论文信息 - Evaluation of Tools for Analyzing Smart Contracts in Distributed Ledger Technologies

Evaluation of Tools for Analyzing Smart Contracts in Distributed Ledger Technologies

Despite the fact that the extent of interest in distributed ledger technologies has slightly decreased after the peak of Bitcoin popularity this area continues to evolve. One of the popular areas is the development of smart contracts which introduces a new paradigm of writing programs. This inflicts additional difficulties associated primarily with the high costs of error. This paper reviews the typical vulnerabilities that are widespread during development in the Solidity language. It also presents an analysis of existing tools to help identify software bugs. It is shown that there is no universal technique at the moment and if the risks are high, one should not solely check the code with available instruments but also conduct a manual audit with help of an expert.

[1] Sergei Tikhomirov,et al. SmartCheck: Static Analysis of Ethereum Smart Contracts , 2018, 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[2] Lawrence C. Paulson,et al. Isabelle: The Next 700 Theorem Provers , 2000, ArXiv.

[3] Nikhil Swamy,et al. Formal Verification of Smart Contracts: Short Paper , 2016, PLAS@CCS.

[4] Nikolaj Bjørner,et al. Z3: An Efficient SMT Solver , 2008, TACAS.

[5] Sukrit Kalra,et al. ZEUS: Analyzing Safety of Smart Contracts , 2018, NDSS.

[6] Arie Gurfinkel,et al. Synthesizing Ranking Functions from Bits and Pieces , 2016, TACAS.

[7] Massimo Bartoletti,et al. A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[8] Aron Laszka,et al. Tool Demonstration: FSolidM for Designing Secure Ethereum Smart Contracts , 2018, POST.

[9] Aron Laszka,et al. Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach , 2017, Financial Cryptography.

[10] Yuan Zhang,et al. Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps , 2018, NDSS.

[11] Prateek Saxena,et al. Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..