Security Threat Mitigation for Smart Contracts: A Comprehensive Survey

The blockchain technology, initially created for cryptocurrency, has been re-purposed for recording state transitions of smart contracts — decentralized applications that can be invoked through external transactions. Smart contracts gained popularity and accrued hundreds of billions of dollars in market capitalization in recent years. Unfortunately, like all other computer programs, smart contracts are prone to security vulnerabilities that have incurred multibillion-dollar damages over the past decade. As a result, many automated threat mitigation solutions have been proposed to counter the security issues of smart contracts. These threat mitigation solutions include various tools and methods that are challenging to compare. This survey develops a comprehensive classification taxonomy of smart contract threat mitigation solutions within five orthogonal dimensions: defense modality, core method, targeted contracts, input-output data mapping, and threat model. We classify 133 existing threat mitigation solutions using our taxonomy and confirm that the proposed five dimensions allow us to concisely and accurately describe any smart contract threat mitigation solution. In addition to learning what the threat mitigation solutions do, we also show how these solutions work by synthesizing their actual designs into a set of uniform workflows corresponding to the eight existing defense core methods. We further create an integrated coverage map for the known smart contract vulnerabilities by the existing threat mitigation solutions. Finally, we perform the evidence-based evolutionary analysis, in which we identify trends and future perspectives of threat mitigation in smart contracts and pinpoint major weaknesses of the existing methodologies. For the convenience of smart contract security developers, auditors, users, and researchers, we deploy and maintain a regularly updated comprehensive open-source online registry of threat mitigation solutions, called Security Threat Mitigation (STM) Registry at https://seit.egr.msu.edu/research/stmregistry/.

[1]  Qiben Yan,et al.  TxT: Real-Time Transaction Encapsulation for Ethereum Smart Contracts , 2023, IEEE Transactions on Information Forensics and Security.

[2]  Yinzhi Cao,et al.  ExGen: Cross-platform, Automated Exploit Generation for Smart Contract Vulnerabilities , 2023, IEEE Transactions on Dependable and Secure Computing.

[3]  Marius Kleina Schützende Abgrenzung , 2022, Heilpflanzen.

[4]  Natalia Stakhanova,et al.  EtherProv: Provenance-Aware Detection, Analysis, and Mitigation of Ethereum Smart Contract Security Issues , 2021, 2021 IEEE International Conference on Blockchain (Blockchain).

[5]  David Tse,et al.  Three Attacks on Proof-of-Stake Ethereum , 2021, IACR Cryptol. ePrint Arch..

[6]  Yang Feng,et al.  Smart Contract Development: Challenges and Opportunities , 2021, IEEE Transactions on Software Engineering.

[7]  Fuyuan Zhang,et al.  A security type verifier for smart contracts , 2021, Comput. Secur..

[8]  Nikolay Ivanov,et al.  EthClipper: A Clipboard Meddling Attack on Hardware Wallets with Address Verification Evasion , 2021, 2021 IEEE Conference on Communications and Network Security (CNS).

[9]  Nafei Zhu,et al.  Security enhancement technologies for smart contracts in the blockchain: A survey , 2021, Trans. Emerg. Telecommun. Technol..

[10]  Nikolay Ivanov,et al.  Rectifying Administrated ERC20 Tokens , 2021, ICICS.

[11]  He Zhang,et al.  HFContractFuzzer: Fuzzing Hyperledger Fabric Smart Contracts for Vulnerability Detection , 2021, EASE.

[12]  Shouling Ji,et al.  Smart Contract Vulnerability Detection: From Pure Neural Network to Interpretable Graph Feature and Expert Pattern Fusion , 2021, IJCAI.

[13]  Manar H. Alalfi,et al.  A Survey of Security Vulnerabilities in Ethereum Smart Contracts , 2021, CASCON.

[14]  Isil Dillig,et al.  SmartPulse: Automated Checking of Temporal Properties in Smart Contracts , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[15]  Ting Chen,et al.  Targeting the Weakest Link: Social Engineering Attacks in Ethereum Smart Contracts , 2021, AsiaCCS.

[16]  Murat Kantarcioglu,et al.  AI for Security and Security for AI , 2021, Conference on Data and Application Security and Privacy.

[17]  Giovanni Vigna,et al.  SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds , 2021, 2022 IEEE Symposium on Security and Privacy (SP).

[18]  Gerardo Canfora,et al.  A systematic literature review of blockchain and smart contract development: Techniques, tools, and open challenges , 2021, J. Syst. Softw..

[19]  Farinaz Koushanfar,et al.  ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning , 2021, ArXiv.

