Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Proceedings ArticleDOI
Artemis: An Improved Smart Contract Verification Tool for Vulnerability Detection
TL;DR: Artemis as mentioned in this paper is an improved smart contract verification tool that can detect vulnerabilities that include greedy, block information dependency, gasless send, and dangerous delegatecall, which can be used to improve the security of smart contracts.
Posted Content
Detecting Malicious Accounts in Permissionless Blockchains using Temporal Graph Properties.
TL;DR: This work introduces temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient and identifies the algorithm that performs the best in detecting malicious accounts in the Ethereum blockchain.
Proceedings ArticleDOI
Basis Path Coverage Criteria for Smart Contract Application Testing
TL;DR: Wang et al. as discussed by the authors proposed the test coverage criteria for smart contracts, which are objective rules that measure test quality. But, writing a correct smart contract is notoriously difficult, and once a statechanging transaction is confirmed by the network, the result is immutable.
Proceedings ArticleDOI
Supporting Reuse of Smart Contracts through Service Orientation and Assisted Development
Luca Guida,Florian Daniel +1 more
TL;DR: This paper proposes a smart contract description format that allows the developer to search for publicly available contracts, understand which features a contract exposes and how to invoke them, according to a service-oriented approach and implements a simple, model-driven development environment.
Journal ArticleDOI
Blockchain Technology: Security Issues, Healthcare Applications, Challenges and Future Trends
Zhang Wenhua,Faizan Qamar,Taj-Aldeen Naser Abdali,Rosilah Hassan,Syed Talib Abbas Jafri,Quang Ngoc Nguyen +5 more
TL;DR: Wang et al. as mentioned in this paper focused on the healthcare security issues in blockchain and sort out the security risks in six layers of blockchain technology by comparing and analyzing existing security measures, which promotes theoretical research and robust security protocol development in the current and future distributed work environment.
References
More filters
Book
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
TL;DR: This presentation discusses Functional Programming in HOL, which aims to provide students with an understanding of the programming language through the lens of Haskell.
Ethereum: A Secure Decentralised Generalised Transaction Ledger
TL;DR: Ethereum as mentioned in this paper is a transactional singleton machine with shared state, which can be seen as a simple application on a decentralised, but singleton, compute resource, and it provides a plurality of resources, each with a distinct state and operating code but able to interact through a message-passing framework with others.
Journal ArticleDOI
Formalizing and Securing Relationships on Public Networks
TL;DR: Protocols with application in important contracting areas, including credit, content rights management, payment systems, and contracts with bearer are discussed.
Proceedings ArticleDOI
On the Security and Performance of Proof of Work Blockchains
TL;DR: This paper introduces a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains and devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints.
Proceedings ArticleDOI
Making Smart Contracts Smarter
TL;DR: This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable.