Authors:
(1) ZHIYUAN WEI, Beijing Institute of Technology, China;
(2) JING SUN, University of Auckland, New Zealand);
(3) ZIJIAN ZHANG, XIANHAO ZHANG, XIAOXUAN YANG, and LIEHUANG ZHU, Beijing Institute of Technology, China;
(4) XIANHAO ZHANG, Beijing Institute of Technology, China;
(5) XIAOXUAN YANG, Beijing Institute of Technology, China;
(6) LIEHUANG ZHU, Beijing Institute of Technology, China.
Overview of Smart Contracts and Survey Methodology
Vulnerability in Smart Contracts
Conclusions, Acknowledgement and References
With the increasing adoption of smart contracts, ensuring their security has become a critical concern. Numerous vulnerabilities and attacks have been identified and exploited, resulting in significant financial losses. In response, researchers have developed various tools and techniques to identify and prevent vulnerabilities in smart contracts. In this survey, we present a systematic overview of the quality assurance of smart contracts, covering vulnerabilities, attacks, defenses, and tool support. By classifying vulnerabilities based on known attacks, we can identify patterns and common weaknesses that need to be addressed. Moreover, in order to effectively protect smart contracts, we have created a labeled dataset to evaluate various vulnerability detection tools and compare their effectiveness.
CCS Concepts: • General and reference → Surveys and overviews; • Security and privacy → Distributed systems security.
Additional Key Words and Phrases: smart contract, security, vulnerabilities, attacks, defenses
ACM Reference Format:
Zhiyuan Wei, Jing Sun, Zijian Zhang, Xianhao Zhang, Xiaoxuan Yang, and Liehuang Zhu. 2023. Survey on Quality Assurance of Smart Contracts. ACM Comput. Surv. 1, 1 (November 2023), 35 pages. https://doi.org/XXXXXXX.XXXXXXX
With the development of the internet, blockchain technology has gained popularity among academia and industries as a means to explore diverse applications where security and privacy are of utmost importance [67, 136]. As a distributed ledger, blockchain technology is replicated and shared among a network of peer-to-peer nodes. It eliminates the need for intermediaries, thereby providing decentralization, transparency, immutability, security, and reliability. By maintaining a chronologically growing and immutable data record, the blockchain system becomes an ideal infrastructure for future business networks. This can lead to a significant reduction in operational costs for the business system [29].
Within the realm of blockchain technology, smart contracts have gained significant prominence. Smart contracts are self-executing contracts with terms agreed upon by buyers and sellers, implemented through lines of code [19, 82]. They ensure the transparency and immutability of contract rules, which are enforced by all participants of the blockchain network. Smart contracts allows decentralized applications (DApps) to be built on the blockchain network. These DApps can be applied to a wide range of domains, such as financial services [140], healthcare services [103], Internet of Things [59], crowdfunding management [111] and supply chain [114, 119]. In most cases, smart contracts are associated with the native cryptocurrency of the blockchain, which is used to facilitate payment for their execution on the network. This incentivizes network participants to validate and execute smart contracts, ensuring that the blockchain remains secure and decentralized. Since smart contracts are a relatively new technology that has the potential to revolutionize the way business transactions are conducted, researchers are drawn to the novelty and potential impact of smart contracts and are interested in exploring their potential applications. Despite the growing interest, there are still many open research questions that need to be addressed.
Compared to traditional software programs, smart contracts indeed have characteristics that make them more vulnerable to software attacks. First, smart contracts are immutable, meaning that once deployed on the blockchain, their code cannot be modified. While immutability ensures trust and transparency, it also means that any vulnerabilities or errors in the code cannot be easily rectified without deploying a new version of the contract. Second, smart contracts often handle valuable digital assets, such as cryptocurrencies or digital tokens. The presence of these valuable assets attracts attackers who are more actively exploiting vulnerabilities in the smart contract code. Third, public blockchains, such as Ethereum, are permissionless, meaning that anyone can access and interact with smart contracts deployed on the blockchain. This open access reduces the barrier to entry for potential attackers, making it easier for them to identify and exploit vulnerabilities in smart contracts. Moreover, many smart contract developers choose to publish the code of their contracts openly on websites like Etherscan [4]. While this promotes transparency and collaboration within the community, it also makes it easier for attackers to analyze the code, identify weaknesses, and devise attack strategies. Due to these factors, the exploitation of smart contracts has resulted in significant financial losses in the past. A notorious malicious attack occurred in 2016 when attackers successfully diverted over 3.6 million ether into a “child DAO" (Decentralized Autonomous Organization). This exploit resulted in a staggering loss of approximately 70 million USD, causing a significant drop in the price of each ether from 20 USD to 13 USD [51]. Another significant incident involved the theft of a substantial amount of ether in the Parity Multisig Wallet version 1.5+. This exploit led to a loss of approximately 30 million USD [96].
