Abstract
Despite the fact that the extent of interest in distributed ledger technologies has slightly decreased after the peak of Bitcoin popularity this area continues to evolve. One of the popular areas is the development of smart contracts which introduces a new paradigm of writing programs. This inflicts additional difficulties associated primarily with the high costs of error. This paper reviews the typical vulnerabilities that are widespread during development in the Solidity language. It also presents an analysis of existing tools to help identify software bugs. It is shown that there is no universal technique at the moment and if the risks are high, one should not solely check the code with available instruments but also conduct a manual audit with help of an expert.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
There was a well known incident with The DAO when about $ 50 million was stolen due to a program error.
- 2.
National University of Singapore.
References
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Tikhomirov, S., Voskresenskaya, E., Ivanitskiy, I., Takhaviev, R., Marchenko, E., Alexandrov, Y.: SmartCheck: static analysis of ethereum smart contracts. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, pp. 9–16. ACM, Gothenburg (2018). https://doi.org/10.1145/3194113.3194115
Mavridou, A., Laszka, A.: Designing secure ethereum smart contracts: a finite state machine based approach. In: 22nd International Conference on Financial Cryptography and Data Security (2018)
Mavridou, A., Laszka, A.: Tool demonstration: FSolidM for designing secure ethereum smart contracts. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 270–277. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89722-6_11
Bhargavan, K., et al.: Formal verification of smart contracts: short paper. In: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, Vienna, Austria, 24 October 2016, pp. 91–96 (2016). https://doi.org/10.1145/2993600.2993611
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24
Luu, L., Chu, D., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 254–269 (2016). https://doi.org/10.1145/2976749.2978309
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: Zeus: analyzing safety of smart contracts. In: 25th ISOC Symposium on Network and Distributed System Security (NDSS 2018), San Diego, CA (2018). https://doi.org/10.14722/ndss.2018.23092
Urban, C., Gurfinkel, A., Kahsai, T.: Synthesizing ranking functions from bits and pieces. In: Chechik, M., Raskin, J.-F. (eds.) TACAS 2016. LNCS, vol. 9636, pp. 54–70. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49674-9_4
Barrett, C., Tinelli, C.: CVC3. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 298–302. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73368-3_34
Paulson, L.C.: Isabelle: the next 700 theorem provers. In: Odifreddi, P. (ed.) Logic and Computer Science, pp. 361–386. Academic Press, London (1990)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kirillov, D., Iakushkin, O., Korkhov, V., Petrunin, V. (2019). Evaluation of Tools for Analyzing Smart Contracts in Distributed Ledger Technologies. In: Misra, S., et al. Computational Science and Its Applications – ICCSA 2019. ICCSA 2019. Lecture Notes in Computer Science(), vol 11620. Springer, Cham. https://doi.org/10.1007/978-3-030-24296-1_41
Download citation
DOI: https://doi.org/10.1007/978-3-030-24296-1_41
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24295-4
Online ISBN: 978-3-030-24296-1
eBook Packages: Computer ScienceComputer Science (R0)