart contracts, and reports call-stack overflow bugs on Ethereum. After undergoing continuous attacks in 2016, the problem is resolved via a hard fork on Ethereum. Atzei [1] systematically surveyed security attacks on Ethereum smart contracts. They provided taxonomy of smart contract vulnerabilities based on their characteristics. 6.2 Smart Contracts Security Fillâtre [6...
[...]
327 citations
327 citations
Cites background from "A Survey of Attacks on Ethereum Sma..."
...Since then, many other vulnerabilities in smart contract have been reported [12,17,35]....
[...]
...However, these techniques are not generally considered secure [17]....
[...]
...Recently, some authors have started to analyse the security of Ethereum smart contracts: among these, [17] surveys vulnerabilities and attacks, while [35] and [23] propose analysis techniques to detect them....
[...]
303 citations
References
2,964 citations
2,755 citations
1,495 citations
1,258 citations
1,232 citations