Internet Archive Scholar
Filters
























135 Hits in 7.6 sec

Slither: A Static Analysis Framework for Smart Contracts

Josselin Feist, Gustavo Grieco, Alex Groce
2019 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (358.0 kB)
https://web.archive.org/web/20200915011207/https://arxiv.org/pdf/1908.09878v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:

2019 pre-print arXiv:1908.09878v1 fatcat:l3ohxbwievby5f7edtcfokzjqy
This paper describes Slither, a static analysis framework designed to provide rich information about Ethereum smart contracts.  ...  We compared tools using a large dataset of smart contracts and manually reviewed results for 1000 of the most used contracts.  ...  CONCLUSIONS AND FUTURE WORK We presented Slither, an open source static analysis framework for smart contracts. Slither is fast, robust, accurate, and provides rich information about smart contracts.  ... 
doi:10.1109/wetseb.2019.00008 dblp:conf/icse/FeistGG19 fatcat:zfxddq2qgjckriyfkwzbnzs2hu
Multiple Versions
Citation

Josselin Feist, Gustavo Grieco, Alex Groce. "Slither: A Static Analysis Framework for Smart Contracts." 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB) (2019) 8-15

MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract [article]

William Zhang, Sebastian Banescu, Leodardo Pasos, Steven Stewart, Vijay Ganesh
2019 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (358.4 kB)
https://web.archive.org/web/20200828112558/https://arxiv.org/pdf/1911.00570v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Other Versions

2020 accepted
arXiv:1911.00570v3 fatcat:xmawgdfikfgnpdyxuzccif4xoe
2020 accepted
arXiv:1911.00570v2 fatcat:43fuperf6vdshiuwau45ccijzi
We have implemented our technique in a tool called MPro, a scalable and automated smart contract analyzer based on the existing symbolic analysis tool Mythril-Classic and the static analysis tool Slither  ...  A significant advantage of combining symbolic with static analysis is that it scales much better than symbolic alone and does not have the problem of false positive that static analysis tools typically  ...  Slither is a highly scalable static analysis tool which analyzes a smart contract source code at the intermediate representation SlithIR level.  ... 
arXiv:1911.00570v1 fatcat:bpgx6qfoirfm3lxqbrsayh5g7y
Multiple Versions
Citation

William Zhang, Sebastian Banescu, Leodardo Pasos, Steven Stewart, Vijay Ganesh. "MPro: Combining Static and Symbolic Analysis for Scalable Testing of Smart Contract." arXiv (2019)

Evaluating countermeasures for verifying the integrity of Ethereum smart contract applications

Suhwan Ji, Dohyung Kim, Hyeonseung Im
2021 IEEE Access  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (15.2 MB)
https://web.archive.org/web/20210622224355/https://ieeexplore.ieee.org/ielx7/6287639/6514899/09461797.pdf?tp=&arnumber=9461797&isnumber=6514899&ref=

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

SLITHER Slither [22] , [23] is an open-source Solidity static analysis framework written in Python 3, which supports automated detection of about 45 vulnerabilities and code optimizations that the compiler  ...  Echidna uses the Slither static analysis tool [22] , which we discuss below, in the preprocessing step to compile and analyze smart contracts and use information from Slither to improve fuzz testing.  ...  The content of a dockerfile is as follows:  ... 
doi:10.1109/access.2021.3091317 fatcat:kvmsmzmg2zaxdln3rnopnbykge
DOAJ
Citation

Suhwan Ji, Dohyung Kim, Hyeonseung Im. "Evaluating countermeasures for verifying the integrity of Ethereum smart contract applications." IEEE Access (2021) 1-1

Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts [article]

Thomas Durieux, João F. Ferreira, Rui Abreu, Pedro Cruz
2019 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (905.6 kB)
https://web.archive.org/web/20200826195207/https://arxiv.org/pdf/1910.10601v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Other Versions

2020 accepted
doi:10.1145/3377811.3380364 arXiv:1910.10601v2 fatcat:mqmkmehfvnhenmcdxbprogiik4
The datasets are part of SmartBugs, a new extendable execution framework that we created to facilitate the integration and comparison between multiple analysis tools and the analysis of Ethereum smart  ...  the precision of analysis tools; and ii) a dataset with all the smart contracts in the Ethereum Blockchain that have Solidity source code available on Etherscan (a total of 47,518 contracts).  ...  e a Tecnologia (FCT), with the reference PTDC/CCI-COM/29300/2017.  ... 
arXiv:1910.10601v1 fatcat:sexzmhilejcgnaka2tnravhnwu
Multiple Versions
Citation

