A Survey of Attacks on Ethereum Smart Contracts (SoK)

Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their im...

Full description

Saved in:
Bibliographic Details
Published inPrinciples of Security and Trust Vol. 10204; pp. 164 - 186
Main Authors Atzei, Nicola, Bartoletti, Massimo, Cimoli, Tiziana
Format Book Chapter
LanguageEnglish
Published Germany Springer Berlin / Heidelberg 2017
Springer Berlin Heidelberg
SeriesLecture Notes in Computer Science
Subjects
Consensus Protocol
Direct Call
Honest Node
Longe Branch
Security Vulnerability
Online AccessGet full text

Cover

More Information
Summary:Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.
ISBN:3662544547
9783662544549
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-662-54455-6_8