FASTKITTEN: Practical Smart Contracts on Bitcoin

Total Page:16

File Type:pdf, Size:1020Kb

FASTKITTEN: Practical Smart Contracts on Bitcoin FASTKITTEN: Practical Smart Contracts on Bitcoin Poulami Das* Lisa Eckey* Tommaso Frassetto§ David Gens§ Kristina Hostáková* Patrick Jauernig§ Sebastian Faust* Ahmad-Reza Sadeghi§ Technische Universität Darmstadt, Germany * fi[email protected] § fi[email protected] Abstract A particular important shortcoming of Bitcoin is its limited Smart contracts are envisioned to be one of the killer appli- support for so-called smart contracts. Smart contracts are cations of decentralized cryptocurrencies. They enable self- (partially) self-enforcing protocols that allow emitting trans- enforcing payments between users depending on complex actions based on complex program logic. Smart contracts program logic. Unfortunately, Bitcoin – the largest and by far enable countless novel applications in, e.g., the financial in- most widely used cryptocurrency – does not offer support for dustry or for the Internet of Things, and are often quoted as complex smart contracts. Moreover, simple contracts that can a glimpse into our future [9]. The most prominent cryptocur- be executed on Bitcoin are often cumbersome to design and rency that currently allows to run complex smart contracts is very costly to execute. In this work we present FASTKITTEN, Ethereum [16], which has been designed to support Turing a practical framework for executing arbitrarily complex smart complete smart contracts. While Ethereum is continuously contracts at low costs over decentralized cryptocurrencies gaining popularity, integrating contracts directly into a cryp- which are designed to only support simple transactions. To tocurrency has several downsides as frequently mentioned this end, FASTKITTEN leverages the power of trusted comput- by the advocates of Bitcoin. First, designing large-scale se- ing environments (TEEs), in which contracts are run off-chain cure distributed systems is highly complex, and increasing to enable efficient contract execution at low cost. We formally complexity even further by adding support for complex smart prove that FASTKITTEN satisfies strong security properties contracts also increases the potential for introducing bugs. when all but one party are malicious. Finally, we report on Second, in Ethereum, smart contracts are directly integrated a prototype implementation which supports arbitrary con- into the consensus mechanics of the cryptocurrency, which re- tracts through a scripting engine, and evaluate performance quires in particular that all nodes of the decentralized system through benchmarking a provably fair online poker game. Our execute all contracts. This makes execution of contracts very implementation illustrates that FASTKITTEN is practical for costly and limits the number and complexity of applications complex multi-round applications with a very small latency. that can eventually be run over such a system. Finally, many Combining these features, FASTKITTEN is the first truly prac- applications for smart contracts require confidentiality, which tical framework for complex smart contract execution over is currently not supported by Ethereum. Bitcoin. There has been significant research effort in addressing these challenges individually. Some works aim to extend the func- 1 Introduction tionality of Bitcoin by showing how to build contracts over Starting with their invention in 2008, decentralized cryptocur- Bitcoin by using multiparty computation (MPC) [37,38,40], rencies such as Bitcoin [51] currently receive broad attention others focus on achieving privacy-preserving contracts (e.g., both from academia and industry. Since the rise of Bitcoin, Hawk [35], Ekiden [19]) by combining existing cryptocur- countless new cryptocurrencies have been launched to address rencies with trusted execution environments (TEEs). How- some of the shortcomings of Nakamoto’s original proposal. ever, as we elaborate in Section 2, all of these solutions suf- Examples include Zerocash [47] which improves on Bitcoin’s fer from various deficiencies: they cannot be integrated into limited anonymity, and Ethereum [16] which offers complex existing cryptocurrencies such as Bitcoin, are highly ineffi- smart contract support. Despite these developments, Bitcoin cient (e.g., they use heavy cryptographic techniques such as still remains by far the most popular and intensively stud- non-interactive zero-knowledge proofs or general MPC), do ied cryptocurrency, with its current market capitalization of not support money mechanics, or have significant financial $109 billion which accounts for more than 50% of the total costs due to complex transactions and high collateral (money cryptocurrency market size [2]. blocked by the parties in MPC-based solutions). In this work, we propose FASTKITTEN, a novel system that online poker can run with an overall match latency of leverages trusted execution environments (TEEs) utilizing 45ms and costs per player are in order of magnitude of well-established cryptocurrencies, such as Bitcoin, to offer one USD, which demonstrates FASTKITTEN’s practical- full support for arbitrary complex smart contracts. We empha- ity. size that FASTKITTEN does not only address the challenges We emphasize that FASTKITTEN requires only a single TEE discussed above, but is also highly efficient. It can be easily which can be owned either by one of the participants or by an integrated into existing cryptocurrencies and hence is ready to external service provider which we call the operator. In addi- use today. FASTKITTEN achieves these goals by using a TEE tion, smart contracts running in the FASTKITTEN execution to isolate the contract execution inside an enclave, shielding framework support private state