Thomas Durieux, João F. Ferreira, Rui Abreu, Pedro Cruz. "Empirical Review of Automated Analysis Tools on 47,587 Ethereum Smart Contracts." arXiv (2019)

A Framework and DataSet for Bugs in Ethereum Smart Contracts [article]

Pengcheng Zhang, Feng Xiao, Xiapu Luo
2020 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (799.4 kB)
https://web.archive.org/web/20201118232945/https://arxiv.org/pdf/2009.02066v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Moreover, there is currently neither a comprehensive classification framework for Ethereum smart contract bugs, nor detailed criteria for detecting bugs in smart contracts, making it difficult for developers  ...  Moreover, we evaluate the state-of-the-art tools for smart contract analysis with our dataset and obtain some interesting findings: 1) Mythril, Slither and Remix are the most worthwhile combination of  ...  A CLASSIFICATION FRAMEWORK FOR SMART CONTRACT BUGS To build a comprehensive classification framework, we collect smart contract bugs from many sources, including academic literature, the Web, blogs, and  ... 
arXiv:2009.02066v1 fatcat:27emdv7fhjdnrmsysygrgohu7e
Citation

Pengcheng Zhang, Feng Xiao, Xiapu Luo. "A Framework and DataSet for Bugs in Ethereum Smart Contracts." arXiv (2020)

SmartScan: An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts [article]

Noama Fatima Samreen, Manar H. Alalfi
2021 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (377.1 kB)
https://web.archive.org/web/20210526194916/https://arxiv.org/pdf/2105.02852v3.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

Other Versions

2021 pre-print
arXiv:2105.02852v2 fatcat:tsb5rvwgbvdiponlchhoyf3kre
2021 pre-print
arXiv:2105.02852v1 fatcat:4jgmowsnlbaiveu6jjwjk4fln4
In this paper, we propose a framework that combines static and dynamic analysis to detect Denial of Service (DoS) vulnerability due to an unexpected revert in Ethereum Smart Contracts.  ...  Our framework, SmartScan, statically scans smart contracts under test (SCUTs) to identify patterns that are potentially vulnerable in these SCUTs and then uses dynamic analysis to precisely confirm their  ...  CONCLUSION In this paper, a combined static and dynamic analysis framework is proposed to detect DoS-Unexpected Revert vulnerabilities in data-set of 500 real world Ethereum Smart Contracts collected from  ... 
arXiv:2105.02852v3 fatcat:jjl73mqrwrbxxavcdzrpp4i2tm
Open Access Multiple Versions
Citation

Noama Fatima Samreen, Manar H. Alalfi. "SmartScan: An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts." arXiv (2021)

Tezla, an Intermediate Representation for Static Analysis of Michelson Smart Contracts [article]

João Santos Reis and Paul Crocker and Simão Melo de Sousa
2020 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (463.6 kB)
https://web.archive.org/web/20200829005142/https://arxiv.org/pdf/2005.11839v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

This paper introduces Tezla, an intermediate representation of Michelson smart contracts that eases the design of static smart contract analysers.  ...  In order to support our claim about the adequacy of Tezla, we develop a static analyser that takes advantage of the Tezla representation of Michelson smart contracts to prove simple but non-trivial properties  ...  Slither [11] , presented in 2019, is a static analysis framework for Ethereum smart contract.  ... 
arXiv:2005.11839v1 fatcat:336dq5jemvcixjaidp4ag56q2m
Citation

João Santos Reis and Paul Crocker and Simão Melo de Sousa. "Tezla, an Intermediate Representation for Static Analysis of Michelson Smart Contracts." arXiv (2020)

ScrawlD: A Dataset of Real World Ethereum Smart Contracts Labelled with Vulnerabilities [article]

Chavhan Sujeet Yashavant, Saurabh Kumar, Amey Karkare
2022 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (569.5 kB)
https://web.archive.org/web/20220519005056/https://arxiv.org/pdf/2202.11409v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:

