Ethereum Smart Contract Analysis Tools: A Systematic Review

Kushwaha, Satpal Singh; Joshi, Sandeep; Singh, Dilbag; Kaur, Manjit; Lee, Heung-No

doi:10.1109/access.2022.3169902

Cited by 43 publications

(21 citation statements)

References 119 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The development of smart contracts enabling Cloud-to-Edge architectures is a complex task that requires experienced developers in combination with the usage of analysis tools [ 13 ] to avoid or minimize the known vulnerabilities in the design process of smart contracts. To better understand the design of smart contracts in the Ethereum ledger, Angelo et al [ 14 ] performed a study of the smart contracts’ similarities by analyzing the design of their interfaces and grouping them into a small set of clusters.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, coding anomalies in the smart contracts, such as bugs, lack of validation, incompatible command sequence, and other issues, led to security vulnerabilities with usually severe consequences in communities using vulnerable smart contracts [ 25 ]. This iterative learning process delivered coding guidance provided by various analysis tools [ 13 ] and design patterns in the form of smart contract templates. The latter covers different functionalities, standards (e.g., tokens), and good practices that may facilitate the development process of solidity-based smart contracts.…”

Section: High-level Classification Of Reusable Smart Contractsmentioning

confidence: 99%

See 1 more Smart Citation

A Recommender System for Robust Smart Contract Template Classification

Gec

Stankovski²,

Lavbič³

et al. 2023

Sensors

View full text Add to dashboard Cite

IoT environments are becoming increasingly heterogeneous in terms of their distributions and included entities by collaboratively involving not only data centers known from Cloud computing but also the different types of third-party entities that can provide computing resources. To transparently provide such resources and facilitate trust between the involved entities, it is necessary to develop and implement smart contracts. However, when developing smart contracts, developers face many challenges and concerns, such as security, contracts’ correctness, a lack of documentation and/or design patterns, and others. To address this problem, we propose a new recommender system to facilitate the development and implementation of low-cost EVM-enabled smart contracts. The recommender system’s algorithm provides the smart contract developer with smart contract templates that match their requirements and that are relevant to the typology of the fog architecture. It mainly relies on OpenZeppelin, a modular, reusable, and secure smart contract library that we use when classifying the smart contracts. The evaluation results indicate that by using our solution, the smart contracts’ development times are overall reduced. Moreover, such smart contracts are sustainable for fog-computing IoT environments and applications in low-cost EVM-based ledgers. The recommender system has been successfully implemented in the ONTOCHAIN ecosystem, thus presenting its applicability.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: High-level Classification Of Reusable Smart Contractsmentioning

confidence: 99%

A Recommender System for Robust Smart Contract Template Classification

Gec

Stankovski²,

Lavbič³

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…In order to test our system against such vulnerabilities, we used a security analyzer to pinpoint the vulnerabilities and fix them. There are numerous smart contract security analyzers available, including Oyente, Securify, tractFuzzer, and Sereum, to name a few [33]. These analyzers vary depending on the stage of code development at which they are utilized.…”

Section: B Security Analysismentioning

confidence: 99%

Using NFTs and Blockchain for Traceability and Auctioning of Shipping Containers and Cargo in Maritime Industry

et al. 2022

View full text Add to dashboard Cite

The maritime industry is a complex multi-tiered sector that plays a major role in international shipping and trade. Seaborne transportation is responsible for 90% of goods moved globally, and containerized shipments account for more than 50% of those goods. This volume of movement requires efficient tracking and traceability methods that secure the documentation process and ensure the involved stakeholders. However, due to its complexity, the maritime industry suffers from a lack of trust, lack of ownership evidence, protracted documentation procedures, and excessive data aggregation. These shortcomings are reflected in delays and elevated costs in the shipping process. To mitigate these problems, we propose in this paper a blockchain-based solution for the ownership history and traceability of shipping containers in the industry. Our solution utilizes smart contracts and non-fungible tokens (NFTs) on the Ethereum blockchain to accelerate the inefficient shipping process by digitizing ownership transfer and process documentation. Furthermore, the proposed system allows the owners to auction off their cargo in the destination ports, freeing warehouses and containers in the process. We analyze our proposed system in terms of transaction costs and smart contract security. The smart contracts are developed using the Solidity language in the Remix IDE and the code is made publicly available on GitHub.

show abstract

“…Even though the Remix IDE provides tools for debugging, it does not sufficiently work through the code to detect problems beyond the syntax errors, hence the necessity for additional analysis tools. These tools include Oyente, MythX, and SmartCheck, to name a few [27]. Oyente directly works on the Ethereum virtual machine (EVM) bytecode without the need to access the high-level language and generates call graphs corresponding to every smart contract [28].…”

Section: Smart Contract Security Analysismentioning

confidence: 99%

“…The tool analyzed up to 96.8% and 99.2% of the code of the ContainerShipment and Registration contracts, respectively. Integer underflow and overflow refer to the errors caused when the value set to a variable is outside the range that its data type can hold [27]. The counters used in our implementation are imported from OpenZeppelin contracts [29], a library of secure and audited contracts.…”

Section: Smart Contract Security Analysismentioning

confidence: 99%

Blockchain-Based Traceability for Shipping Containers in Unimodal and Multimodal Logistics

et al. 2022

View full text Add to dashboard Cite

An unprecedented amount of goods and commodities are shipped and transported globally each day through different modes of transport. Due to its complexity, the maritime industry suffers from a lack of trust and secure ownership evidence, protracted documentation procedures, and excessive data aggregation. These shortcomings are reflected in cargo processing delays and elevated costs in the shipping process. Most of today's systems and technologies leveraged for managing shipping containers in unimodal and multimodal logistics fall short of providing transparency, traceability, reliability, audit, security, and trust features. In this paper, we propose a blockchain-based solution that allows users to trace and track their container shipments in a manner that is decentralized, transparent, auditable, secure, and trustworthy. We employ the InterPlanetary File System (IPFS) to overcome the limited data storage problem. We develop smart contracts and present algorithms along with their full implementation, testing, and validation details in both unimodal and multimodal logistics. We present security and cost analyses to show that the proposed solution is secure and cost-efficient. Furthermore, we compare our proposed solution with the existing solutions to show its novelty. All developed smart contract codes are made publicly available on GitHub.

show abstract

Ethereum Smart Contract Analysis Tools: A Systematic Review

Cited by 43 publications

References 119 publications

A Recommender System for Robust Smart Contract Template Classification

A Recommender System for Robust Smart Contract Template Classification

Using NFTs and Blockchain for Traceability and Auctioning of Shipping Containers and Cargo in Maritime Industry

Blockchain-Based Traceability for Shipping Containers in Unimodal and Multimodal Logistics

Contact Info

Product

Resources

About