What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)?

November 18, 2019 ยท Declared Dead ยท ๐Ÿ› Financial Cryptography

๐Ÿ‘ป CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Alex Groce, Josselin Feist, Gustavo Grieco, Michael Colburn arXiv ID 1911.07567 Category cs.SE: Software Engineering Cross-listed cs.CR, cs.PL Citations 41 Venue Financial Cryptography Last Checked 3 months ago
Abstract
An important problem in smart contract security is understanding the likelihood and criticality of discovered, or potential, weaknesses in contracts. In this paper we provide a summary of Ethereum smart contract audits performed for 23 professional stakeholders, avoiding the common problem of reporting issues mostly prevalent in low-quality contracts. These audits were performed at a leading company in blockchain security, using both open-source and proprietary tools, as well as human code analysis performed by professional security engineers. We categorize 246 individual defects, making it possible to compare the severity and frequency of different vulnerability types, compare smart contract and non-smart contract flaws, and to estimate the efficacy of automated vulnerability detection approaches.
Community shame:
Not yet rated
๐Ÿ“„ View on arXiv ๐ŸŒ View on ar5iv ๐Ÿ“‘ PDF ๐ŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

๐Ÿ“œ Similar Papers

In the same crypt โ€” Software Engineering

Died the same way โ€” ๐Ÿ‘ป Ghosted