A Survey on EOSIO Systems Security: Vulnerability, Attack, and Mitigation

07/19/2022
by   Ningyu He, et al.
0

EOSIO, as one of the most representative blockchain 3.0 platforms, involves lots of new features, e.g., delegated proof of stake consensus algorithm and updatable smart contracts, enabling a much higher transaction per second and the prosperous decentralized applications (DApps) ecosystem. According to the statistics, it has reached nearly 18 billion USD, taking the third place of the whole cryptocurrency market, following Bitcoin and Ethereum. Loopholes, however, are hiding in the shadows. EOSBet, a famous gambling DApp, was attacked twice within a month and lost more than 1 million USD. No existing work has surveyed the EOSIO from a security researcher perspective. To fill this gap, in this paper, we collected all occurred attack events against EOSIO, and systematically studied their root causes, i.e., vulnerabilities lurked in all relying components for EOSIO, as well as the corresponding attacks and mitigations. We also summarized some best practices for DApp developers, EOSIO official team, and security researchers for future directions.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
08/13/2019

A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses

The blockchain technology is believed by many to be a game changer in ma...
research
05/02/2019

Bug Searching in Smart Contract

With the frantic development of smart contracts on the Ethereum platform...
research
08/27/2019

Eclipsing Ethereum Peers with False Friends

Ethereum is a decentralized Blockchain system that supports the executio...
research
09/05/2023

Empirical Review of Smart Contract and DeFi Security: Vulnerability Detection and Automated Repair

Decentralized Finance (DeFi) is emerging as a peer-to-peer financial eco...
research
06/11/2020

DEPOSafe: Demystifying the Fake Deposit Vulnerability in Ethereum Smart Contracts

Cryptocurrency has seen an explosive growth in recent years, thanks to t...
research
05/03/2018

TrueChain: Highly Performant Decentralized Public Ledger

In this paper we present the initial design of truechain consensus proto...
research
02/05/2021

Over 100 Bugs in a Row: Security Analysis of the Top-Rated Joomla Extensions

Nearly every second website is using a Content Management System (CMS) s...

Please sign up or login with your details

Forgot password? Click here to reset