2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)最新文献

筛选
英文 中文
Smart contracts: security patterns in the ethereum ecosystem and solidity 智能合约:以太坊生态系统中的安全模式和稳定性
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-20 DOI: 10.1109/IWBOSE.2018.8327565
Maximilian Wöhrer, Uwe Zdun
{"title":"Smart contracts: security patterns in the ethereum ecosystem and solidity","authors":"Maximilian Wöhrer, Uwe Zdun","doi":"10.1109/IWBOSE.2018.8327565","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327565","url":null,"abstract":"Smart contracts that build up on blockchain technologies are receiving great attention in new business applications and the scientific community, because they allow untrusted parties to manifest contract terms in program code and thus eliminate the need for a trusted third party. The creation process of writing well performing and secure contracts in Ethereum, which is today’s most prominent smart contract platform, is a difficult task. Research on this topic has only recently started in industry and science. Based on an analysis of collected data with Grounded Theory techniques, we have elaborated several common security patterns, which we describe in detail on the basis of Solidity, the dominating programming language for Ethereum. The presented patterns describe solutions to typical security issues and can be applied by Solidity developers to mitigate typical attack scenarios.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"244 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133879692","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 230
Smart contracts vulnerabilities: a call for blockchain software engineering? 智能合约漏洞:呼吁区块链软件工程?
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-20 DOI: 10.1109/IWBOSE.2018.8327567
Giuseppe Destefanis, M. Marchesi, Marco Ortu, R. Tonelli, A. Bracciali, R. Hierons
{"title":"Smart contracts vulnerabilities: a call for blockchain software engineering?","authors":"Giuseppe Destefanis, M. Marchesi, Marco Ortu, R. Tonelli, A. Bracciali, R. Hierons","doi":"10.1109/IWBOSE.2018.8327567","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327567","url":null,"abstract":"Smart Contracts have gained tremendous popularity in the past few years, to the point that billions of US Dollars are currently exchanged every day through such technology. However, since the release of the Frontier network of Ethereum in 2015, there have been many cases in which the execution of Smart Contracts managing Ether coins has led to problems or conflicts. Compared to traditional Software Engineering, a discipline of Smart Contract and Blockchain programming, with standardized best practices that can help solve the mentioned problems and conflicts, is not yet sufficiently developed. Furthermore, Smart Contracts rely on a non-standard software life-cycle, according to which, for instance, delivered applications can hardly be updated or bugs resolved by releasing a new version of the software. In this paper we advocate the need for a discipline of Blockchain Software Engineering, addressing the issues posed by smart contract programming and other applications running on blockchains.We analyse a case of study where a bug discovered in a Smart Contract library, and perhaps \"unsafe\" programming, allowed an attack on Parity, a wallet application, causing the freezing of about 500K Ethers (about 150M USD, in November 2017). In this study we analyze the source code of Parity and the library, and discuss how recognised best practices could mitigate, if adopted and adapted, such detrimental software misbehavior. We also reflect on the specificity of Smart Contract software development, which makes some of the existing approaches insufficient, and call for the definition of a specific Blockchain Software Engineering.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124214522","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 151
Evaluation of initial cryptoasset offerings: the state of the practice 初始加密资产产品的评估:实践状态
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-20 DOI: 10.1109/IWBOSE.2018.8327569
Felix Hartmann, Xiaofeng Wang, M. I. Lunesu
{"title":"Evaluation of initial cryptoasset offerings: the state of the practice","authors":"Felix Hartmann, Xiaofeng Wang, M. I. Lunesu","doi":"10.1109/IWBOSE.2018.8327569","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327569","url":null,"abstract":"Initial Cryptoasset Offering (ICO), also often called Initial Coin Offering or Initial Token Offering (ITO) is a new means of fundraising through blockchain technology, which allows startups to raise large amounts of funds from the crowd in an unprecedented speed. However it is not easy for ordinary investors to distinguish genuine fundraising activities through ICOs from scams. Different websites that gather and evaluate ICOs at different stages have emerged as a solution to this issue. What remains unclear is how these websites are evaluating ICOs, and consequently how reliable and credible their evaluations are. In this paper we present the first findings of an analysis of a set of 28 ICO evaluation websites, aiming at revealing the state of the practice in terms of ICO evaluation. Key information about ICOs collected by these websites are categorised, and key factors that differentiate the evaluation mechanisms employed by these evaluation websites are identified. The findings of our study could help a better understanding of what entails to properly evaluate ICOs. It is also a first step towards discovering the key success factors of ICOs.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122170397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
