C. DeCusatis, Brian Gormanly, John Iacino, Reed Percelay, Alex Pingue, Justin Valdez
{"title":"智能合约网络安全测试平台","authors":"C. DeCusatis, Brian Gormanly, John Iacino, Reed Percelay, Alex Pingue, Justin Valdez","doi":"10.3390/cryptography7010015","DOIUrl":null,"url":null,"abstract":"Blockchain, smart contracts, and related concepts have emerged in recent years as a promising technology for cryptocurrency, NFTs, and other areas. However, there are still many security issues that must be addressed as these technologies evolve. This paper reviews some of the leading social engineering attacks on smart contracts, as well as several vulnerabilities which result from insecure code development. A smart contract test bed is constructed using Solidity and a Metamask wallet to evaluate vulnerabilities such as insecure arithmetic, denial of service, and re-entrancy attacks. Cross-chain vulnerabilities and potential vulnerabilities resulting from layer 2 side-chain processing were also investigated. Mitigation best practices are proposed based on the experimental results.","PeriodicalId":13186,"journal":{"name":"IACR Trans. Cryptogr. Hardw. Embed. Syst.","volume":"24 1","pages":"15"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Cybersecurity Test Bed for Smart Contracts\",\"authors\":\"C. DeCusatis, Brian Gormanly, John Iacino, Reed Percelay, Alex Pingue, Justin Valdez\",\"doi\":\"10.3390/cryptography7010015\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Blockchain, smart contracts, and related concepts have emerged in recent years as a promising technology for cryptocurrency, NFTs, and other areas. However, there are still many security issues that must be addressed as these technologies evolve. This paper reviews some of the leading social engineering attacks on smart contracts, as well as several vulnerabilities which result from insecure code development. A smart contract test bed is constructed using Solidity and a Metamask wallet to evaluate vulnerabilities such as insecure arithmetic, denial of service, and re-entrancy attacks. Cross-chain vulnerabilities and potential vulnerabilities resulting from layer 2 side-chain processing were also investigated. Mitigation best practices are proposed based on the experimental results.\",\"PeriodicalId\":13186,\"journal\":{\"name\":\"IACR Trans. Cryptogr. Hardw. Embed. Syst.\",\"volume\":\"24 1\",\"pages\":\"15\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-03-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IACR Trans. Cryptogr. Hardw. Embed. Syst.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/cryptography7010015\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Trans. Cryptogr. Hardw. Embed. Syst.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/cryptography7010015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Blockchain, smart contracts, and related concepts have emerged in recent years as a promising technology for cryptocurrency, NFTs, and other areas. However, there are still many security issues that must be addressed as these technologies evolve. This paper reviews some of the leading social engineering attacks on smart contracts, as well as several vulnerabilities which result from insecure code development. A smart contract test bed is constructed using Solidity and a Metamask wallet to evaluate vulnerabilities such as insecure arithmetic, denial of service, and re-entrancy attacks. Cross-chain vulnerabilities and potential vulnerabilities resulting from layer 2 side-chain processing were also investigated. Mitigation best practices are proposed based on the experimental results.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
