Skip to main content
SpringerLink
Log in

Ethereum smart contract security research: survey and future research opportunities

  • Review Article
  • Published:
Frontiers of Computer Science Aims and scope Submit manuscript

Abstract

Blockchain has recently emerged as a research trend, with potential applications in a broad range of industries and context. One particular successful Blockchain technology is smart contract, which is widely used in commercial settings (e.g., high value financial transactions). This, however, has security implications due to the potential to financially benefit from a security incident (e.g., identification and exploitation of a vulnerability in the smart contract or its implementation). Among, Ethereum is the most active and arresting. Hence, in this paper, we systematically review existing research efforts on Ethereum smart contract security, published between 2015 and 2019. Specifically, we focus on how smart contracts can be maliciously exploited and targeted, such as security issues of contract program model, vulnerabilities in the program and safety consideration introduced by program execution environment. We also identify potential research opportunities and future research agenda.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Chaum D. Blind signatures for untraceable payments. In: Proceedings of the 2nd Annual International Cryptology Conference. 1982, 199–203

  2. Chaum D, Fiat A, Naor M. Untraceable electronic cash. In: Proceedings of the 8th Annual International Cryptology Conference. 1988, 319–327

  3. Schoenmakers B. Security aspects of the ecashtm payment system. In: State of the Art in Applied Cryptography Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, 1998, 338–352

    Chapter  MATH  Google Scholar 

  4. Rivest R L. Peppercoin micropayments. In: Proceedings of the 8th International Conference on Financial Cryptography. 2004, 2–8

  5. Satoshi N. Bitcoin: a peer-to-peer electronic cash system. 2008

  6. Tschorsch F, Scheuermann B. Bitcoin and beyond: a technical survey on decentralized digital currencies. IEEE Communications Surveys Tutorials, 2016, 18(3): 2084–2123

    Article  Google Scholar 

  7. Conti M, Kumar E S, Lal C, Ruj S. A survey on security and privacy issues of bitcoin. IEEE Communications Surveys Tutorials, 2018, 20(4): 3416–3452

    Article  Google Scholar 

  8. Khalilov M C K, Levi A. A survey on anonymity and privacy in bitcoin-like digital cash systems. IEEE Communications Surveys Tutorials, 2018, 20(3): 2543–2585

    Article  Google Scholar 

  9. Ferrag M A, Derdour M, Mukherjee M, Derhab A, Maglaras L, Janicke H. Blockchain technologies for the internet of things: research issues and challenges. IEEE Internet of Things Journal, 2018, 6(2): 2188–2204

    Article  Google Scholar 

  10. Sankar L S, Sindhu M, Sethumadhavan M. Survey of consensus protocols on blockchain applications. In: Proceedings of the 4th IEEE International Conference on Advanced Computing and Communication Systems. 2017, 1–5

  11. Nguyen G T, Kim K. A survey about consensus algorithms used in blockchain. Journal of Information Processing Systems, 2018, 14(1): 101–128

    Google Scholar 

  12. Zhu L, Wu Y, Gai K, Choo K R. Controllable and trustworthy blockchain-based cloud data management. Future Generation Computer system, 2019, 91: 527–535

    Article  Google Scholar 

  13. Esposito C, Santis A D, Tortora G, Chang H, Choo K R. Blockchain: a panacea for healthcare cloud-based data security and privacy. IEEE Cloud Computing, 2018, 5(1): 31–37

    Article  Google Scholar 

  14. Gai K, Choo K R, Zhu L. Blockchain-enabled reengineering of cloud Datacenters. IEEE Cloud Computing, 2018, 5(6): 21–25

    Article  Google Scholar 

  15. Lin C, He D, Huang X, Choo K R, Vasilakos A V. Bsein: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. Journel of Network and Computer Applications, 2018, 116: 42–52

    Article  Google Scholar 

  16. Conoscenti M, Vetro A, De Martin J C. Blockchain for the internet of things: a systematic literature review. In: Proceedings of the 13th IEEE/ACS International Conference of Computer Systems and Applications. 2016, 1–6

