Abstract
In recent years, smart contract technology has garnered significant attention due to its ability to address trust issues that traditional technologies have long struggled with. However, like any evolving technology, smart contracts are not immune to vulnerabilities, and some remain underexplored, often eluding detection by existing vulnerability assessment tools. In this article, we have performed a systematic literature review of all the scientific research and papers conducted between 2016 and 2021. The main objective of this work is to identify what vulnerabilities and smart contract technologies have not been well studied. In addition, we list all the datasets used by previous researchers that can help researchers in building more efficient machine-learning models in the future. In addition, comparisons are drawn among the smart contract analysis tools by considering various features. Finally, various future directions are also discussed in the field of smart contracts that can help researchers to set the direction for future research in this domain.
1 Introduction
Following the incorporation of the smart contract concept into the renowned Ethereum blockchain, numerous projects have been established and upheld by the community of Dapp developers. Moreover, a multitude of decentralized applications (Dapps) has been constructed using this technology, exhibiting diverse complexities and functionalities, facilitating individuals in executing their business logic in a decentralized manner. The market capitalization of over 20 blockchain-based cryptocurrencies has notably exceeded the threshold of 3 billion dollars [1]. Unfortunately, the growing adoption of smart contracts and the escalated utilization of the Ethereum blockchain have exposed a plethora of challenges associated with gas fees, transaction speed, and various optimization-related issues within the Ethereum ecosystem. These challenges have catalyzed numerous researchers worldwide to embark upon the development of novel Blockchain networks that address these concerns and propose enhanced services.
In addition to all the optimization problems that blockchain technology suffer from, the increased use of smart contract has also added a new attack interface [2]. In addition, every newly created blockchain has usually a dedicated technology to build a smart contract with a different logic. This helped increase the number and the type of vulnerabilities that can be found. Many smart contracts built every day suffer from multiple vulnerabilities that can be exploited by attackers and cause serious financial losses to their owners. The DAO [3], Parity Multisig Wallet [4], and many other blockchain attacks were a result of a vulnerability in the used smart contracts.
What makes the situation of smart contracts even worst is their immutability feature. This simply means that if a vulnerability was discovered in a smart contract after its deployment in the mainnet, then no patching can be deployed to fix this issue. Therefore, ensuring that smart contracts are clean from any type of vulnerabilities before final deployment is necessary to avoid such situations.
To be able to discover those vulnerabilities, smart contract developers and auditors should know what kind of coding mistakes could result in vulnerabilities. However, relying on manual checking of those vulnerabilities is not always possible. The increased adoption of smart contracts in different life aspects has increased the complexity of those apps and the number of lines in their source code that should be audited. Therefore, building tools to assist both developers and auditors in their research of vulnerabilities is necessary.
1.1 Scope
Recently, many researchers have published review articles in this field with different types and numbers of vulnerabilities discussed. However, most of them have focused on smart contracts built on Ethereum or based on Ethereum virtual machine (EVM) . In the last few years, other blockchain technologies were proposed by the community to solve some Ethereum technical limitations [5–7]. Most of those blockchains support smart contract building and deploying and offer their languages and concepts.
Unfortunately, smart contracts built on the newer blockchain are still not mature, and there is a huge gap between vulnerability-based security research on them and the number of apps built each day. Therefore, in this article, we try to identify what are the smart contract-building technologies that were deeply studied and those that have less scientific research. We also try to identify the researches that applied machine learning (ML) techniques to find security vulnerabilities in smart contracts.
1.2 Motivation
The motivation for this survey is to help developers, students, and security researchers in the field of smart contract security auditing. The existing surveys do not give a systematic understanding of the different vulnerabilities that can affect multiple types of blockchains. Most reviews either deal with the blockchain attacks that target the network protocol or a specific blockchain technology [8,9], like Ethereum smart contract vulnerabilities.
Therefore, there is a strong requirement for a concise source of systematized information for understanding other blockchain vulnerabilities, their root causes, and the existing tools that can be used to find those vulnerabilities.
1.3 Contributions
We perform a systematic survey of smart contract security vulnerabilities that were identified in every studied blockchain and their detection tools, over the period 2016–2021. Our work helps to provide a thorough understanding of the various blockchain smart contract vulnerabilities. Here are our main contributions:
We identify all less-studied smart contract development technologies in terms of security.
A deep insight into all discussed smart contract vulnerabilities with their detection and analysis tools.
We identify 296 primary studies that discuss smart contract vulnerabilities.
We further select 107 studies that meet the inclusion and exclusion criteria we set for the paper screening phase.
We conduct an in-depth assessment through a critical analysis of the 107 selected articles and provided a deep insight into the discussed smart contract vulnerabilities.
We provide a brief comparison of detection and analysis tools for these vulnerabilities based on five parameters such as type of tool, targeted blockchain smart contract, type of analysis, and availability of the tool to use.
We then listed and compared the ML-based solutions according to the blockchain tested on, and the used technique to discover vulnerabilities.
We provide a list of the most used vulnerable smart contracts datasets to help future ML-based solutions to train and test their models
1.4 Organization of the article
The organization of this article is as follows: Section 2 provides an overview of the fundamental principles of blockchain technology, including its application and associated terminologies in the current state of the art. Section 3 outlines the methodology employed for the selection and analysis of the researchers. Section 4 presents the findings and outcomes derived from our research, followed by an in-depth discussion of these results in Section 5. This article is concluded in Section 6, offering recommendations for future investigations in related directions.
2 Background
2.1 Blockchain technology
At its core, a blockchain represents a distributed database or public ledger comprising a comprehensive record of completed transactions or digital events exchanged among participating entities. This decentralized system serves as a foundational framework for ensuring transparency, immutability, and consensus in recording and verifying the integrity of information within the network [10]. The verification and validation of each transaction on the public ledger are achieved through a consensus mechanism involving a majority of the system’s users. Importantly, once data is recorded, it becomes immutable and cannot be altered. This results in a transparent and auditable record of every transaction ever conducted, thereby enhancing the verifiability and traceability of information within the blockchain.
The most well-known example of blockchain technology-related product is Bitcoin and Ethereum. They are also the most contentious since it contributes to the development of an unregulated, multibillion-dollar worldwide market for anonymous trade.
However, the technology behind blockchains is not debatable, and it has operated without a glitch for years and is now being effectively used in both financial and nonfinancial applications.
The four main types of blockchain systems now in use are consortium blockchain, private blockchain, public blockchain, and hybrid blockchain. In a public blockchain, everyone can see all records and participate in the consensus procedure. On the other hand, with a consortium blockchain, the consensus process would only include a select few nodes. Regarding private blockchain, only nodes from a single company would be permitted to participate in the consensus process. A private blockchain is viewed as a centralized network since only one company has complete control over it. Since just a limited number of nodes would be chosen to decide the consensus, the consortium blockchain built by numerous organizations is only partially centralized. A hybrid blockchain is a combination of permissionless and permissioned blockchains. The idea here is that some processes like validating new blocks could be private where only a few known nodes of the same organization or from multiple organizations are able to participate. However, checking transactions and verifying them could be a task allowed for any public node.
2.2 Smart contract and alike
In recent years, the growth of blockchain technology has made it possible to store adaptable programing logic in a decentralized manner. As a result, the idea of smart contracts, which Nick Szabo initially introduced in 1994 [11] and are also known as blockchain contracts, digital contracts, or self-executing contracts, has been revitalized. Smart contracts are self-executing agreements between parties that contain the conditions of the deal. A distributed, decentralized blockchain network contains program codes that are used to create the contracts. Without the requirement for a centralized authority, smart contracts allow transactions to be carried out between unidentified or untrusted parties. Blockchain 1.0, which underpins Bitcoin [12] and other cryptocurrencies, contains the standard properties of decentralization, tamper-resistance, anonymity, and audibility. However, the restrictions of the Bitcoin programing language prevent building contracts with intricate logic.
Bitcoin can only be viewed as the prototype of smart contracts because of its limited capabilities. Newly developed blockchain systems, like Ethereum [13], support the notion of executing user-defined programs on the blockchain and using a Turing complete programing language to create expressive, customizable smart contracts. The EVM executes the stack-based bytecode language used to create the smart contract programs. Solidity is a high-level language that may be used to create Ethereum smart contracts. This language’s source code can then be turned into executable EVM bytecodes. Blockchain 2.0 is known as Ethereum since it is the most widely used platform for creating smart contracts at the moment. However, multiple newly created Blockchains are also offering the same capabilities for building smart contracts. Some of them use even different nominations for smart contracts. Hyperledger blockchain call includes another term “chaincode” to define a set of smart contracts that may have the same characteristics [5]. Solana calls smart contracts programs [7].
2.3 Smart contract vulnerabilities
Smart contracts, like conventional programs created by human developers, are prone to significant security vulnerabilities. Unfortunately, given their involvement in direct financial transactions, any exploited vulnerability within a smart contract can result in substantial financial losses. One notable instance of a widespread smart contract breach is the DAO attack, which led to a staggering loss of 60 million dollars and necessitated a hard fork of the Ethereum blockchain [3].
The heightened risk associated with vulnerable smart contracts, surpassing that of conventional applications, stems from the relative immaturity of the language utilized for their development. This immaturity becomes evident upon analyzing the frequency of annual releases [14]. Furthermore, due to the novelty of smart contract technology, a significant portion of smart contract developers remain unaware of the optimal practices for constructing secure smart contracts. These factors, alongside various other elements, collectively contribute to producing vulnerable smart contracts.
Furthermore, the increasing adoption of smart contracts as a solution for diverse applications [2] has resulted in the escalating complexity of smart contract source code. Consequently, the manual verification of smart contracts has become increasingly impractical due to the extensive number of lines of code involved.
3 Methodology
The present systematic review of the literature was carried out using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) [15]. In addition, the standard guidelines specified by Kitchenham and Charters [16] were applied. The following subsections describe the different steps of this methodology.
3.1 Research questions
Despite the significant advancements witnessed by the Ethereum blockchain in recent years, this technology still exhibits various technical limitations that hinder its maturity. These limitations encompass concerns such as gas fees and transaction processing capacity. Consequently, numerous research groups have undertaken the development of alternative blockchains to augment this technology and propose more robust blockchain networks. Many of these newly developed blockchains have garnered remarkable community adoption due to the solutions they offer. Moreover, developers are provided with the opportunity to build Dapps on several of these blockchains, facilitating the growth of their respective communities.
Regrettably, there is a lack of comprehensive coverage concerning vulnerabilities in blockchain Dapps, with certain security aspects being inadequately addressed. Hence, this article adopts the method and recommendations outlined by Kitchenham et al. to identify the following research questions. The aim is to enhance developers’ understanding of the vulnerabilities that may arise in their source code, particularly in the context of the Ethereum blockchain and any other blockchain platforms.
RQ1: What are all the studied smart contract vulnerabilities?
RQ2: What are the vulnerabilities that have not been widely studied?
RQ3: What are the developed frameworks and methods to find those vulnerabilities?
RQ4: To what kind of smart contract vulnerabilities ML was applied?
RQ5: What are the used smart contract datasets?
3.2 Information sources and database
Based on a search strategy created to find the pertinent research, the literature search was carried out utilizing several database sources. A thorough automated search was conducted to achieve this goal utilizing five database sources: PubMed, SCOPUS, IEEE Xplore, Science Direct, and ACM. Following the PRISMA criteria at all phases, we created a search strategy to find pertinent literature [17]. Figure 1 shows the article screening and selection procedures that the two authors of this study evaluated.
Number of articles included and excluded through paper screening.
3.3 Search strategy and key terms
The word name smart contract was originally proposed by the Ethereum community to describe the apps that work on the EVM. However, not all the recent Blockchains call those apps a smart contract. Some blockchains like Solana call those apps as Dapps programs. Therefore, we have tried to use both keywords to search for relevant articles.
The following search phrases were used to tailor the search strategy for the five databases:
Dapp
Smart contract
Blockchain application
Blockchain programs
Vulnerability
Table 1 shows in detail the query that was used for each database search engine.
Search queries used in the different databases
| Database | Query |
|---|---|
| PubMed | (((Smart contract vulnerability[Title/Abstract]) OR (Dapp vulnerabilities[Title/Abstract])) OR (Blockchain applications vulnerabilities[Title/Abstract])) OR (Blockchain programs vulnerabilities[Title/Abstract]) AND (2016:2021[pdat]) |
| Scopus | (TITLE-ABS-KEY (“smart contract vulnerabilities”) OR TITLE-ABS-KEY (“smart contract vulnerability”) OR TITLE-ABS-KEY (“Dapp vulnerabilities”) OR TITLE-ABS-KEY (“Blockchain applications vulnerabilities”) OR TITLE-ABS-KEY (“Blockchain programs vulnerabilities”)) AND PUBYEAR > 2015 AND PUBYEAR < 2022 AND (LIMIT-TO (LANGUAGE, “English”)) |
| IEEE Xplore | (((((“Abstract”:Dapp) OR (“Abstract”:Smart contract) OR (“Abstract”:Blockchain application) OR (“Abstract”:Blockchain programs)) AND ((“Abstract”:vulnerability) OR (“Abstract”:vulnerabilities))) OR (((“Document Title”:Dapp) OR (“Document Title”:Smart contract) OR (“Document Title”:Blockchain application) OR (“Document Title”:Blockchain programs)) AND ((“Document Title”:vulnerability) OR (“Document Title”:vulnerabilities))))) |
| Science Direct | “Dapp vulnerabilities” OR “Smart contract vulnerability” OR “Blockchain applications vulnerabilities” OR “Blockchain programs vulnerabilities” |
| ACM | ((ContentGroupTitle:(“Dapp”) OR ContentGroupTitle:(“Smart contract”) OR ContentGroupTitle:(“Blockchain applications”) OR ContentGroupTitle:(“Blockchain programs”)) AND ( ContentGroupTitle:(“Vulnerability”) OR ContentGroupTitle:(“Vulnerabilities”))) OR ( ( Abstract:(“Dapp”) OR Abstract:(“Smart contract”) OR Abstract:(“Blockchain applications”) OR Abstract:(“Blockchain programs”)) AND (Abstract:(“Vulnerability”) OR Abstract:(“Vulnerabilities”))) |
3.4 Eligibility criteria
Following the initial selection from the aforementioned databases, the next step is the paper screening, which entails evaluating each article’s eligibility in accordance with a variety of inclusion and exclusion criteria, as shown in Table 2, to only retrieve the most pertinent studies that focus on smart contract vulnerabilities detection.