[20]  A. W. Roscoe,et al.  Solidifier: bounded model checking solidity using lazy contract deployment and precise memory modelling , 2021, SAC.

[21]  Antonio Ken Iannillo,et al.  ConFuzzius: A Data Dependency-Aware Hybrid Fuzzer for Smart Contracts , 2021, 2021 IEEE European Symposium on Security and Privacy (EuroS&P).

[22]  Hong Lei,et al.  BLOCKEYE: Hunting for DeFi Attacks on Blockchain , 2021, 2021 IEEE/ACM 43rd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).

[23]  Xiaoming Huang,et al.  Transaction-based classification and detection approach for Ethereum smart contract , 2021, Inf. Process. Manag..

[24]  Xiapu Luo,et al.  Smart Contract Security: A Practitioners' Perspective , 2021, 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE).

[25]  Antonio Ken Iannillo,et al.  The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts , 2021, IACR Cryptol. ePrint Arch..

[26]  Arthur Gervais,et al.  Quantifying Blockchain Extractable Value: How dark is the forest? , 2021, 2022 IEEE Symposium on Security and Privacy (SP).

[27]  Long H. Pham,et al.  SGUARD: Towards Fixing Vulnerable Smart Contracts Automatically , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[28]  Yi Li,et al.  ModCon: a model-based testing platform for smart contracts , 2020, ESEC/SIGSOFT FSE.

[29]  Han Liu,et al.  SafePay on Ethereum: A Framework For Detecting Unfair Payments in Smart Contracts , 2020, 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS).

[30]  Bo Jiang,et al.  Artemis: An Improved Smart Contract Verification Tool for Vulnerability Detection , 2020, 2020 7th International Conference on Dependable Systems and Their Applications (DSA).

[31]  Robert Norvill,et al.  ÆGIS: Shielding Vulnerable Smart Contracts Against Attacks , 2020, AsiaCCS.

[32]  Kim-Kwang Raymond Choo,et al.  Ethereum smart contract security research: survey and future research opportunities , 2020, Frontiers of Computer Science.

[33]  Ghassan O. Karame,et al.  EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts , 2020, USENIX Security Symposium.

[34]  Ting Chen,et al.  DefectChecker: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode , 2020, IEEE Transactions on Software Engineering.

[35]  Bernard E Trappey Running on Fumes. , 2020, JAMA.

[36]  Rastislav Bodik,et al.  Summary-Based Symbolic Evaluation for Smart Contracts , 2020, 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[37]  Pengcheng Zhang,et al.  A Framework and DataSet for Bugs in Ethereum Smart Contracts , 2020, 2020 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[38]  Bin Hu,et al.  A comprehensive survey on smart contract construction and execution: paradigms, tools, and systems , 2020, Patterns.

[39]  Shang-Wei Lin,et al.  A Survey of Smart Contract Formal Specification and Verification , 2020, ACM Comput. Surv..

[40]  Bo Jiang,et al.  WANA: Symbolic Execution of Wasm Bytecode for Cross-Platform Smart Contract Vulnerability Detection , 2020, ArXiv.

[41]  Alex Groce,et al.  Echidna: effective, usable, and fast fuzzing for smart contracts , 2020, ISSTA.

[42]  Zhong Chen,et al.  EShield: protect smart contracts against reverse engineering , 2020, ISSTA.

[43]  Jason Paul Cruz,et al.  RA: Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis , 2020, 2020 IEEE International Conference on Blockchain (Blockchain).

[44]  Han Liu,et al.  Seraph: Enabling Cross-Platform Security Analysis For EVM and WASM Smart Contracts , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).

[45]  Yinxing Xue,et al.  Clairvoyance: cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts , 2020, ICSE.

[46]  Fan Long,et al.  Securing smart contract with runtime validation , 2020, PLDI.

[47]  Yannis Smaragdakis,et al.  Ethainter: a smart contract security analyzer for composite vulnerabilities , 2020, PLDI.

[48]  Yajin Zhou,et al.  EthScope: A Transaction-centric Security Analytics Framework to Detect Malicious Smart Contracts on Ethereum , 2020, ArXiv.

[49]  Clara Schneidewind,et al.  eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts , 2020, CCS.

[50]  Ma Xiaofeng,et al.  Formal Analysis of Smart Contract Based on Colored Petri Nets , 2020, IEEE Intelligent Systems.