  17. Hassan M U, Rehmani M H, Chen J. Privacy preservation in blockchain based iot systems: integration issues, prospects, challenges, and future research directions. Future Generation Computer Systems, 2019, 97: 512–529

    Article  Google Scholar 

  18. Taylor P J, Dargahi T, Dehghantanha A, Parizi R M, Choo K R. A systematic literature review of blockchain cyber security. Digital Communications and Networks, 2020, 6(2): 147–156

    Article  Google Scholar 

  19. Xie J, Tang H, Huang T, Yu F R, Xie R, Liu J, Liu Y. A survey of blockchain technology applied to smart cities: research issues and challenges. IEEE Communications Surveys & Tutorials, 2019, 21(3): 2794–2830

    Article  Google Scholar 

  20. Yang R, Yu F R, Si P, Yang Z, Zhang Y. Integrated blockchain and edge computing systems: a survey, some research issues and challenges. IEEE Communications Surveys & Tutorials, 2019, 21(2): 1508–1532

    Article  Google Scholar 

  21. Buterin V. A next-generation smart contract and decentralized application platform. White Paper, 2014, 3(37): 1–36

    Google Scholar 

  22. Ronen E, Shamir A, Weingarten A, O’Flynn C. IoT goes nuclear: creating a zigbee chain reaction. In: Proceedings of the 38th IEEE Symposium on Security and Privacy. 2017, 195–212

  23. Vasisht D, Kapetanovic Z, Won J, Jin X, Chandra R, Sinha S N, Kapoor A, Sudarshan M, Stratman S. Farmbeats: an IoT platform for data-driven agriculture. In: Proceedings of the 14th USENIX Symposium on Networked Systems Design and Implementation. 2017, 515–529

  24. Azaria A, Ekblaw A, Vieira T, Lippman A. Medrec: using blockchain for medical data access and permission management. In: Proceedings of the 2nd International Conference on Open and Big Data. 2016, 25–30

  25. Yue X, Wang H, Jin D, Li M, Jiang W. Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. Journal of Medical Systems, 2016, 40(10): 218

    Article  Google Scholar 

  26. Chen L, Lee W K, Chang C, Choo K R, Zhang N. Blockchain based searchable encryption for electronic health record sharing. Future Generation Computer Systems, 2019, 95: 420–429

    Article  Google Scholar 

  27. McGhin T, Choo K R, Liu C Z, He D. Blockchain in healthcare applications: research challenges and opportunities. Journal of Network and Computer Applications, 2019, 135(1): 62–75

    Article  Google Scholar 

  28. Huckle S, Bhattacharya R, White M, Beloff N. Internet of things, blockchain and shared economy applications. In: Proceedings of the 7th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN 2016)/The 6th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH-2016)/Affiliated Workshops. 2016, 461–466

  29. Yao Q. A systematic framework to understand central bank digital currency. Science China Information Sciences, 2018, 61(3): 033101

    Article  Google Scholar 

  30. Liang J, Han W, Guo Z, Chen Y, Cao C, Wang X S, Li F. DESC: enabling secure data exchange based on smart contracts. Science China Information Sciences, 2018, 61(4): 049102

    Article  Google Scholar 

  31. Matsumoto S, Reischuk R M. IKP: turning a PKI around with decentralized automated incentives. In: Proceedings of the 38th IEEE Symposium on Security and Privacy. 2017, 410–426

  32. Chen J, Yao S, Yuan Q, He K, Ji S, Du R. Certchain: public and efficient certificate audit based on blockchain for TLS connections. In: Proceedings of the 2018 IEEE International Conference on Computer Communications. 2018, 2060–2068

  33. Chase M, Meiklejohn S. Transparency overlays and applications. In: Proceedings of the 23th ACM SIGSAC Conference on Computer and Communications Security. 2016, 168–179

  34. Szabo N. Formalizing and securing relationships on public networks. First Monday, 1997, 2(9): 1–21

    Article  Google Scholar 

  35. Paul A, Ahmad A, Khan M, Jeon G. Smart contract’s interface for user centric business model in blockchain. In: Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 2019, 709–714

  36. Siano P, Marco G De, Rolán A, Loia V. A survey and evaluation of the potentials of distributed ledger technology for peer-to-peer transactive energy exchanges in local energy markets. IEEE Systems Journal, 2019, 13(3): 3454–3466