Inclusion and exclusion criteria list
| Inclusion criteria | Exclusion criteria |
|---|---|
| Main focus on smart contract vulnerabilities | Discussing none technical vulnerabilities |
| Peered review conference or journal article | Prediction models |
| Computer science subject area | Main focus on fixing vulnerabilities |
| Published between 2016 and 2021 | |
| Only English articles |
3.5 Selection results
After querying the different articles databases and filtering them for only English articles and those published between 2016 and 2021, we were able to collect 331 research articles. To maintain the quality of the review, all duplicate records were thoroughly checked and removed to reduce the number to 296 articles. In particular, the abstracts of all research articles included in the review process were checked in detail and filtered to ensure their quality and relevance and respect to the different inclusion criteria to keep only 144 of them. Next, we performed a deeper analysis of those articles to filter those that match one of our exclusion criteria. This latest step was able to reduce the number of the included articles to 107 articles. Figure 1 better illustrates this process and the result of each step.
3.6 Data extraction
Selected studies were placed into a data extraction spreadsheet using Google Sheets. The data extracted from the studies were as follows the blockchain technology used in the research, input code type, the smart contract vulnerabilities, methods, and frameworks developed and used to discover them. In addition, the sources of smart contract code are used to test those frameworks and models.
4 Results and findings
Following the selection of the main studies, two forms of analysis – bibliometric analysis and technical analysis, which are covered in the following subsections – were carried out in this section to analyze and synthesize the primary research.
4.1 Bibliometric analysis
In this part, which followed the paper screening process, we evaluated the included articles in terms of their publishers and publication years.
According to Figure 2, more than 51% of the included articles in this research come from IEEE. A total of 36.4% of the articles were published by Scopus and 10.3% by ACM. In addition, both PubMed and Science Direct have equally published 0.9% of the included papers.
Number of primary studies according to their publishers.
It is important to note that security researchers are becoming increasingly concerned about smart contract vulnerabilities. Figure 3 clearly shows the increased number of articles published on this subject each year. As shown in Figure 3, the number of published articles has increased from 6 in 2018 to reach 41 papers in 2021. The decrease in the growth of the number of articles published between 2020 and 2021 could be explained by the global situation caused by the Covid19 and the concentration on finding a solution to the pandemic.
Number of primary studies published over time.
However, the increased adaptation of blockchain technology and the growth of use cases indicate that more researchers will get interested in this subject and more research would be published in the near future [18]. In addition, the increased impact caused by such vulnerabilities is pushing companies to invest more and more in securing their Dapps.
4.2 Technical analysis
In this section, we present all the results of our systematic literature review. The analysis process performed on the selected articles has shown that all the vulnerabilities that have been studied by researchers in the field of blockchain have targeted one of the following blockchains:
Hyperledger Fabric
Hyperledger Fabric is an open-source blockchain framework designed for enterprise applications. It offers a modular architecture, enabling customizable consensus protocols and permissioned network configurations. With a focus on scalability, privacy, and interoperability, Hyperledger Fabric provides a robust foundation for building secure and scalable distributed ledger applications in diverse industries [5].
EOSIO
EOSIO is a blockchain protocol known for its high throughput and scalability, making it suitable for decentralized applications (Dapps) that require fast and efficient transaction processing. Utilizing a delegated proof-of-stake consensus mechanism, EOSIO achieves consensus through a network of elected block producers, ensuring decentralized governance and robust performance [19].
VNT Chain
VNT Chain is a blockchain platform that emphasizes privacy, scalability, and interoperability for decentralized applications (Dapps). It leverages innovative techniques such as zero-knowledge proofs and sharding to ensure data confidentiality and enhance transaction throughput. With its focus on secure and efficient data management, VNT Chain offers a compelling solution for various industry applications [6].
Ethereum
Ethereum, a decentralized blockchain platform, revolutionizes the realm of smart contracts and decentralized applications (Dapps). It employs a Turing-complete scripting language and a consensus algorithm called proof of stake to facilitate secure, transparent, and programmable transactions. Ethereum’s vibrant ecosystem and broad developer community contribute to its continuous growth and widespread adoption in various domains [13].
As the name of the same vulnerability could change from one paper to another, we have decided to map the discussed vulnerabilities in those papers to our previous work [20] about vulnerabilities. In addition, for better communication of the results, we have used the same proposed codification.
Table 3 summarizes all the vulnerabilities that have been discussed in our previous work [20]. The first column of this table represents the blockchain platforms where the listed vulnerability could be found according to the selected paper analysis.
List of previously discussed vulnerabilities [20]
| Primarily examined in | Code | Vulnerability title |
|---|---|---|
| Ethereum | SWE-100 | Function or state variable default visibility |
| Ethereum, EOSIO, Hyperledger Fabric | SWE-101 | Integer overflow and underflow |
| Ethereum | SWE-102 | Outdated compiler version |
| Ethereum | SWE-103 | Floating compiler version |
| Ethereum | SWE-104 | Unchecked call return value |
| Ethereum, EOSIO, VNT Chain | SWE-107 | Reentrancy |
| Ethereum | SWE-109 | Uninitialized storage pointer |
| Ethereum | SWE-110 | Assert violation |
| Ethereum | SWE-111 | Use of deprecated solidity functions |
| Ethereum | SWE-112 | Delegatecall to untrusted callee |
| Ethereum | SWE-113 | DoS with failed call |
| Ethereum, EOSIO, Hyperledger Fabric | SWE-114 | Transaction order dependence |
| Ethereum | SWE-115 | Authorization through tx.origin |
| Ethereum, EOSIO, VNT Chain | SWE-116 | Block values as a proxy for time |
| Ethereum | SWE-117 | Signature malleability |
| Ethereum | SWE-118 | Incorrect constructor name |
| Ethereum | SWE-119 | Shadowing state variables |
| Ethereum, EOSIO | SWE-120 | Weak sources of randomness from chain attributes |
| Ethereum | SWE-121 | Missing protection against signature replay attacks |
| Ethereum | SWE-122 | Lack of proper signature verification |
| Ethereum | SWE-123 | Requirement violation by the called smart contract |
| Ethereum | SWE-124 | Write to arbitrary storage location |
| Ethereum | SWE-125 | Incorrect inheritance order |
| Ethereum | SWE-126 | Insufficient gas griefing |
| Ethereum | SWE-127 | Arbitrary jump with function type variable |
| Ethereum, VNT Chain | SWE-128 | DoS with block gas limit |
| Ethereum | SWE-129 | Typographical error |
| Ethereum | SWE-132 | Unexpected balance |
| Ethereum | SWE-133 | Hash collisions with multiple variable length arguments |
| Ethereum | SWE-134 | Message call with the hardcoded gas amount |
| Ethereum | SWE-135 | Code with no effects |
| Ethereum | SWE-136 | Unencrypted private data on-chain |
| Ethereum, EOSIO | SWE-137 | Access control management |
| Ethereum | SWE-138 | Locked money |
| Ethereum | SWE-139 | Limited stack size |
| Ethereum, EOSIO, Hyperledger Fabric | SWE-140 | Improper handling of exceptions |
| Ethereum, EOSIO | SWE-141 | Dynamic library |
| Ethereum, Hyperledger Fabric | SWE-142 | Typecast |
| Ethereum | SWE-143 | Call to the unknown |
| Ethereum | SWE-144 | Assembly-based vulnerabilities |
| Ethereum | SWE-145 | Loss of ether |
| Ethereum | SWE-146 | Double constructor |
| Ethereum | SWE-147 | Untrustworthy data feeds |
| Ethereum | SWE-148 | Improper or missing event handling |
| EOSIO | SWE-149 | Forged transfer notification |
| Ethereum | SWE-150 | Money leak |
| Ethereum | SWE-151 | Unchecked division |
| Ethereum | SWE-152 | Token API violation |
| Ethereum | SWE-153 | Using components with known vulnerabilities |
| Ethereum | SWE-154 | Built-in symbol shadowing |
| Ethereum | SWE-155 | Hardcoded addresses |
| Ethereum | SWE-156 | Send to zero address |
| Ethereum | SWE-157 | Multiple calls in a single transaction |
| Ethereum | SWE-158 | Function clashing |
| Ethereum, Hyperledger Fabric | SWE-159 | Business logic vulnerabilities |
| Ethereum | SWE-160 | Identity verification |
| Ethereum | SWE-161 | Array length manipulation |
| Hyperledger Fabric | SWE-162 | Nondeterminism arising from global variable |
| Hyperledger Fabric | SWE-163 | Nondeterminism arising from KVS structure iteration |
| Hyperledger Fabric | SWE-164 | Nondeterminism arising from reified object addresses |
| Hyperledger Fabric | SWE-165 | Nondeterminism arising from concurrency of program |
| Hyperledger Fabric | SWE-166 | Nondeterminism arising from generating random number |
| Hyperledger Fabric | SWE-167 | Nondeterminism arising from system timestamp |
| Hyperledger Fabric | SWE-168 | Nondeterminism arising from Web service |
| Hyperledger Fabric | SWE-169 | Nondeterminism arising from system command execution |
| Hyperledger Fabric | SWE-170 | Nondeterminism arising from external file accessing |
| Hyperledger Fabric | SWE-171 | Nondeterminism arising from external library calling |
| Hyperledger Fabric | SWE-172 | Phantom read from a range query |
| Hyperledger Fabric | SWE-173 | Field declarations in chaincode structure |
| Hyperledger Fabric | SWE-174 | Cross channel chaincode invocation |
| Hyperledger Fabric | SWE-175 | Read–write conflict |
| EOSIO | SWE-176 | Fake EOS transfer |
Tables 4–7 lists all the vulnerabilities that have been discussed in the selected papers categorized by the type of blockchain that have been studied. Table 4 lists all the discussed vulnerabilities in each selected article that focused on the Hyperledger Fabric blockchain. Table 5 lists all the discussed vulnerabilities in each selected article that focused on the EOSIO blockchain. Table 6 lists all the discussed vulnerabilities in each selected article that focused on the VNT Chain blockchain. Table 7 lists all the discussed vulnerabilities in each selected article that focused on the Ethereum blockchain.
