Smart Contract Vulnerability Analysis and Security Audit

Smart Contract Vulnerability Analysis and Security Audit

Ethereum started the blockchain-based smart contract technology that due to its scalability more and more decentralized applications are now based on. On the downside this has led to the exposure of more and more security issues and challenges, which has gained widespread attention in terms of resea...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE network 2020-09, Vol.34 (5), p.276-282
Hauptverfasser: He, Daojing, Deng, Zhi, Zhang, Yuxing, Chan, Sammy, Cheng, Yao, Guizani, Nadra
Format: Artikel
Sprache:eng
Schlagworte:
Bitcoin
Computer hacking
Contracts
Cryptography
Games
Random numbers
Scalability
Security
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Ethereum started the blockchain-based smart contract technology that due to its scalability more and more decentralized applications are now based on. On the downside this has led to the exposure of more and more security issues and challenges, which has gained widespread attention in terms of research in the field of Ethereum smart contract vulnerabilities in both academia and industry. This article presents a survey of the Ethereum smart contract's various vulnerabilities and the corresponding defense mechanisms that have been applied to combat them. In particular, we focus on the random number vulnerability in the Fomo3d-like game contracts, as well as that attack and defense methods applied. Finally, we summarize the existing Ethereum smart contract security audit methods and compare several mainstream audit tools from various perspectives.
ISSN:0890-8044
1558-156X
DOI:10.1109/MNET.001.1900656