and secure inputs, and thus, it from potentially malicious users. The main challenges of offer even more powerful contracts than Ethereum. Finally, this solution, such as for instance how to load and validate we stress that FASTKITTEN can support contracts that may blockchain data inside the enclave or how to prevent denial span over multiple different cryptocurrencies where each par- of service attacks, are discussed in Section 3.1. Moving the ticipant may use her favorite currency for the money handled contract execution into the secure enclave guarantees correct by the contract. and private evaluation of the smart contract even if it is not running on the blockchain and verified by the decentralized 2 Related Work network. This approach circumvents the efficiency shortcom- Support for execution of arbitrary complex smart contracts ing of cryptocurrencies like Ethereum, where contracts have over decentralized cryptocurrencies was first proposed and to be executed in parallel by thousands of users. Most related implemented by the Ethereum cryptocurrency. As pointed to our work is the recently introduced Ekiden system [19], out in Section 1, running smart contracts over decentralized which uses a TEE to support execution of multiparty compu- cryptocurrencies results in significant overheads due to the tations but does support contracts that handle coins. While replicated execution of the contract. While there are currently Ekiden is efficient for single round contracts, it is not de- huge research efforts aiming at reducing these overheads signed for complex reactive multi-round contracts, and their (for instance, via second layer solutions such as state chan- off-chain execution. The latter is one of the main goals of nels [24, 49], Arbitrum [34] or Plasma [55], outsourcing of FASTKITTEN. computation [58], or permissioned blockchains [46]), these so- We summarize our main goals and contributions below. lutions work only over cryptocurrencies with support complex • Smart Contracts for Bitcoin: We support arbitrary smart contracts, e.g. over Ethereum. Another line of work, multi-round smart contracts executed amongst any fi- which includes Hawk [36] and the “Ring of Gyges” [33], is nite number of participants, where our system can be run addressing the shortcoming that Ethereum smart contracts on top of any cryptocurrency with only limited script- cannot keep private state. However, also these solutions are ing functionality. We emphasize that Bitcoin is only one based on complex smart contracts and hence cannot be inte- example over which our system can be deployed today; grated into popular legacy cryptocurrencies such as Bitcoin, even cryptocurrencies that are simpler than Bitcoin can which is the main goal of FASTKITTEN. be used for FASTKITTEN. In this section we will focus on related work, which con- • Efficient Off-Chain Execution: Our protocol is de- siders smart contract execution on Bitcoin. We separately signed to keep the vast majority of program execution discuss multiparty computation based smart contracts and so- off-chain in the standard case if all parties follow the lutions using a TEE. We provide a more detailed discussion on protocol. Since our system incentivizes honest behavior how the above-mentioned Ethereum based solutions compare for most practical use cases, FASTKITTEN can thus run to FASTKITTEN in Appendix A. Additionally, in Section 8 in real-time at low costs. we discuss some exemplary contract use cases and compare • Formal Security Analysis: We formally analyze the their execution inside FASTKITTEN with the execution over security of FASTKITTEN in a strong adversarial model. Ethereum. We prove that either the contract is executed correctly, Multiparty computation for smart contracts An interest- or all honest parties get their money back that they have ing direction to realize complex contracts over Bitcoin
Recommended publications
  • Evmpatch: Timely and Automated Patching of Ethereum Smart Contracts
    EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts Michael Rodler Wenting Li Ghassan O. Karame University of Duisburg-Essen NEC Laboratories Europe NEC Laboratories Europe Lucas Davi University of Duisburg-Essen Abstract some of these contracts hold, smart contracts have become an appealing target for attacks. Programming errors in smart Recent attacks exploiting errors in smart contract code had contract code can have devastating consequences as an attacker devastating consequences thereby questioning the benefits of can exploit these bugs to steal cryptocurrency or tokens. this technology. It is currently highly challenging to fix er- rors and deploy a patched contract in time. Instant patching is Recently, the blockchain community has witnessed several especially important since smart contracts are always online incidents due smart contract errors [7, 39]. One especially due to the distributed nature of blockchain systems. They also infamous incident is the “TheDAO” reentrancy attack, which manage considerable amounts of assets, which are at risk and resulted in a loss of over 50 million US Dollars worth of often beyond recovery after an attack. Existing solutions to Ether [31]. This led to a highly debated hard-fork of the upgrade smart contracts depend on manual and error-prone pro- Ethereum blockchain. Several proposals demonstrated how to defend against reentrancy vulnerabilities either by means of cesses. This paper presents a framework, called EVMPATCH, to instantly and automatically patch faulty smart contracts. offline analysis at development time or by performing run-time validation [16, 23, 32, 42]. Another infamous incident is the EVMPATCH features a bytecode rewriting engine for the pop- ular Ethereum blockchain, and transparently/automatically parity wallet attack [39].