Vulnerabilities discovered in Hyperledger Fabric
| Article | Vulnerability | Tools | Datasets |
|---|---|---|---|
| [21] | SWE-142, SWE-159, SWE-101 | go-fuzz, HFContractFuzzer | foodtrack, example01, drm, smallbank, marbles |
| [22] | SWE-140, SWE-162, SWE-163, SWE-164, SWE-165, SWE-166, SWE-167, SWE-168, SWE-169, SWE-170, SWE-171, SWE-172, SWE-173, SWE-174, SWE-175, | Gochecknoglobals, Errcheck, Gosec, Golint, go test-race, Chaincode Scanner, Kazuhiro et al, tool | Two private none disclosed private smart contracts |
| [23] | SWE-114, SWE-104, SWE-175, SWE-162, SWE-163, SWE-164, SWE-165, SWE-166, SWE-167, SWE-168, SWE-169, SWE-170, SWE-171. | SCaaS, ZEUS | No mention |
| [24] | SWE-107 | No mention | No mention |
| [25] | SWE-140, SWE-162, SWE-163, SWE-165, SWE-166, SWE-167, SWE-168, SWE-169, SWE-170, SWE-171, SWE-172, SWE-173, SWE-175 | Fabric tool, Zeus, ChainCode scanner | No mention |
Vulnerabilities discovered in EOSIO
| Paper | Vulnerability | Tools | Datasets |
|---|---|---|---|
| [26] | SWE-116, SWE-120, SWE-149, SWE-176, | WANA | 3,964 smart contract from: |
|
|||
| [19] | SWE-176, SWE-149, SWE-120, SWE-116 | EOSFuzzer, EVulHunter | 3,963 smart contract (source not specified) |
| [27] | SWE-101,SWE-137, SWE-140, SWE-114, SWE-120, SWE-107, SWE-141, SWE-176 | EvulHunter, EOSafe | No mention |
| [24] | SWE-107 | Shasha et al, framework | No mention |
Vulnerabilities discovered in VNT Chain
| Papers | Vulnerability | Tools | Datasets |
|---|---|---|---|
| [28] | SWE-107, SWE-116, SWE-128 | Jolt, SMT, PDA, Looper, Zhenguang et al., tool | 4,170 SC from VNT Chain |
| [29] | SWE-107, SWE-116, SWE-128 | Jolt, SMT, PDA, Looper, Zhenguang et al., tool | 4,170 SC from VNT Chain |
| [30] | SWE-107, SWE-116, SWE-128 | Jolt, SMT, PDA, Looper, Zhenguang et al., tool | 4,170 SC from VNT Chain |
| [24] | SWE-107 | Shasha et al, framework | No mention |
Vulnerabilities discovered in Ethereum
| Paper | Vulnerabilities | Tools | Datasets |
|---|---|---|---|
| [31] | SWE-107, SWE-128, SWE-113, SWE-115 | Keras, COLAB web resource | Vulnerabilities dataset |
| SC dataset: Etherscan, SWC registry [32], Consensys [33] | |||
| [34] | SWE-137, SWE-101, SWE-114, SWE-138, SWE-107, SWE-116, SWE-104, SWE-140 | Oyente, Mythril-classical, Securify, SmartCheck, Pied-Piper | Etherscan crawling |
| [35] | SWE-137, SWE-101, SWE-128, SWE-113, SWE-114, SWE-107, SWE-116, SWE-140, SWE-138 | Securify, SmartCheck, Slither, Oyente, Mythril, Osiris, ContractFuzzer, sFuzz, ILF | Smart Contract Benchmark Suites [36] |
| [37] | SWE-101, SWE-107, SWE-116,SWE-114, SWE-137, SWE-139, SWE-140 | VeriSolid, ZEUS, Oyente, Osiris, Securify, Vandal, MAIAN, GASPER, SASC | No mention |
| [38] | SWE-113 | SmartScan, SmartCheck | 500 SC from Etherscan |
| [39] | SWE-107, SWE-107, SWE-115, SWE-101 | SGUARD | 5,000 SC from Etherscan |
| [26] | SWE-138, SWE-112, SWE-116 | WANA | Ethereum smart contract WASM code was generated using SOLL compiler but without an effective result in the conversion (out of 15,000 SC, only 10 were able to compile to WASM) |
| [40] | SWE-101, SWE-104, SWE-107, SWE-113, SWE-115, SWE-116, SWE-128, SWE-132, SWE-136, SWE-137 SWE-138 | Smartcheck | Etherscan |
| [41] | SWE-104, SWE-107, SWE-115, SWE-118, SWE-126, SWE-134, SWE-137, SWE-140, SWE-144, SWE-146 | Remix IDE static analysis plug-in, Slither, Oyente, Mythril, SmartCheck | No mention |
| [42] | SWE-101, SWE-107, SWE-113, SWE-114, SWE-116, SWE-128, SWE-137, SWE-138 SWE-140 | Oyente (to label vulnerabilities in those contracts), ContractWard | 49,502 real-world smart contracts |
| [43] | depends on the used tools | SmartCheck, Securify, VERX, Solidity Instrumentation framework, FSolidM, MAIAN, Mythril | No mention |
| [44] | SWE-107 | ReDefender | Articles, Etherscan |
| [45] | functions call-related vulnerabilities | EVM extension | 73 SC from Etherscan |
| [23] | SWE-101, SWE-104, SWE-107, SWE-113 SWE-114, SWE-115, SWE-116, SWE-118, SWE-120, SWE-124, SWE-126, SWE-128, SWE-142, SWE-147 | SCaaS, Color-inspired Inspection, F* Framework, Isabelle/HOL Framework, KEVM, Vandal, VeriSolid, Oyente, EthIR, Mythril, MAIAN, Manticore, Securify, teEther, SASC | No mention |
| [46] | SWE-100, SWE-101, SWE-107, SWE-113 SWE-116, SWE-121, SWE-137 SWE-140, SWE-148 | Deckard, SmartCheck, SMARTEMBED | 22,725 SC from Etherscan |
| [47] | SWE-107 | No mention | No mention |
| [48] | No mention | Targy, sFuzz | No mention |
| [49] | SWE-101, SWE-104, SWE-107, SWE-109, SWE-111, SWE-112, SWE-113, SWE-114, SWE-115, SWE-116, SWE-118, SWE-120, SWE-121, SWE-124, SWE-125, SWE-127, SWE-128, SWE-132, SWE-137, SWE-138, SWE-140, SWE-154, SWE-158 SWE-159 | Securify2, Mythril, Slither | No mention |
| [50] | SWE-107 | EtherSolver [50] | 1,000 SC from EtherScan |
| Benchmark shared by Ghaleb and Pattabiraman | |||
| [51] | SWE-137, SWE-112, SWE-116, SWE-120 | Correas et al tool | 1,800 SC from Etherscan whose source code was available on 15th October 2020 |
| [52] | SWE-107, SWE-116 | Smartcheck, Oyenete, Mythril, Securify, Slither, Osiris, DeeSCVHunter | GraphDeeSmartContract [53] |
| [54] | SWE-101, SWE-116, SWE-112, SWE-126 | EVM* (a reinforced version of EVM) | Embedded the 4 vulnerabilities in 100 smart contracts [55] |
| [56] | SWE-107,SWE-116,SWE-148, SWE-140, SWE-100, SWE-101 | Eth2Vec (final created tool), PV-DM | 5,000 SC from Etherscan |
| [57] | Not specified | VSCL framework, Oyenete, Mythril, Vandal | No mention |
| [58] | SWE-114, SWE-116, SWE-128, SWE-113, SWE-101, SWE-120, SWE-136, SWE-153, SWE-125, SWE-141 | Slither, SmartCheck, Securify, Mythril, Manticore, sFuzz, Solhint, Ethlint, Mythos | 16 Smart contracts from: GitHub repositories such as SWC Registry, not-so-smart-contracts, and Solidity-Security. Ethernaut is an online game for smart contract attacking challenges; blog.positive |
| [59] | SWE-107, SWE-140, SWE-143, SWE-142, SWE-136, SWE-120, SWE-116, SWE-139, SWE-145 | Oyente, Solgraph, Madmax, Manticore, SmartCheck, Mythril, ContractLarva, SolMet, Vandal, EthIR, MAIAN, Erays, Rattle, Osiris, Securify, Slither, Ethertrust | No mention |
| [60] | Not specified | Solidifier | No mention |
| [61] | SWE-107, SWE-101, SWE-116 | ABCNN | 8,632 SC from Etherscan |
| [62] | SWE-107 | Peculiar | SmartBugs Wild Dataset [63] |
| [64] | SWE-107 | Mythril, Slither, Oyente, SmartCheck | Etherscan |
| [65] | Not specified | Slither | No mention |
| [66] | SWE-107, SWE-138, SWE-159 | EtherProv | Etherscan |
| [67] | SWE-104, SWE-107, SWE-109 SWE-116, SWE-119, SWE-120, SWE-132, SWE-138, SWE-150, SWE-156 | Slither | Ethereum dataset [68] |
| [69] | SWE-116, SWE-126, SWE-140, SWE-112, SWE-107 | SMARTGIFT | 66,528 transaction records |
| Benchmark released with ContractFuzzer [70] | |||
| [71] | SWE-107, SWE-116 | Yuqi et al tool, SmartBugs | SolidiFi SmartBugs |
| [28] | SWE-107, SWE-116, SWE-128 | Zhenguang et al tool | 40,932 SC from Ethereum |
| [72] | SWE-110, SWE-116, SWE-107, SWE-104 | OYENTE, Remix | Etherscan |
| [73] | SWE-107, SWE-101, SWE-137, SWE-128, SWE-113, SWE-104, SWE-120, SWE-114 | Yingjie et al tool, SmartBugs | SmartBugs [63] |
| SolidiFI benchmark [74] | |||
| [29] | SWE-128, SWE-107, SWE-116 | Oyente, Mythril, Smartcheck, Securify, Slither | Ethereum network |
| [75] | SWE-101, SWE-107, SWE-120, SWE-137, SWE-140 | Jianjun et al tool | 2 M SC from the Ethereum in bytecode |
| CVE hosted vulnerable smart contracts | |||
| [76] | SWE-101, SWE-104, SWE-107, SWE-110, SWE-137, SWE-137, SWE-112, SWE-114, SWE-120 | Echidna, Mythril, Manticore | Capture the Ether smart contract game |
| Ethernaut game | |||
| [77] | SWE-128, SWE-126, SWE-101 | MadMax | Scrapped |
| [78] | SWE-107 | eThor | No mention |
| [79] | SWE-107, SWE-116, SWE-104, SWE-140, SWE-114, SWE-101, SWE-115 | SolidiFI [74], Oyente, Securify, Mythril, Manticore, Smartcheck, Slither | 50 SC |
| [80] | SWE-107, SWE-137 | ÆGIS, ECFChecker, Sereum | 675,444 SC from Ethereum |
| [81] | SWE-107 | Noama et al tool, Reguard, ContractFuzzer | 6 SC from Etherscan |
| [82] | SWE-118, SWE-100, SWE-119, SWE-142, SWE-125, SWE-109, SWE-129, SWE-111 | Smart contract analyzer [83] | 55,046 SC from Etherscan |
| [84] | SWE-124, SWE-116, SWE-115, SWE-112, SWE-138, SWE-113, SWE-143, SWE-151, SWE-101, SWE-136, SWE-107, SWE-104, SWE-114, SWE-145, SWE-137, SWE-137, SWE-100, SWE-128, | Static analyzers: OYENTE, Maian, Gasper, Teether, sCompile, Solar, Securify, MadMax, Vandal, EtherTrust, Zeus, LSTM (Tann et al machine learning), Ether* (N-gram model machine learning), SmartCheck, Servois, SIF, Slither, SmartEmbed, Mythril, SmartScopy, EasyFlow, EVulnHunter | No tests where made |
| Dynamic analyzer: ContractFuzzer, ETHRacer, Harvey, Bran, Reguard, ContraMaster, Annotary, Manticore, FEther, ContractMut, Hydra framework, ContractVis, (Runtime monitors), ECFChecker, DappGuard, ContractLarva, Sereum, HoneyBadger (honeypot discover) | |||
| [85] | SWE-126, SWE-140, SWE-107, SWE-116, SWE-112, SWE-101, SWE-138 | sfuzz, ContractFuzzer, Oyente | 4,112 SC from EtherScan |
| [86] | SWE-138, SWE-116, SWE-126, SWE-112 | Artemis, Maian | 13,100 SC from Etherscan |
| [87] | SWE-100, SWE-101, SWE-104, SWE-107, SWE-112, SWE-113, SWE-114, SWE-115, SWE-116, SWE-120, SWE-121, SWE-123, SWE-126, SWE-128, SWE-136, SWE-137, SWE-138, SWE-140, SWE-141, SWE-142, SWE-143, SWE-145 | No mention | No mention |
| [88] | SWE-107, SWE-137, SWE-101, SWE-104, SWE-113, SWE-120 | SCScan | 1,000 SC from the Etherscan |
| [89] | Not specified | SmartEmbeed [90] | 22 K SC from Ethereum |
| [91] | SWE-140, SWE-126, SWE-107, SWE-116, SWE-112, SWE-138, | GasFuzzer, Contractfuzzer | 3,170 SC from Etherscan |
| [92] | SWE-100, SWE-141, SWE-115, SWE-159, SWE-113, SWE-128, SWE-136, SWE-114, SWE-101, SWE-151, SWE-104 | No mention | No mention |
| [93] | SWE-159 | DEPOSafe | Not specified |
| [94] | SWE-107 | Clairvoyance, Slither, Oyente, Securify | 11714 real-world contracts from Etherscan |
| [95] | SWE-107 | Clairvoyance, Slither, Oyente, Securify | 11714 real-world contracts from Etherscan |
| [96] | SWE-137, SWE-101, SWE-120, SWE-113, SWE-114, SWE-107, SWE-116, SWE-104, SWE-109, SWE-138 | SmartBugs [63], HoneyBadger, Maian, Manticore, Mythril, Osiris, Oyente, Securify, Slither, SmartCheck, SolHint | 143 annotated vulnerable contracts with 208 tagged vulnerabilities |
| 47,518 SC from Etherscan | |||
| [97] | SWE-116, SWE-126, SWE-120, SWE-107, SWE-112 | Solar, teether, Mythril, ContractFuzzer | Etherscan |
| [98] | SWE-137, SWE-101, SWE-120, SWE-113, SWE-114, SWE-107, SWE-116, SWE-104 | SmartBugs, contractLarva, E-EVM, Echidna, Erays, Ether, Ethersplay, EtherTrust, EthIR, FSolidM, Gasper, HoneyBadger, KEVM, MadMax, Maian, Manticore, Mythril, Octopus, Osiris, Oyente, Porosity, rattle, ReGuard, Remix, SASC, sCompile, Securify, Slither, Smartcheck, Solgraph, Solhint, SolMet, teEther, Vandal, VeriSol, Zeus | GitHub repositories |
| Blog posts that analyze contracts | |||
| The Ethereum network | |||
| [99] | SWE-101, SWE-128, SWE-104, SWE-107, SWE-112, SWE-132, SWE-113, SWE-100, SWE-109, SWE-118, SWE-141, SWE-142, SWE-121, SWE-115, SWE-137, SWE-150, SWE-136, SWE-102 | No mention | No mention |
| [9] | SWE-137, SWE-137, SWE-128, SWE-115, SWE-126, SWE-127, SWE-100, SWE-100, SWE-136, SWE-112, SWE-107 | No mention | No mention |
| [100] | SWE-107, SWE-101, SWE-120, SWE-137 | TestBreeder to generate test cases, Manticore, SmartCheck, Slither, MythX, Securify | No mention |
| [101] | SWE-114, SWE-151, SWE-116, SWE-101, SWE-139, SWE-107, SWE-145, SWE-143, SWE-120, SWE-115 | Fuse Framework, the bugs framework, GoatCasino, Truffle framework, MythX | No mention |
| [102] | SWE-107, SWE-116, SWE-120, SWE-126, SWE-136, SWE-139 SWE-140, SWE-142, SWE-143, SWE-145 | Oyente, Remix-IDE, Solgraph, MadMax, Manticore, SmartCheck, Mythril, ContractLarva, SolMet, Vandal, EthIR, MAIAN, Erays, Rattle, Osiris, Scurify, Slither, EtherTrust | No mention |
