Top

Peer-to-Peer Networking and Applications

Published in:

12-01-2022

A survey on security in consensus and smart contracts

Authors: Xuelian Cao, Jianhui Zhang, Xuechen Wu, Bo Liu

Published in: Peer-to-Peer Networking and Applications | Issue 2/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Blockchain technology has evolved from a cryptocurrency-exclusive technique for direct transactions among distrusting users (i.e., Blockchain 1.0), into a general programming paradigm for building decentralized applications (i.e., Blockchain 2.0). That greatly expands the application domain of Blockchain 2.0 while importing much more security issues than Blockchain 1.0. Intensive research on the security of blockchain technology has been conducted, showing that security has become the most concerned topic in the blockchain realm, and consensus and smart contracts are the most vulnerable parts to be attacked. On account of this, we are concerned mainly in this review paper with security issues related to consensus and smart contracts. Different from previous surveys, this survey especially tries to provide a systematic and comprehensive view on the security of blockchain technology within consensus and smart contracts through the integral action-pathway from root causes, vulnerabilities, and attacks, to the consequences. Moreover, the proposed countermeasures to the security issues in consensus and smart contracts are also evaluated and discussed in a holistic manner. With our understanding of the surveyed methods, we believe that countermeasures should be proposed with full consideration of the causal relationships among causes, vulnerabilities, attacks, and consequences. We expect the current work can pave the way for a comprehensive understanding of how a security issue functions and where the undiscovered vulnerabilities and possible attacks hide, so as to systematically design the countermeasures.

previous article TontineCoin: Survivor-based Proof-of-Stake

next article Energy-effective artificial internet-of-things application deployment in edge-cloud systems

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7/

https://news.bitcoin.com/myetherwallet-servers-are-hijacked-in-dns-attack/

https://www.coindesk.com/crypto-51-attacks-etc

https://hacked.slowmist.io/

Details of the review process: https://docs.google.com/document/d/12iFGkrcprvD1Rzm6XMbQAMUnHMMzEePctfxax19ORoc?usp=sharing

References: https://docs.google.com/spreadsheets/d/1KuTZU-tTdd0UlRe9f9l3dcYoZFHEaabnSaYujK7DovU?usp=sharing

https://btc.com/stats/pool

https://www.coindesk.com/bitcoin-mining-detente-ghash-io-51-issue

http://www.harmonydag.com/

http://bitcoinfibre.org/

https://www.falcon-net.org/

The index number of a future block in which the transaction is likely to be mined.

https://github.com/kieranelby/KingOfTheEtherThrone/blob/v0:4:0/contracts/KingOfTheEtherThrone:sol

https://vyper.readthedocs.io/en/latest/?badge=latest

https://github.com/pirapira/bamboo

https://tezos.gitlab.io/whitedoc/michelson.html

https://solidity.readthedocs.io/en/v0.5.10/yul.html

https://github.com/crytic/echidna/

https://chain.link/

Kogure J, Kamakura K, Shima T (2017) Blockchain Technology for Next Generation ICT. Fujitsu Sci Tech J 53(5):56–61

Kagan J (2020) Financial Technology Fintech. https://www.investopedia.com/terms/f/fintech.asp. Accessed 29 Nov 2020

Berg C, Davidson S, Potts J (2019) Blockchain Technology as Economic Infrastructure: Revisiting the Electronic Markets Hypothesis. Frontiers in Blockchain 2:22CrossRef

Ko T, Lee J, Ryu D (2018) Blockchain Technology and Manufacturing Industry: Real-Time Transparency and Cost Savings. Sustainability 10(11):4274CrossRef

Nakamoto S (2008) Bitcoin : A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf. Accessed 29 Nov 2020

Yaga D, Mell P, Roby N, Scarfone K (2018) Blockchain technology overview. https://nvlpubs.nist.gov/nistpubs/ir/2018/NIST.IR.8202.pdf. Accessed 29 Nov 2020

Das P, Eckey L, Frassetto T, Gens D, Hostáková K, Jauernig P, Faust S, Sadeghi A (2019) FastKitten: Practical Smart Contracts on Bitcoin. In: 28th USENIX Security Symposium, USENIX Association, pp 801–818

Szabo N (1996) Smart Contracts : Building Blocks for Digital Markets. https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html. Accessed 29 Nov 2020

Zhu Y, Zhang X, Ju ZY, Wang C (2020) A study of blockchain technology development and military application prospects. J Phys: Conf Ser 1507

10.

