Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework

Dingman, Wesley; Cohen, Aviel; Ferrara, Nicola; Lynch, Adam; Jasinski, Patrick; Black, Paul E.; Deng, Lin

doi:10.2991/ijndc.k.190710.003

Cited by 42 publications

(10 citation statements)

References 13 publications

(33 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The hackers attempt to manipulate the execution of the smart contracts using loopholes present in waste management smart contracts to execute it in favor of their activities (e.g., stealing the virtual currencies) [83], [98], [99]. The common vulnerabilities in smart contracts for waste management are classified into operational, security, developmental, and functional categories [100]. The common vulnerabilities in waste management smart contacts that are often exploited by hackers include reentrance attacks, integer overflow, denial of service attacks, and remote code execution.…”

Section: A Waste Management Smart Contracts Vulnerabilitiesmentioning

confidence: 99%

Blockchain for Waste Management in Smart Cities: A Survey

Ahmad

Jayaraman

Yaqoob³

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Smart cities have the potential to overcome environmental problems caused by improper waste disposal by improving human health, protecting the aquatic ecosystem, and reducing air pollution. However, today's systems, approaches, and technologies leveraged for waste management are manual and centralized. This fact makes them vulnerable to manipulation and the single point of failure problem. Also, a large portion of the existing waste management systems within smart cities fall short in providing operational transparency, traceability, audit, security, and trusted data provenance features. In this paper, we explore the key role of blockchain technology in managing waste within smart cities as it can offer traceability, immutability, transparency, and audit features in a decentralized, trusted, and secure manner. We discuss the opportunities brought about by blockchain technology in various waste management use cases and application scenarios, including real-time tracing and tracking of waste, reliable channelization and compliance with waste treatment laws, efficient waste resources management, protection of waste management documentation, and fleet management. We introduce a framework that leverages blockchainbased smart contracts to automate the key services in terms of waste management of smart cities. We compare the existing blockchain-based waste management solutions based on important parameters. Furthermore, we present insightful discussions on several ongoing blockchain-based research projects and case studies to highlight the practicability of blockchain in waste management. Finally, we present open challenges that act as future research directions.

show abstract

Section: A Waste Management Smart Contracts Vulnerabilitiesmentioning

confidence: 99%

Blockchain for Waste Management in Smart Cities: A Survey

Ahmad

Jayaraman

Yaqoob³

et al. 2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…It is a well-known fact that code contains bugs, and smart contracts are not an exception. There are several examples where small bugs in smart contracts have had detrimental impacts (Atzei et al, 2017;Magazzeni et al, 2017;Dingman et al, 2019;Tai, 2019). Computer scientists have developed several techniques to mitigate against bugs in software.…”

Section: Deployment On the Blockchain?mentioning

confidence: 99%

What Do We Mean by Smart Contracts? Open Challenges in Smart Contracts

Vigliotti¹

2021

Front. Blockchain

View full text Add to dashboard Cite

Contracts regulate most of our professional and personal life: they enable modern society to operate. The term “Smart Contract,” coined in 1994 by Nick Szabo, means different things to different people. This editorial perspective explores the meanings of the term “smart contract” and the challenges about the legality of “smart contracts.” We are familiar with contracts written in natural language, yet our relationships with smart contracts is yet to be defined. The advent of blockchain technology seems to have accelerated the development and the opportunities for the adoption of smart contracts. The purpose of this editorial is to create an interdisciplinary section where computer scientists and members of the legal profession participate in a constructive debate around smart contracts to positively influence future development.

show abstract

“…The focus is given on gas vulnerabilities and the gas consumption mechanism. Dingman et al 16 analyzed the gas related vulnerabilities of Ethereum blockchain and identified many vulnerabilities in the gas system using the bugs framework. 17 They classified the gas vulnerabilities classes that is, bugs which can occur in a resource-constrained environment and bugs which can occur in a distributed environment.…”

Section: Related Workmentioning

confidence: 99%

Gas consumption analysis of Ethereum blockchain transactions

Khan

Sarwar

Awais

2021

Concurrency and Computation

View full text Add to dashboard Cite

In Ethereum blockchain, whenever a transaction of smart contract is executed, transaction fee is charged in terms of Ethers. To calculate the transaction fee, a computational unit, gas is introduced in smart contracts. Gas consumption is calculated against the smart contract source code execution. The transaction initiator sets the gas price against per unit of gas and the total gas limit. If the gas limit is sufficient, the transaction will be mined otherwise it will be reverted. Smart contracts of Ethereum can be written in any high-level language such as Solidity, Vyper, Python, Java and so forth, but Solidity is massively used for smart contracts creation. In this article, we have examined the 5000 transactions of Solidity based smart contracts from Etherscan and performed statistical analysis on opcodes and source code parameters used in these transactions to identify gas costly patterns. Our statistical results (correlation and regression) analyze the relationship of Solidity parameters and opcodes with the gas consumption.Factors causing an increase or decrease in the gas consumption of smart contracts are highlighted in this article. The regression analysis showed that 87.8% of the variability in the response variable (gas consumption) is due to the parameters used in this analysis. Our results will help the smart contract developers to write the gas optimized smart contracts. The results can be beneficial for end users as they will have to pay gas price for less number of gas units.

show abstract

Defects and Vulnerabilities in Smart Contracts, a Classification using the NIST Bugs Framework

Cited by 42 publications

References 13 publications

Blockchain for Waste Management in Smart Cities: A Survey

Blockchain for Waste Management in Smart Cities: A Survey

What Do We Mean by Smart Contracts? Open Challenges in Smart Contracts

Gas consumption analysis of Ethereum blockchain transactions

Contact Info

Product

Resources

About