    Article  Google Scholar 

  37. Castillo M. The dao attacked: code issue leads to 60 million ether theft. see Coindesk Website, 2020

  38. Reddit. Smartbillions lottery contract just got hacked. see Reddit Website, 2020

  39. Petrov S. Another parity wallet hack explained. see Medium Website, 2020

  40. Slow Mist. Eth dapp hack events. see Slow Mist Hacked Website, 2020

  41. Bartoletti M, Pompianu L. An empirical analysis of smart contracts: platforms, applications, and design patterns. In: Proceedings of the 21st International Conference on Financial Cryptography and Data Security. 2017, 494–509

  42. Castro M, Liskov B. Practical byzantine fault tolerance. In: Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation. 1999, 173–186

  43. Sukhwani H, Martínez J M, Chang X, Trivedi K S, Rindos A. Performance modeling of PBFT consensus process for permissioned blockchain network (hyperledger fabric). In: Proceedings of the 36th IEEE Symposium on Reliable Distributed Systems. 2017, 253–255

  44. David B, Gazi P, Kiayias A, Russell A. Ouroboros praos: an adaptively-secure, semi-synchronous proof-of-stake blockchain. In: Proceedings of the 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2018, 66–98

  45. Badertscher C, Gazi P, Kiayias A, Russell A, Zikas V. Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security. 2018, 913–930

  46. Petersen K, Feldt R, Mujtaba S, Mattsson M. Systematic mapping studies in software engineering. In: Proceedings of the 12th International Conference on Evaluation and Assessment in Software Engineering. 2008

  47. Pahl C, Brogi A, Soldani J, Jamshidi P. Cloud container technologies: a state-of-the-art review. IEEE Transactions on Cloud Computing, 2019, 7(3): 677–692

    Article  Google Scholar 

  48. Bonneau J, Miller A, Clark J, Narayanan A, Kroll J A, Felten E W. Sok: research perspectives and challenges for bitcoin and cryptocurrencies. In: Proceedings of the 36th IEEE Symposium on Security and Privacy. 2015, 104–121

  49. Alharby M, van Moorsel A. Blockchain-based smart contracts: a systematic mapping study. 2017, arXiv preprint arXiv:1710.06372

  50. Atzei N, Bartoletti M, Cimoli T. A survey of attacks on ethereum smart contracts (sok). In: Proceedings of the 6th International Conference on Principles of Security and Trust. 2017, 164–186

  51. Wang S, Ouyang L, Yuan Y, Ni X, Han X, Wang F Y. Blockchain-enabled smart contracts: architecture, applications, and future trends. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2019, 49(11): 2266–2277

    Article  Google Scholar 

  52. Juels A, Kosba A E, Shi E. The ring of gyges: investigating the future of criminal smart contracts. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security. 2016, 283–295

  53. Kwon Y, Kim D, Son Y, Vasserman E Y, Kim Y. Be selfish and avoid dilemmas: fork after withholding (FAW) attacks on bitcoin. In: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security. 2017, 195–209

  54. Eyal I. The miner’s dilemma. In: Proceedings of the 36th IEEE Symposium on Security and Privacy. 2015, 89–103

  55. Velner Y, Teutsch J, Luu L, Smart contracts make bitcoin mining pools vulnerable. In: Proceedings of the 21st International Conference on Financial Cryptography and Data Security. 2017, 298–316

  56. McCorry P, Hicks A, Meiklejohn S. Smart contracts for bribing Miners. IACR Cryptology ePrint Archive, 2018, 2018: 581

    Google Scholar 

  57. Wang Y, Bracciali A, Li T, Li F, Cui X, Zhao M. Randomness invalidates criminal smart contracts. Information Science, 2019, 477: 291–301

    Article  Google Scholar 

  58. Torres C F, Steichen M. The art of the scam: demystifying honeypots in ethereum smart contracts. In: Proceedings of the 28th USENIX Security Symposium. 2019

  59. Zhou Y, Kumar D, Bakshi S, Mason J, Miller A, Bailey M. Erays: reverse engineering ethereum’s opaque smart contracts. In: Proceedings of the 27th USENIX Security Symposium. 2018, 1371–1385