Buterin V (2013) A Next-Generation Smart Contract and Decentralized Application Platform. https://ethereum.org/en/whitepaper/. Accessed 29 Nov 2020

11.

Johnson M, Jones M, Shervey M, Dudley JT, Zimmerman N (2019) Building a Secure Biomedical Data Sharing Decentralized App (DApp): Tutorial 21(10):e13601

12.

Davidson S, De Filippi P, Potts J (2016) Economics of Blockchain. http://www.ssrn.com/abstract=2744751. Accessed 29 Nov 2020

13.

Ali MS, Vecchio M, Pincheira M, Dolui K, Antonelli F, Rehmani MH (2019) Applications of Blockchains in the Internet of Things: A Comprehensive Survey 21(2):1676–1717

14.

Tan L, Shi N, Yu K, Aloqaily M, Jararweh Y (2021a) A Blockchain-empowered Access Control Framework for Smart Devices in Green Internet of Things. ACM Transactions on Internet Technology 21(3):80:1–80:20

15.

Yu K, Tan L, Aloqaily M, Yang H, Jararweh Y (2021) Blockchain-enhanced data sharing with traceable and direct revocation in iiot. IEEE Trans Industr Inf 17(11):7669–7678CrossRef

16.

Schar F (2020) Decentralized Finance: On Blockchain- and Smart Contract-based Financial Markets. https://papers.ssrn.com/abstract=3571335. Accessed 29 Nov 2020

17.

Kundu D (2019) Blockchain and Trust in a Smart City. Environ Urban ASIA 10(1):31–43CrossRef

18.

Singh P, Nayyar A, Kaur A, Ghosh U (2020) Blockchain and fog based architecture for internet of everything in smart cities. Future Internet 12(4):61CrossRef

19.

Tan L, Xiao H, Yu K, Aloqaily M, Jararweh Y (2021b) A blockchain-empowered crowdsourcing system for 5g-enabled smart cities. Computer Standards & Interfaces 76:103517

20.

Viriyasitavat W, Xu LD, Bi Z, Pungpapong V (2019) Blockchain and Internet of Things for Modern Business Process in Digital Economy the State of the Art. IEEE Trans Comput Soc Syst 6(6):1420–1432

21.

Frikha T, Chaabane F, Aouinti N, Cheikhrouhou O, Ben Amor N, Kerrouche A (2021) Implementation of Blockchain Consensus Algorithm on Embedded Architecture. Security and Communication Networks 2021

22.

Tayal A, Solanki A, Kondal R, Nayyar A, Tanwar S, Kumar N (2021) Blockchain-based efficient communication for food supply chain industry: Transparency and traceability analysis for sustainable business. Int J Commun Syst 34(4)

23.

Jiang Z, Cao Z, Krishnamachari B, Zhou S, Niu Z (2020) SENATE: A Permissionless Byzantine Consensus Protocol in Wireless Networks for Real-Time Internet-of-Things Applications. IEEE Internet Things J 7(7):6576–6588CrossRef

24.

McAfee (2018) Blockchain Threat Report. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-blockchain-security-risks.pdf. Accessed 30 Nov 2020

25.

Daian P (2016) Analysis of the DAO exploit. https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/. Accessed 29 Nov 2020

26.

Chen H, Pendleton M, Njilla L, Xu S (2020a) A Survey on Ethereum Systems Security: Vulnerabilities, Attacks, and Defenses. ACM Computing Surveys 53(3):67:1–67:43

27.

Cheng J, Xie L, Tang X, Xiong N, Liu B (2020) A survey of security threats and defense on Blockchain. In: Multimedia Tools and Applications, Springer

28.

Homoliak I, Venugopalan S, Reijsbergen D, Hum Q, Schumi R, Szalachowski P (2021) The Security Reference Architecture for Blockchains: Towards a Standardized Model for Studying Vulnerabilities, Threats, and Defenses. IEEE Communications Surveys & Tutorials 23(1):341–390CrossRef

29.

Samreen NF, Alalfi MH (2021) A Survey of Security Vulnerabilities in Ethereum Smart Contracts. CoRR abs/2105.06974

30.