| [103] | SWE-107, SWE-113, SWE-140, SWE-126, SWE-141, SWE-137, SWE-150, SWE-101, SWE-128, SWE-114, SWE-116, SWE-115, SWE-139, SWE-120, | Zeus, VeriSolid, Vandal, Teether, SmartScopy, SmartCheck, Securify, Oyente, Osiris, MadMax, KFrameWork-EVM-Semantics, Interactive theorem Provers, Gasper, FsolidM, FVF*, EtherTrust, DappGaurd, sCompile, Vultron, Sereum, Regaurd, Maian, EasyFlow, ContractFuzzer | No mention |
| [104] | SWE-107, SWE-139, SWE-116, SWE-101, SWE-104, SWE-137 | Ziyuan et al tool | Dataset, Etherscan |
| [105] | SWE-107 | Re-entrancy Analyzer | Not specified |
| [27] | SWE-101, SWE-137, SWE-140, SWE-114, SWE-120, SWE-107, SWE-141 | Oyente, Securify, Mythril, Manticore, teEther, MAIAN, ContractFuzzer, EvulHunter, EOSafe | No mention |
| [106] | SWE-100, SWE-101, SWE-104, SWE-107, SWE-116, SWE-120, SWE-137, SWE-160 | Oyente, Mythril, porosity | No mention |
| [107] | Oyente detected vulnerabilities | MSgram model, S-gram, Oyente | Etherscan.io |
| [108] | SWE-100, SWE-101, SWE-102, SWE-103, SWE-104, SWE-107, SWE-109, SWE-111, SWE-112, SWE-113, SWE-114, SWE-115, SWE-116, SWE-119, SWE-120, SWE-122, SWE-123, SWE-124, SWE-125, SWE-126, SWE-128, SWE-129, SWE-136, SWE-137, SWE-139, SWE-143, SWE-144, SWE-147, SWE-151, Asset violation | SmartCheck, Slither, Oyente, Mythril, Securify | No mention |
| [30] | SWE-107, SWE-116, SWE-128 | Smartcheck, Oyente, Mythril, Securify, Vanilla-rnn, lstm, gru, gcn, dr-gcn, tmp | 40,932 SC from Ethereum |
| [24] | SWE-107 | No mention | No mention |
| [109] | SWE-107 | ReJection, Slither | 8 SC vulnerable to reentrancy |
| [110] | SWE-107, SWE-101, SWE-112, SWE-100, SWE-114, SWE-116 | Slither, Mythx, Mythril, manticore, Securify, Smartcheck, Echidna, Oyente, Vandal, Zeus | No mention |
| [111] | SWE-107 | VulDeeSmartContract (their tool also called BLSTM-ATT) [112], Securify, SmartCheck, Mythril, Oyente | 42,000 SC from Etherscan |
| [113] | SWE-101, SWE-128, SWE-113, SWE-116, SWE-100, SWE-109, SWE-115, SWE-112, SWE-114, SWE-107, SWE-118 | No mention | No mention |
| [114] | INVALID bytecodes | SAFEVM, VeryMax, SeaHorn, CPAchecker, Oyente, EthIR | 10,796 SC from Etherscan |
| [115] | SWE-100, SWE-101, SWE-103, SWE-104, SWE-107, SWE-113, SWE-114, SWE-115, SWE-116, SWE-120, SWE-126, SWE-128, SWE-129, SWE-132, SWE-137, SWE-140, SWE-141, SWE-143, SWE-144, SWE-151, SWE-155, SWE-161 | Oyente, ContractFuzzer, Securify, SmartCheck | No mention |
| [116] | Not specified | SolMet, MAIAN, ZEUS, Securify, Mythril, SmartDec, Solgraph | No mention |
| [117] | SWE-159 | No mention | |
| [118] | Not specified | MPro, Mythril-Classic, Slither. | No mention |
| [119] | SWE-101, SWE-151, SWE-116, SWE-115, SWE-104, SWE-140 | SolAnalyser, Oyente, Securify, Maian, SmartCheck, Mythril | 1,838 SC from Etherscan |
| [25] | SWE-107, SWE-137, SWE-101, SWE-138, SWE-112, SWE-114, SWE-120, SWE-116, SWE-140, SWE-121 | Oyente, Securify, Zeus, Octopus, Thether, Mythril, Smartchack, Manticore | No mention |
| [120] | SWE-107, SWE-116 | Oyente | 20 SC from Ethereum |
| [55] | SWE-101, SWE-116 | EVM* | 10 SC with known vulnerabilities |
| [121] | SWE-107, SWE-140, SWE-126, SWE-101 | VULTRON | No mention |
| [122] | SWE-114, SWE-116, SWE-140, SWE-107 | OYENTE, MAIAN, Mythril, Evmdis, Miasm, Porosity | 4,979,625 SC from Ethereum |
| [123] | SWE-126 | -Mythril-enhanced version | 167,698 SC From Ethereum |
| [124] | SWE-101, SWE-104, SWE-107, SWE-109, SWE-111, SWE-112, SWE-115, SWE-119, SWE-120 SWE-132, SWE-137, SWE-138, SWE-140, SWE-144, SWE-150, SWE-152, SWE-154, SWE-155, SWE-157 | Slither, Mythril Classic, their own ML tool | No mention |
| [125] | SWE-119, SWE-109, SWE-107, SWE-137, SWE-138, SWE-132 | Slither, Securify, SmartCheck, Solhint, Surya | 1,000 most used smart contracts |
| [126] | SWE-143, SWE-126, SWE-140, SWE-142, SWE-107, SWE-136, SWE-145, SWE-139, SWE-120, SWE-116 | Mythril | No mention |
| [127] | SWE-116, SWE-104, SWE-107, SWE-114 | NPChecker, Securify, Oyente, Mythril | 30K SC from Ethereum’s main net |
| [128] | SWE-101, SWE-104, SWE-107, SWE-110, SWE-114, SWE-115, SWE-116, SWE-137 SWE-144, | SoliAudit, Oyente, remix | 21,044 SC from etherscan |
| Vulnerabilities labeled by Oyente and Remix | |||
| [129] | SWE-101 | Gbadebo et al tool | No mention |
| [130] | SWE-107, SWE-101, SWE-112, SWE-114, SWE-137, SWE-140, SWE-104 | Mythril (their enhanced version) | 1,000 SC from Etherscan |
| [131] | SWE-128, SWE-126, SWE-101 | MadMax | No mention |
| [21] | SWE-126, SWE-140, SWE-107, SWE-116, SWE-112, SWE-138 | ContractFuzzer | No mention |
| [132] | SWE-107 | ReGuard | 5 SC from Etherscan |
| [133] | SWE-100 SWE-101, SWE-103, SWE-104, SWE-107, SWE-113, SWE-115, SWE-116, SWE-128, SWE-132, SWE-136, SWE-138, SWE-143, SWE-151, SWE-152 | SmartCheck | 4,600 SC from etherscan |
| [134] | SWE-139, SWE-107, SWE-114, SWE-116 | SASC, oyente | 4,744 SC from etherscan |
| [8] | SWE-141, SWE-120, SWE-116, SWE-136, SWE-114, SWE-147, SWE-145, SWE-140, SWE-143, SWE-126, SWE-104, SWE-142, SWE-107, SWE-101, SWE-100, SWE-115, SWE-113 | Oyente, Remix, F*, Gasper, Securify, S. Analysis, SmartCheck, Imandra, Mythril | Smart contract extracted from Openzeppelin’s blog |
From each article, we have identified what tools were used to discover those vulnerabilities and the datasets that contain those vulnerabilities that have been used to test the used tools. Most articles listed in those tables have deployed their frameworks and models to find those vulnerabilities. However, some of them have only benchmarked the existing tools in the market to check their effectiveness in discovering multiple critical ones.
Unfortunately, not all researchers have published their tools or at least their datasets, which makes their verification a difficult task.
Due to the absence of scientific articles that substantiate or elucidate the employed techniques for all the tools mentioned in the preceding tables, our selection for inclusion in Table 8 is based on two criteria:
The tool should be proposed by one of the articles selected for this research.
The proposed tool, framework, or technique should be technically implemented and tested and not only theoretically discussed.
List of proposed tools and frameworks for smart contract vulnerability detection in the selected papers
| Tool | Blockchain | Type | Based on ML/ALGO | Articles | Source code availability |
|---|---|---|---|---|---|
| HFContractFuzzer | Hyperledger Fabric | Dynamic | ALGO | [21] | No |
| MadMax | Ethereum | Static | ALGO | [77,131] | https://github.com/nevillegrech/MadMax. |
| eThor | Ethereum | Static | ALGO | [78] | https://secpriv.wien/ethor |
| SAFEVM | Ethereum | Static | ALGO | [114] | http://costa.fdi.ucm.es/papers/costa/safevm.ova |
| SCStudio | Ethereum | Static | ALGO | [34] | https://github.com/FISCO-BCOS/SCStudio |
| ÆGIS | Ethereum | Dynamic | ALGO | [80] | https://github.com/christoftorres/Aegis |
| ContractFuzzer | Ethereum | Hybrid | ALGO | [21] | https://github.com/gongbell/ContractFuzzer |
| Noama et al. | Ethereum | Hybrid | ALGO | [81] | No |
| SmartScan | Ethereum | Hybrid | ALGO | [38] | https://smartscan.cs.ryerson.ca:4638/ |
| SGUARD | Ethereum | Static | ALGO | [39] | https://github.com/reentrancy/sGuard |
| WANA | EOSIO, Ethereum | Static | ALGO | [26] | https://github.com/gongbell/wana |
| MPro | Ethereum | Static | ALGO | [118] | https://github.com/QuanZhang-William/M-Pro |
| SolAnalyser | Ethereum | Hybrid | ALGO | [119] | No |
| sFuzz | Ethereum | Dynamic | ALGO | [85] | https://sfuzz.github.io |
| Smartcheck | Ethereum | Static | ALGO | [40] | https://github.com/smartdec/smartcheck |
| Artemis | Ethereum | Static | ALGO | [86] | No |
| ContractWard | Ethereum | Static | ML | [42] | No |
| ReGuard | Ethereum | Dynamic | ALGO | [132] | No |
| SCScan | Ethereum | Static | ML | [88] | No |
| SmartEmbed | Ethereum | Static | ML | [89] | https://github.com/beyondacm/SmartEmbed |
| GasFuzzer | Ethereum | Hybrid | ALGO | [91] | No |
| SmartCheck | Ethereum | Static | ALGO | [133] | https://github.com/smartdec/smartcheck |
| DEPOSafe | Ethereum | Hybrid | ALGO | [93] | No |
| ReDefender | Ethereum | Dynamic | ALGO | [44] | No |
| Clairvoyance | Ethereum | Static | ALGO | [94] | https://toolman-demo.readthedocs.io/en/latest/index.html |
| Sooyeon et al. tool | Ethereum | Hybrid | ALGO | [45] | No |
| Zemin Tian, OYENTE | Ethereum | Static | ALGO | [120] | No |
| SmartCheck Extended | Ethereum | Static | ALGO | [96] | https://smartbugs.github.io |
| Solar | Ethereum | Static | ALGO | [97] | No |
| VULTRON | Ethereum | Dynamic | ALGO | [121] | No |
| YuXing et al. tool | Ethereum | Dynamic | ALGO | [47] | No |
| Targy (implemented in sFuzz) | Ethereum | Dynamic | ALGO | [48] | No |
| enhanced version of OYENTE | Ethereum | Static | ALGO | [122] | No |
| Kazuhiro et al. | Hyperledger Fabric | Static | ALGO | [22] | No |
| Mythril (extended) | Ethereum | Static | ALGO | [123] | No |
| Pouyan et al. | Ethereum | Static | ML | [124] | No |
| Kim et al. | Ethereum | Static | ALGO | [100] | No |
| Slither | Ethereum | Static | ALGO | [125] | https://github.com/crytic/slither |
| SASC | Ethereum | Static | ALGO | [134] | No |
| EtherSolve | Ethereum | Static | ALGO | [50] | https://github.com/SeUniVr/EtherSolve/tree/ICPC-2021 |
| CORREAS et al. | Ethereum | Static | ALGO | [51] | NO |
| DeeSCVHunter | Ethereum | Static | ML | [52] | https://github.com/MRdoulestar/DeeSCVHunter |
| Fuchen et al. | Ethereum | Dynamic | ALGO | [54] | https://github.com/FISCO-BCOS/FISCO-BCOS |
| Eth2Vec | Ethereum | Static | ML | [56] | https://github.com/fseclab-osaka/eth2vec |
| VSCL | Ethereum | Static | ML | [57] | No |
| ESAF | Ethereum | Hybrid | ALGO | [59] | https://github.com/alopezvivar/ESAF-PSEUDOCODE |
| Solidifier | Ethereum | Static | ALGO | [60] | https://github.com/blockhousetech/research/tree/master/Solidifier |
| Yuhang et al. | Ethereum | Static | ML | [61] | No |
| Peculiar | Ethereum | Static | ML | [62] | https://github.com/wuhongjun15/Peculiar |
| Ben et al. | Ethereum | Static | ML | [64] | No |
| Wanqing et al. | Ethereum | Static | ML | [65] | No |
| EtherProv | Ethereum | Hybrid | ALGO | [66] | https://github.com/shomzy/EtherProv |
| SmartGift | Ethereum | Dynamic | ML | [69] | https://github.com/chaoweilanmaohahaha/SmartGift |
| Yuqi et al. | Ethereum | Static | ML | [71] | No |
| Zhenguang et al. | Ethereum, VNT Chain | Static | ML | [28] | https://github.com/Messi-Q/AMEVulDetector |
| SC-VDM | Ethereum | Static | ML | [72] | No |
| Yingjie et al. | Ethereum | Static | ML | [73] | No |
| GPSCVulDetector | Ethereum, VNT Chain | Static | ML | [29] | https://github.com/Messi-Q/GPSCVulDetector |
| Jianjun et al. | Ethereum | Static | ALGO | [75] | No |
| Ziyuan et al. | Ethereum | Static | ALGO | [104] | No |
| EOSFuzzer | EOSIO | Hybrid | ALGO | [19] | No |
| RA | Ethereum | Static | ALGO | [105] | |
| Zhen et al. | Ethereum | Static | ML | [107] | https://github.com/yz1019117968/MSgramDataset.git |
| Yuan et al. (AI) | Ethereum, VNT Chain | Static | ML | [30] | No |
| Shasha et al. | generic | Static | ALGO | [24] | No |
| ReJection | Ethereum | Static | ALGO | [109] | No |
| PENG et al. | Ethereum | Static | ML | [111] | https://github.com/MessiQ/VulDeeSmartContract |
| NPChecker | Ethereum | Static | ALGO | [127] | No |
| SoliAudit | Ethereum | Hybrid | ML | [128] | https://github.com/jianwei76/SoliAudit |
| MENGLIN et al. | Ethereum | Hybrid | ALGO | [130] | No |
The collected tools are presented in Table 8 and classified based on three main characteristics:
Blockchain technology supporting
Type of the tools (static, dynamic, or hybrid)
The type of logic used to find vulnerabilities (artificial intelligence or algorithm)
Source code availability
5 Discussion
This section aims at answering the research questions, by combining the different aforementioned smart contract vulnerabilities. It should be noted that the systematic review results may have been impacted by multiple parts such as the selection of databases, researchers’ ideas, and time restrictions.
