期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
Analyzing Ethereum Smart Contract Vulnerabilities at Scale Based on Inter-Contract Dependency
1
作者 Qiuyun Lyu Chenhao Ma +3 位作者 Yanzhao Shen Shaopeng Jiao Yipeng Sun Liqin Hu 《Computer Modeling in Engineering & Sciences》 SCIE EI 2023年第5期1625-1647,共23页
Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more t... Smart contracts running on public blockchains are permissionless and decentralized,attracting both developers and malicious participants.Ethereum,the world’s largest decentralized application platform on which more than 40 million smart contracts are running,is frequently challenged by smart contract vulnerabilities.What’s worse,since the homogeneity of a wide range of smart contracts and the increase in inter-contract dependencies,a vulnerability in a certain smart contract could affect a large number of other contracts in Ethereum.However,little is known about how vulnerable contracts affect other on-chain contracts and which contracts can be affected.Thus,we first present the contract dependency graph(CDG)to perform a vulnerability analysis for Ethereum smart contracts,where CDG characterizes inter-contract dependencies formed by DELEGATECALL-type internal transaction in Ethereum.Then,three generic definitions of security violations against CDG are given for finding respective potential victim contracts affected by different types of vulnerable contracts.Further,we construct the CDG with 195,247 smart contracts active in the latest blocks of the Ethereum and verify the above security violations against CDG by detecting three representative known vulnerabilities.Compared to previous large-scale vulnerability analysis,our analysis scheme marks potential victim contracts that can be affected by different types of vulnerable contracts,and identify their possible risks based on the type of security violation actually occurring.The analysis results show that the proportion of potential victim contracts reaches 14.7%,far more than that of corresponding vulnerable contracts(less than 0.02%)in CDG. 展开更多
关键词 Smart contract vulnerability smart contract homogeneity contract dependency graph automated analysis
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部