  60. Schwarz B, Debray S K, Andrews G R. Disassembly of executable code revisited. In: Proceedings of the 9th Working Conference on Reverse Engineering. 2012, 45–54

  61. Grech N, Brent L, Scholz B, Smaragdakis Y. Gigahorse: thorough, declarative decompilation of smart contracts. In: Proceedings of the 41st International Conference on Software Engineering. 2019, 1176–1186

  62. Parizi R M, Dehghantanha A, Choo R. A singh, empirical vulnerability analysis of automated smart contracts security testing on blockchains. In: Proceedings of the 28th Annual International Conference on Computer Science and Software Engineering. 2018, 103–113

  63. Chen T, Li X, Luo X, Zhang X. Under-optimized smart contracts devour your money. In: Proceedings of the 24th IEEE International Conference on Software Analysis, Evolution and Reengineering. 2017, 442–446

  64. Luu L, Chu D, Olickel H, Saxena P, Hobor A. Making smart contracts smarter. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security. 2016, 254–269

  65. Chen T, Li X, Wang Y, Chen J, Li Z, Luo X, Au M H, Zhang X. An adaptive gas cost mechanism for ethereum to defend against under-priced dos attacks. In: Proceedings of the 13th International Conference on Information Security Practice and Experience. 2017, 3–24

  66. Luu L, Teutsch J, Kulkarni R, Saxena P. Demystifying incentives in the consensus computer. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015, 706–719

  67. Li Y. Finding concurrency exploits on smart contracts. In: Proceedings of the 41st International Conference on Software Engineering: Companion Proceedings. 2019, 144–146

  68. Coblenz M J. Obsidian: a safer blockchain programming language. In: Proceedings of the 39th International Conference on Software Engineering. 2017, 97–99

  69. Schrans F, Eisenbach S, Drossopoulou S. Writing safe smart contracts in flint. In: Proceedings of the 2nd International Conference on Art, Science, and Engineering of Programming. 2018, 218–219

  70. Schrans F, Hails D, Harkness A, Drossopoulou S, Eisenbach S. Flint for safer smart contracts. 2019, arXiv preprint arXiv:1904.06534

  71. Torres C F, SchĀijtte J, State R. Osiris: hunting for integer bugs in ethereum smart contracts. In: Proceedings of the 34th Annual Computer Security Applications Conference. 2018

  72. Nikolic I, Kolluri A, Sergey I, Saxena P, Hobor A. Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Conference on Computer Security Applications. 2018

  73. Jiang B, Liu Y, Chan W K. Contractfuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 2018, 259–269

  74. Rodler M, Li W, Karame G O, Davi L. Sereum: protecting existing smart contracts against re-entrancy attacks. In: Proceedings of the 26th Annual Network and Distributed System Security Symposium. 2019

  75. Ma F, Fu Y, Ren M, Wang M, Jiang Y, Zhang K, Li H, Shi X. EVM*: from offline detection to online reinforcement for ethereum virtual machine. In: Proceedings of the 26th IEEE International Conference on Software Analysis, Evolution and Reengineering. 2019, 554–558

  76. Liu H, Yang Z, Jiang Y, Zhao W, Sun J. Enabling clone detection for ethereum via smart contract birthmarks. In: Proceedings of the 27th International Conference on Program Comprehension. 2019, 105–115

  77. Liu H, Liu C, Zhao W, Jiang Y, Sun J. S-gram: towards semantic-aware security auditing for ethereum smart contracts. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 2018, 814–819

  78. Liu H, Yang Z, Liu C, Jiang Y, Zhao W, Sun J, Eclone: detect semantic clones in ethereum via symbolic transaction sketch. In: Proceedings of the 26th 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 2018, 900–903

  79. Angelo M D, Salzer G. A survey of tools for analyzing ethereum smart Contracts. In: Proceedings of IEEE International Conference on Decentralized Applications and Infrastructures. 2019

  80. Krupp J, Rossow C. teEther: gnawing at ethereum to automatically exploit smart contracts. In: Proceedings of the 27th USENIX Security Symposium. 2018, 1317–1333