5.1 What are all the studied smart contract vulnerabilities?
According to our analysis performed on the selected articles, all smart contracts were developed utilizing the Hyperledger Fabric, EOSIO, Ethereum, or VNT Chain as the underlying platforms. Consequently, the classification of smart contract vulnerabilities often aligns with the specific Blockchain platforms on which they manifest. Nevertheless, certain vulnerabilities exhibit technical similarities and possess a more generic nature, enabling their occurrence across multiple types of blockchains.
Figure 3 illustrates the frequency of articles that have presented a comprehensive analysis of a specific vulnerability. As you can see, only 3 of 72 vulnerabilities have never been discussed in one of the selected articles.
In addition, multiple articles have extensively investigated vulnerabilities such as SWE-107, SWE-116, and SWE-101.
According to our research results, the SWE-107 vulnerability has emerged as the most prevalent vulnerability within the selected article. Its prominence can be attributed to its association with the infamous DAO hack, which served as a catalyst for the Ethereum hard fork. The widespread interest in addressing this vulnerability has spurred a substantial body of research, characterized by a multitude of scholarly articles dedicated to its investigation and mitigation. In addition, our current understanding suggests that the prevalence of this vulnerability in smart contracts can be attributed, in part, to the similarity of use cases observed across various types of smart contracts, such as tokens and nonfungible tokens (NFTs).
Moreover, some of the articles that addressed this vulnerability have even divided it into four subtypes: the fallback function-based re-entrancy, the create-based reentrancy, the cross-function reentrancy, and the delegated call Reentrancy. However, this categorization is not very popular among the papers that have discussed this vulnerability.
At some point in the development of any type of application, knowing the time or the date at which an operation is executed is mandatory. Therefore, a common behavior from developers was to use the block information as a source of such information. However, this behavior has created a popular vulnerability codified as SWE-116. Unfortunately, the wide use of this technique to know the time has made this vulnerability very common in smart contracts, which attracted more security researchers to analyze it and build frameworks to find it.
The SWE-101 vulnerability concern the integer over/underflow. This vulnerability is very common among programing languages especially those that are very close to the machine language. Therefore, abording this subject might be easily compared to more complex and blockchain-specific vulnerabilities.
5.2 What are the vulnerabilities that have not been widely studied?
According to the results of our research, the average number of articles for each vulnerability is about 9.4 (Figure 4). This result means that every 10 vulnerabilities have at least been cited in 94 articles. On the basis of this result, we have decided that a vulnerability is considered poorly studied if it has nine papers or fewer that cite it.
Number of papers that have discussed each vulnerability.
Therefore, according to these criteria, we have found that more than 71% of the existing vulnerabilities were not widely discussed by research in this field. Those vulnerabilities are as follows: SWE-109, SWE-139, SWE-141, SWE-142, SWE-132, SWE-145, SWE-151, SWE-118, SWE-159, SWE-119, SWE-121, SWE-144, SWE-111, SWE-124, SWE-125, SWE-150, SWE-103, SWE-110, SWE-129, SWE-147, SWE-162, SWE-163, SWE-165, SWE-166, SWE-167, SWE-168, SWE-169, SWE-170, SWE-171, SWE-175, SWE-176, SWE-102, SWE-123, SWE-127, SWE-148, SWE-149, SWE-152, SWE-154, SWE-155, SWE-164, SWE-172, SWE-173, SWE-122, SWE-134, SWE-146, SWE-153, SWE-156, SWE-157, SWE-158, SWE-160, SWE-161, SWE-174, SWE-117, SWE-133, and SWE-135.
This result could be explained by the fact that some vulnerabilities are either not very dangerous compared to others or they are specific to blockchains that are themselves not widely used or simply not known enough to become subject to research.
The SWE-103 vulnerability is related to a floating pragma that may lead unintentionally to include compiler-based vulnerabilities if compiled by older or newer versions of solidity. This issue is a good example of a specific vulnerability that could only be found on Ethereum-based smart contracts, especially those built by solidity. Moreover, most security research works do not give this vulnerability a big intention as its impact could in some situations be considered negligible.
Three of the vulnerabilities listed in this research were never studied in all the selected articles, which are SWE-117, SWE-133, and SWE-135. Both SWE-117 and SWE-133 are vulnerabilities related to cryptography implementation issues. Both vulnerabilities are not very popular as that implementation could be considered a rare use case of smart contacts.
The SWE-135 vulnerability is related to code left in the smart contract with no effects. This vulnerability is very dangerous that could lead to financial losses. Unfortunately, no article has ever discussed these types of vulnerabilities among the selected articles.
In addition, only less than 24% were massively studied by the selected articles. Those vulnerabilities are SWE-107, SWE-116, SWE-101, SWE-137, SWE-114, SWE-140, SWE-120, SWE-104, SWE-128, SWE-113, SWE-112, SWE-115, SWE-126, SWE-138, SWE-100, SWE-136, and SWE-143.
5.3 What are the developed frameworks and methods to find those vulnerabilities?
As the adoption of smart contract technology proliferates among companies and individuals, the daily deployment rate of smart contracts continues to escalate. Furthermore, a growing number of individuals have harnessed smart contracts to address various challenges [135]. This widespread adoption across multiple domains has concurrently augmented the complexity of smart contracts, rendering manual vulnerability discovery a daunting and time-intensive task.
For this reason, many security researchers have proposed tools and frameworks to find those vulnerabilities using different concepts and techniques.
To address this inquiry, we formulated a selection criterion for our analysis. We specifically targeted articles that introduced novel frameworks, providing comprehensive insights into their internal workings. Consequently, articles primarily focused on framework comparisons were excluded from our examination. Moreover, articles solely presenting theoretical concepts lacking technical implementations were also disregarded.
Table 8 presents a comprehensive compilation of frameworks detailed in the selected articles, encompassing the employed vulnerability detection techniques as well as the availability of corresponding source code or binary. Our findings reveal a notable overlap between the vulnerability detection techniques utilized in traditional applications and those employed in smart contracts. This means that techniques like symbolic execution [120], pattern matching [34], data flow analysis [62], control flow [50] analysis, fuzzing, and many others [136,137] are used to find smart contract vulnerabilities.
These frameworks can be categorized into three primary types: static analysis-based frameworks, dynamic analysis-based frameworks, and hybrid analysis-based frameworks [136,137]. Furthermore, certain frameworks were specifically developed to address distinct vulnerabilities, such as re-entrancy (SWE-107), while others aimed to detect a range of vulnerabilities. Regrettably, only 31 of 69 frameworks have made their source code publicly available, facilitating verification and utilization in future research endeavors.
5.4 To what kind of smart contract vulnerabilities the ML was applied?
Likewise, in classic applications, ML technology was also used in vulnerability research in smart contracts. Ziyuan et al. [104] have used ML technology to discover vulnerabilities like the re-entrancy (SWE-107) and used block values as a proxy for time (SWE-116). Daojing et al. [106] have also used ML technology to find multiple vulnerabilities like SWE-107, SWE-116, SWE-148, SWE-140, SWE-100, and SWE-101. However, the most relevant research was the one performed by Momeni et al. [124] where they used four different machine-learning techniques to build multiple models that are capable to detect specific vulnerabilities.
The resulting model developed by this team was capable to find 16 different vulnerabilities with an average accuracy of 95%. What makes this research very relevant is the number of vulnerabilities that could be discovered with this level of accuracy.
Table 9 presents the result of our research:
List of presented smart contract vulnerability detection ML models in the selected articles
| Tool | Paper | Blockchain | Type | Vulnerabilities |
|---|---|---|---|---|
| ContractWard | [42] | Ethereum | Static | SWE-101, SWE-107, SWE-113, SWE-114, SWE-116, SWE-128, SWE-137, SWE-138, SWE-140 |
| SCScan | [88] | Ethereum | Static | SWE-107, SWE-137, SWE-101, SWE-104, SWE-113, SWE-120 |
| SmartEmbed | [89] | Ethereum | Static | Not specified |
| Momeni et al. | [124] | Ethereum | Static | SWE-101, SWE-104, SWE-107, SWE-109, SWE-111, SWE-112, SWE-115, SWE-119, SWE-120 SWE-132, SWE-137, SWE-138, SWE-140, SWE-144, SWE-150, SWE-152, SWE-154, SWE-155, SWE-157 |
| DeeSCVHunter | [52] | Ethereum | Static | SWE-107, SWE-116 |
| Eth2Vec | [56] | Ethereum | Static | SWE-107,SWE-116,SWE-148, SWE-140, SWE-100, SWE-101 |
| VSCL | [57] | Ethereum | Static | Not specified |
| Sun and Gu | [61] | Ethereum | Static | SWE-107, SWE-101, SWE-116 |
| Peculiar | [62] | Ethereum | Static | SWE-107 |
| Wang et al. | [64] | Ethereum | Static | SWE-107 |
| Jie et al. | [65] | Ethereum | Static | Not specified |
| SmartGift | [69] | Ethereum | Dynamic | SWE-116, SWE-126, SWE-140, SWE-112, SWE-107 |
| Fan et al. | [71] | Ethereum | Static | SWE-107, SWE-116 |
| Liu et al. | [28] | Ethereum, VNT Chain | Static | SWE-107, SWE-116, SWE-128 |
| SC-VDM | [72] | Ethereum | Static | SWE-110, SWE-116, SWE-107, SWE-104 |
| Xu et al. | [73] | Ethereum | Static | SWE-107, SWE-101, SWE-137, SWE-128, SWE-113, SWE-104, SWE-120, SWE-114 |
| GPSCVulDetector | [29] | Ethereum, VNT Chain | Static | SWE-128, SWE-107, SWE-116 |
| Yang et al. | [107] | Ethereum | Static | Not specified |
| Zhuang et al. (AI) | [30] | Ethereum, VNT Chain | Static | SWE-107, SWE-116, SWE-128 |
| Qian et al. | [111] | Ethereum | Static | SWE-107 |
| SoliAudit | [128] | Ethereum | Hybrid | SWE-101, SWE-104, SWE-107, SWE-110, SWE-114, SWE-115, SWE-116, SWE-137, SWE-144 |
However, according to our results, we have discovered that most ML implementations have targeted the Ethereum virtual machine-based smart contracts. Moreover, no machine-learning model has been developed to target Hyperledger fabric or any other private or public Blockchains.
5.5 What are the used Smart contract datasets?
Most of the used smart contracts came from the Etherscan platform. This platform offers a free service of continuous Ethereum blockchain scrapping to allow reading information. In addition, the platform allows developers to validate their smart contracts by submitting their source code and verifying it to add credibility to their smart contracts. This verification process helps increase the smart contract source code dataset. However, the dataset offered by Etherscan is not labeled in terms of vulnerable functions. About 35% of the researchers in the selected articles have used this dataset.
