Abstract
Smart Contracts (SCs) are programs stored in a Blockchain to ensure agreements between two or more parties. The combination of factors like the newness of the field, with less than a decade of practical use, and a high and growing popularity in industry, leads to an increase in the possibility of severe security issues occurrence. Even though, systems based on Blockchain and SCs technologies inherit several benefits, like a tamper-proof decentralized ledger and anonymous transactions. This way, even with security issues, the trend is that its popularity will increase. Due the unchangeable essence of Blockchain, failures or errors in SCs become perpetual once published, being critical to mitigate them, since the involvement of huge economic assets are common. To handle this, the academic and industrial communities have been expanding their efforts in this field, with a growth in research publications similar to exponential. Aiming at reasoning about the current state-of-art in vulnerabilities and open issues over Blockchain SCs, we conducted a systematic literature mapping over 32 primary and 18 secondary selected articles. As contribution, this work discusses and relates the selected papers, identifying gaps that may lead to research topics for future work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
In this text, for a question of space and simplicity, we differentiate among 0) regular references, 1) primary studies (denoted with #) and 2) secondary studies (written with @). Regular references are available at the end of the text. In order to have access to the aforementioned primary and secondary studies, the reader must check the list of papers in https://bit.ly/3tNkIG6 [11].
- 2.
- 3.
The address https://swcregistry.io/ has an updated list of known vulnerabilities.
References
Alharby, M., Aldweesh, A., van Moorsel, A.: Blockchain-based smart contracts: a systematic mapping study of academic research (2018). In: 2018 International Conference on Cloud Computing, Big Data and Blockchain (ICCBB), pp. 1–6. IEEE (2018)
Alt, L., Reitwiessner, C.: SMT-based verification of solidity smart contracts. In: Margaria, T., Steffen, B. (eds.) ISoLA 2018. LNCS, vol. 11247, pp. 376–388. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03427-6_28
Argañaraz, M., Berón, M., Pereira, M.J., Henriques, P.: Detection of vulnerabilities in smart contracts specifications in ethereum platforms. In: 9th Symposium on Languages, Applications and Technologies (SLATE 2020), vol. 83, pp. 1–16. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2020)
Buterin, V., et al.: Ethereum: a next-generation smart contract and decentralized application platform. https://github.com/ethereum/wiki/wiki/%5BEnglish%5D-White-Paper7 (2014)
Gelvez, M.: Explaining the DAO exploit for beginners in solidity (2016)
Jalali, S., Wohlin, C.: Systematic literature studies: database searches vs. backward snowballing. In: Proceedings of the 2012 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, pp. 29–38. IEEE (2012)
Ji, T., Wu, Y., Wang, C., Zhang, X., Wang, Z.: The coming era of alphahacking? A survey of automatic software vulnerability detection, exploitation and patching techniques. In: 2018 IEEE third international conference on data science in cyberspace (DSC), pp. 53–60. IEEE (2018)
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: Zeus: analyzing safety of smart contracts. In: Ndss, pp. 1–12 (2018)
Keele, S., et al.: Guidelines for performing systematic literature reviews in software engineering. Tech. rep, Citeseer (2007)
Kitchenham, B.A., Budgen, D., Brereton, O.P.: Using mapping studies as the basis for further research-a participant-observer case study. Inf. Softw. Technol. 53(6), 638–651 (2011)
Matsumura, G.d.S., dos Santos, L.B.R., da Conceição, A.F., Vijaykumar, N.L.: Resulting articles: selected primary and related secondary papers. https://bit.ly/3tNkIG6 (2021)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Tech. rep, Manubot (2019)
Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 653–663 (2018)
Schueffel, P., Groeneweg, N., Baldegger, R.: The crypto encyclopedia. Growth publisher, Tech. rep. (2019)
Shen, Z., Chen, S.: A survey of automatic software vulnerability detection, program repair, and defect prediction techniques. Security and Communication Networks v2020 (2020)
Szabo, N.: Formalizing and securing relationships on public networks. First monday (1997)
Tolmach, P., Li, Y., Lin, S.W., Liu, Y., Li, Z.: A survey of smart contract formal specification and verification. arXiv preprint arXiv:2008.02712 (2020)
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Pap. 151(2014), 1–32 (2014)
Zhang, P., Xiao, F., Luo, X.: A framework and dataset for bugs in ethereum smart contracts. In: 2020 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 139–150. IEEE (2020)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Ethics declarations
Conflicts of Interest
The authors declare that they have no conflicts of interest.
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
de Sousa Matsumura, G., dos Santos, L.B.R., Conceição, A.F.d., Vijaykumar, N.L. (2021). Vulnerabilities and Open Issues of Smart Contracts: A Systematic Mapping. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2021. ICCSA 2021. Lecture Notes in Computer Science(), vol 12952. Springer, Cham. https://doi.org/10.1007/978-3-030-86973-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-86973-1_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-86972-4
Online ISBN: 978-3-030-86973-1
eBook Packages: Computer ScienceComputer Science (R0)