Survey on Quality Assurance of Smart Contracts-Reference-Cited by-同舟云学术

Survey on Quality Assurance of Smart Contracts

Published:2024-09-14 Issue: Volume: Page:
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Wei Zhiyuan¹^ORCID,Sun Jing²^ORCID,Zhang Zijian³^ORCID,Zhang Xianhao³^ORCID,Yang Xiaoxuan³^ORCID,Zhu Liehuang³^ORCID

Affiliation:

1. School of Computer Science, Beijing Institute of Technology, Beijing, China

2. Faculty of Science, University of Auckland - City Campus, Auckland, New Zealand

3. School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China

Abstract

As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3695864

Reference136 articles.

1. Josh Achiam Steven Adler and Sandhini Agarwal. 2023. Gpt-4 technical report. arXiv preprint arXiv:2303.08774(2023).

2. Elvira Albert, Puri Arenas, and Antonio et al. Flores-Montoya. 2014. SACO: static analyzer for concurrent objects. In Tools and Algorithms for the Construction and Analysis of Systems: 20th International Conference, TACAS 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014. Proceedings 20. Springer, 562–567.

3. Elvira Albert, Puri Arenas, and Samir Genaim. 2008. Automatic inference of upper bounds for recurrence relations in cost analysis. In Static Analysis: 15th International Symposium, SAS 2008, Valencia, Spain, July 16-18, 2008. Proceedings 15. Springer, 221–237.

4. Elvira Albert, Jesús Correas, and Pablo Gordillo et al. 2020. GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts. In Tools and Algorithms for the Construction and Analysis of Systems - 26th International Conference, TACAS 2020, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020, Dublin, Ireland, April 25-30, 2020, Proceedings, Part II(Lecture Notes in Computer Science, Vol. 12079). Springer, 118–125.

5. Elvira Albert Pablo Gordillo and Albert Rubio et al. 2019. Running on Fumes - Preventing Out-of-Gas Vulnerabilities in Ethereum Smart Contracts Using Static Resource Analysis. In Verification and Evaluation of Computer and Communication Systems - 13th International Conference VECoS 2019 Porto Portugal October 9 2019 Proceedings(Lecture Notes in Computer Science Vol. 11847). Springer 63–78.