Book ChapterDOI
A Survey of Attacks on Ethereum Smart Contracts SoK
Nicola Atzei,Massimo Bartoletti,Tiziana Cimoli +2 more
- Vol. 10204, pp 164-186
Reads0
Chats0
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.Abstract:
Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.read more
Citations
More filters
Journal ArticleDOI
A systematic literature review of blockchain-based applications: Current status, classification and open issues
TL;DR: A comprehensive classification of blockchain-enabled applications across diverse sectors such as supply chain, business, healthcare, IoT, privacy, and data management is presented, and key themes, trends and emerging areas for research are established.
Journal ArticleDOI
On blockchain and its integration with IoT. Challenges and opportunities
TL;DR: This paper focuses on the relationship between blockchain and IoT, investigates challenges in blockchain IoT applications, and surveys the most relevant work in order to analyze how blockchain could potentially improve the IoT.
Journal ArticleDOI
A survey on the security of blockchain systems
TL;DR: Wang et al. as discussed by the authors conduct a systematic study on the security threats to blockchain and survey the corresponding real attacks by examining popular blockchain systems. And they also review the security enhancement solutions for blockchain, which could be used in the development of various blockchain systems, and suggest some future directions to stir research efforts into this area.
Proceedings ArticleDOI
Securify: Practical Security Analysis of Smart Contracts
Petar Tsankov,Andrei Marian Dan,Dana Drachsler-Cohen,Arthur Gervais,Florian Bünzli,Martin Vechev +5 more
TL;DR: Securify as mentioned in this paper is a security analyzer for Ethereum smart contracts that is scalable, fully automated, and able to prove contract behaviors as safe/unsafe with respect to a given property.
Journal ArticleDOI
Blockchain in government: Benefits and implications of distributed ledger technology for information sharing
TL;DR: A critical assessment of the often exaggerated benefits of blockchain technology found in the literature is presented and a shift from a technology-driven to need-driven approach in which blockchain applications are customized to ensure a fit with requirements of administrative processes is pleaded.
References
More filters
Book ChapterDOI
Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab
TL;DR: In this paper, the authors document their experiences in teaching smart contract programming to undergraduate students at the University of Maryland, the first pedagogical attempt of its kind, where smart contracts deal directly with the movement of valuable currency units between contractual parties, security of a contract program is of paramount importance.
Proceedings ArticleDOI
Secure Multiparty Computations on Bitcoin
TL;DR: The Bit coin system can be used to go beyond the standard "emulation-based" definition of the MPCs, by constructing protocols that link their inputs and the outputs with the real Bit coin transactions.
Proceedings ArticleDOI
Dependent types and multi-monadic effects in F*
Nikhil Swamy,Cătălin Hriţcu,Chantal Keller,Aseem Rastogi,Antoine Delignat-Lavaud,Simon Forest,Karthikeyan Bhargavan,Cédric Fournet,Pierre-Yves Strub,Markulf Kohlweiss,Jean Karim Zinzindohoue,Santiago Zanella-Béguelin +11 more
TL;DR: A new, completely redesigned, version of F*, a language that works both as a proof assistant as well as a general-purpose, verification-oriented, effectful programming language that confirms F*'s pay-as-you-go cost model.
Proceedings Article
Timed Commitments
Dan Boneh,Moni Naor +1 more
TL;DR: This work introduces and constructs timed commitment schemes, an extension to the standard notion of commitments in which a potential forced opening phase permits the receiver to recover (with effort) the committed value without the help of the committer.
Posted Content
Smart Contract Templates: foundations, design landscape and research directions.
TL;DR: A simple semantic framework for smart contracts is explored, covering both operational and non-operational aspects, and templates and agreements for legally-enforceable smart contracts are described, based on legal documents.