However, for labeled smart contracts source code, some researchers have used Smart bugs or Solidifi-benchmark or both to check their models and algorithms. Solidifi-benchmark has used 9369 defects from 7 distinct problem categories, including reentrancy, timestamp dependence, unchecked transmit, TOD, integer overflow/underflow, and usage of tx.origin, to build a dataset of flawed contracts in the SolidiFI-benchmark repository using SolidiFI.
The Smartbugs dataset also offers hundreds of labeled vulnerable smart contracts that can be used to train or test models.
Unfortunately, a big part of the selected articles did not specify the used dataset for their research and others have performed manual collection of vulnerable smart contracts using GitHub or any website citing vulnerable smart contracts or even CTFs like Ethernaut.
6 Conclusions
This research undertaking entails a comprehensive examination of the corpus of scholarly literature encompassing the period between 2016 and 2021, with a primary focus on the meticulous scrutiny of papers addressing the detection of vulnerabilities inherent in smart contract technology. The primary aim of this investigation is to undertake a systematic and thorough extraction and compilation of all vulnerabilities that have been meticulously examined and documented within the aforementioned corpus of scholarly articles. The secondary objective is to extract and analyze the various techniques employed by researchers in the identification and discovery of vulnerabilities inherent in smart contracts, with a specific emphasis on ML models. Furthermore, an additional goal of this study is to collect and consolidate a comprehensive repository of ML datasets that can be utilized by future researchers to construct robust machine learning (ML) models capable of effectively addressing the challenge of vulnerable smart contracts.
The outcomes obtained from our research yield cause for concern, as it reveals an inadequate level of coverage in addressing all the vulnerabilities identified within the domain of interest. A concerning aspect is the limited number of blockchain platforms that have been subjected to scientific investigations specifically centered around the security of their smart contracts. In our comprehensive analysis, we observed that only four blockchain platforms were the subject of such focused research. The growing prevalence of smart contracts as problem-solving tools, combined with the inherent instability of the technologies employed in their construction, contributes significantly to the emergence of vulnerable smart contracts. The findings discussed in our research serve as a valuable resource for developers, urging them to exercise increased diligence in their development practices to mitigate the occurrence of vulnerabilities. By prioritizing attention to detail, developers can enhance the overall safety and security of the blockchain network, thus maximizing its usability and minimizing potential risks for users.
It is important to acknowledge a constraint inherent in our study, namely, the analysis limited to articles published within the temporal framework of 2016 to 2021. This restriction imposes a temporal boundary on the comprehensiveness of our findings. In addition, the nomenclature disparity among blockchains, wherein some may not explicitly refer to their decentralized applications (Dapps) as “smart contract” potentially resulted in the inadvertent omission of relevant literature exploring similar themes. This limitation may have resulted in the exclusion of valuable insights and perspectives from the analysis.
-
Author contributions: The author confirms sole responsibility for writing the entire paper and conducting all research, under the supervision of Professor Hanan El Bakkali.
-
Conflict of interest: The authors declare that they have no conflicts of interest.
-
Data availability statement: The data used to support the findings of this article are available from the corresponding author upon request.
References
[1] Cryptocurrency Prices, Charts And Market Capitalizations,” CoinMarketCap. https://coinmarketcap.com/ (accessed Dec. 02, 2022).Search in Google Scholar
[2] Ethereum Statistics (2022). https://www.alchemy.com/overviews/ethereum-statistics (accessed Dec. 02, 2022).Search in Google Scholar
[3] Shabani Baghani A, Rahimpour S, Khabbazian M. The DAO induction attack: Analysis and countermeasure. IEEE Internet Things J. Apr. 2022;9(7):4875–87. 10.1109/JIOT.2021.3108154.Search in Google Scholar
[4] A Postmortem on the Parity Multi-Sig Library Self-Destruct | Parity Technologies. https://www.parity.io/blog/a-postmortem-on-the-parity-multi-sig-library-self-destruct/ (accessed Nov. 18, 2022).Search in Google Scholar
[5] Androulaki E, Barger A, Bortnikov V, Cachin C, Christidis K, De Caro A, et al. Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference. Porto Portugal: ACM; Apr. 2018. p. 1–15. 10.1145/3190508.3190538.Search in Google Scholar
[6] Chain VNT. https://vntchain.io/ (accessed Sep. 22, 2022).Search in Google Scholar
[7] Homepage | Solana Docs. https://docs.solana.com/ (accessed Nov. 18, 2022).Search in Google Scholar
[8] Dika A, Nowostawski M. Security vulnerabilities in Ethereum smart contracts. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). Halifax, NS, Canada: IEEE; Jul. 2018. p. 955–62. 10.1109/Cybermatics_2018.2018.00182.Search in Google Scholar
[9] Bouichou A, Mezroui S, Oualkadi AE. An overview of Ethereum and Solidity vulnerabilities. In: 2020 International Symposium on Advanced Electrical and Communication Technologies (ISAECT). Marrakech, Morocco: IEEE; Nov. 2020. p. 1–7. 10.1109/ISAECT50560.2020.9523638 Search in Google Scholar
[10] Nakamoto S. Bitcoin: A Peer-to-Peer Electronic Cash System.Search in Google Scholar
[11] Nick S. Smart Contracts. https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart.contracts.html (accessed Nov. 18, 2022).Search in Google Scholar
[12] Bitcoin Wiki. https://fr.bitcoin.it/wiki/Accueil (accessed Nov. 18, 2022).Search in Google Scholar
[13] Buterin V. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform. p. 36.Search in Google Scholar
[14] Team S. Releases. https://blog.soliditylang.org/category/releases/ (accessed Dec. 02, 2022).Search in Google Scholar
[15] Ying I, Saposnik G, Vermeulen MJ, Leung A, Ray JG. Nonalcoholic fatty liver disease and acute ischemic stroke. Epidemiology. Jan. 2011;22(1):129–30. 10.1097/EDE.0b013e3181feb50a.Search in Google Scholar PubMed
[16] Kitchenham B, Charters S. Guidelines for performing Systematic Literature Reviews in Software Engineering. UK: Keele University and Durham University; Vol. 2, 2007.Search in Google Scholar
[17] Kitchenham B. Procedures for Performing Systematic Reviews. Keele, UK: Keele University. 2004 Jul, Vol. 33, No. 2004, p. 1–26.Search in Google Scholar
[18] Wang G, Zhang S, Yu T, Ning Y. A systematic overview of blockchain research. J Syst Sci Inf. Jun. 2021;9(3):205–38. 10.21078/JSSI-2021-205-34.Search in Google Scholar
[19] Huang Y, Jiang B, Chan WK. EOSFuzzer: Fuzzing EOSIO smart contracts for vulnerability detection. In: 12th Asia-Pacific Symposium on Internetware. Singapore Singapore: ACM; Nov. 2020. p. 99–109. 10.1145/3457913.3457920.Search in Google Scholar
[20] Zaazaa O, El Bakkali H. Unveiling the landscape of smart contract vulnerabilities: A detailed examination and codification of vulnerabilities in prominent blockchains. In: International Journal of Computer Networks & Communications; 2023.10.5121/ijcnc.2023.15603Search in Google Scholar
[21] Ding M, Li P, Li S, Zhang H. HFContractFuzzer: Fuzzing hyperledger fabric smart contracts for vulnerability detection. In: Evaluation and Assessment in Software Engineering. Trondheim Norway: ACM; Jun 2021. p. 321–8. 10.1145/3463274.3463351.Search in Google Scholar
[22] Yamashita K, Nomura Y, Zhou E, Pi B, Jun S. Potential risks of hyperledger fabric smart contracts. In: IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE). Hangzhou, China: IEEE; Feb. 2019. p. 1–10. 10.1109/IWBOSE.2019.8666486.Search in Google Scholar
[23] Peng K, Li M, Huang H, Wang C, Wan S, Choo K-KR. Security challenges and opportunities for smart contracts in internet of things: A survey. IEEE Internet Things J. Aug. 2021;8(15):12004–20. 10.1109/JIOT.2021.3074544.Search in Google Scholar
[24] Du S, Huang H. A general framework of smart contract vulnerability mining based on control flow graph matching. In: Sun X, Wang J, Bertino E, editors. Artificial intelligence and security. Singapore: Springer Singapore; 2020. p. 166–75.10.1007/978-981-15-8101-4_16Search in Google Scholar
[25] Huang Y, Bian Y, Li R, Zhao JL, Shi P. Smart contract security: A software lifecycle perspective. IEEE Access. 2019;7:150184–202. 10.1109/ACCESS.2019.2946988.Search in Google Scholar
[26] Wang D, Jiang B, Chan WK. WANA: Symbolic execution of wasm bytecode for cross-platform smart contract vulnerability detection. p. 12. arXiv preprint arXiv:2007.15510.Search in Google Scholar
[27] Xu J, Dang F, Ding X, Zhou M. A survey on vulnerability detection tools of smart contract bytecode. In: 2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE). Dalian, China: IEEE, Sep 2020. p. 94–8. 10.1109/ICISCAE51034.2020.9236931.Search in Google Scholar
[28] Liu Z, Qian P, Wang X, Zhu L, He Q, Ji S. Smart contract vulnerability detection: From pure neural network to interpretable graph feature and expert pattern fusion. In: Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence. Montreal, Canada: International Joint Conferences on Artificial Intelligence Organization; Aug. 2021. p. 2751–9. 10.24963/ijcai.2021/379.Search in Google Scholar
[29] Liu Z, Qian P, Wang X, Zhuang Y, Qiu L, Wang X. Combining graph neural networks with expert knowledge for smart contract vulnerability detection. IEEE Trans Knowl Data Eng. 2021;1. 10.1109/TKDE.2021.3095196.Search in Google Scholar
[30] Zhuang Y, Liu Z, Qian P, Liu Q, Wang X, He Q. Smart contract vulnerability detection using graph neural network. In: Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence. Yokohama, Japan: International Joint Conferences on Artificial Intelligence Organization; Jul. 2020. p. 3283–90. 10.24963/ijcai.2020/454.Search in Google Scholar
[31] Narayana KL, Sathiyamurthy K. Automation and smart materials in detecting smart contracts vulnerabilities in Blockchain using deep learning. Mater Today Proc. 2023;81:653–9. 10.1016/j.matpr.2021.04.125.Search in Google Scholar
[32] Overview Smart Contract Weakness Classification and Test Cases. http://swcregistry.io/ (accessed Sep. 30, 2022).Search in Google Scholar
[33] Index - Ethereum Smart Contract Best Practices https://consensys.github.io/smart-contract-best-practices/attacks/ (accessed Nov. 19, 2022).Search in Google Scholar
[34] Ren M, Ma F, Yin Z, Li H, Fu Y, Chen T, et al. SCStudio: A secure and efficient integrated development environment for smart contracts. In: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis. Virtual Denmark: ACM; Jul. 2021. p. 666–9. 10.1145/3460319.3469078.Search in Google Scholar
[35] Ren M, Yin Z, Ma F, Xu Z, Jiang Y, Sun C, et al. Empirical evaluation of smart contract testing: what is the best choice. In: Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis. Virtual Denmark: ACM; Jul. 2021. p. 566–79. 10.1145/3460319.3464837.Search in Google Scholar
[36] renardbebe, Smart-Contract-Benchmark-Suites: A Unified Dataset. 2022. Nov. 19, 2022. https://github.com/renardbebe/Smart-Contract-Benchmark-Suites.Search in Google Scholar
[37] Garfatta I, Klai K, Gaaloul W, Graiet M. A survey on formal verification for solidity smart contracts. In: 2021 Australasian Computer Science Week Multiconference. Dunedin New Zealand: ACM; Feb. 2021. p. 1–10. 10.1145/3437378.3437879.Search in Google Scholar
[38] Samreen NF, Alalfi MH. SmartScan: An approach to detect denial of service vulnerability in Ethereum smart contracts. In: 2021 IEEE/ACM 4th International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB). Madrid, Spain: IEEE; May 2021. p. 17–26. 10.1109/WETSEB52558.2021.00010.Search in Google Scholar
[39] Nguyen TD, Pham LH, Sun J. SGUARD: Towards fixing vulnerable smart contracts automatically. In: 2021 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA: IEEE, May 2021; p. 1215–29. 10.1109/SP40001.2021.00057.Search in Google Scholar
