Profiling Gas Leaks in Solidity Smart Contracts.

Nowadays, more and more applications are developed for running on a distributed ledger technology, namely dApps. The business logic of dApps is usually implemented within smart contracts developed through Solidity, a programming language for writing smart contracts on different blockchain platforms, including the popular Ethereum. In Ethereum, the smart contracts run on the machines of miners and the gas corresponds to the execution fee compensating such computing resources. However, the deployment and execution costs of a smart contract depend on the implementation choices done by developers. Unappropriated design choices could lead to higher gas consumption than necessary. In this paper, we (i) identify a set of 19 Solidity code smells affecting the deployment and transaction costs of a smart contract, and (ii) assess the relevance of such smells through a survey involving 34 participants. On top of these smells, we propose GasMet, a suite of metrics for statically evaluating the code quality of a smart contract from the gas consumption perspective. An experiment involving 2,186 smart contracts demonstrates that the proposed metrics have direct associations with deployment costs. The metrics in our suite can be used for more easily identifying source code segments that need optimizations.

[1]  S. Holm A Simple Sequentially Rejective Multiple Test Procedure , 1979 .

[2]  Giuseppe Destefanis,et al.  On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study , 2019, 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[3]  Robert M. Hierons,et al.  Smart contracts vulnerabilities: a call for blockchain software engineering? , 2018, 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[4]  Mark H. Meng,et al.  A Blockchain Aided Metric for Predictive Delivery Performance in Supply Chain Management , 2018, 2018 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI).

[5]  Shari Lawrence Pfleeger,et al.  Principles of survey research: part 5: populations and samples , 2002, SOEN.

[6]  Shari Lawrence Pfleeger,et al.  Principles of survey research: part 3: constructing a survey instrument , 2002, SOEN.

[7]  A. N. Oppenheim,et al.  Questionnaire Design, Interviewing and Attitude Measurement , 1992 .

[8]  Emin Gün Sirer,et al.  Decentralization in Bitcoin and Ethereum Networks , 2018, Financial Cryptography.

[9]  Péter Hegedűs Towards Analyzing the Complexity Landscape of Solidity Based Ethereum Smart Contracts , 2019 .

[10]  Shari Lawrence Pfleeger,et al.  Principles of survey research part 4: questionnaire evaluation , 2002, SOEN.

[11]  W. Pirie Spearman Rank Correlation Coefficient , 2006 .

[12]  Albert Rubio,et al.  Running on Fumes , 2019, Lecture Notes in Computer Science.

[13]  Alexander Ferworn,et al.  Security Smells in Smart Contracts , 2019, 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C).

[14]  Jiachi Chen,et al.  Defining Smart Contract Defects on Ethereum , 2019 .

[15]  Shari Lawrence Pfleeger,et al.  Principles of survey research: part 1: turning lemons into lemonade , 2001, SOEN.

[16]  Chao Peng,et al.  SIF: A Framework for Solidity Contract Instrumentation and Analysis , 2019, 2019 26th Asia-Pacific Software Engineering Conference (APSEC).

[17]  Sergei Tikhomirov,et al.  SmartCheck: Static Analysis of Ethereum Smart Contracts , 2018, 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[18]  Michele Marchesi,et al.  Smart contracts software metrics: A first study , 2018, PloS one.

[19]  Xiapu Luo,et al.  Under-optimized smart contracts devour your money , 2017, 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[20]  Shari Lawrence Pfleeger,et al.  Principles of survey research part 2: designing a survey , 2002, SOEN.

[21]  Douglas C. Schmidt,et al.  Metrics for assessing blockchain-based healthcare decentralized apps , 2017, 2017 IEEE 19th International Conference on e-Health Networking, Applications and Services (Healthcom).

[22]  Yang Feng,et al.  Smart Contract Development: Challenges and Opportunities , 2021, IEEE Transactions on Software Engineering.

[23]  Yinxing Xue,et al.  Towards Automated Generation of Bug Benchmark for Smart Contracts , 2019, 2019 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW).

[24]  Albert Rubio,et al.  GASOL: Gas Analysis and Optimization for Ethereum Smart Contracts , 2014, TACAS.

[25]  Bernd Burgstaller,et al.  The Economics of Smart Contracts , 2019, ArXiv.

[26]  Yannis Smaragdakis,et al.  MadMax: surviving out-of-gas conditions in Ethereum smart contracts , 2018, Proc. ACM Program. Lang..

[27]  Shari Lawrence Pfleeger,et al.  Principles of survey research part 6: data analysis , 2003, SOEN.

[28]  Uwe Zdun,et al.  Smart contracts: security patterns in the ethereum ecosystem and solidity , 2018, 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[29]  Michele Marchesi,et al.  Design Patterns for Gas Optimization in Ethereum , 2020, 2020 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE).