Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
Reads0
Chats0
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Proceedings ArticleDOI
Impact of consensus on appendable-block blockchain for IoT
Roben Castagna Lunardi,Regio A. Michelin,Charles V. Neu,Henry Cabral Nunes,Avelino F. Zorzo,Salil S. Kanhere +5 more
TL;DR: Results indicate that the latency to append a new block is less than 161ms and the delay for processing a new transaction is lessthan 7ms, suggesting that the improved version of the appendable-block blockchain is efficient and scalable, and thus well suited for IoT scenarios.
Journal ArticleDOI
Ethereum smart contracts: Analysis and statistics of their source code and opcodes
Stefano Bistarelli,Gianmarco Mazzante,Matteo Micheletti,Leonardo Mostarda,Davide Sestili,Francesco Tiezzi +5 more
TL;DR: A novel, more comprehensive, study that aims at gaining a precise understanding on how programmers use the linguistic instructions supported by Ethereum, and gathers ten of thousands of verified Ethereum smart contracts that have been written by using the Solidity language.
Proceedings ArticleDOI
Verifiable Smart Contract Portability
TL;DR: This work provides a toolbox that facilitates smart contract portability between EVM-compatible blockchains without trust requirements in the entity executing the migration process, and transfers token contracts based on the ERC20 standard as well as applications containing dependencies to other smart contracts to prove the concept's soundness.
Journal ArticleDOI
A novel quantum blockchain scheme base on quantum entanglement and DPoS
TL;DR: It is shown that some attacks, such as man-in-the-middle attack, double spending attack and state-estimation attack, can be resisted and this novel quantum blockchain scheme is also secure under quantum computing attacks.
Book ChapterDOI
Contracts over Smart Contracts: Recovering from Violations Dynamically
TL;DR: This paper argues how dynamic analysis can be used not only to identify errors in the contracts, but also to support recovery from such errors, and presents a specification-driven approach, allowing developers to promise behavioural properties via smart contract, but still allowing them to update the code which implements the specification in a safe manner.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.