  81. Mossberg M, Manzano F, Hennenfent E, Groce A, Grieco G, Feist J, Brunson T, Dinaburg A. Manticore: a user-friendly symbolic execution framework for binaries and smart contracts. In: Proceedings of the 34th ACM/IEEE International Conference on Automated Software Engineering. 2019

  82. Kalra S, Goel S, DhawanM, Sharma S. ZEUS: analyzing safety ofsmart contracts. In: Proceedings of the 25th Annual Network and Distributed System Security Symposium. 2018

  83. Bhargavan K, Delignat-Lavaud A, Fournet C, Gollamudi A, Gonthier G, Kobeissi N, Kulatova N, Rastogi A, Sibut-Pinote T, Swamy N, Béguelin SZ. Formal verification of smart contracts: Short paper. In: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security. 2016, 91–96

  84. Idelberger F, Governatori G, Riveret R, Sartor G. Evaluation of logic-based smart contracts for blockchain systems. In: Proceedings of the 10th International Symposium on Rule Technologies, Research, Tools, and Applications. 2016, 167–183

  85. Hildenbrandt E, Saxena M, Rodrigues N, Zhu X, Daian P, Guth D, Moore B M, Park D, Zhang Y, Stefanescu A, Rosu G. KEVM: a complete formal semantics of the ethereum virtual machine. In: Proceedings of the 31st IEEE Computer Security Foundations Symposium. 2018, 204–217

  86. Park D, Zhang Y, Saxena M, Daian P, Rosu G. A formal verification tool for ethereum VM bytecode. In: Proceedings of the 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 2018, 912–915

  87. Ahrendt W, Pace G J, Schneider G. Smart contracts: a killer application for deductive source code verification. In: Müller P, Schaefer I. eds. Principled Software Development. Springer, Cham, 2018, 1–18

  88. Ellul J, Pace G J. Runtime verification of ethereum smart contracts. In: Proceedings of the 14th European Dependable Computing Conference. 2018, 158–163.

  89. Tsankov P, Dan A M, Drachsler-Cohen D, Gervais A, Bünzli F, Vechev M T. Securify: practical security analysis of smart contracts. In: Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security. 2018, 67–82

  90. Bai X, Cheng Z, Duan Z, Hu K. Formal modeling and verification of smart contracts. In: Proceedings of the 7th International Conference on Software and Computer Applications. 2018, 322–326

  91. Liu C, Liu H, Cao Z, Chen Z, Chen B, Roscoe B. Reguard: finding reentrancy bugs in smart contracts. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings. 2018, 65–68

  92. Wüstholz V, Christakis M. Harvey: a greybox fuzzer for smart contracts. 2019, arXiv preprint arXiv:1905.06944

  93. Tann W J, Han X J, Gupta S S, Ong Y. Towards safer smart contracts: a sequence learning approach to detecting vulnerabilities. 2018, arXiv preprint arXiv:1811.06632

  94. Finifter M, Akhawe D, Wagner D A. An empirical study of vulnerability rewards programs. In: Proceedings of the 22nd USENIX Security Symposium. 2013, 273–288

  95. Breidenbach L, Daian P, Tramèr F, Juels A. Enter the hydra: towards principled bug bounties and exploit-resistant smart contracts. In: Proceedings of the 27th USENIX Security Symposium. 2018, 1335–1352

  96. Banasik W, Dziembowski S, Malinowski D. Efficient zero-knowledge contingent payments in cryptocurrencies without scripts. In: Proceedings of the 21st European Symposium on Research in Computer Security. 2016, 261–280

  97. Tramèr F, Zhang F, Lin H, Hubaux J, Juels A, Shi E. Sealed-glass proofs: using transparent enclaves to prove and sell knowledge. In: Proceedings of the 2nd IEEE European Symposium on Security and Privacy. 2017, 19–34

  98. Kalodner H A, Goldfeder S, Chen X, Weinberg S M, Felten E W. Arbitrum: scalable, private smart contracts. In: Proceedings of the 27th USENIX Security Symposium. 2018, 1353–1370

