Corpus ID: 221103590

GasMet: Profiling Gas Leaks in the Deployment of Solidity Smart Contracts

  title={GasMet: Profiling Gas Leaks in the Deployment of Solidity Smart Contracts},
  author={G. Canfora and Andrea Di Sorbo and Sonia Laudanna and A. Vacca and C. A. Visaggio},
Nowadays, blockchain technologies are increasingly adopted for different purposes and in different application domains. Accordingly, more and more applications are developed for running on a distributed ledger technology (i.e., \textit{dApps}). The business logic of a dApp (or part of it) is usually implemented within one (or more) smart contract(s) developed through Solidity, an object-oriented programming language for writing smart contracts on different blockchain platforms, including the… Expand
1 Citations
Static Profiling and Optimization of Ethereum Smart Contracts Using Resource Analysis
A novel static profiling technique for Ethereum smart contracts that is able to generate upper-bound expressions that can be used to produce profiling information about the measure of interest, and an automatic optimization of Solidity programs which reduces their gas consumption. Expand


Under-optimized smart contracts devour your money
This work conducts the first investigation on Solidity, the recommended compiler, and reveals that it fails to optimize gas- costly programming patterns, and proposes and develops GASPER, a new tool for automatically locating gas-costly patterns by analyzing smart contracts' bytecodes. Expand
Towards Analyzing the Complexity Landscape of Solidity Based Ethereum Smart Contracts
  • Péter Hegedűs
  • Computer Science
  • 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)
  • 2018
This work analyzes more than 10,000 smart contracts and proposes the adoption of some well-known OO metrics for Solidity smart contracts, suggesting that smart contract programs are short, not overly complex and either quite well-commented or not commented at all. Expand
SmartCheck: Static Analysis of Ethereum Smart Contracts
The paper provides a comprehensive classification of code issues in Solidity and implements SmartCheck -- an extensible static analysis tool that detects them and reflects the current state of knowledge on Solidity vulnerabilities and shows significant improvements over alternatives. Expand
The Economics of Smart Contracts
It is shown that the actual costs of executing smart contracts are disproportionate to the computational costs and that this gap is continuously widening, and the proposed performance model estimates gas usage and execution time of a smart contract at a given block-height. Expand
MadMax: surviving out-of-gas conditions in Ethereum smart contracts
MadMax is presented: a static program analysis technique to automatically detect gas-focused vulnerabilities with very high confidence and achieves high precision and scalability. Expand
Running on Fumes - Preventing Out-of-Gas Vulnerabilities in Ethereum Smart Contracts Using Static Resource Analysis
Gastap is reported on, a Gas-Aware Smart contracT Analysis Platform, which takes as input a smart contract and automatically infers gas upper bounds for all its public functions and ensures that if the gas limit paid by the user is higher than the inferred gas bounds, the contract is free of out-of-gas vulnerabilities. Expand
Smart contracts: security patterns in the ethereum ecosystem and solidity
  • Maximilian Wohrer, U. Zdun
  • Computer Science
  • 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)
  • 2018
Several common security patterns are elaborated, which can be applied by Solidity developers to mitigate typical attack scenarios and describe solutions to typical security issues. Expand
Defining Smart Contract Defects on Ethereum
Feedback showed these contract defects are harmful and removing them would improve the quality and robustness of smart contracts, and manually identified them in 587 real world smart contract and publicly released the dataset. Expand
SIF: A Framework for Solidity Contract Instrumentation and Analysis
SIF provides support for Solidity contract developers and testers to build source level techniques for analysis, understanding, diagnostics, optimisations and code generation of Solidity contracts at the source code level. Expand
Security Smells in Smart Contracts
The evaluation of smart contracts as a platform or aid for mission-critical applications such as access control platforms is evaluated by identifying the issues related to smart contracts and informing the reader about the problem, challenges, and techniques. Expand