    [Show full text]
  • Decentralized Autonomous Organization Supplement."
    ARTICLE 1 - PROVISIONS 17-31-101. Short title. This chapter shall be known and may be cited as the "Wyoming Decentralized Autonomous Organization Supplement." 17-31-102. Definitions. (a) As used in this chapter: (i) "Blockchain" means as defined in W.S. 34-29- 106(g)(i); (ii) "Decentralized autonomous organization" means a limited liability company organized under this chapter; (iii) "Digital asset" means as defined in W.S. 34-29- 101(a)(i); (iv) "Limited liability autonomous organization" or "LAO" means a decentralized autonomous organization; (v) "Majority of the members," means the approval of more than fifty percent (50%) of participating membership interests in a vote for which a quorum of members is participating. A person dissociated as a member as set forth in W.S. 17-29-602 shall not be included for the purposes of calculating the majority of the members; (vi) "Membership interest" means a member's ownership share in a member managed decentralized autonomous organization, which may be defined in the entity's articles of organization, smart contract or operating agreement. A membership interest may also be characterized as either a digital security or a digital consumer asset as defined in W.S. 34-29-101, if designated as such in the organization's articles of organization or operating agreement; (vii) "Open blockchain" means a blockchain as defined in W.S. 34-29-106(g)(i) that is publicly accessible and its ledger of transactions is transparent; (viii) "Quorum" means a minimum requirement on the sum of membership interests participating in a vote for that vote to be valid; 1 (ix) "Smart contract" means an automated transaction, as defined in W.S.
    [Show full text]
  • Cryptocurrency: the Economics of Money and Selected Policy Issues
    Cryptocurrency: The Economics of Money and Selected Policy Issues Updated April 9, 2020 Congressional Research Service https://crsreports.congress.gov R45427 SUMMARY R45427 Cryptocurrency: The Economics of Money and April 9, 2020 Selected Policy Issues David W. Perkins Cryptocurrencies are digital money in electronic payment systems that generally do not require Specialist in government backing or the involvement of an intermediary, such as a bank. Instead, users of the Macroeconomic Policy system validate payments using certain protocols. Since the 2008 invention of the first cryptocurrency, Bitcoin, cryptocurrencies have proliferated. In recent years, they experienced a rapid increase and subsequent decrease in value. One estimate found that, as of March 2020, there were more than 5,100 different cryptocurrencies worth about $231 billion. Given this rapid growth and volatility, cryptocurrencies have drawn the attention of the public and policymakers. A particularly notable feature of cryptocurrencies is their potential to act as an alternative form of money. Historically, money has either had intrinsic value or derived value from government decree. Using money electronically generally has involved using the private ledgers and systems of at least one trusted intermediary. Cryptocurrencies, by contrast, generally employ user agreement, a network of users, and cryptographic protocols to achieve valid transfers of value. Cryptocurrency users typically use a pseudonymous address to identify each other and a passcode or private key to make changes to a public ledger in order to transfer value between accounts. Other computers in the network validate these transfers. Through this use of blockchain technology, cryptocurrency systems protect their public ledgers of accounts against manipulation, so that users can only send cryptocurrency to which they have access, thus allowing users to make valid transfers without a centralized, trusted intermediary.
