Smart contracts vulnerabilities: a call for blockchain software engineering?

@article{Destefanis2018SmartCV,
  title={Smart contracts vulnerabilities: a call for blockchain software engineering?},
  author={Giuseppe Destefanis and M. Marchesi and Marco Ortu and R. Tonelli and A. Bracciali and R. Hierons},
  journal={2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)},
  year={2018},
  pages={19-25}
}
Smart Contracts have gained tremendous popularity in the past few years, to the point that billions of US Dollars are currently exchanged every day through such technology. However, since the release of the Frontier network of Ethereum in 2015, there have been many cases in which the execution of Smart Contracts managing Ether coins has led to problems or conflicts. Compared to traditional Software Engineering, a discipline of Smart Contract and Blockchain programming, with standardized best… Expand
Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities
TLDR
The results indicate that the most common formalization technique is theorem proving, which is most often used to verify security properties relating to smart contracts, while other techniques such as symbolic execution and model checking were also frequently used. Expand
Smart contract development: Challenges and opportunities
TLDR
This study focuses exclusively on this subset of smart contracts, and suggests several directions that researchers and practitioners can work on to help improve developers’ experience on developing high-quality smart contracts. Expand
Security Smells in Smart Contracts
TLDR
The evaluation of smart contracts as a platform or aid for mission-critical applications such as access control platforms is evaluated by identifying the issues related to smart contracts and informing the reader about the problem, challenges, and techniques. Expand
A Survey on Security Verification of Blockchain Smart Contracts
TLDR
This work presents representative studies of formal verification of smart contracts in detail to demonstrate that using a formal method to validate blockchain smart contracts must have a promising and meritorious future. Expand
A systematic literature review of blockchain and smart contract development: Techniques, tools, and open challenges
TLDR
This systematic literature review oriented to software engineering aims at highlighting current problems and possible solutions concerning smart contracts and blockchain applications development, as well as identifying open challenges that require further research. Expand
Empirical Vulnerability Analysis of Automated Smart Contracts Security Testing on Blockchains
TLDR
The goal of this paper is to carry out a far-reaching experimental assessment of current static smart contracts security testing tools, for the most widely used blockchain, the Ethereum and its domain-specific programming language, Solidity, to provide the first body of knowledge for creating more secure blockchain-based software. Expand
Verifiable Smart Contract Portability
  • Martin Westerkamp
  • Computer Science
  • 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)
  • 2019
TLDR
This work provides a toolbox that facilitates smart contract portability between EVM-compatible blockchains without trust requirements in the entity executing the migration process, and transfers token contracts based on the ERC20 standard as well as applications containing dependencies to other smart contracts to prove the concept's soundness. Expand
An Empirical Review on Blockchain Smart Contracts: Application and Challenges in Implementation
TLDR
This paper focuses on an extensive review of Blockchain Smart contract applications in real-world scenarios and challenges in it, and highlights the challenges and research gaps that have to be addressed in it. Expand
Smart contracts on the blockchain - A bibliometric analysis and review
  • L. Ante
  • Computer Science
  • Telematics Informatics
  • 2021
TLDR
This paper analyzes 468 articles on the topic of smart contracts, providing a summary and analysis of the current state of research on smart contracts and identifying intellectual structures and emerging trends, and derives starting points for future research. Expand
Overview of the Languages for Safe Smart Contract Programming
TLDR
An overview of smart contract programming languages design principles, related vulnerabilities, and future research areas is provided to outline the to date state of languages and to become a possible basis for future proceedings. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 18 REFERENCES
Smart Contracts Software Metrics: a First Study
TLDR
This work tested the statistics of a set of software metrics related to SC and compared them to the metrics extracted from more traditional software projects and showed that generally Smart Contracts metrics have ranges more restricted than the corresponding metrics in traditional software systems. Expand
Making Smart Contracts Smarter
TLDR
This paper investigates the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies, and proposes ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. Expand
A Petri Nets Model for Blockchain Analysis
TLDR
This paper reconstructed an Entities network associated to Blockchain transactions gathering together Bitcoin addresses into the single entity holding permits to manage Bitcoins held by those addresses by using the Petri Nets formalism. Expand
A Survey of Attacks on Ethereum Smart Contracts (SoK)
TLDR
This work analyses the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities, and shows a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage. Expand
Blockchain-Oriented Software Engineering: Challenges and New Directions
In this work, we acknowledge the need for software engineers to devise specialized tools and techniques for blockchain-oriented software development. Ensuring effective testing activities, enhancingExpand
Solidity Parsing Using SmaCC: Challenges and Irregularities
TLDR
A parser using SmaCC is implemented to serve as a base for further developing Solidity support in Pharo and may help other developers trying to convert similar grammars to an LR type parser. Expand
Demystifying Incentives in the Consensus Computer
TLDR
This work calls the framework of computation through a scriptable cryptocurrency a consensus computer and develops a model that captures incentives for verifying computation in it and proposes a resolution to the verifier's dilemma which incentivizes correct execution of certain applications, including outsourced computation, where scripts require minimal time to verify. Expand
SmartInspect: Smart Contract Inspection Technical Report
TLDR
SmartInspect allows developers and also end-users of a contract to better visualize and understand the contract stored state without needing to redeploy, nor develop any ad-hoc code. Expand
Micro Pattern Fault-Proneness
TLDR
This study aims to show, through empirical studies of open source software systems, which categories of micro patterns are more correlated to faults, and which classes are more likely to be fault-prone than the others. Expand
Comparing Test and Production Code Quality in a Large Commercial Multicore System
TLDR
This paper investigates four releases of an industrial embedded multi-core system from four perspectives and compares results for test code with corresponding production code, finding that test code did not fare well when compared with production code. Expand
...
1
2
...