2022 pre-print arXiv:2202.11409v1 fatcat:gm5j64sncvehnoxg726agaz4nq

Other Versions

2022 pre-print
arXiv:2202.11409v2 fatcat:djzmlndpqbdv5pkn2mwrpeihwi
There is a need for an unbiased standard benchmark of real-world Ethereum smart contracts.  ...  Smart contracts on Ethereum handle millions of U.S. Dollars and other financial assets. In the past, attackers have exploited smart contracts to steal these assets.  ...  : Osiris [17] is a framework comprising symbolic execution and taint analysis.  ... 
arXiv:2202.11409v3 fatcat:3olhdjks4jcufnie2ar6gwmjwy
Open Access Multiple Versions
Citation

Chavhan Sujeet Yashavant, Saurabh Kumar, Amey Karkare. "ScrawlD: A Dataset of Real World Ethereum Smart Contracts Labelled with Vulnerabilities." arXiv (2022)

Smart Contracts: A Review of Security Threats Alongside an Analysis of Existing Solutions

Antonio López Vivar, Alberto Turégano Castedo, Ana Lucila Sandoval Orozco, García Villalba
2020 Entropy  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.6 MB)
https://web.archive.org/web/20200215025919/https://res.mdpi.com/d_attachment/entropy/entropy-22-00203/article_deploy/entropy-22-00203.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Smart contracts have gained a lot of popularity in recent times as they are a very powerful tool for the development of decentralised and automatic applications in many fields without the need for intermediaries  ...  This article provides a holistic view of security challenges associated with smart contracts, as well as the state of the art of available public domain tools.  ...  Slither Slither is a static analysis framework written in Python 3 with dependencies on the Solidity Compiler (Solc) [55] .  ... 
doi:10.3390/e22020203 pmid:33285978 fatcat:thlkoqkhhvfltkyf6f2zuwmu7y
DOAJ
Citation

Antonio López Vivar, Alberto Turégano Castedo, Ana Lucila Sandoval Orozco, García Villalba. "Smart Contracts: A Review of Security Threats Alongside an Analysis of Existing Solutions." Entropy 22.2 (2020) 203

What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)? [article]

Alex Groce and Josselin Feist and Gustavo Grieco and Michael Colburn
2020 arXiv   pre-print

Preserved Fulltext

Web Archive Capture PDF (226.6 kB)
https://web.archive.org/web/20200321041434/https://arxiv.org/pdf/1911.07567v2.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Other Versions

2019 pre-print
arXiv:1911.07567v1 fatcat:nbquri2skzbbtkvnadq72ziogy
In this paper we provide a summary of Ethereum smart contract audits performed for 23 professional stakeholders, avoiding the common problem of reporting issues mostly prevalent in low-quality contracts  ...  These audits were performed at a leading company in blockchain security, using both open-source and proprietary tools, as well as human code analysis performed by professional security engineers.  ...  In fact, a possible additional explanation for the difference of 36% data validation findings for smart contract audits and 51% for non-smart-contract audits could be that non-smart-contract audits have  ... 
arXiv:1911.07567v2 fatcat:3klw6ddtifgpbokxmozbopm6qm
Multiple Versions
Citation

Alex Groce and Josselin Feist and Gustavo Grieco and Michael Colburn. "What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)?." arXiv (2020)

Smart Contract: Attacks and Protections

Sarwar Sayeed, Hector Marco-Gisbert, Tom Caira
2020 IEEE Access  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.3 MB)
https://web.archive.org/web/20201108110928/https://ieeexplore.ieee.org/ielx7/6287639/8948470/08976179.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

A smart contract acts in a similar way to a traditional agreement but negates the necessity for the involvement of a third party.  ...  Once deployed to the blockchain, a smart contract cannot be modified or updated for security patches, thus encouraging developers to implement strong security strategies before deployment in order to avoid  ...  Most tools are mainly utilized for static and dynamic analysis of smart contract codes. A. SLITHER Slither is a static analysis framework for smart contract code [47] .  ... 
doi:10.1109/access.2020.2970495 fatcat:5ewcato5b5csxohptp3k5c6tp4
DOAJ
Citation

Sarwar Sayeed, Hector Marco-Gisbert, Tom Caira. "Smart Contract: Attacks and Protections." IEEE Access (2020) 1-1

