Abstract
In the blockchain 2.0 era, smart contracts based on blockchain technology have been widely used in many fields such as sharing economy, digital payment, and financial asset disposal because of its dispersion, observability, verifiability and automatic execution. With the widespread application of smart contracts, the researchers gradually found many types of security problems, so the audit of smart contracts has become the vital way to ensure its security. This paper introduces the implementation mechanism of smart contract model, and summarizes 11 kinds of high frequency smart contract vulnerabilities, such as transaction order dependence, constructor out of control, denial of service, etc. Then, this paper selects the newly released BitUnits contract for auditing, find out its security hole and give the solution.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
He, H., Yan, A., Chen, Z.: Overview of intelligent contract technology and application based on blockchain. J. Comput. Res. Dev. 55(11), 112–126 (2018)
Li, H., Sun, J., Yang, Y., et al.: A preliminary study on Ethereum based on blockchain 2.0. China Financ. Comput. 6, 57–60 (2017)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Manubot (2019)
Fu, M., Wu, L., Hong, Z., Feng, W.: Research on intelligent contract security vulnerability mining technology [J/OL]. Comput. Appl. 1–8 (2019)
Huang, K., Zhang, S., Jin, S.: Research on block contract intelligent contract security. Inf. Secur. Res. 3, 192–206 (2019)
Tikhomirov, S., Voskresenskaya, E., Ivanitskiy, I.: SmartCheck: static analysis of ethereum smart contracts. In: 2018 IEEE ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB) (2018)
Bocek, T., Stiller, B.: Smart contracts – blockchains in the wings. In: Linnhoff-Popien, C., Schneider, R., Zaddach, M. (eds.) Digital Marketplaces Unleashed, pp. 169–184. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-49275-8_19
Jiang, B., Liu, Y., Chan, W.K.: ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering. ACM (2018)
Sergey, I., Hobor, A.: A concurrent perspective on smart contracts (2017)
Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart contracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 164–186. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_8
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Lu, S., Fan, H., Wang, Y., Mi, H., Qin, L. (2020). Manual Audit for BitUnits Contracts. In: Zheng, Z., Dai, HN., Tang, M., Chen, X. (eds) Blockchain and Trustworthy Systems. BlockSys 2019. Communications in Computer and Information Science, vol 1156. Springer, Singapore. https://doi.org/10.1007/978-981-15-2777-7_38
Download citation
DOI: https://doi.org/10.1007/978-981-15-2777-7_38
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-2776-0
Online ISBN: 978-981-15-2777-7
eBook Packages: Computer ScienceComputer Science (R0)