The rise of modern blockchains has facilitated the emergence of smart contracts: autonomous programs that live and run on the blockchain. Smart contracts have seen a rapid climb to prominence, with applications predicted in law, business, commerce, and governance.Smart contracts are commonly written in a high-level language such as Ethereum's Solidity, and translated to compact low-level bytecode for deployment on the blockchain. Once deployed, the bytecode is autonomously executed, usually by a virtual machine. As with all programs, smart contracts can be highly vulnerable to malicious attacks due to deficient programming methodologies, languages, and toolchains, including buggy compilers. At the same time, smart contracts are also high-value targets, often commanding large amounts of cryptocurrency. Hence, developers and auditors need security frameworks capable of analysing low-level bytecode to detect potential security vulnerabilities.In this paper, we present Vandal: a security analysis framework for Ethereum smart contracts. Vandal consists of an analysis pipeline that converts low-level Ethereum Virtual Machine (EVM) bytecode to semantic logic relations. Users of the framework can express security analyses in a declarative fashion: a security analysis is expressed in a logic specification written in the Soufflé language. We conduct a large-scale empirical study for a set of common smart contract security vulnerabilities, and show the effectiveness and efficiency of Vandal. Vandal is both fast and robust, successfully analysing over 95% of all 141k unique contracts with an average runtime of 4.15 seconds; outperforming the current state of the art tools-Oyente, EthIR, Mythril, and Rattle-under equivalent conditions.
1Substantial progress has been made in understanding and reducing temperature inhomogeneity in rapid compression machines (RCMs) with the help of computational modelling. To date, however, it has not been possible to investigate and map the full range of possible RCM designs, working gases and operating conditions. In this article, we present a framework which simplifies the task of comprehensive and general RCM performance prediction. A set of thermophysical and geometrical parameters have been defined to characterize the design and operating conditions of a general RCM. Dimensional analysis was applied to reduce the number of variables and a sensitivity analysis, based on computational simulations, was used to rank the dimensionless parameters and eliminate unimportant ones. The results of this analysis show that Reynolds number, Prandtl number, aspect ratio, and crevice volume ratio are the most important parameters determining temperature inhomogeneity.A further set of computational simulations was conducted to predict post-compression temperature inhomogeneity over the full range of RCM design and operating parameters. These results are well represented by a simple power law equation that correlates a dimensionless temperature inhomogeneity parameter (mass-averaged over the main chamber) as a function of post-compression time with just three parameters -Peclet number (the product of Reynolds and Prandtl numbers), aspect ratio, and crevice volume ratio. This equation can serve as a simple and general tool for RCM designers and users who wish to determine optimal configurations that minimise temperature inhomogeneity for combustion experiments.2
Strings play a central role in JavaScript and similar scripting languages. Owing to dynamic features such as the eval function and dynamic property access, precise string analysis is a prerequisite for automated reasoning about practically any kind of runtime property. Although the literature presents a considerable number of abstract domains for capturing and representing specific aspect of strings, we are not aware of tools that allow flexible combination of string abstract domains. Indeed, support for string analysis is often confined to a single, dedicated string domain. In this paper we describe a framework that allows us to combine multiple string abstract domains for the analysis of JavaScript programs. It is implemented as an extension of SAFE, an open-source static analysis tool. We investigate different combinations of abstract domains that capture various aspects of strings. Our evaluation suggests that a combination of few, simple abstract domains suffice to outperform the precision of state-of-the-art static analysis tools for JavaScript.
The starting point of this article is the observation that the new form of cultural political economy, which has emerged in the last half of the twentieth century and become dominant since the 1980s, has had profound consequences for religious belief practice and expression worldwide. The rise of consumerism in the post-Second World War years, accompanied by the ever-growing and globalizing media-sphere, as well as the growing influence of neo-liberalism, have been pivotal in religious change. The article calls for work in this direction, and starts by a critical review of classical works on religion and economy, before surveying contemporary works, in a four-fold typology. Centering on consumerism, the article then argues that the rise of consumerism as a dominant cultural ethos, radicalizes the dynamics of identity and recognition that are typical of modern subjectivisation and community, which in turn shape contemporary religious phenomena.