    [Show full text]
  • Blockchain & Cryptocurrency Regulation
    Blockchain & Cryptocurrency Regulation Third Edition Contributing Editor: Josias N. Dewey Global Legal Insights Blockchain & Cryptocurrency Regulation 2021, Third Edition Contributing Editor: Josias N. Dewey Published by Global Legal Group GLOBAL LEGAL INSIGHTS – BLOCKCHAIN & CRYPTOCURRENCY REGULATION 2021, THIRD EDITION Contributing Editor Josias N. Dewey, Holland & Knight LLP Head of Production Suzie Levy Senior Editor Sam Friend Sub Editor Megan Hylton Consulting Group Publisher Rory Smith Chief Media Officer Fraser Allan We are extremely grateful for all contributions to this edition. Special thanks are reserved for Josias N. Dewey of Holland & Knight LLP for all of his assistance. Published by Global Legal Group Ltd. 59 Tanner Street, London SE1 3PL, United Kingdom Tel: +44 207 367 0720 / URL: www.glgroup.co.uk Copyright © 2020 Global Legal Group Ltd. All rights reserved No photocopying ISBN 978-1-83918-077-4 ISSN 2631-2999 This publication is for general information purposes only. It does not purport to provide comprehensive full legal or other advice. Global Legal Group Ltd. and the contributors accept no responsibility for losses that may arise from reliance upon information contained in this publication. This publication is intended to give an indication of legal issues upon which you may need advice. Full legal advice should be taken from a qualified professional when dealing with specific situations. The information contained herein is accurate as of the date of publication. Printed and bound by TJ International, Trecerus Industrial Estate, Padstow, Cornwall, PL28 8RW October 2020 PREFACE nother year has passed and virtual currency and other blockchain-based digital assets continue to attract the attention of policymakers across the globe.
    [Show full text]
  • Article Friis Glaser
    International Journal of Community Currency Research 2018 VOLUME 22 (SUMMER) EXTENDING BLOCKCHAIN TECHNOLOGY TO HOST CUSTOMIZA- BLE AND INTEROPERABLE COMMUNITY CURRENCIES Gustav R.B. Friis* and Florian Glaser** * Brainbot Technologies AG, Mainz ** Karlsruhe Institute of Technology (KIT), Karlsruhe ABSTRACT The goal of this paper is to propose an open platform for secure and interoperable virtual community currencies. We follow the established information systems design-science approach to develop a prototype that aims to combine best practices for building mutual-credit community currencies with the unique features of blockchain technology. The result is a specification of an open Internet platform that enables users to join and to host customized community currencies. The hosted currencies can be classified as credit-based future type of money with decentralized issuance. Furthermore, we describe how the transparency, security and interoperability properties of blockchain technology offer a solution to the inherent problems of existing, centrally operated community currency software. The characteristics of the prototype and its ability to fulfil the design-objectives are examined by a relative evaluation against existing payment and currency systems like Bitcoin, LETS and M-Pesa. KEYWORDS Virtual community currencies; blockchain technology; mutual-credit; LETS; Trustlines Network To cite this article: Friis, Gustav R.B. and Glaser, Florian (2018) ‘Extending Blockchain Technology to host Customizable and Interoperable Community Currencies’ International Journal of Community Currency Research 2018 Volume 22 (Summer) 71-84 <www.ijccr.net> ISSN 1325-9547. DOI http://dx.doi.org/10.15133/j.ijccr.2018.017 INTERNATIONAL JOURNAL OF COMMUNITY CURRENCY RESEARCH 2018 VOLUME 22 (SUMMER) 71-84 FRIIS & GLASER 1.
    [Show full text]
  • More Legal Aspects of Smart Contract Applications
    More Legal Aspects of Smart Contract Applications Token Sales, Capital Markets, Supply Chain Management, Government and Smart Cities, Real Estate Registries, and Enabling Self-Sovereign Identity J. DAX HANSEN | PARTNER LAURIE ROSINI | ASSOCIATE CARLA L. REYES | ASSISTANT PROFESSOR OF LAW +1.206.359.6324 +1.206.359.3052 Director of Legal RnD - Michigan State University College of Law [email protected] [email protected] Faculty Associate - Berkman Klein Center for Internet & Society at Harvard University [email protected] PerkinsCoie.com/Blockchain Perkins Coie LLP | October 2018 Table of Contents INTRODUCTION .............................................................................................................................................................................. 3 I. A (VERY) BRIEF INTRODUCTION TO SMART CONTRACTS ............................................................................................... 3 THE ORIGINS OF SMART CONTRACTS ........................................................................................................................................................................... 3 SMART CONTRACTS IN A DISTRIBUTED LEDGER TECHNOLOGY WORLD ....................................................................................................... 4 II. CURRENT ACADEMIC LITERATURE AND INDUSTRY INITIATIVES RELATING TO SMART CONTRACTS .................... 6 SMART CONTRACTS AND CONTRACT LAW ................................................................................................................................................................