Zaghloul E, Li T, Mutka M, Ren J (2020) Bitcoin and Blockchain: Security and Privacy. IEEE Internet Things J 7(10):10288–10313CrossRef

31.

Kolb J, AbdelBaky M, Katz RH, Culler DE (2020) Core Concepts, Challenges, and Future Directions in Blockchain: A Centralized Tutorial. ACM Computing Surveys 53(1):9:1–9:39

32.

Wang Z, Jin H, Dai W, Choo KR, Zou D (2021) Ethereum smart contract security research: survey and future research opportunities. Front Comp Sci 15(2)

33.

Dasgupta D, Shrein JM, Gupta KD (2019) A survey of blockchain from security perspective. J Bank Financial Tech 3(1):1–17CrossRef

34.

Leng J, Zhou M, Zhao JL, Huang Y, Bian Y (2021) Blockchain Security: A Survey of Techniques and Research Directions. IEEE Trans Serv Comput 51(1):237–252

35.

Saad M, Spaulding J, Njilla L, Kamhoua CA, Shetty S, Nyang D, Mohaisen A (2020) Exploring the Attack Surface of Blockchain: A Comprehensive Survey. IEEE Communications Surveys & Tutorials 22(3):1977–2008CrossRef

36.

Zhang R, Xue R, Liu L (2019) Security and Privacy on Blockchain. ACM Computing Surveys 52(3):51:1–51:34

37.

Kim S, Ryu S (2020) Analysis of Blockchain Smart Contracts: Techniques and Insights. In: IEEE Secure Development (SecDev), IEEE, pp 65–73

38.

Tolmach P, Li Y, Lin S, Liu Y, Li Z (2021) A Survey of Smart Contract Formal Specification and Verification. ACM Computing Surveys 54(7):141:1–141:38

39.

Dotan M, Pignolet YA, Schmid S, Tochner S, Zohar A (2021) Survey on Blockchain Networking: Context, State-of-the-Art, Challenges. ACM Computing Surveys 54(5):107:1–107:34

40.

Li D, Deng L, Gupta BB, Wang H, Choi C (2019a) A novel CNN based security guaranteed image watermarking generation scenario for smart city applications. Information Sciences 479:432–447

41.

Schollmeier R (2001) A Definition of Peer-to-Peer Networking for the Classification of Peer-to-Peer Architectures and Applications. In: 1st International Conference on Peer-to-Peer Computing (P2P), IEEE Computer Society, pp 101–102

42.

Donet Donet JA, Pérez-Solà C, Herrera-Joancomartí J (2014) The Bitcoin P2P Network. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 8438, pp 87–102

43.

Jain S, Mahajan R, Wetherall D (2003) A Study of the Performance Potential of DHT-based Overlays. In: 4th USENIX Symposium on Internet Technologies and Systems (USITS), USENIX Association

44.

Lamport L, Shostak R, Pease M (1982) The Byzantine Generals Problem. ACM Trans Program Lang Syst 4(3):382–401CrossRef

45.

Satoshi N (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf. Accessed 29 Nov 2020

46.

Castro M, Liskov B (2002) Practical byzantine fault tolerance and proactive recovery. ACM Trans Comp Syst 20(4):398–461CrossRef

47.

Bano S, Sonnino A, Al-Bassam M, Azouvi S, McCorry P, Meiklejohn S, Danezis G (2019) SoK: Consensus in the Age of Blockchains. In: Proceedings of the 1st ACM Conference on Advances in Financial Technologies (AFT), ACM, pp 183–198

48.

Szabo N (1997) Formalizing and Securing Relationships on Public Networks. First Monday 2(9)

49.

Grishchenko I, Maffei M, Schneidewind C (2018a) A Semantic Framework for the Security Analysis of Ethereum Smart Contracts. In: Principles of Security and Trust (POST), Springer, Lecture Notes in Computer Science, vol 10804, pp 243–269

50.

Grishchenko I, Maffei M, Schneidewind C (2018b) Foundations and Tools for the Static Analysis of Ethereum Smart Contracts. In: International Conference on Computer Aided Verification (CAV), Springer, Lecture Notes in Computer Science, vol 10981, pp 51–78

51.

Harz D, Knottenbelt WJ (2018) Towards Safer Smart Contracts: A Survey of Languages and Verification Methods. CoRR abs/1809.09805

52.

