DeepAI AI Chat
Log In Sign Up

Smart Contract Vulnerabilities: Does Anyone Care?

02/18/2019
by   Daniel Perez, et al.
0

In the last year we have seen a great deal of both academic and practical interest in the topic of vulnerabilities in smart contracts, particularly those developed for the Ethereum blockchain. In this paper we survey the 21,270 vulnerable contracts reported by five recent academic projects. Contrary to what might have been believed given the reported number of vulnerable contracts, there has been precious little in terms of actual exploitation when it comes to these vulnerabilities. We find that at most 504 out of 21,270 contracts have been subjected to exploits. This corresponds to at most 9,094 ETH (1 million USD), or only 0.30 claimed in some of the papers. While we are certainly not implying that smart contract vulnerability research is without merit, our results suggest that the potential impact of vulnerable code had been greatly exaggerated.

READ FULL TEXT

page 1

page 2

page 3

page 4

07/29/2020

EOSFuzzer: Fuzzing EOSIO Smart Contracts for Vulnerability Detection

EOSIO is one typical public blockchain platform. It is scalable in terms...
01/07/2021

Eth2Vec: Learning Contract-Wide Code Representations for Vulnerability Detection on Ethereum Smart Contracts

Ethereum smart contracts are programs that run on the Ethereum blockchai...
03/06/2023

Metamorphic Testing for Smart Contract Vulnerabilities Detection

Despite the rapid growth of smart contracts, they are suffering numerous...
02/16/2018

Finding The Greedy, Prodigal, and Suicidal Contracts at Scale

Smart contracts---stateful executable objects hosted on blockchains like...
03/18/2022

Extorsionware: Exploiting Smart Contract Vulnerabilities for Fun and Profit

Smart Contracts (SCs) publicly deployed on blockchain have been shown to...
05/01/2019

Characterizing Code Clones in the Ethereum Smart Contract Ecosystem

In this paper, we present the first large-scale and systematic study to ...
04/21/2023

Schooling to Exploit Foolish Contracts

We introduce SCooLS, our Smart Contract Learning (Semi-supervised) engin...