[51]  Jun Sun,et al.  Semantic Understanding of Smart Contracts: Executable Operational Semantics of Solidity , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[52]  Dimitar Dimitrov,et al.  VerX: Safety Verification of Smart Contracts , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[53]  Ari Juels,et al.  Flash Boys 2.0: Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[54]  Radu State,et al.  A Data Science Approach for Detecting Honeypots in Ethereum , 2020, 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[55]  Chao Zhang,et al.  A Survey of Smart Contract Vulnerability Research , 2020 .

[56]  Jun Sun,et al.  sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE).

[57]  Robert Norvill,et al.  {\AE}GIS: Shielding Vulnerable Smart Contracts Against Attacks , 2020, 2003.05987.

[58]  Qingzhao Zhang,et al.  EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts , 2020, 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[59]  Surya Nepal,et al.  SMARTSHIELD: Automatic Smart Contract Protection Made Easy , 2020, 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[60]  Chunhua Su,et al.  ContractWard: Automated Vulnerability Detection Models for Ethereum Smart Contracts , 2020, IEEE Transactions on Network Science and Engineering.

[61]  Mauricio Papa,et al.  Formal Verification of Functional Requirements for Smart Contract Compositions in Supply Chain Management Systems , 2020, HICSS.

[62]  Chao Peng,et al.  SolAnalyser: A Framework for Analysing and Testing Smart Contracts , 2019, 2019 26th Asia-Pacific Software Engineering Conference (APSEC).

[63]  Pengcheng Zhang,et al.  SolidityCheck : Quickly Detecting Smart Contract Problems Through Regular Expressions , 2019, ArXiv.

[64]  Xiapu Luo,et al.  TokenScope: Automatically Detecting Inconsistent Behaviors of Cryptocurrency Tokens in Ethereum , 2019, CCS.

[65]  Mislav Balunovic,et al.  Learning to Fuzz from Symbolic Execution with Application to Smart Contracts , 2019, CCS.

[66]  Phongphun Kijsanayothin,et al.  Securing Smart Contracts in Blockchain , 2019, 2019 34th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW).

[67]  Ying Fu,et al.  GasFuzz: Generating High Gas Consumption Inputs to Avoid Out-of-Gas Vulnerability , 2019, ArXiv.

[68]  Steven T. Stewart,et al.  MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract , 2019, 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE).

[69]  Chin-Wei Tien,et al.  SoliAudit: Smart Contract Vulnerability Assessment Based on Machine Learning and Fuzz Testing , 2019, 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS).

[70]  Chengyu Zhang,et al.  Detecting nondeterministic payment bugs in Ethereum smart contracts , 2019, Proc. ACM Program. Lang..

[71]  Heejo Lee,et al.  VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts , 2019, 2020 IEEE Symposium on Security and Privacy (SP).

[72]  Christian Esposito,et al.  NeuCheck: A more practical Ethereum smart contract security analysis tool , 2019, Softw. Pract. Exp..

[73]  Robin Doss,et al.  Security Analysis Methods on Ethereum Smart Contract Vulnerabilities: A Survey , 2019, ArXiv.

[74]  Huashan Chen,et al.  A Survey on Ethereum Systems Security , 2019, ACM Comput. Surv..

[75]  Xin Yang,et al.  EVMFuzzer: detect EVM vulnerabilities via fuzz testing , 2019, ESEC/SIGSOFT FSE.

[76]  Yu Wang,et al.  Machine Learning Model for Smart Contracts Security Analysis , 2019, 2019 17th International Conference on Privacy, Security and Trust (PST).

[77]  Wenchao Huang,et al.  Formal Verification of BNB Smart Contract , 2019, 2019 5th International Conference on Big Data Computing and Communications (BIGCOM).

[78]  Isil Dillig,et al.  Formal Verification of Workflow Policies for Smart Contracts in Azure Blockchain , 2019, VSTTE.

[79]  Ákos Hajdu,et al.  solc-verify: A Modular Verifier for Solidity Smart Contracts , 2019, VSTTE.

[80]  Alex Groce,et al.  Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts , 2019, 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[81]  Lei Wu,et al.  EVulHunter: Detecting Fake Transfer Vulnerabilities for EOSIO's Smart Contracts at Webassembly-level , 2019, ArXiv.

[82]  Elvira Albert,et al.  SAFEVM: a safety verifier for Ethereum smart contracts , 2019, ISSTA.

[83]  Yang Liu,et al.  VULTRON: Catching Vulnerable Smart Contracts Once and for All , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER).

[84]  Yue Li,et al.  Finding Concurrency Exploits on Smart Contracts , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).

[85]  Nobuko Yoshida,et al.  Developing secure bitcoin contracts with BitML , 2019, ESEC/SIGSOFT FSE.

