• Publications
  • Influence
A Survey of Attacks on Ethereum Smart Contracts (SoK)
TLDR
We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. Expand
  • 668
  • 52
  • PDF
An Empirical Analysis of Smart Contracts: Platforms, Applications, and Design Patterns
TLDR
We collect from the blockchains of Bitcoin and Ethereum a sample of 834 smart contracts, which we classify according to our taxonomy. Expand
  • 235
  • 17
  • PDF
Data Mining for Detecting Bitcoin Ponzi Schemes
TLDR
We apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes by analysing, on the Bitcoin blockchain, the transactions used to perform the scams. Expand
  • 60
  • 9
  • PDF
Dissecting Ponzi schemes on Ethereum: identification, analysis, and impact
TLDR
We present a comprehensive survey of Ponzi schemes on Ethereum, analysing their behaviour and their impact from various viewpoints. Expand
  • 102
  • 9
  • PDF
An Analysis of Bitcoin OP_RETURN Metadata
TLDR
The Bitcoin protocol allows to save arbitrary data on the blockchain through a special instruction of the scripting language, called OP_RETURN. Expand
  • 68
  • 7
  • PDF
Static Analysis for Stack Inspection
TLDR
We propose two control flow analyses for the Java bytecode. Expand
  • 45
  • 5
  • PDF
A general framework for blockchain analytics
TLDR
We propose a general-purpose framework, seamlessly supporting data analytics on both Bitcoin and Ethereum --- currently the two most prominent cryptocurrencies. Expand
  • 40
  • 4
Semantics-Based Design for Secure Web Services
TLDR
We outline a methodology for designing and composing services in a secure manner based on a foundational calculus called lambda req [13]. Expand
  • 76
  • 3
History-Based Access Control with Local Policies
TLDR
An extension of the λ-calculus is proposed to study history-based access control. Expand
  • 59
  • 3
  • PDF
Planning and verifying service composition
TLDR
We extend the λ-calculus with primitives for selecting and invoking services that respect given security requirements. Expand
  • 47
  • 3
  • PDF