Due to the novelty and potential impact of smart contracts, there are some notable surveys involving vulnerable smart contracts from various perspectives. Atzeri et al. [19] were pioneers in providing a survey on smart contract security. They classified 12 vulnerabilities into three categories: Solidity, EVM bytecode, and blockchain. This classification has been widely adopted by subsequent researchers. Zheng et al. [143] compared different smart contract platforms and provided a categorization of applications. Their survey focused on evaluating the features and characteristics of various platforms. Chen et al. [31] went beyond vulnerability analysis and considered defense mechanisms for blockchain security. Their survey discussed different defense techniques and strategies employed to enhance the security of smart contracts. Angelo and Salzer [17] conducted a survey on vulnerability detection tools specifically designed for Ethereum smart contracts. Their study encompassed tools from both academia and industry, providing insights into the available tools for identifying vulnerabilities. Durieux et al. [45] conducted an evaluation review of nine smart contract detection tools. They assessed these tools using a labeled dataset and a large number of real-world smart contracts, providing a comprehensive analysis of their effectiveness. Tolmach et al. [123] focused their study on the formal verification of smart contracts across various applications. Their survey delved into the application of formal verification techniques to verify the correctness and security of smart contracts.
While previous surveys offer valuable insights into specific aspects of smart contract security, they may not provide a comprehensive analysis of vulnerable smart contracts from all perspectives. It is crucial to develop a thorough understanding of vulnerabilities, attacks, defenses, and tool evaluation to gain a holistic view of the challenges and potential solutions related to smart contract security. To bridge this gap and offer a more complete analysis, our paper aims to incorporate multiple perspectives. By examining vulnerabilities, attacks, defenses, and tools, we seek to provide a comprehensive understanding of the challenges posed by vulnerable smart contracts and explore potential solutions. The primary objective of our paper is to provide a comprehensive and up-to-date analysis that contributes to the existing body of research on smart contract security. To achieve this, we outline the following key contributions:
• Novel Vulnerability Classification: We propose a novel vulnerability classification that enhances the understanding of the underlying causes of vulnerabilities in smart contracts. This classification will aid researchers in categorizing and analyzing vulnerabilities more effectively, providing a solid foundation for targeted security measures and improved vulnerability management.
• In-depth Analysis of Real-World Attacks: We conduct an extensive analysis of real-world attacks on smart contracts to gain valuable insights into the methods employed by attackers and the potential consequences of these attacks. By examining and dissecting these attacks, we aim to provide a clearer understanding of the exploitation of vulnerabilities in practice, enabling developers and auditors to proactively address potential threats.
• Exploration of Defense Mechanisms: We thoroughly explore existing defense mechanisms employed to mitigate smart contract attacks. Through this exploration, we identify areas for improvement and potential new approaches to enhance the security of smart contracts. By analyzing the strengths and weaknesses of current defense mechanisms, we aim to contribute to the development of more robust and effective security practices.
• Evaluation of Vulnerability-Detecting Tools: We conduct a comprehensive evaluation of 12 representative vulnerability-detecting tools used in smart contract analysis. This evaluation encompasses the accuracy, performance, and effectiveness of each tool. By providing insights into the strengths and weaknesses of these tools, we assist researchers and practitioners in selecting the most suitable tools for identifying vulnerabilities in smart contracts.
• Benchmark Dataset for Tool Evaluation: To facilitate the evaluation of vulnerability-detecting tools, we create a benchmark dataset comprising 100 vulnerable contract cases and 10 correct contract cases. This benchmark dataset serves as a standardized reference for evaluating the effectiveness of these tools. It enables fair and objective comparisons, allowing researchers and practitioners to assess the capabilities of different tools in a consistent manner.
Through these key contributions, our paper aims to serve as a comprehensive resource for researchers, developers, and auditors in the field of smart contract security. We aspire to advance secure smart contract development practices and promote the widespread adoption of secure smart contracts in real-world applications.
The rest of this paper is constructed as follows. Section 2 provides a brief overview of smart contract platforms and discusses the methodology employed in this survey to ensure a comprehensive analysis. Section 3 presents a detailed analysis of 40 smart contract vulnerabilities, examining their root causes and shedding light on the underlying factors that contribute to their existence. Section 4 explores 8 representative attacks and demonstrates how these vulnerabilities can be exploited. By illustrating real-world attack scenarios, we aim to enhance our understanding of the potential consequences of these vulnerabilities. Section 5 examines various defense methodologies and repair techniques available for smart contracts. We discuss the effectiveness of these defensive measures in mitigating vulnerabilities and reducing the likelihood of successful attacks. Section 6 focuses on the evaluation of 12 commonly used tools for detecting vulnerabilities in smart contracts. We assess the accuracy and performance of these tools by subjecting them to a rigorous evaluation against a carefully curated benchmarking dataset. Section 7 concludes the paper by summarizing the key findings and contributions. We also discuss future directions and potential research areas to further advance the field of smart contract security. The Appendix includes information on detection tools specifically designed for smart contracts.
This paper is available on arxiv under CC 4.0 license.