Saved in:
Bibliographic Details
Main Authors: Wei, Zhiyuan, Zhang, Xianhao, Sun, Jing, Zhang, Zijian, Zhu, Liehuang
Format: Preprint
Published: 2023
Subjects:
Online Access:https://arxiv.org/abs/2310.20212
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866910738252038144
author Wei, Zhiyuan
Zhang, Xianhao
Sun, Jing
Zhang, Zijian
Zhu, Liehuang
author_facet Wei, Zhiyuan
Zhang, Xianhao
Sun, Jing
Zhang, Zijian
Zhu, Liehuang
contents Blockchain smart contracts have emerged as a transformative force in the digital realm, spawning a diverse range of compelling applications. Since solidity smart contracts across various domains manage trillions of dollars in virtual coins, they become a prime target for attacks. One of the primary challenges is keeping abreast of the latest techniques and tools for developing secure smart contracts and examining those already deployed. In this paper, we seek to address these challenges from four aspects: (1) We begin by examining ten automatic tools, specifically focusing on their methodologies and their ability to identify vulnerabilities in solidity smart contracts. (2) We propose a novel criterion for evaluating these tools, based on the ISO/IEC 25010 standard. (3) To facilitate the evaluation of the selected tools, we construct a benchmark that encompasses two distinct datasets: a collection of 389 labelled smart contracts and a scaled set of 20,000 unique cases from real-world contracts. (4) We provide a comparison of the selected tools, offering insights into their strengths and weaknesses and highlighting areas where further improvements are needed. Through this evaluation, we hope to provide developers and researchers with valuable guidance on selecting and using smart contract analysis tools and contribute to the ongoing efforts to improve the security and reliability of smart contracts.
format Preprint
id arxiv_https___arxiv_org_abs_2310_20212
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle A Comparative Evaluation of Automated Analysis Tools for Solidity Smart Contracts
Wei, Zhiyuan
Zhang, Xianhao
Sun, Jing
Zhang, Zijian
Zhu, Liehuang
Distributed, Parallel, and Cluster Computing
Blockchain smart contracts have emerged as a transformative force in the digital realm, spawning a diverse range of compelling applications. Since solidity smart contracts across various domains manage trillions of dollars in virtual coins, they become a prime target for attacks. One of the primary challenges is keeping abreast of the latest techniques and tools for developing secure smart contracts and examining those already deployed. In this paper, we seek to address these challenges from four aspects: (1) We begin by examining ten automatic tools, specifically focusing on their methodologies and their ability to identify vulnerabilities in solidity smart contracts. (2) We propose a novel criterion for evaluating these tools, based on the ISO/IEC 25010 standard. (3) To facilitate the evaluation of the selected tools, we construct a benchmark that encompasses two distinct datasets: a collection of 389 labelled smart contracts and a scaled set of 20,000 unique cases from real-world contracts. (4) We provide a comparison of the selected tools, offering insights into their strengths and weaknesses and highlighting areas where further improvements are needed. Through this evaluation, we hope to provide developers and researchers with valuable guidance on selecting and using smart contract analysis tools and contribute to the ongoing efforts to improve the security and reliability of smart contracts.
title A Comparative Evaluation of Automated Analysis Tools for Solidity Smart Contracts
topic Distributed, Parallel, and Cluster Computing
url https://arxiv.org/abs/2310.20212