A survey on the security of blockchain systems

Li, Xiaoqi; Jiang, Peng; Chen, Ting; Wang, Liu; Wen, Qiaoyan

doi:10.1016/j.future.2017.08.020

Cited by 1,284 publications

(713 citation statements)

References 26 publications

(29 reference statements)

Supporting

Mentioning

704

Contrasting

Unclassified

Order By: Relevance

“…We will follow such suggestions to improve the tool in the near future. 6. http://www.smartembed.net 7. https://github.com/beyondacm/SmartEmbed…”

Section: Discussionmentioning

confidence: 99%

“…We collected a list of 52 known buggy smart contracts belonging to 10 kinds of common vulnerabilities. These vulnerabilities are from real world events (e.g., Reentracy, Honeypot, Replay, Gas Limit) [3], [4], [68], previous research papers (e.g., Overflow/Underflow, Blockhash/Timestamp) [6], [7], [12] and/or the CVE reported by some organizations (e.g., Transfer Flaw, Batch Overflow, Verify Reverse) [69]- [71].…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Checking Smart Contracts With Structural Code Embedding

Gao

Jiang

Xia

et al. 2021

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Smart contracts have been increasingly used together with blockchains to automate financial and business transactions. However, many bugs and vulnerabilities have been identified in many contracts which raises serious concerns about smart contract security, not to mention that the blockchain systems on which the smart contracts are built can be buggy. Thus, there is a significant need to better maintain smart contract code and ensure its high reliability. In this paper, we propose an automated approach to learn characteristics of smart contracts in Solidity, which is useful for clone detection, bug detection and contract validation on smart contracts. Our new approach is based on word embeddings and vector space comparison. We parse smart contract code into word streams with code structural information, convert code elements (e.g., statements, functions) into numerical vectors that are supposed to encode the code syntax and semantics, and compare the similarities among the vectors encoding code and known bugs, to identify potential issues. We have implemented the approach in a prototype, named SMARTEMBED , and evaluated it with more than 22,000 smart contracts collected from the Ethereum blockchain. Results show that our tool can effectively identify many repetitive instances of Solidity code, where the clone ratio is around 90%. Code clones such as type-III or even type-IV semantic clones can also be detected accurately. Our tool can identify more than 1000 clone related bugs based on our bug databases efficiently and accurately. Our tool can also help to efficiently validate any given smart contract against a known set of bugs, which can help to improve the users' confidence in the reliability of the contract. !

show abstract

“…We will follow such suggestions to improve the tool in the near future. 6. http://www.smartembed.net 7. https://github.com/beyondacm/SmartEmbed…”

Section: Discussionmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Checking Smart Contracts With Structural Code Embedding

Gao

Jiang

Xia

et al. 2021

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

show abstract

“…There exist a few surveys, which consider blockchain platforms security risks. For instance, Li et al [24] overview the security attacks on the blockchain platforms & summarise the security enhancements. In our work, we consider the security risks on the blockchain-based applications and their countermeasures.…”

Section: Related Workmentioning

confidence: 99%

“…Hence, the security challenges are debatable and there is no comprehensive (or standardized) overview of security risks which can potentially damage the blockchain-based applications. There exist few studies reporting on security challenges in the blockchain platforms [4,24], but there is still a lack of focus on the blockchain-based applications security.…”

Section: Introductionmentioning

confidence: 99%

Blockchain-Based Application Security Risks: A Systematic Literature Review

Iqbal

Matulevičius

2019

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Although the blockchain-based applications are considered to be less vulnerable due to the nature of the distributed ledger, they did not become the silver bullet with respect to securing the information against different security risks. In this paper, we present a literature review on the security risks that can be mitigated by introducing the blockchain technology, and on the security risks that are identified in the blockchain-based applications. In addition, we highlight the application and technology domains where these security risks are observed. The results of this study could be seen as a preliminary checklist of security risks when implementing blockchain-based applications.

show abstract

“…• Recent advances in addressing technical challenges are summarized. [12], [13], [14] [15], [16] [17]…”

Section: Introductionmentioning

confidence: 99%

An overview on smart contracts: Challenges, advances and platforms

Zheng

Xie

Dai

et al. 2020

Future Generation Computer Systems

794

245

View full text Add to dashboard Cite

Smart contract technology is reshaping conventional industry and business processes. Being embedded in blockchains, smart contracts enable the contractual terms of an agreement to be enforced automatically without the intervention of a trusted third party. As a result, smart contracts can cut down administration and save services costs, improve the efficiency of business processes and reduce the risks. Although smart contracts are promising to drive the new wave of innovation in business processes, there are a number of challenges to be tackled. This paper presents a survey on smart contracts. We first introduce blockchains and smart contracts. We then present the challenges in smart contracts as well as recent technical advances. We also compare typical smart contract platforms and give a categorization of smart contract applications along with some representative examples.

show abstract

A survey on the security of blockchain systems

Cited by 1,284 publications

References 26 publications

Checking Smart Contracts With Structural Code Embedding

Checking Smart Contracts With Structural Code Embedding

Blockchain-Based Application Security Risks: A Systematic Literature Review

An overview on smart contracts: Challenges, advances and platforms

Contact Info

Product

Resources

About