Evaluation of Smart Contract Vulnerability Analysis Tools: A Domain-Specific Perspective

Bahareh Lashkari and Petr Musilek

Resumen

With the widespread adoption of blockchain platforms across various decentralized applications, the smart contract?s vulnerabilities are continuously growing and evolving. Consequently, a failure to optimize conventional vulnerability analysis methods results in unforeseen effects caused by overlooked classes of vulnerabilities. Current methods have difficulty dealing with multifaceted intrusions, which calls for more robust approaches. Therefore, overdependence on environment-defined parameters in the contract execution logic binds the contract to the manipulation of such parameters and is perceived as a security vulnerability. Several vulnerability analysis tools have been identified as insufficient to effectively identify certain types of vulnerability. In this paper, we perform a domain-specific evaluation of state-of-the-art vulnerability detection tools on smart contracts. A domain can be defined as a particular area of knowledge, expertise, or industry. We use a perspective specific to the area of energy contracts to draw logical and language-dependent features to advance the structural and procedural comprehension of these contracts. The goal is to reach a greater degree of abstraction and navigate the complexities of decentralized applications by determining their domains. In particular, we analyze code embedding of energy smart contracts and characterize their vulnerabilities in transactive energy systems. We conclude that energy contracts can be affected by a relatively large number of defects. It also appears that the detection accuracy of the tools varies depending on the domain. This suggests that security flaws may be domain-specific. As a result, in some domains, many vulnerabilities can be overlooked by existing analytical tools. Additionally, the overall impact of a specific vulnerability can differ significantly between domains, making its mitigation a priority subject to business logic. As a result, more effort should be directed towards the reliable and accurate detection of existing and new types of vulnerability from a domain-specific point of view.

Palabras claves

blockchain - distributed ledger technology - security analysis - vulnerability detection

Acceso

P�GINAS

pp. 0 - 0

N�MERO

Volumen: 14 Parte: 10 (2023)

MATERIAS

INGENIER�A Y CONSTRUCCI�N CIVIL
TECNOLOG�A

REVISTAS SIMILARES

Ingenier�a
Information
Water

DOI

https://doi.org/10.3390/info14100533

Art�culos similares

A Non-Fungible Token and Blockchain-Based Cotton Lint Traceability Solution

Acceso

Lixin Wang, Wenlei Sun, Jintao Zhao, Xuedong Zhang, Cheng Lu and Hao Luo

As a critical raw material for the textile industry, cotton lint provides various types of cotton yarns, fabrics and finished products. However, due to the complexity of the supply chain and its many links, information records are often missing, inaccura... ver m�s

Revista: Applied Sciences

The Influence of the Public Lighting Environment on Local Residents? Subjective Assessment

Acceso

Nuria Castilla, Vicente Blanca-Gim�nez, Carlos P�rez-Carrami�ana and Carmen Llinares

Sustainable development and energy savings are crucial to the significant worldwide trend in smart city-related research and projects. In this regard, public lighting systems have great energy-saving potential. Nevertheless, while citizen engagement is a... ver m�s

Revista: Applied Sciences

Application of Interpretable Machine Learning for Production Feasibility Prediction of Gold Mine Project

Acceso

Kun Kang, Qishen Chen, Kun Wang, Yanfei Zhang, Dehui Zhang, Guodong Zheng, Jiayun Xing, Tao Long, Xin Ren, Chenghong Shang and Bojing Cui

In the context of globalization in the mining industry, assessing the production feasibility of mining projects by smart technology is crucial for the improvement of mining development efficiency. However, evaluating the feasibility of such projects face... ver m�s

Revista: Applied Sciences

Performance Comparison of Directed Acyclic Graph-Based Distributed Ledgers and Blockchain Platforms

Acceso

Felix Kahmann, Fabian Honecker, Julian Dreyer, Marten Fischer and Ralf T�njes

Since the introduction of the first cryptocurrency, Bitcoin, in 2008, the gain in popularity of distributed ledger technologies (DLTs) has led to an increasing demand and, consequently, a larger number of network participants in general. Scaling blockcha... ver m�s

Revista: Computers

A Hybrid Direct Search and Model-Based Derivative-Free Optimization Method with Dynamic Decision Processing and Application in Solid-Tank Design

Acceso

Zhongda Huang, Andy Ogilvy, Steve Collins, Warren Hare, Michelle Hilts and Andrew Jirasek

A derivative-free optimization (DFO) method is an optimization method that does not make use of derivative information in order to find the optimal solution. It is advantageous for solving real-world problems in which the only information available about... ver m�s

Revista: Algorithms

Revistas destacadas

Acceso directo a los n�meros publicados en la revista Infrastructures

Infrastructures

Acceso directo a los n�meros publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los n�meros publicados en la revista BiT

Acceso directo a los n�meros publicados en la revista Revista de la Construcci�n

Revista de la Construcci�n

Ver todas las revistas disponibles