[86]  Valentin Wüstholz,et al.  Harvey: a greybox fuzzer for smart contracts , 2019, ESEC/SIGSOFT FSE.

[87]  Ting Chen,et al.  Defining Smart Contract Defects on Ethereum , 2019, IEEE Transactions on Software Engineering.

[88]  Alex Groce,et al.  Slither: A Static Analysis Framework for Smart Contracts , 2019, 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[89]  Massimo Bartoletti,et al.  Verifying liquidity of Bitcoin contracts , 2019, IACR Cryptol. ePrint Arch..

[90]  Gernot Salzer,et al.  A Survey of Tools for Analyzing Ethereum Smart Contracts , 2019, 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON).

[91]  Jia-Guang Sun,et al.  EVMFuzz: Differential Fuzz Testing of Ethereum Virtual Machine , 2019, Journal of Software: Evolution and Process.

[92]  Mathis Steichen,et al.  The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts , 2019, USENIX Security Symposium.

[93]  Benjamin Livshits,et al.  Smart Contract Vulnerabilities: Does Anyone Care? , 2019, ArXiv.

[94]  Emina Torlak,et al.  Precise Attack Synthesis for Smart Contracts , 2019, ArXiv.

[95]  Xiang Shi,et al.  EVM*: From Offline Detection to Online Reinforcement for Ethereum Virtual Machine , 2019, 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[96]  Abhishek Dubey,et al.  VeriSolid: Correct-by-Design Smart Contracts for Ethereum , 2019, Financial Cryptography.

[97]  Radu State,et al.  Osiris: Hunting for Integer Bugs in Ethereum Smart Contracts , 2018, ACSAC.

[98]  Ghassan O. Karame,et al.  Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks , 2018, NDSS.

[99]  Chao Liu,et al.  EASYFLOW: Keep Ethereum Away from Overflow , 2018, 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).

[100]  Prateek Saxena,et al.  Exploiting the laws of order in smart contracts , 2018, ISSTA.

[101]  Yannis Smaragdakis,et al.  MadMax: surviving out-of-gas conditions in Ethereum smart contracts , 2018, Proc. ACM Program. Lang..

[102]  William J. Knottenbelt,et al.  Towards Safer Smart Contracts: A Survey of Languages and Verification Methods , 2018, ArXiv.

[103]  Vincent Gramoli,et al.  Vandal: A Scalable Security Analysis Framework for Smart Contracts , 2018, ArXiv.

[104]  Chao Liu,et al.  S-gram: Towards Semantic-Aware Security Auditing for Ethereum Smart Contracts , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[105]  Gordon J. Pace,et al.  Runtime Verification of Ethereum Smart Contracts , 2018, 2018 14th European Dependable Computing Conference (EDCC).

[106]  Ari Juels,et al.  Enter the Hydra: Towards Principled Bug Bounties and Exploit-Resistant Smart Contracts , 2018, IACR Cryptol. ePrint Arch..

[107]  Bo Gao,et al.  sCompile: Critical Path Identification and Analysis for Smart Contracts , 2018, ICFEM.

[108]  Christian Rossow,et al.  teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts , 2018, USENIX Security Symposium.

[109]  Ye Liu,et al.  ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[110]  Radu State,et al.  Visual emulation for Ethereum's virtual machine , 2018, NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium.

[111]  Yi Zhang,et al.  KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[112]  Pierre-Yves Piriou,et al.  Model-Checking of Smart Contracts , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[113]  Petar Tsankov,et al.  Securify: Practical Security Analysis of Smart Contracts , 2018, CCS.

[114]  Sergei Tikhomirov,et al.  SmartCheck: Static Analysis of Ethereum Smart Contracts , 2018, 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[115]  Zhong Chen,et al.  ReGuard: Finding Reentrancy Bugs in Smart Contracts , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion).

[116]  Lin Chen,et al.  Proving Conditional Termination for Smart Contracts , 2018, BCC '18.

[117]  Zibin Zheng,et al.  Detecting Ponzi Schemes on Ethereum: Towards Healthier Blockchain Technology , 2018, WWW.

[118]  Sophia Drossopoulou,et al.  Writing safe smart contracts in Flint , 2018, Programming.

[119]  Hang Lei,et al.  Lolisa: Formal Syntax and Semantics for a Subset of the Solidity Programming Language , 2018, Mathematical Problems in Engineering.

[120]  Stéphane Ducasse,et al.  SmartInspect: solidity smart contract inspector , 2018, 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[121]  Kei-Léo Brousmiche,et al.  Formal Verification of Smart Contracts Based on Users and Blockchain Behaviors Models , 2018, 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[122]  Matteo Maffei,et al.  A Semantic Framework for the Security Analysis of Ethereum smart contracts , 2018, POST.