This three-part article highlights a personal liaison with the concept of implicit religion as both cultural analyst and religion theorist. The lack of unity and methodological rigour which characterize the reception of the concept of implicit religion to date fuels the desire to apply it in a systematic fashion to a contemporary youth culture phenomenon which satisfies the orphic metaphor of initiation, night-time and music, and has been widely interpreted as harbouring some sort of religiosity or rapport with the sacred: the English-born-turned-global phenomenon of techno-music-fuelled raves. The first section presents general information on raves, methodological considerations and an ‘ethnographic’ account stemming from field research conducted with a small group of Montreal ravers in 2002. The second section is interpretative, starting with a synthesis of existing interpretations according to which raves are driven by various religious ‘anthropo-logics’. The three definitional vectors of implicit religion are then systematically applied to the material presented in section one, while drawing parallels with Bailey’s (1997) presentation. The third and last part uses the prior analysis as a basis from which to critique the concept of implicit religion. It tries to show how the definition of implicit religion has shortcomings with regards to the orphic—or, more precisely, the transgressive—pole of religion, paramount in the study of raves. It also argues that the concept of implicit religion is tributary of a typically ‘modern’ inflexion permeating sociological theories on religion; an inflexion which has oriented research to date in this field and which has led to confusion as to the status of implicit religion as religion or ‘something like it’. The article closes with a few hints as to which theoretical avenues the author thinks could overcome the conceptual difficulties outlined.
Software clone detection techniques identify fragments of code that share some level of syntactic similarity. In this study, we investigate security-sensitive clone clusters: clusters of syntactically similar fragments of code that are protected by some privileges. From a security perspective, security-sensitive clone clusters can help reason about the implemented security model: given syntactically similar fragments of code, it is expected that they are protected by similar privileges. We hypothesize that clones that violate this assumption, defined as security-discordant clones, are likely to reveal weaknesses and flaws in access control models.In order to characterize security-discordant clones, we investigated two of the largest and most popular open-source PHP applications: Joomla! and Moodle, with sizes ranging from hundred thousands to more than a million lines of code. Investigation of security-discordant clone clusters in these systems revealed several previously undocumented, recurring, and application-independent security weaknesses. Moreover, security-discordant clones also revealed four, previously unreported, security flaws. Results also show how these flaws were revealed through the investigation of as little as 2% of the code base. Distribution of weaknesses and flaws between the two systems is investigated and discussed. Potential extensions to this exploratory work are also presented.
La lecture de la production en sociologie des religions donne à penser que nous sommes toujours dans une période transitoire, en chemin vers une nouvelle configuration religieuse encore largement indiscernable. Or la littérature sociologique et les enquêtes empiriques depuis une trentaine d’années décrivent une situation se stabilisant autour de certaines caractéristiques globales, tant et si bien qu’on peut se demander si de nouvelles logiques n’auraient pas vu le jour dont il serait possible de montrer la systématicité. Inspiré des travaux de Charles Taylor, cet article esquisse les grandes lignes de l’hypothèse d’une nouvelle régulation du religieux en proposant de comprendre l’avènement de la société de consommation sous l’angle d’un accomplissement du tournant subjectif moderne et de la radicalisation conséquente de la culture de l’authenticité et de l’expressivité. Par-delà leur éclatement, les religiosités contemporaines se donnent à lire comme autant de réponses à l’impératif social d’un projet de soi, des constructions identitaires ou « itinéraires de sens » (Raymond Lemieux) soumis aux enjeux d’une reconnaissance porteuse d’une puissante normativité. The bulk of the production in the sociology of religion today tends to corroborate the idea that contemporary societies are defined by their transience, as if en route towards some kind of future religious configuration still indiscernible. Yet one can note that empirical studies and scientific literature alike have been describing a situation which has tended to stabilize around certain characteristics these last two or three decades. This article argues that such stability signifies that these characteristics form an interdependent and coherent system and sketches out the hypothesis of a new regulation of religion in our societies contradicting such ideas as fragmentation and atomization. Following some of Charles Taylor’s ideas, this article considers the advent of consumer society as realizing the subjective-turn part of the modernization process through a radicalization of the culture of authenticity and expressivity. Thus contemporary religiosities are individual answers to the social imperative to construct a self and a personal life narrative which in turn must be expressed in order to be recognized, this recognition being the mechanism through which consumer societies efficiently regulate.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.