    [Show full text]
  • ISDA Legal Guidelines for Smart Derivatives Contracts: Foreign Exchange Derivatives
    ISDA Legal Guidelines for Smart Derivatives Contracts: Foreign Exchange Derivatives Contents Disclaimer .................................................................................................................................. 3 Introduction ................................................................................................................................ 4 The Over-the-Counter FX Market ............................................................................................... 5 Types of FX ............................................................................................................................... 6 Building the foundation for Smart Derivatives Contracts ............................................................11 Constructing Smart Derivatives Contracts for FX ......................................................................16 Valuations and Calculations ......................................................................................................17 Issues for technology developers to consider ............................................................................20 Settlement .................................................................................................................................32 Clearing ....................................................................................................................................37 Reporting ..................................................................................................................................37
    [Show full text]
  • An Empirical Analysis of Smart Contracts: Platforms, Applications, and Design Patterns
    An empirical analysis of smart contracts: platforms, applications, and design patterns Massimo Bartoletti and Livio Pompianu Universit`adegli Studi di Cagliari, Cagliari, Italy fbart,[email protected] Abstract. Smart contracts are computer programs that can be consis- tently executed by a network of mutually distrusting nodes, without the arbitration of a trusted authority. Because of their resilience to tamper- ing, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect certain agreed rules (like in financial services and in games). Over the last few years many plat- forms for smart contracts have been proposed, and some of them have been actually implemented and used. We study how the notion of smart contract is interpreted in some of these platforms. Focussing on the two most widespread ones, Bitcoin and Ethereum, we quantify the usage of smart contracts in relation to their application domain. We also analyse the most common programming patterns in Ethereum, where the source code of smart contracts is available. 1 Introduction Since the release of Bitcoin in 2009 [38], the idea of exploiting its enabling tech- nology to develop applications beyond currency has been receiving increasing attention [24]. In particular, the public and append-only ledger of transaction (the blockchain) and the decentralized consensus protocol that Bitcoin nodes use to extend it, have revived Nick Szabo's idea of smart contracts | i.e. pro- grams whose correct execution is automatically enforced without relying on a trusted authority [45]. The archetypal implementation of smart contracts is Ethereum [26], a platform where they are rendered in a Turing-complete lan- guage.
    [Show full text]
  • Blockchain Implementation Method for Interoperability Between Cbdcs
    future internet Article Blockchain Implementation Method for Interoperability between CBDCs Hyunjun Jung and Dongwon Jeong * Department of Software Convergence Engineering, Kunsan National University, Gunsan 54150, Korea; [email protected] * Correspondence: [email protected]; Tel.: +82-(063)-469-8912 Abstract: Central Bank Digital Currency (CBDC) is a digital currency issued by a central bank. Motivated by the financial crisis and prospect of a cashless society, countries are researching CBDC. Recently, global consideration has been given to paying basic income to avoid consumer sentiment shrinkage and recession due to epidemics. CBDC is coming into the spotlight as the way to manage the public finance policy of nations comprehensively. CBDC is studied by many countries. The bank of the Bahamas released Sand Dollar. Each country’s central bank should consider the situation in which CBDCs are exchanged. The transaction of the CDDB is open data. Transaction registers CBDC exchange information of the central bank in the blockchain. Open data on currency exchange between countries will provide information on the flow of money between countries. This paper proposes a blockchain system and management method based on the ISO/IEC 11179 metadata registry for exchange between CBDCs that records transactions between registered CBDCs. Each country’s CBDC will have a different implementation and time of publication. We implement the blockchain system and experiment with the operation method, measuring the block generation time of blockchains using the proposed method. Keywords: CBDC; CBDC exchange; ISO/IEC 11179; CBDC interoperability blockchain system Citation: Jung, H.; Jeong, D. Blockchain Implementation Method for Interoperability between CBDCs. Future Internet 2021, 13, 133.