Checking laws of the blockchain with property-based testing 通过基于属性的测试来检查区块链的规律
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-20 DOI: 10.1109/IWBOSE.2018.8327570
A. Chepurnoy, Mayank Rathee
{"title":"Checking laws of the blockchain with property-based testing","authors":"A. Chepurnoy, Mayank Rathee","doi":"10.1109/IWBOSE.2018.8327570","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327570","url":null,"abstract":"Inspired by the success of Bitcoin, many clients for the Bitcoin protocol as well as for alternative blockchain protocols have been implemented. However, implementations may contain errors, and the cost of an error in the case of a cryptocurrency can be extremely high. We propose to tackle this problem with a suite of abstract property tests that check whether a blockchain system satisfies laws that most blockchain and blockchain-like systems should satisfy. To test a new blockchain system, its developers need to instantiate generators of random objects to be used by the tests. The test suite then checks the satisfaction of the laws over many random cases. We provide examples of laws in the paper.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129319852","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
SmartInspect: solidity smart contract inspector SmartInspect:可靠的智能合约检查员
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-20 DOI: 10.1109/IWBOSE.2018.8327566
Santiago Bragagnolo, Henrique Rocha, M. Denker, Stéphane Ducasse
{"title":"SmartInspect: solidity smart contract inspector","authors":"Santiago Bragagnolo, Henrique Rocha, M. Denker, Stéphane Ducasse","doi":"10.1109/IWBOSE.2018.8327566","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327566","url":null,"abstract":"Solidity is a language used for smart contracts on the Ethereum blockchain. Smart contracts are embedded procedures stored with the data they act upon. Debugging smart contracts is a really difficult task since once deployed, the code cannot be reexecuted and inspecting a simple attribute is not easily possible because data is encoded. In this paper, we address the lack of inspectability of a deployed contract by analyzing contract state using decompilation techniques driven by the contract structure definition. Our solution, SmartInspect, also uses a mirror-based architecture to represent locally object responsible for the interpretation of the contract state. SmartInspect allows contract developers to better visualize and understand the contract stored state without needing to redeploy, nor develop any ad-hoc code.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130268077","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 69
The ICO phenomenon and its relationships with ethereum smart contract environment ICO现象及其与以太坊智能合约环境的关系
2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE) Pub Date : 2018-03-04 DOI: 10.1109/IWBOSE.2018.8327568
G. Fenu, Lodovica Marchesi, M. Marchesi, R. Tonelli
{"title":"The ICO phenomenon and its relationships with ethereum smart contract environment","authors":"G. Fenu, Lodovica Marchesi, M. Marchesi, R. Tonelli","doi":"10.1109/IWBOSE.2018.8327568","DOIUrl":"https://doi.org/10.1109/IWBOSE.2018.8327568","url":null,"abstract":"Initial Coin Offerings (ICO) are public offers of new cryptocurrencies in exchange of existing ones, aimed to finance projects in the blockchain development arena. In the last 8 months of 2017, the total amount gathered by ICOs exceeded 4 billion US$, and overcame the venture capital funnelled toward high tech initiatives in the same period. A high percentage of ICOs is managed through Smart Contracts running on Ethereum blockchain, and in particular to ERC-20 Token Standard Contract. In this work we examine 1387 ICOs, published on December 31, 2017 on icobench.com website, gathering information relevant to the assessment of their quality and software development management, including data on their development teams. We also study, at the same date, the financial data of 450 ICO tokens available on coinmarketcap.com website, among which 355 tokens are managed on Ethereum blochain. We define success criteria for the ICOs, based on the funds actually gathered, and on the behavior of the price of the related tokens, finding the factors that most likely influence the ICO success likeliness.","PeriodicalId":125618,"journal":{"name":"2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122272106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 120
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信