Schneidewind C, Grishchenko I, Scherer M, Maffei M (2020) eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts. In: ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 621–640

53.

Luu L, Chu DH, Olickel H, Saxena P, Hobor A (2016) Making Smart Contracts Smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 254–269

54.

Zupan N, Kasinathan P, Cuellar J, Sauer M (2020) Secure Smart Contract Generation Based on Petri Nets. In: Blockchain Technology for Industry 4.0: Secure, Decentralized, Distributed and Trusted Industry Environment, Springer, pp 73–98

55.

Wang S, Zhang C, Su Z (2019a) Detecting nondeterministic payment bugs in Ethereum smart contracts. Proceedings of the ACM on Programming Languages 3(OOPSLA):189:1–189:29

56.

Bartoletti M, Zunino R (2019) Verifying Liquidity of Bitcoin Contracts. In: Principles of Security and Trust (POST), Springer, Lecture Notes in Computer Science, vol 11426, pp 222–247

57.

Nikolic I, Kolluri A, Sergey I, Saxena P, Hobor A (2018) Finding The Greedy, Prodigal, and Suicidal Contracts at Scale. In: Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC), ACM, pp 653–663

58.

Tsankov P, Dan AM, Drachsler-Cohen D, Gervais A, Bünzli F, Vechev MT (2018) Securify: Practical Security Analysis of Smart Contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 67–82

59.

Bhargavan K, Delignat-Lavaud A, Fournet C, Gollamudi A, Gonthier G, Kobeissi N, Kulatova N, Rastogi A, Sibut-Pinote T, Swamy N, Béguelin SZ (2016) Formal Verification of Smart Contracts: Short Paper. In: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, ACM, pp 91–96

60.

Chen T, Li X, Luo X, Zhang X (2017) Under-optimized smart contracts devour your money. 24th International Conference on Software Analysis. IEEE Computer Society, Evolution and Reengineering (SANER), pp 442–446

61.

Grech N, Kong M, Jurisevic A, Brent L, Scholz B, Smaragdakis Y (2018) MadMax: surviving out-of-gas conditions in Ethereum smart contracts. Proceedings of the ACM on Programming Languages 2(OOPSLA):116:1–116:27

62.

Douceur JR (2002) The Sybil Attack. Peer-to-Peer Systems, Springer, Lecture Notes in Computer Science 2429:251–260CrossRef

63.

Carrara G, Burle L, Medeiros D, Albuquerque C, Menezes D (2020) Consistency, availability, and partition tolerance in blockchain: a survey on the consensus mechanism over peer-to-peer networking. Ann Telecommun 75:163–174CrossRef

64.

Ekparinya P, Gramoli V, Jourjon G (2020) The Attack of the Clones Against Proof-of-Authority. In: 27th Annual Network and Distributed System Security Symposium (NDSS), The Internet Society

65.

Heilman E, Kendler A, Zohar A, Goldberg S (2015) Eclipse Attacks on Bitcoin’s Peer-to-Peer Network. In: Proceedings of the 24th USENIX Conference on Security Symposium, USENIX Association, pp 129–144

66.

Wiki B (2018) Confirmation. https://en.bitcoin.it/wiki/Confirmation. Accessed 29 Nov 2020

67.

Eyal I, Sirer EG (2014) Majority Is Not Enough: Bitcoin Mining Is Vulnerable. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 8437, pp 436–454

68.

Apostolaki M, Zohar A, Vanbever L (2017) Hijacking Bitcoin: Routing Attacks on Cryptocurrencies. In: IEEE Symposium on Security and Privacy (SP), IEEE Computer Society, pp 375–392

69.

Ekparinya P, Gramoli V, Jourjon G (2018) Impact of Man-In-The-Middle Attacks on Ethereum. In: 37th IEEE Symposium on Reliable Distributed Systems (SRDS), IEEE Computer Society, pp 11–20

70.

Natoli C, Gramoli V (2017) The Balance Attack or Why Forkable Blockchains are Ill-Suited for Consortium. In: 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), IEEE Computer Society, pp 579–590

71.

Baumann A, Fabian B, Lischke M (2014) Exploring the Bitcoin Network. In: Proceedings of the 10th International Conference on Web Information Systems and Technologies (WEBIST), SciTePress, vol 1, pp 369–374

72.

