Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
Reads0
Chats0
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Journal ArticleDOI
Blockchain in IoT: Current Trends, Challenges, and Future Roadmap
TL;DR: This paper presents various challenges facing an IoT system and summarizes the benefits of adopting blockchain into IoT infrastructure, and focuses on illustrating the blockchain applications in IoT with refined capabilities and enhanced security.
Proceedings ArticleDOI
Security Vulnerabilities in Ethereum Smart Contracts
Ardit Dika,Mariusz Nowostawski +1 more
TL;DR: The field of security of smart contract programming is reviewed and a comprehensive taxonomy of all known security issues is provided by a thorough review of known vulnerabilities by assessing their effectiveness and accuracy on known issues on a representative sample of vulnerable contracts.
Journal ArticleDOI
Blockchain applied to the construction supply chain: A case study with threat model
TL;DR: The analysis aims to emphasize that blockchain, as presented in this paper, is a viable solution to the challenges in the CSC regardless of the risks associated with the security and robustness of the flow of information and data protection.
Book ChapterDOI
Succinctly Verifiable Sealed-Bid Auction Smart Contract
Hisham S. Galal,Amr M. Youssef +1 more
TL;DR: This paper presents a smart contract protocol for a succinctly verifiable sealed-bid auction on the Ethereum blockchain and utilizes various cryptographic primitives including zero-knowledge Succinct Non-interactive Argument of Knowledge (zk-SNARK), Multi-Party Computation, Public-Key Encryption (PKE) scheme, and commitment scheme.
Journal ArticleDOI
The Security Reference Architecture for Blockchains: Towards a Standardized Model for Studying Vulnerabilities, Threats, and Defenses
Ivan Homoliak,Sarad Venugopalan,Qingze Hum,Daniel Reijsbergen,Richard Schumi,Pawel Szalachowski +5 more
TL;DR: This work proposes the security reference architecture (SRA) for blockchains, which adopts a stacked model describing the nature and hierarchy of various security and privacy aspects and provides designers of blockchain platforms and applications with a design methodology following the model of SRA and its hierarchy.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.