  99. Ateniese G, Magri B, Venturi D, Andrade E R. Redactable blockchain — or - rewriting history in bitcoin and friends. In: Proceedings of 2017 IEEE European Symposium on Security and Privacy. 2017, 111–126

  100. Derler D, Samelin K, Slamanig D, Striecks C. Fine-grained and controlled rewriting in blockchains: chameleon-hashing gone attribute-based. In: Proceedings of the 26th Annual Network and Distributed System Security Symposium. 2019

  101. Hildenbrandt E, Saxena M, Rodrigues N, Zhu X, Daian P, Guth D, Moore B M, Park D, Zhang Y, Stefanescu A, Rosu G. KEVM: a complete formal semantics of the ethereum virtual machine. In: Proceedings of the 31st IEEE Computer Security Foundations Symposium. 2018, 204–217

  102. Rosu G, Serbanuta T. An overview of the K semantic framework. Journal of Logic and Algebraic Programming, 2010, 79(6): 397–434

    Article  MathSciNet  MATH  Google Scholar 

  103. Chatterjee K, Goharshady A K, Pourdamghani A. Probabilistic smart contracts: secure randomness on the blockchain. In: Proceedings of IEEE International Conference on Blockchain and Cryptocurrency. 2019

  104. Pierrot C, Wesolowski B. Malleability of the blockchain’s entropy. Cryptography and Communications, 2018, 10(1): 211–233

    Article  MathSciNet  MATH  Google Scholar 

  105. Cachin C, Kursawe K, Shoup V. Random oracles in constantinople: practical asynchronous byzantine agreement using cryptography. Journal of Cryptology, 2005, 18(3): 219–246

    Article  MathSciNet  MATH  Google Scholar 

  106. Bonneau J, Narayanan A, Miller A, Clark J, Kroll J A, Felten E W. Mixcoin: anonymity for bitcoin with accountable mixes. In: Proceedings of the 18th International Conference on Financial Cryptography and Data Security. 2014, 486–504

  107. Garman C, Green M, Miers I, Rubin A D. Rational zero: economic security for zerocoin with everlasting anonymity. In: Proceedings of the 18th International Conference on Financial Cryptography and Data Security. 2014, 140–155

  108. Bünz B, Goldfeder S, Bonneau J. Proofs-of-delay and randomness beacons in ethereum. IEEE Security and Privacy on the Blockchain (IEEE S&B), 2017

  109. Lenstra A K, Wesolowski B. A random zoo: sloth, unicorn, and trx IACR Cryptology ePrint Archive, 2015, 2015: 366

  110. Gilad Y, Hemo R, Micali S, Vlachos G, Zeldovich N. Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles. 2017, 51–68

  111. Micali S, Rabin M O, Vadhan S P. Verifiable random functions. In: Proceedings of the 40th Annual Symposium on Foundations of Computer Science. 1999, 120–130

  112. Hanke T, Movahedi M, Williams D. DFINITY technology overview series, consensus system. 2018, arXiv preprint arXiv:1805.04548

  113. Badertscher C, Gazi P, Kiayias A, Russell A, Zikas V. Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security. 2018, 913–930

  114. Pass R, Shi E. Thunderella: Blockchains with optimistic instant confirmation. In: Proceedings of the 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2018, 3–33

  115. Zhang F, Cecchetti E, Croman K, Juels A, Shi E. Town crier: an authenticated data feed for smart contracts. In: Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security. 2016, 270–282

  116. Ellis S, Juels A, Nazarov S. Chainlink—a decentralized oracle Network. 2017

  117. Sergey I, Hobor A. A concurrent perspective on smart contracts. In: Proceedings of the 21st International Conference on Financial Cryptography and Data Security. 2017, 478–493

  118. Dickerson T D, Gazzillo P, Herlihy M, Koskinen E. Adding concurrency to smart contracts. In: Proceedings of the 36th ACM Symposium on Principles of Distributed Computing. 2017, 303–312

  119. Zhang A, Zhang K. Enabling concurrency on smart contracts using multiversion ordering. In: Proceedings of the 2nd International Joint Conference on Web and Big Data. 2018, 425–439