Houy N (2016) The Bitcoin Mining Game. Ledger 1:53–68

73.

Xiao Y, Zhang N, Lou W, Hou YT (2020) Modeling the Impact of Network Connectivity on Consensus Security of Proof-of-Work Blockchain. In: 39th IEEE Conference on Computer Communications (INFOCOM), IEEE, pp 1648–1657

74.

Xiong Z, Feng S, Niyato D, Wang P, Han Z (2018) Optimal Pricing-Based Edge Computing Resource Management in Mobile Blockchain. In: IEEE International Conference on Communications (ICC), IEEE, pp 1–6

75.

Eyal I (2015) The Miner’s Dilemma. In: IEEE Symposium on Security and Privacy (SP), IEEE Computer Society, pp 89–103

76.

Draupnir M (2016) Bitcoin Mining Centralization. https://www.bitcoinmining.com/bitcoin-mining-centr-alization/. Accessed 29 Nov 2020

77.

Sapirshtein A, Sompolinsky Y, Zohar A (2016) Optimal Selfish Mining Strategies in Bitcoin. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 9603, pp 515–532

78.

Szalachowski P, Reijsbergen D, Homoliak I, Sun S (2019) StrongChain: Transparent and Collaborative Proof-of-Work Consensus. In: 28th USENIX Security Symposium, USENIX Association, pp 819–836

79.

Tsabary I, Eyal I (2018) The Gap Game. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 713–728

80.

Nayak K, Kumar S, Miller A, Shi E (2016) Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack. In: IEEE European Symposium on Security and Privacy (EuroS&P), IEEE, pp 305–320

81.

Dong X, Wu F, Faree A, Guo D, Shen Y, Ma J (2019) Selfholding: A combined attack model using selfish mining with block withholding attack. Computer & Security 87

82.

Kwon Y, Kim D, Son Y, Vasserman EY, Kim Y (2017) Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 195–209

83.

Sompolinsky Y, Zohar A (2016) Bitcoin’s Security Model Revisited. CoRR abs/1605.09193

84.

Churyumov A (2016) Byteball: A decentralized system for storage and transfer of value. https://byteball.org/Byteball.pdf. Accessed 29 Nov 2020

85.

COTI (2018) COTI: a decentralized, high performance cryptocurrency ecosystem optimized for creating digital payment networks and stable coins. https://coti.io/files/COTI-technical-whitepaper.pdf. Accessed 29 Nov 2020

86.

Garay JA, Kiayias A, Leonardos N (2015) The Bitcoin Backbone Protocol: Analysis and Applications. In: Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II, Springer, Lecture Notes in Computer Science, vol 9057, pp 281–310

87.

Negy KA, Rizun PR, Sirer EG (2020) Selfish Mining Re-Examined. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 12059, pp 61–78

88.

Zhang R, Preneel B (2019) Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols’ Security. In: IEEE Symposium on Security and Privacy (S&P), IEEE, pp 175–192

89.

Tran M, Choi I, Moon GJ, Vu AV, Kang MS (2020) A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network. In: IEEE Symposium on Security and Privacy (S&P), IEEE, pp 894–909

90.

Alangot B, Reijsbergen D, Venugopalan S, Szalachowski P (2020) Decentralized Lightweight Detection of Eclipse Attacks on Bitcoin Clients. In: IEEE International Conference on Blockchain, IEEE, pp 337–342

91.

Apostolaki M, Marti G, Müller J, Vanbever L (2019) SABRE: Protecting Bitcoin against Routing Attacks. In: 26th Annual Network and Distributed System Security Symposium (NDSS), The Internet Society

92.

Luu L, Velner Y, Teutsch J, Saxena P (2017) SmartPool: Practical Decentralized Pooled Mining. In: 26th USENIX Security Symposium, USENIX Association, pp 1409–1426

93.

Dey S (2018) Securing Majority-Attack in Blockchain Using Machine Learning and Algorithmic Game Theory: A Proof of Work. In: 10th Computer Science and Electronic Engineering Conference (CEEC), IEEE, pp 7–10

94.

Wang Y, Tang C, Lin F, Zheng Z, Chen Z (2019b) Pool Strategies Selection in PoW-Based Blockchain Networks: Game-Theoretic Analysis. IEEE Access 7:8427–8436

95.