[40] Aidee NA, Johar MG, Alkawaz MH, Hajamydeen AI, Al-Tamimi MS. Vulnerability assessment on Ethereum based smart contract applications. 2021 IEEE International Conference on Automatic Control & Intelligent Systems (I2CACIS); Jun. 2021. p. 13–8. 10.1109/I2CACIS52118.2021.9495892.Search in Google Scholar
[41] Matulevicius N, Cordeiro LC. Verifying security vulnerabilities for blockchain-based smart contracts. In: 2021 XI Brazilian Symposium on Computing Systems Engineering (SBESC). Florianopolis, Brazil: IEEE; Nov. 2021. p. 1–8. 10.1109/SBESC53686.2021.9628229.Search in Google Scholar
[42] Wang W, Song J, Xu G, Li Y, Wang H, Su C. ContractWard: Automated vulnerability detection models for Ethereum smart contracts. IEEE Trans Netw Sci Eng. Apr. 2021;8(2):1133–44. 10.1109/TNSE.2020.2968505.Search in Google Scholar
[43] Sujeetha R, Preetha CASD. A literature survey on smart contract testing and analysis for smart contract based blockchain application development. In: 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC). Trichy, India: IEEE; Oct. 2021. p. 378–85. 10.1109/ICOSEC51865.2021.9591750.Search in Google Scholar
[44] Pan Z, Hu T, Qian C, Li B. ReDefender: A tool for detecting reentrancy vulnerabilities in smart contracts effectively. In: 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS). Hainan, China: IEEE; Dec. 2021. p. 915–25. 10.1109/QRS54544.2021.00101.Search in Google Scholar
[45] Lee S, Cho E-S. Lightweight extension of an execution environment for safer function calls in Solidity/Ethereum Virtual Machine smart contracts. In: 2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). Honolulu, HI, USA: IEEE; Mar. 2021. p. 689–95. 10.1109/SANER50967.2021.00087.Search in Google Scholar
[46] Gao Z, Jiang L, Xia X, Lo D, Grundy J. Checking smart contracts with structural code embedding. IEEE Trans Softw Eng. Dec. 2021;47(12):2874–91. 10.1109/TSE.2020.2971482.Search in Google Scholar
[47] Tang Y, Li Z, Bai Y. Rethinking of reentrancy on the Ethereum. In: 2021 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). AB, Canada: IEEE; Oct. 2021. p. 68–75. 10.1109/DASC-PICom-CBDCom-CyberSciTech52372.2021.00025.Search in Google Scholar
[48] Ji S, Dong J, Qiu J, Gu B, Wang Y, Wang T. Increasing fuzz testing coverage for smart contracts with dynamic taint analysis. In: 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS); Dec. 2021. p. 243–7. 10.1109/QRS54544.2021.00035.Search in Google Scholar
[49] Dia B, Ivaki N, Laranjeiro N. An empirical evaluation of the effectiveness of smart contract verification tools. In: 2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC). Perth, Australia: IEEE, Dec; 2021. p. 17–26. 10.1109/PRDC53464.2021.00013.Search in Google Scholar
[50] Contro F, Crosara M, Ceccato M, Preda MD. EtherSolve: Computing an accurate control-flow graph from Ethereum bytecode. In: 2021 IEEE/ACM 29th International Conference on Program Comprehension (ICPC). Madrid, Spain: IEEE; May 2021. p. 127–37. 10.1109/ICPC52881.2021.00021.Search in Google Scholar
[51] Correas J, Gordillo P, Roman-Diez G. Static profiling and optimization of Ethereum smart contracts using resource analysis. IEEE Access. 2021;9:25495–507. 10.1109/ACCESS.2021.3057565.Search in Google Scholar
[52] Yu X, Zhao H, Hou B, Ying Z, Wu B. DeeSCVHunter: A deep learning-based framework for smart contract vulnerability detection. In: 2021 International Joint Conference on Neural Networks (IJCNN). Shenzhen, China: IEEE, Jul; 2021. p. 1–8. 10.1109/IJCNN52387.2021.9534324.Search in Google Scholar
[53] QIAN, GraphDeeSmartContractGraphDeeSmartContract. 2022. Accessed: Nov. 19, 2022. https://github.com/Messi-Q/GraphDeeSmartContract.Search in Google Scholar
[54] Ma F, Ren M, Fu Y, Wang M, Li H, Song H, et al. Security reinforcement for Ethereum virtual machine. Inf Process & Manag. Jul. 2021;58(4):102565. 10.1016/j.ipm.2021.102565.Search in Google Scholar
[55] Ma F, Fu Y, Ren M, Wang M, Jiang Y, Zhang K, et al. EVM: From offline detection to online reinforcement for Ethereum virtual machine. In: 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER). Hangzhou, China: IEEE; Feb. 2019. p. 554–8. 10.1109/SANER.2019.8668038.Search in Google Scholar
[56] Ashizawa N, Yanai N, Cruz JP, Okamura S. Eth2Vec: Learning contract-wide code representations for vulnerability detection on Ethereum smart contracts. Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure. Virtual Event Hong Kong: ACM; May 2021. p. 47–59. 10.1145/3457337.3457841.Search in Google Scholar
[57] Mi F, Wang Z, Zhao C, Guo J, Ahmed F, Khan L. VSCL: Automating vulnerability detection in smart contracts with deep learning. In: 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). Sydney, Australia: IEEE; May 2021. p. 1–9. 10.1109/ICBC51069.2021.9461050.Search in Google Scholar
[58] Ahmadjee S, Mera-Gomez C, Bahsoon R. Assessing smart contracts security technical debts. In: 2021 IEEE/ACM International Conference on Technical Debt (TechDebt). Madrid, Spain: IEEE; May 2021. p. 6–15. 10.1109/TechDebt52882.2021.00010.Search in Google Scholar
[59] López Vivar A, Sandoval Orozco AL, García Villalba LJ. A security framework for Ethereum smart contracts. Comput Commun. Apr. 2021;172:119–29. 10.1016/j.comcom.2021.03.008.Search in Google Scholar
[60] Antonino P, Roscoe AW. Solidifier: bounded model checking solidity using lazy contract deployment and precise memory modelling. In: Proceedings of the 36th Annual ACM Symposium on Applied Computing. Virtual Event Republic of Korea: ACM; Mar. 2021. p. 1788–97. 10.1145/3412841.3442051.Search in Google Scholar
[61] Sun Y, Gu L. Attention-based machine learning model for smart contract vulnerability detection. J Phys: Conf Ser. Mar. 2021;1820(1):012004. 10.1088/1742-6596/1820/1/012004.Search in Google Scholar
[62] Wu H, Zhang Z, Wang S, Lei Y, Lin B, Qin Y, et al. Peculiar: Smart contract vulnerability detection based on crucial data flow graph and pre-training techniques. 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE). Wuhan, China: IEEE; Oct. 2021. p. 378–89. 10.1109/ISSRE52982.2021.00047.Search in Google Scholar
[63] Smartbugs/dataset at master smartbugs/smartbugs, GitHub. https://github.com/smartbugs/smartbugs (accessed Nov. 19, 2022).Search in Google Scholar
[64] Wang B, Chu H, Zhang P, Dong H. Smart contract vulnerability detection using code representation fusion. In: 2021 28th Asia-Pacific Software Engineering Conference (APSEC). Taipei, Taiwan: IEEE; 2021. p. 564–5. 10.1109/APSEC53868.2021.00069.Search in Google Scholar
[65] Jie W, Koe ASV, Huang P, Zhang S. Full-stack hierarchical fusion of static features for smart contracts vulnerability detection. In: 2021 IEEE International Conference on Blockchain (Blockchain). Melbourne, Australia: IEEE; Dec. 2021. p. 95–102. 10.1109/Blockchain53845.2021.00091.Search in Google Scholar
[66] Linoy S, Ray S, Stakhanova N. EtherProv: Provenance-aware detection, analysis, and mitigation of Ethereum smart contract security issues. In: 2021 IEEE International Conference on Blockchain (Blockchain). Melbourne, Australia: IEEE; Dec. 2021. p. 1–10. 10.1109/Blockchain53845.2021.00014.Search in Google Scholar
[67] Usman TA, Selcuk AA, Ozarslan S. An analysis of Ethereum smart contract vulnerabilities. In: 2021 International Conference on Information Security and Cryptology (ISCTURKEY). Ankara, Turkey: IEEE; Dec. 2021. p. 99–104. 10.1109/ISCTURKEY53027.2021.9654305.Search in Google Scholar
[68] Ethereum in BigQuery: a Public Dataset for smart contract analytics, Google Cloud Blog. https://cloud.google.com/blog/products/data-analytics/ethereum-bigquery-public-dataset-smart-contract-analytics (accessed Nov. 19, 2022).Search in Google Scholar
[69] Zhou T, Liu K, Li L, Liu Z, Klein J, Bissyande TF. SmartGift: Learning to generate practical inputs for testing smart contracts. In: 2021 IEEE International Conference on Software Maintenance and Evolution (ICSME). Luxembourg: IEEE; Sep. 2021. p. 23–34. 10.1109/ICSME52107.2021.00009.Search in Google Scholar
[70] ContractFuzzer/examples at master gongbell/ContractFuzzer, GitHub. https://github.com/gongbell/ContractFuzzer (accessed Nov. 19, 2022).Search in Google Scholar
[71] Fan Y, Shang S, Ding X. Smart contract vulnerability detection based on dual attention graph convolutional network. In: Gao H, Wang X, Tan Y, Shi Y, Zomaya A, Yan H, Cai J, editors. Collaborative computing: Networking, applications and worksharing. Cham: Springer International Publishing; 2021. p. 335–51.10.1007/978-3-030-92638-0_20Search in Google Scholar
[72] Zhou K, Cheng J, Li H, Yuan Y, Liu L, Li X. SC-VDM: A lightweight smart contract vulnerability detection model. In: Tan Y, Shi Y, Zomaya A, Yan H, Cai J, editors. Data Mining and Big Data. Singapore: Springer Singapore; 2021. p. 138–49.10.1007/978-981-16-7476-1_13Search in Google Scholar
[73] Xu Y, Hu G, You L, Cao C. A novel machine learning-based analysis model for smart contract vulnerability. Secur Commun Netw. Aug. 2021;2021:1–12. 10.1155/2021/5798033.Search in Google Scholar
[74] SolidiFI Benchmark. Univ of British Columbia (UBC), 2022. Accessed: Nov. 19, 2022. https://github.com/DependableSystemsLab/SolidiFI-benchmark.Search in Google Scholar
[75] Huang J, Han S, You W, Shi W, Liang B, Wu J, et al. Hunting vulnerable smart contracts via graph embedding based bytecode matching. IEEE Trans Inform Forensic Secur. 2021;16:2144–56. 10.1109/TIFS.2021.3050051.Search in Google Scholar
[76] Leid A, van der Merwe B, Visser W. Testing Ethereum smart contracts: A comparison of symbolic analysis and fuzz testing tools. In: Conference of the South African Institute of Computer Scientists and Information Technologists 2020. Cape Town South Africa: ACM; Sep. 2020. p. 35–43. 10.1145/3410886.3410907.Search in Google Scholar
[77] Grech N, Kong M, Jurisevic A, Brent L, Scholz B, Smaragdakis Y. MadMax: analyzing the out-of-gas world of smart contracts. Commun ACM. Sep. 2020;63(10):87–95. 10.1145/3416262.Search in Google Scholar
[78] Schneidewind C, Grishchenko I, Scherer M, Maffei M. eThor: Practical and provably sound static analysis of Ethereum smart contracts. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Virtual Event USA: ACM; Oct. 2020. p. 621–40. 10.1145/3372297.3417250.Search in Google Scholar
[79] Ghaleb A, Pattabiraman K. How effective are smart contract analysis tools? evaluating smart contract static analysis tools using bug injection. In: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. Virtual Event USA: ACM; Jul. 2020. p. 415–27. 10.1145/3395363.3397385.Search in Google Scholar
[80] Ferreira Torres C, Baden M, Norvill R, Fiz Pontiveros BB, Jonker H, Mauw S. “ÆGIS: Shielding Vulnerable Smart Contracts Against Attacks,”. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security. Taipei Taiwan: ACM, Oct; 2020. p. 584–97. 10.1145/3320269.3384756.Search in Google Scholar
[81] Fatima Samreen N, Alalfi MH. Reentrancy vulnerability identification in Ethereum smart contracts. In: 2020 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE). London, ON, Canada: IEEE; Feb. 2020. p. 22–9. 10.1109/IWBOSE50093.2020.9050260.Search in Google Scholar
[82] Hwang S, Ryu S. Gap between theory and practice: an empirical study of security patches in solidity. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. Seoul South Korea: ACM; Jun. 2020. p. 542–53. 10.1145/3377811.3380424.Search in Google Scholar
[83] Hwang S. Smart Contract Analyzer. 2022. Accessed: Nov. 19, 2022. https://github.com/sjmini/icse2020-Solidity.Search in Google Scholar
[84] Kim S, Ryu S. Analysis of blockchain smart contracts: Techniques and insights. In: 2020 IEEE Secure Development (SecDev), Atlanta. GA, USA: IEEE; Sep. 2020. p. 65–73. 10.1109/SecDev45635.2020.00026.Search in Google Scholar
[85] Nguyen TD, Pham LH, Sun J, Lin Y, Minh QT. sFuzz: an efficient adaptive fuzzer for solidity smart contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. Seoul South Korea: ACM; Jun. 2020. p. 778–88. 10.1145/3377811.3380334.Search in Google Scholar
[86] Wang A, Wang H, Jiang B, Chan WK. Artemis: An improved smart contract verification tool for vulnerability detection. In: 2020 7th International Conference on Dependable Systems and Their Applications (DSA). Xi’an, China: IEEE; Nov. 2020. p. 173–81. 10.1109/DSA51864.2020.00031.Search in Google Scholar
[87] Staderini M, Palli C, Bondavalli A. Classification of Ethereum vulnerabilities and their propagations. 2020 Second International Conference on Blockchain Computing and Applications (BCCA). Antalya, Turkey: IEEE; Nov. 2020. p. 44–51. 10.1109/BCCA50787.2020.9274458.Search in Google Scholar
