基于常见漏洞的Vyper与Solidity安全性比较

2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS) Pub Date : 2020-03-16 DOI:10.1109/BRAINS49436.2020.9223278

Mudabbir Kaleem, Aron Laszka

{"title":"基于常见漏洞的Vyper与Solidity安全性比较","authors":"Mudabbir Kaleem, Aron Laszka","doi":"10.1109/BRAINS49436.2020.9223278","DOIUrl":null,"url":null,"abstract":"Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system’s inception. Vyper aims to address these vulnerabilities by providing a language that focuses on simplicity, auditability and security. We present a survey where we study how well-known and commonly-encountered vulnerabilities in Solidity feature in Vyper’s development environment. We analyze all such vulnerabilities individually and classify them into five groups based on their status in Vyper. To the best of our knowledge, our survey is the first attempt to study security vulnerabilities in Vyper.","PeriodicalId":315392,"journal":{"name":"2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"Vyper: A Security Comparison with Solidity Based on Common Vulnerabilities\",\"authors\":\"Mudabbir Kaleem, Aron Laszka\",\"doi\":\"10.1109/BRAINS49436.2020.9223278\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system’s inception. Vyper aims to address these vulnerabilities by providing a language that focuses on simplicity, auditability and security. We present a survey where we study how well-known and commonly-encountered vulnerabilities in Solidity feature in Vyper’s development environment. We analyze all such vulnerabilities individually and classify them into five groups based on their status in Vyper. To the best of our knowledge, our survey is the first attempt to study security vulnerabilities in Vyper.\",\"PeriodicalId\":315392,\"journal\":{\"name\":\"2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-03-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/BRAINS49436.2020.9223278\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BRAINS49436.2020.9223278","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 17

摘要

由于自系统成立以来，在用Solidity编写的合同中出现了许多安全漏洞和攻击，因此Vyper被提议作为以太坊智能合约开发的新高级语言。Vyper旨在通过提供一种专注于简单性、可审计性和安全性的语言来解决这些漏洞。我们提出了一项调查，我们研究了Solidity中众所周知的和常见的漏洞在Vyper的开发环境中的特点。我们单独分析了所有这些漏洞，并根据它们在Vyper中的地位将它们分为五组。据我们所知，我们的调查是第一次尝试研究Vyper的安全漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Vyper: A Security Comparison with Solidity Based on Common Vulnerabilities

Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system’s inception. Vyper aims to address these vulnerabilities by providing a language that focuses on simplicity, auditability and security. We present a survey where we study how well-known and commonly-encountered vulnerabilities in Solidity feature in Vyper’s development environment. We analyze all such vulnerabilities individually and classify them into five groups based on their status in Vyper. To the best of our knowledge, our survey is the first attempt to study security vulnerabilities in Vyper.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS)

自引率

0.00%

发文量