    [Show full text]
  • Proof of Behavior Paul-Marie Grollemund, Pascal Lafourcade, Kevin Thiry-Atighehchi, Ariane Tichit
    Proof of Behavior Paul-Marie Grollemund, Pascal Lafourcade, Kevin Thiry-Atighehchi, Ariane Tichit To cite this version: Paul-Marie Grollemund, Pascal Lafourcade, Kevin Thiry-Atighehchi, Ariane Tichit. Proof of Behav- ior. The 2nd Tokenomics Conference on Blockchain Economics, Security and Protocols, Oct 2020, Toulouse, France. hal-02559573 HAL Id: hal-02559573 https://hal.archives-ouvertes.fr/hal-02559573 Submitted on 30 Apr 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution| 4.0 International License 1 Proof of Behavior 2 Paul-Marie Grollemund 3 Université Clermont Auvergne, LMBP UMR 6620, Aubière, France 4 [email protected] 1 5 Pascal Lafourcade 6 Université Clermont Auvergne, LIMOS UMR 6158, Aubière, France 7 [email protected] 8 Kevin Thiry-Atighehchi 9 Université Clermont Auvergne, LIMOS UMR 6158, Aubière, France 10 [email protected] 11 Ariane Tichit 12 Université Clermont Auvergne, Cerdi UMR 6587, Clermont-Ferrand France 13 [email protected] 14 Abstract 15 Our aim is to change the Proof of Work paradigm. Instead of wasting energy in dummy computations 16 with hash computations, we propose a new approach based on the behavior of the users.
    [Show full text]
  • An Organized Repository of Ethereum Smart Contracts' Source Codes and Metrics
    Article An Organized Repository of Ethereum Smart Contracts’ Source Codes and Metrics Giuseppe Antonio Pierro 1,* , Roberto Tonelli 2,* and Michele Marchesi 2 1 Inria Lille-Nord Europe Centre, 59650 Villeneuve d’Ascq, France 2 Department of Mathematics and Computer Science, University of Cagliari, 09124 Cagliari, Italy; [email protected] * Correspondence: [email protected] (G.A.P.); [email protected] (R.T.) Received: 31 October 2020; Accepted: 11 November 2020; Published: 15 November 2020 Abstract: Many empirical software engineering studies show that there is a need for repositories where source codes are acquired, filtered and classified. During the last few years, Ethereum block explorer services have emerged as a popular project to explore and search for Ethereum blockchain data such as transactions, addresses, tokens, smart contracts’ source codes, prices and other activities taking place on the Ethereum blockchain. Despite the availability of this kind of service, retrieving specific information useful to empirical software engineering studies, such as the study of smart contracts’ software metrics, might require many subtasks, such as searching for specific transactions in a block, parsing files in HTML format, and filtering the smart contracts to remove duplicated code or unused smart contracts. In this paper, we afford this problem by creating Smart Corpus, a corpus of smart contracts in an organized, reasoned and up-to-date repository where Solidity source code and other metadata about Ethereum smart contracts can easily and systematically be retrieved. We present Smart Corpus’s design and its initial implementation, and we show how the data set of smart contracts’ source codes in a variety of programming languages can be queried and processed to get useful information on smart contracts and their software metrics.
    [Show full text]
  • Security Analysis Methods on Ethereum Smart Contract Vulnerabilities — a Survey
    1 Security Analysis Methods on Ethereum Smart Contract Vulnerabilities — A Survey Purathani Praitheeshan?, Lei Pan?, Jiangshan Yuy, Joseph Liuy, and Robin Doss? Abstract—Smart contracts are software programs featuring user [4]. In consequence of these issues of the traditional both traditional applications and distributed data storage on financial systems, the technology advances in peer to peer blockchains. Ethereum is a prominent blockchain platform with network and decentralized data management were headed up the support of smart contracts. The smart contracts act as autonomous agents in critical decentralized applications and as the way of mitigation. In recent years, the blockchain hold a significant amount of cryptocurrency to perform trusted technology is being the prominent mechanism which uses transactions and agreements. Millions of dollars as part of the distributed ledger technology (DLT) to implement digitalized assets held by the smart contracts were stolen or frozen through and decentralized public ledger to keep all cryptocurrency the notorious attacks just between 2016 and 2018, such as the transactions [1], [5], [6], [7], [8]. Blockchain is a public DAO attack, Parity Multi-Sig Wallet attack, and the integer underflow/overflow attacks. These attacks were caused by a electronic ledger equivalent to a distributed database. It can combination of technical flaws in designing and implementing be openly shared among the disparate users to create an software codes. However, many more vulnerabilities of less sever- immutable record of their transactions [7], [9], [10], [11], ity are to be discovered because of the scripting natures of the [12], [13]. Since all the committed records and transactions Solidity language and the non-updateable feature of blockchains.
    [Show full text]