[88] Hao X, Ren W, Zheng W, Zhu T. SCScan: A SVM-based scanning system for vulnerabilities in blockchain smart contracts. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). Guangzhou, China: IEEE; Dec. 2020. p. 1598–605. 10.1109/TrustCom50675.2020.00221.Search in Google Scholar
[89] Gao Z. When Deep Learning Meets Smart Contracts, p. 3. ACM; 2020. 10.1145/3324884.3418918.Search in Google Scholar
[90] Gao ZP. SmartEmbed Web Tool. 2022. Accessed: Nov. 19, 2022. https://github.com/beyondacm/SmartEmbed.Search in Google Scholar
[91] Ashraf I, Ma X, Jiang B, Chan WK. GasFuzzer: Fuzzing Ethereum smart contract binaries to expose gas-oriented exception security vulnerabilities. IEEE Access. 2020;8:99552–64. 10.1109/ACCESS.2020.2995183.Search in Google Scholar
[92] Trojanowska N, Kedziora M, Hanif M, Song H. Secure decentralized application development of blockchain-based games. In: 2020 IEEE 39th International Performance Computing and Communications Conference (IPCCC). Austin, TX, USA: IEEE; Nov. 2020. p. 1–8. 10.1109/IPCCC50635.2020.9391556.Search in Google Scholar
[93] Ji R, He N, Wu L, Wang H, Bai G, Guo Y. DEPOSafe: Demystifying the fake deposit vulnerability in Ethereum smart contracts. In: 2020 25th International Conference on Engineering of Complex Computer Systems (ICECCS). Singapore: IEEE; Oct. 2020. p. 125–34. 10.1109/ICECCS51672.2020.00022.Search in Google Scholar
[94] Xue Y, Ma M, Lin Y, Sui Y, Ye J, Peng T. Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In: Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering. Virtual Event Australia: ACM; Dec. 2020. p. 1029–40. 10.1145/3324884.3416553.Search in Google Scholar
[95] Ye J, Ma M, Lin Y, Sui Y, Xue Y. Clairvoyance: cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings. Seoul South Korea: ACM; Jun. 2020. p. 274–5. 10.1145/3377812.3390908.Search in Google Scholar
[96] Ferreira JF, Cruz P, Durieux T, Abreu R. SmartBugs: a framework to analyze solidity smart contracts. In: Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering. Virtual Event Australia: ACM; Dec. 2020. p. 1349–52. 10.1145/3324884.3415298.Search in Google Scholar
[97] Feng Y, Torlak E, Bodik R. Summary-based symbolic evaluation for smart contracts. In: Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering. Virtual Event Australia: ACM; Dec. 2020. p. 1141–52. 10.1145/3324884.3416646.Search in Google Scholar
[98] Durieux T, Ferreira JF, Abreu R, Cruz P. Empirical review of automated analysis tools on 47,587 Ethereum smart contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. Seoul South Korea: ACM; Jun. 2020. p. 530–41. 10.1145/3377811.3380364.Search in Google Scholar
[99] Kaleem M, Mavridou A, Laszka A. Vyper: A security comparison with solidity based on common vulnerabilities. In: 2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS). Paris, France: IEEE; Sep. 2020. p. 107–11. 10.1109/BRAINS49436.2020.9223278.Search in Google Scholar
[100] Kim KB, Lee J. Automated generation of test cases for smart contract security analyzers. IEEE Access. 2020;8:209377–92. 10.1109/ACCESS.2020.3039990.Search in Google Scholar
[101] Gupta R, Tanwar S, Al-Turjman F, Italiya P, Nauman A, Kim SW. Smart contract privacy protection using AI in cyber-physical systems: Tools, techniques and challenges. IEEE Access. 2020;8:24746–72. 10.1109/ACCESS.2020.2970576.Search in Google Scholar
[102] López Vivar A, Castedo AT, Sandoval Orozco AL, García Villalba LJ. An analysis of smart contracts security threats alongside existing solutions. Entropy. Feb. 2020;22(2):203. 10.3390/e22020203Search in Google Scholar PubMed PubMed Central
[103] Khan ZA, Namin AS. Ethereum smart contracts: Vulnerabilities and their Classifications. In: 2020 IEEE International Conference on Big Data (Big Data). Atlanta, GA, USA: IEEE; Dec. 2020. p. 1–10. 10.1109/BigData50022.2020.9439088.Search in Google Scholar
[104] Li Z, Guo W, Xu Q, Xu Y, Wang H, Xian M. Research on blockchain smart contracts vulnerability and a code audit tool based on matching rules. Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies. Guangzhou China: ACM; Dec. 2020. p. 484–9. 10.1145/3444370.3444617.Search in Google Scholar
[105] Chinen Y, Yanai N, Cruz JP, Okamura S. RA: Hunting for re-entrancy attacks in Ethereum smart contracts via static analysis. 2020 IEEE International Conference on Blockchain (Blockchain). Rhodes Island, Greece: IEEE, Nov; 2020. p. 327–36. 10.1109/Blockchain50366.2020.00048.Search in Google Scholar
[106] He D, Deng Z, Zhang Y, Chan S, Cheng Y, Guizani N. Smart contract vulnerability analysis and security audit. IEEE Netw. Sep. 2020;34(5):276–82. 10.1109/MNET.001.1900656.Search in Google Scholar
[107] Yang Z, Keung J, Zhang M, Xiao Y, Huang Y, Hui T. Smart Contracts Vulnerability Auditing with Multi-semantics. In: 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). Madrid, Spain: IEEE; Jul. 2020. p. 892–901. 10.1109/COMPSAC48688.2020.0-153.Search in Google Scholar
[108] Gupta BC, Kumar N, Handa A, Shukla SK. An insecurity study of ethereum smart contracts. In: Batina L, Picek S, Mondal M, editors. Security, privacy, and applied cryptography engineering. Cham: Springer International Publishing; 2020. p. 188–207.10.1007/978-3-030-66626-2_10Search in Google Scholar
[109] Ma R, Jian Z, Chen G, Ma K, Chen Y. ReJection: A AST-based reentrancy vulnerability detection method. In: Han W, Zhu L, Yan F, editors. Trusted computing and information security. Singapore: Springer Singapore; 2020. p. 58–71.10.1007/978-981-15-3418-8_5Search in Google Scholar
[110] Sayeed S, Marco-Gisbert H, Caira T. Smart contract: Attacks and protections. IEEE Access. 2020;8:24416–27. 10.1109/ACCESS.2020.2970495.Search in Google Scholar
[111] Qian P, Liu Z, He Q, Zimmermann R, Wang X. Towards automated reentrancy detection for smart contracts based on sequential models. IEEE Access. 2020;8:19685–95. 10.1109/ACCESS.2020.2969429.Search in Google Scholar
[112] QIAN, VulDeeSmartContract; 2022. Accessed: Nov. 19, 2022. https://github.com/Messi-Q/ReChecker.Search in Google Scholar
[113] Lu S, Fan H, Wang Y, Mi H, Qin L. Manual audit for bitunits contracts. In: Zheng Z, Dai H-N, Tang M, Chen X, editors. Blockchain and trustworthy systems. Singapore: Springer Singapore; 2020. p. 476–82.10.1007/978-981-15-2777-7_38Search in Google Scholar
[114] Albert E, Correas J, Gordillo P, Román-Díez G, Rubio A. SAFEVM: A safety verifier for Ethereum smart contracts. Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. Beijing China: ACM; Jul. 2019. p. 386–9. 10.1145/3293882.3338999.Search in Google Scholar
[115] Demir M, Alalfi M, Turetken O, Ferworn A. Security smells in smart contracts. In: 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). Sofia, Bulgaria: IEEE; Jul. 2019. p. 442–9. 10.1109/QRS-C.2019.00086.Search in Google Scholar
[116] Liu J, Liu Z. A survey on security verification of blockchain smart contracts. IEEE Access. 2019;7:77894–904. 10.1109/ACCESS.2019.2921624.Search in Google Scholar
[117] Liu Z, Liu J. Formal verification of blockchain smart contract based on colored petri net models. In: 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). Milwaukee, WI, USA: IEEE; Jul. 2019. p. 555–60. 10.1109/COMPSAC.2019.10265.Search in Google Scholar
[118] Zhang W, Banescu S, Pasos L, Stewart S, Ganesh V. MPro: Combining static and symbolic analysis for scalable testing of smart contract. In: 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE). Berlin, Germany: IEEE; Oct. 2019. p. 56–462. 10.1109/ISSRE.2019.00052.Search in Google Scholar
[119] Akca S, Rajan A, Peng C. SolAnalyser: A framework for analysing and testing smart contracts. 2019 26th Asia-Pacific Software Engineering Conference (APSEC). Putrajaya, Malaysia: IEEE; Dec. 2019. p. 482–9. 10.1109/APSEC48747.2019.00071.Search in Google Scholar
[120] Tian Z. Smart contract defect detection based on parallel symbolic execution. In: 2019 3rd International Conference on Circuits, System and Simulation (ICCSS). Nanjing, China: IEEE; Jun. 2019. p. 127–32. 10.1109/CIRSYSSIM.2019.8935603.Search in Google Scholar
[121] Wang H, Li Y, Lin S-W, Ma L, Liu Y. VULTRON: Catching vulnerable smart contracts once and for all. In: 2019 IEEE/ACM 41st International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER). Montreal, QC, Canada: IEEE; May 2019. p. 1–4. 10.1109/ICSE-NIER.2019.00009.Search in Google Scholar
[122] Chen T, Li Z, Zhang Y, Luo X, Wang T, Hu T, et al. A large-scale empirical study on control flow identification of smart contracts. IEEE Trans Softw Eng. 2022;48(11):4380–96.Search in Google Scholar
[123] Prechtel D, Gros T, Muller T. Evaluating spread of ‘Gasless Send’ in Ethereum smart contracts. In: 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS). Canary Islands, Spain: IEEE; Jun. 2019. p. 1–6. 10.1109/NTMS.2019.8763848.Search in Google Scholar
[124] Momeni P, Wang Y, Samavi R. Machine learning model for smart contracts security analysis. In: 2019 17th International Conference on Privacy, Security and Trust (PST). Fredericton, NB, Canada: IEEE; Aug. 2019. p. 1–6. 10.1109/PST47121.2019.8949045.Search in Google Scholar
[125] Feist J, Grieco G, Groce A. Slither: A static analysis framework for smart contracts. In: 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB). Montreal, QC, Canada: IEEE; May 2019. p. 8–15. 10.1109/WETSEB.2019.00008.Search in Google Scholar
[126] Min T, Cai W. A security case study for blockchain games. In: 2019 IEEE Games, Entertainment, Media Conference (GEM). New Haven, CT, USA: IEEE; Jun. 2019. p. 1–8. 10.1109/GEM.2019.8811555.Search in Google Scholar
[127] Wang S, Zhang C, Su Z. Detecting nondeterministic payment bugs in Ethereum smart contracts. Proceedings of the ACM on Programming Languages. Vol. 3, No. OOPSLA. p. 1–29, Oct. 2019. 10.1145/3360615.Search in Google Scholar
[128] Liao J-W, Tsai T-T, He C-K, Tien C-W. Soliaudit: Smart contract vulnerability assessment based on machine learning and fuzz testing. In: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). Granada, Spain: IEEE; Oct. 2019. p. 458–65. 10.1109/IOTSMS48152.2019.8939256.Search in Google Scholar
[129] Ayoade G, Bauman E, Khan L, Hamlen K. Smart contract defense through bytecode rewriting. In: 2019 IEEE International Conference on Blockchain (Blockchain). Atlanta, GA, USA: IEEE; Jul. 2019. p. 384–9. 10.1109/Blockchain.2019.00059.Search in Google Scholar
[130] Fu M, Wu L, Hong Z, Zhu F, Sun H, Feng W. A critical-path-coverage-based vulnerability detection method for smart contracts. IEEE Access. 2019;7:147327–44. 10.1109/ACCESS.2019.2947146.Search in Google Scholar
[131] Grech N, Kong M, Jurisevic A, Brent L, Scholz B, Smaragdakis Y. MadMax: Surviving out-of-gas conditions in Ethereum smart contracts. Proc. ACM Program. Lang. Oct. 2018;2(OOPSLA):1–27. 10.1145/3276486.Search in Google Scholar
[132] Liu C, Liu H, Cao Z, Chen Z, Chen B, Roscoe B. ReGuard: Finding reentrancy bugs in smart contracts. Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings. Gothenburg Sweden: ACM; May 2018. p. 65–8. 10.1145/3183440.3183495.Search in Google Scholar
[133] Tikhomirov S, Voskresenskaya E, Ivanitskiy I, Takhaviev R, Marchenko E, Alexandrov Y. SmartCheck: Static analysis of Ethereum smart contracts. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain. Gothenburg Sweden: ACM; May 2018. p. 9–16. 10.1145/3194113.3194115.Search in Google Scholar
[134] Zhou E, Hua S, Pi B, Sun J, Nomura Y, Yamashita K, et al. Security assurance for smart contract. In: 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS). Paris: IEEE; Feb. 2018. p. 1–5. 10.1109/NTMS.2018.8328743.Search in Google Scholar
[135] State of Ethereum Network Quarterly Report. Jun. 22, 2022. https://dune.com/agaperste/The-State-of-Ethereum-Network (accessed Jun. 16, 2023).Search in Google Scholar
[136] Zaazaa O, El Bakkali H. Automatic static vulnerability detection approaches and tools: State of the art. Advances in Information, Communication and Cybersecurity: Proceedings of ICI2C’21; 2022. p. 449–59. 10.1007/978-3-030-91738-8_41.Search in Google Scholar
[137] Zaazaa O, El Bakkali H. Dynamic vulnerability detection approaches and tools: State of the Art. In: 2020 Fourth International Conference On Intelligent Computing in Data Sciences (ICDS); Oct. 2020. p. 1–6. 10.1109/ICDS50568.2020.9268686.Search in Google Scholar
© 2023 the author(s), published by De Gruyter
This work is licensed under the Creative Commons Attribution 4.0 International License.