  120. Li Z, Zou D, Xu S, Ou X, Jin H, Wang S, Deng Z, Zhong Y. Vuldeepecker: a deep learning-based system for vulnerability detection. In: Proceedings of the 25th Annual Network and Distributed System Security Symposium. 2018

  121. Russell R, Kim L, Hamilton L, Lazovich T, Harer J, Ozdemir O, Elling-wood P, McConley M. Automated vulnerability detection in source code using deep representation learning. In: Proceedings of the 17th IEEE International Conference on Machine Learning and Applications. 2018, 757–762

  122. Liu B, Huo W, Zhang C, Li W, Li F, Piao A, Zou W. αdiff: cross-version binary code similarity detection with DNN. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. 2018, 667–678

  123. White M, Tufano M, Vendome C, Poshyvanyk D. Deep learning code fragments for code clone detection. In: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering. 2016, 87–98

Download references

Acknowledgements

This work was supported by the National Key Research and Development (R&D) Plan of China (2019YFB2101700), the Science and Technology Program of Guangzhou (201902020016), the Shenzhen Fundamental Research Program (JCYJ20170413114215614), the Guangdong Provincial Science and Technology Plan Project (2017B010124001), and the Guangdong Provincial Key R&D Plan Project (2019B010139001).

Author information

Authors and Affiliations

  1. National Engineering Research Center for Big Data Technology and System, Services Computing Technology and System Lab, Clusters and Grid Computing Lab, Hubei Engineering Research Center on Big Data Security, Wuhan, 430074, China

    Zeli Wang, Hai Jin, Weiqi Dai & Deqing Zou

  2. School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China

    Zeli Wang & Hai Jin

  3. School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, 430074, China

    Weiqi Dai & Deqing Zou

  4. Shenzhen Huazhong University of Science and Technology Research Institute, Shenzhen, 518057, China

    Weiqi Dai & Deqing Zou

  5. Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, TX, 78249-0631, USA

    Kim-Kwang Raymond Choo

Authors
  1. Zeli Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weiqi Dai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kim-Kwang Raymond Choo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weiqi Dai.

Additional information

Zeli Wang is a PhD candidate at Huazhong University of Science and Technology (HUST), China. Her main research topics are blockchain and smart contract security.

Hai Jin received the PhD degree in computer engineering from the Huazhong University of Science and Technology (HUST), China in 1994. He is currently Chair Professor of computer science and engineering with HUST, China. He is the also Chief Scientist of the National 973 Basic Research Program Project of Virtualization Technology of Computing System. He has co-authored 22 books and published over 700 research papers. His research interests include computer architecture, virtualization technology, cluster computing and cloud computing, peer-to-peer computing, network storage, and network security. He is a fellow of CCF and a member of the ACM.

Weiqi Dai received the PhD degree in computer science and technology from Huazhong University of Science and Technology (HUST), China. He is an assistant professor in school of cyber science and engineering at HUST, China. His expertise and research interests include blockchain, cloud computing security, trusted computing, virtualization technology, and trusted SDN.

Kim-Kwang Raymond Choo received his PhD in Information Security from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at the University of Texas, USA at San Antonio and is an associate professor at the University of South Australia, Australia. He was named one of 10 Emerging Leaders in the Innovation category of The Weekend Australian Magazine/Microsoft’s Next 100 series in 2009, and is the recipient of various awards including the British Computer Society’s Wilkes Award and the Fulbright Scholarship. He is a fellow of the Australian Computer Society, and a Senior Member of IEEE.

Deqing Zou received the PhD degree from the Huazhong University of Science and Technology (HUST), China in 2004. He is currently a professor in school of cyber science and engineering at HUST, China. He has applied almost 20 patents, published two books, one is theXen virtualization Technologies and the other is Trusted Computing Technologies and Principles, and published over 50 high-quality papers. His main research interests include system security, trusted computing, virtualization, and cloud security. He has served as the PC member/PC chair of over 40 international conferences.

Electronic supplementary material

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, Z., Jin, H., Dai, W. et al. Ethereum smart contract security research: survey and future research opportunities. Front. Comput. Sci. 15, 152802 (2021). https://doi.org/10.1007/s11704-020-9284-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11704-020-9284-9

Keywords

Search

Navigation