Affiliation:
1. Swinburne University of Technology, Melbourne, Australia
2. Hyper Laboratory, Melbourne, Australia
Abstract
A smart contract is a computerised transaction agreement that carries out predefined terms without human involvement or third-party intermediaries. It serves as a trust intermediary in several industries, including finance, insurance, and supply chain management, in the blockchain 2.0 era. With the increasing interest in smart contracts, security has become a serious problem. Examining typical vulnerability types and vulnerability detection methodologies is of special importance. In this research, a comprehensive evaluation of common smart contract security vulnerabilities is conducted, and a three-tier threat model is then provided to classify the vulnerabilities. In addition, we examine fourteen existing smart contract analysis tools for finding vulnerabilities and classify them according to the main technique they apply. This article is designed to serve as a reference for people who wish to analyse deployed code and enhance existing detection techniques. At the conclusion, open issues and future research paths regarding smart contract vulnerability detection are presented.
Publisher
Association for Computing Machinery (ACM)
Reference103 articles.
1. Accessible: Retrieved from https://github.com/pirapira/bamboo. Bamboo Language.
2. Hayden Adams Noah Zinsmeister Moody Salem River Keefer and Dan Robinson. 2021. Uniswap v3 Core.
3. AFL. 2018. AFL - American Fuzzy Lop. Retrieved June 20, 2022 from http://lcamtuf.coredump.cx/afl/
4. GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts
5. Hyperledger fabric