[123]  Prateek Saxena,et al.  Finding The Greedy, Prodigal, and Suicidal Contracts at Scale , 2018, ACSAC.

[124]  Kai Hu,et al.  Formal Modeling and Verification of Smart Contracts , 2018, ICSCA.

[125]  Jun Sun,et al.  Security Assurance for Smart Contract , 2018, 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS).

[126]  Angelo De Caro,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[127]  Sidney Amani,et al.  Towards verifying ethereum smart contract bytecode in Isabelle/HOL , 2018, CPP.

[128]  Ittai Abraham,et al.  Online detection of effectively callback free objects with applications to smart contracts , 2017, Proc. ACM Program. Lang..

[129]  Aron Laszka,et al.  Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach , 2017, Financial Cryptography.

[130]  Peng Jiang,et al.  A Survey on the Security of Blockchain Systems , 2017, Future Gener. Comput. Syst..

[131]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[132]  Alex Biryukov,et al.  Findel: Secure Derivative Contracts for Ethereum , 2017, Financial Cryptography Workshops.

[133]  Xiapu Luo,et al.  Under-optimized smart contracts devour your money , 2017, 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[134]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[135]  Nikhil Swamy,et al.  Formal Verification of Smart Contracts: Short Paper , 2016, PLAS@CCS.

[136]  Emilio Tuosto,et al.  Validation of Decentralised Smart Contracts Through Game Theory and Formal Methods , 2015, Programming Languages with Applications to Biology and Security.

[137]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.

[138]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[139]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.

[140]  X. Yi,et al.  Blockchain Foundations and Applications , 2022, SpringerBriefs in Applied Sciences and Technology.

[141]  Hakjoo Oh,et al.  SmarTest: Effectively Hunting Vulnerable Transaction Sequences in Smart Contracts through Language Model-Guided Symbolic Execution , 2021, USENIX Security Symposium.

[142]  Baoxu Liu,et al.  Evil Under the Sun: Understanding and Discovering Attacks on Ethereum Decentralized Applications , 2021, USENIX Security Symposium.

[143]  Xuxian Jiang,et al.  EOSAFE: Security Analysis of EOSIO Smart Contracts , 2021, USENIX Security Symposium.

[144]  Benjamin Livshits,et al.  Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited , 2021, USENIX Security Symposium.

[145]  Wei You,et al.  Hunting Vulnerable Smart Contracts via Graph Embedding Based Bytecode Matching , 2021, IEEE Transactions on Information Forensics and Security.

[146]  Yinqian Zhang,et al.  TXSPECTOR: Uncovering Attacks in Ethereum from Transactions , 2020, USENIX Security Symposium.

[147]  Thorsten Holz,et al.  ETHBMC: A Bounded Model Checker for Smart Contracts , 2020, USENIX Security Symposium.

[148]  Yuxing Tang,et al.  SODA: A Generic Online Detection Framework for Smart Contracts , 2020, NDSS.

[149]  Yinzhi Cao,et al.  An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem , 2020, USENIX Security Symposium.

[150]  Patrick Th. Eugster,et al.  Accurate Smart Contract Verification Through Direct Modelling , 2020, ISoLA.

[151]  Andrew C. Myers,et al.  Securing Smart Contracts with Information Flow , 2020 .

[152]  Maria João Varanda Pereira,et al.  Detection of Vulnerabilities in Smart Contracts Specifications in Ethereum Platforms , 2020, SLATE.

[153]  Qi Zhang,et al.  Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities , 2020, Comput. Secur..

[154]  Ákos Hajdu,et al.  Formal Specification and Verification of Solidity Contracts with Events (Short Paper) , 2020, FMBC@CAV.

[155]  Gordon J. Pace,et al.  Verification of Smart Contract Business Logic , 2019 .

[156]  Yi Zhou,et al.  Erays: Reverse Engineering Ethereum's Opaque Smart Contracts , 2018, USENIX Security Symposium.

[157]  Sukrit Kalra,et al.  ZEUS: Analyzing Safety of Smart Contracts , 2018, NDSS.

[158]  Ilya Grishchenko,et al.  EtherTrust: Sound Static Analysis of Ethereum bytecode , 2018 .

[159]  Bernhard Beckert,et al.  Formal Specification and Verification of Hyperledger Fabric Chaincode , 2018 .

[160]  Nick Szabo,et al.  Smart Contracts: Building Blocks for Digital Markets , 2018 .

[161]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[162]  Abbreviazioni Periodici Giuridici N. D. I. , 2013 .