Smart Contract Security: A Software Lifecycle Perspective

Huang, Yunyun; Bian, Yiyang; Li, Renpu; Zhao, Jianjun; Shi, Peizhong

doi:10.1109/access.2019.2946988

Cited by 118 publications

(82 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Despite many advantages of smart contracts such as support for automation, ease of debugging, cost efficiency, and limited human intervention required to run business processes; however, the presence of bugs inside a smart contract code can affect its normal operations that can lead to huge losses and disruptions. Being deployed on a decentralized platform, a smart contract can face several security threats from the pseudonymous malicious actors that can fully control the smart contract for malicious purposes [118][119][120]. Smart contracts deployed on the public blockchain platforms are often open-source.…”

Section: B Smart Contracts Security Auditmentioning

confidence: 99%

Blockchain and COVID-19 Pandemic: Applications and Challenges

Ahmad¹,

Salah²,

Jayaraman³

et al. 2023

Preprint

View full text Add to dashboard Cite

The year 2020 has witnessed the emergence of coronavirus disease (COVID-19) that has rapidly spread and adversely affected the global economy, health, and human lives. The COVID-19 pandemic has exposed the limitations of existing healthcare systems regarding its inadequacy to timely and efficiently handle public health emergencies. A large portion of today's healthcare systems are centralized and fall short in providing necessary information security and privacy, data immutability, transparency, and traceability features to detect frauds related to COVID-19 vaccination certification, anti-body testing, and medical supplies. Blockchain technology can assist to combat the COVID-19 pandemic by assuring safe and reliable medical supplies, accurate identification of virus hot spots, and establishing data provenance to verify the genuine personal protective equipment that is decentralized, trustworthy, traceable, and transparent. In this paper, we discuss the potential blockchain applications for the COVID-19 pandemic. We present the high-level design of three blockchain-based systems to enable the governments and medical professionals to efficiently handle health emergencies caused by COVID-19. We discuss the important ongoing blockchain-based research projects to demonstrate the adoption of blockchain technology for the COVID-19. Finally, we identify and discuss future research challenges along with their key causes and guidelines.

show abstract

Section: B Smart Contracts Security Auditmentioning

confidence: 99%

Blockchain and COVID-19 Pandemic: Applications and Challenges

Ahmad¹,

Salah²,

Jayaraman³

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…In Ethereum, smart contract vulnerabilities arise from the Solidity language, the Ethereum or EVM blockchain platform, and a misunderstanding of common practices. In Hyperledger Fabric chaincodes, vulnerabilities arise from almost identical points: the Go language, the blockchain platform, and a misunderstanding of common practices [48].…”

Section: A Smart Contract Securitymentioning

confidence: 99%

“…Common software security weaknesses [26], [49] may be amplified on blockchain platforms and in the related SC security [50]. Such weaknesses include improper behavioral workflow, access control or initialization, incorrect calculation and insufficiently random values, the inclusion of untrusted external functionalities (e.g., external libraries, smart contracts deployed by others), and improper exception handling and cryptographic understanding [48].…”

Section: A Smart Contract Securitymentioning

confidence: 99%

“…In Hyperledger Fabric chaincode development, Go is most widely used. Most security vulnerabilities in Hyperledger Fabric chaincodes arise from the nondeterministic behavior of Go, which may lead to consensus failure [48]. Apart from this, other vulnerabilities arise from almost identical points as in Ethereum: the blockchain platform and a misunderstanding of common practices.…”

Section: B Sc Vulnerabilities Coveragementioning

confidence: 99%

“…According to [48], smart contract security should be explored from a global perspective and reaching beyond merely analyzing the smart contract code for possible vulnerabilities and flaws. They refer to four development phases, which all contribute to SC security: i. security design, ii.…”

Section: Approaches To Smart Contract Security Assurancementioning

confidence: 99%

See 2 more Smart Citations

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

2020

View full text Add to dashboard Cite

Trusted decentralized applications based on distributed ledger technologies provide many potential opportunities to 5G applications and verticals, as well as in fifth generation mobile network (5G) enabling technologies, systems, and services. Apart from the tamper-proof exchange of transactions, distributed ledgers can provide a software environment for the trusted execution of smart contracts. In this paper, we explore the security aspects of decentralized applications and, in particular, the security of smart contracts. Distributed ledger characteristics impose distinct requirements on smart contract design, implementation, deployment, and management. We briefly present the approach to the development of secure smart contracts, and highlight key smart contract vulnerabilities and the developer tools supporting smart contract security. We developed a secure, upgradeable modular multi-contract platform. It combines per-contract Smart Contract Tunnels and per-user-based access control to minimize vulnerabilities. The smart contract platform is comprised of service-agnostic, auxiliary, and service-specific smart contracts. It can be therefore easily adapted to different 5G application verticals. For illustration and evaluation, we elaborated on the proposed solution on a case of smart electric charging. During the design and development, state-of-the-art code analysis was applied. Finally, we propose an architecture for the integration of the secure multi-contract platform into a 5G architecture. The integration proposal utilizes hybrid private-public blockchain networks for possible security, scalability, performance, and transaction cost optimization.

show abstract

Merging Blockchain and Deep Learning for Authentication and Security Architectures

Yadav,

Verma

2024

Decentralized Systems and Distributed Computing

View full text Add to dashboard Cite

Smart Contract Security: A Software Lifecycle Perspective

Cited by 118 publications

References 48 publications

Blockchain and COVID-19 Pandemic: Applications and Challenges

Blockchain and COVID-19 Pandemic: Applications and Challenges

Secure Modular Smart Contract Platform for Multi-Tenant 5G Applications

Merging Blockchain and Deep Learning for Authentication and Security Architectures

Contact Info

Product

Resources

About