SESCon: Secure Ethereum Smart Contracts by Vulnerable Patterns' Detection

Amir Ali, Zain Ul Abideen, Kalim Ullah, Farhan Ullah
2021 Security and Communication Networks  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.8 MB)
https://web.archive.org/web/20210930032904/https://downloads.hindawi.com/journals/scn/2021/2897565.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

To solve these problems, we have introduced a static analysis tool, SESCon (secure Ethereum smart contract), applying the taint analysis techniques with XPath queries.  ...  To find the vulnerability in the source code of smart contracts written in Solidity language, a state-of-the-art work provides a lot of solutions based on dynamic or static analysis.  ...  Our solution is based on XPath and taint analysis. Most of the static analysis tools for smart contract give a large number of false positives.  ... 
doi:10.1155/2021/2897565 fatcat:7gt5efmez5dsph6yezpx5p2xju
DOAJ
Citation

Amir Ali, Zain Ul Abideen, Kalim Ullah, Farhan Ullah. "SESCon: Secure Ethereum Smart Contracts by Vulnerable Patterns' Detection." Security and Communication Networks (2021) 1-14

ESBMC-Solidity: An SMT-Based Model Checker for Solidity Smart Contracts [article]

Kunjian Song, Nedas Matulevicius, Eddie B. de Lima Filho, Lucas C. Cordeiro
2021 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (523.1 kB)
https://web.archive.org/web/20211130072655/https://arxiv.org/pdf/2111.13117v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

A benchmark suite with vulnerable smart contracts was also developed for evaluation and comparison with other verification tools.  ...  This paper proposes a solidity frontend for the efficient SMT-based context-bounded model checker (ESBMC), named ESBMC-Solidity, which provides a way of verifying such contracts with its framework.  ...  It is used for lexical analysis and parsing, taking a smart contract as input and then transforming it into JSON AST, which is done with the argument --ast-compact-json.  ... 
arXiv:2111.13117v1 fatcat:uaf5uhgkdvf3zesa7zhr5fdo5y
Citation

Kunjian Song, Nedas Matulevicius, Eddie B. de Lima Filho, Lucas C. Cordeiro. "ESBMC-Solidity: An SMT-Based Model Checker for Solidity Smart Contracts." arXiv (2021)

Automated Generation of Test Cases for Smart Contract Security Analyzers

Ki Byung Kim, Jonghyup Lee
2020 IEEE Access  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.6 MB)
https://web.archive.org/web/20201129040758/https://ieeexplore.ieee.org/ielx7/6287639/6514899/09268135.pdf?tp=&arnumber=9268135&isnumber=6514899&ref=

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Slither [19] is a static analysis framework for Solidity source code (higher than v. 0.4). It supports application programming interfaces for customized analysis of the source code.  ...  We consider the common weak points of static analysis and the quirks of smart contracts for the code elements.  ...  For the enclosure seed, then Figure 18c reveals that the condition on Line 2 is always false.  ... 
doi:10.1109/access.2020.3039990 fatcat:7zkbu4nb7ncezksn5cimllgfxe
DOAJ
Citation

Ki Byung Kim, Jonghyup Lee. "Automated Generation of Test Cases for Smart Contract Security Analyzers." IEEE Access (2020) 1-1

Doublade: Unknown Vulnerability Detection in Smart Contracts Via Abstract Signature Matching and Refined Detection Rules [article]

Yinxing Xue, Yi Li University of Science and Technology of China, Nanyang Technological University
2019 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.4 MB)
https://web.archive.org/web/20200827211554/https://arxiv.org/pdf/1912.04466v1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Yet, there does not exist a high-quality benchmark of smart contract vulnerability for security research.  ...  With the prosperity of smart contracts and the blockchain technology, various security analyzers have been proposed from both the academia and industry to address the associated risks.  ...  There are some other tools that enable the static analysis for smart contracts.  ... 
arXiv:1912.04466v1 fatcat:7gvxhbuvprfiti4ufhdachxr4i
Citation

Yinxing Xue, Yi Li University of Science and Technology of China, Nanyang Technological University. "Doublade: Unknown Vulnerability Detection in Smart Contracts Via Abstract Signature Matching and Refined Detection Rules." arXiv (2019)

« Previous Showing results 1 — 15 out of 135 results