Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Book ChapterDOI
Deductive Proof of Industrial Smart Contracts Using Why3
Zeinab Nehai,François Bobot +1 more
TL;DR: A formal tool that performs deductive verification on industrial smart contracts, which are self-executing digital programs, is used, and the cost of gas is estimated, which is a unit that measures the amount of computational effort during a transaction.
Proceedings ArticleDOI
SoK: Decentralized Finance (DeFi) Attacks
Liyi Zhou,Xihan Xiong,Jens Ernstberger,Stefanos Chaliasos,Zhipeng Wang,Ye Wang,Kaihua Qin,Roger Wattenhofer,Dawn Song,Arthur Gervais +9 more
TL;DR: A common reference frame is introduced to systematically evaluate and compare DeFi incidents, including both attacks and accidents, and investigates 77 academic papers, 30 audit reports, and 181 real-world incidents.
Proceedings ArticleDOI
Resource-Aware Session Types for Digital Contracts
TL;DR: Nomos as discussed by the authors is a programming language for digital contracts based on shared binary session types, which can express and enforce protocols of interaction, control resource usage, and prevent the duplication or deletion of a contract's assets.
Journal ArticleDOI
Blockchain-based Privacy-Preserving Record Linkage: enhancing data privacy in an untrusted environment
TL;DR: A protocol that considers covert adversaries, i.e., adversaries that may deviate arbitrarily from the protocol specification in an attempt to cheat is proposed, as well as the ability to detect the misbehavior of a malicious adversary during the PPRL execution.
Journal ArticleDOI
A Survey on Blockchain in Robotics: Issues, Opportunities, Challenges and Future Directions
TL;DR: In this article, the key requirements and technical challenges encountered by robots in general are explored, and the role of blockchain for different uses cases of robotics is surveyed, and various technical challenges that need to be mitigated to harness full potential of blockchain technology for robotics are highlighted.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.