Survey on Quality Assurance of Smart Contracts

IF 23.8 1区 计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS ACM Computing Surveys Pub Date : 2024-09-14 DOI:10.1145/3695864
Zhiyuan Wei, Jing Sun, Zijian Zhang, Xianhao Zhang, Xiaoxuan Yang, Liehuang Zhu
{"title":"Survey on Quality Assurance of Smart Contracts","authors":"Zhiyuan Wei, Jing Sun, Zijian Zhang, Xianhao Zhang, Xiaoxuan Yang, Liehuang Zhu","doi":"10.1145/3695864","DOIUrl":null,"url":null,"abstract":"As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.","PeriodicalId":50926,"journal":{"name":"ACM Computing Surveys","volume":"28 1","pages":""},"PeriodicalIF":23.8000,"publicationDate":"2024-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3695864","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
智能合约质量保证调查
随着区块链技术的不断进步,智能合约的安全部署变得越来越普遍,这凸显了对强大安全措施的迫切需要。使用量的激增导致了安全漏洞的增加,常常给用户造成巨大的经济损失。本文对智能合约质量保证进行了全面调查,从了解漏洞到评估检测工具的有效性。我们的工作以创新的方式对 40 个智能合约漏洞进行了分类,并将它们与既定的攻击模式进行了映射。我们进一步研究了九种防御机制,评估了它们在减轻智能合约攻击方面的功效。此外,我们还开发了一个标注数据集,作为涵盖十种常见漏洞类型的基准,作为未来研究的重要资源。我们还进行了全面的实验,评估了 14 种漏洞检测工具,并提供了对比分析,突出了它们的优势和局限性。总之,本调查报告综合了智能合约安全领域的最新知识,为指导未来研究和促进该领域稳健安全实践的发展提供了实用建议。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
ACM Computing Surveys
ACM Computing Surveys 工程技术-计算机:理论方法
CiteScore
33.20
自引率
0.60%
发文量
372
审稿时长
12 months
期刊介绍: ACM Computing Surveys is an academic journal that focuses on publishing surveys and tutorials on various areas of computing research and practice. The journal aims to provide comprehensive and easily understandable articles that guide readers through the literature and help them understand topics outside their specialties. In terms of impact, CSUR has a high reputation with a 2022 Impact Factor of 16.6. It is ranked 3rd out of 111 journals in the field of Computer Science Theory & Methods. ACM Computing Surveys is indexed and abstracted in various services, including AI2 Semantic Scholar, Baidu, Clarivate/ISI: JCR, CNKI, DeepDyve, DTU, EBSCO: EDS/HOST, and IET Inspec, among others.
期刊最新文献
AI-powered Fraud Detection in Decentralized Finance: A Project Life Cycle Perspective Wi-Fi Sensing Techniques for Human Activity Recognition: Brief Survey, Potential Challenges, and Research Directions Causal Discovery from Temporal Data: An Overview and New Perspectives Explainable Artificial Intelligence: Importance, Use Domains, Stages, Output Shapes, and Challenges Racial Bias within Face Recognition: A Survey
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1