Chicarino VRL, Albuquerque C, Jesus EF, de A Rocha AA (2020) On the detection of selfish mining and stalker attacks in blockchain networks. Annals of Telecommunications 75(3–4), 143–152

96.

Hou C, Zhou M, Ji Y, Daian P, Tramèr F, Fanti G, Juels A (2021) SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Reinforcement Learning. In: 28th Annual Network and Distributed System Security Symposium (NDSS), The Internet Society

97.

Saad M, Njilla L, Kamhoua CA, Mohaisen A (2019) Countering Selfish Mining in Blockchains. International Conference on Computing. Networking and Communications (ICNC), IEEE, pp 360–364

98.

Buchman E, Kwon J, Milosevic Z (2018) The latest gossip on BFT consensus. CoRR abs/1807.04938

99.

Kokoris-Kogias E, Jovanovic P, Gailly N, Khoffi I, Gasser L, Ford B (2016) Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing. In: 25th USENIX Security Symposium, USENIX Association, pp 279–296

100.

Lerner SD (2015) DECOR+HOP: A Scalable Blockchain Protocol. https://scalingbitcoin.org/papers/DECOR-HOP.pdf. Accessed 29 Nov 2020

101.

Eyal I, Sirer EG (2018) Majority is not enough: bitcoin mining is vulnerable. Commun ACM 61(7):95–102CrossRef

102.

Pass R, Shi E (2017) FruitChains: A Fair Blockchain. In: Proceedings of the ACM Symposium on Principles of Distributed Computing (PODC), ACM, pp 315–324

103.

Bissias G, Levine BN (2020) Bobtail: Improved Blockchain Security with Low-Variance Mining. In: 27th Annual Network and Distributed System Security Symposium (NDSS), The Internet Society

104.

Camacho P, Lerner SD (2016) DECOR+LAMI: A Scalable Blockchain Protocol. https://scalingbitcoin.org/papers/DECOR-LAMI.pdf. Accessed 29 Nov 2020

105.

Zhang R, Preneel B (2017) Publish or Perish: A Backward-Compatible Defense Against Selfish Mining in Bitcoin. In: Handschuh H (ed) Cryptographers’ Track at the RSA Conference (CT-RSA), Springer, Lecture Notes in Computer Science, vol 10159, pp 277–292

106.

Atzei N, Bartoletti M, Cimoli T (2017) A Survey of Attacks on Ethereum Smart Contracts (SoK). Principles of Security and Trust, Springer, Lecture Notes in Computer Science 10204:164–186CrossRef

107.

Pérez D, Livshits B (2019) Smart Contract Vulnerabilities: Does Anyone Care? CoRR abs/1902.06710

108.

Cachin C (2016) Architecture of the Hyperledger Blockchain Fabric. https://www.zurich.ibm.com/dccl/papers/cachin_dcc-l.pdf. Accessed 29 Nov 2020

109.

Sergey I, Nagaraj V, Johannsen J, Kumar A, Trunov A, Hao KCG (2019) Safer smart contract programming with Scilla. Proceedings of the ACM on Programming Languages 3(OOPSLA):185:1–185:30

110.

Alois J (2017) Ethereum Parity Hack May Impact ETH 500,000 or $146 Million. https://www.crowdfundinsider.com/2017/11/124200-ethereum-parity-hack-may-impact-eth-500000-146-million/. Accessed 29 Nov 2020

111.

Fu Y, Ren M, Ma F, Shi H, Yang X, Jiang Y, Li H, Shi X (2019) EVMFuzzer: detect EVM vulnerabilities via fuzz testing. In: Proceedings of the ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM, pp 1110–1114

112.

Sotnichek M (2018) Blockchain vulnerabilities: Fomo3D exploit explained. https://www.apriorit.com/dev-blog/556-fomo3d-vulne-rability. Accessed 29 Nov 2020

113.

Ethereum (2018) Ethereum Virtual Machine (EVM) Implementations. https://eth.wiki/concepts/evm/implementations. Accessed 29 Nov 2020

114.

Alharby M, van Moorsel A (2017) Blockchain-based Smart Contracts: A Systematic Mapping Study. CoRR abs/1710.06372

115.

Zhang F, Cecchetti E, Croman K, Juels A, Shi E (2016) Town Crier: An Authenticated Data Feed for Smart Contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 270–282

116.

Schrans F, Eisenbach S, Drossopoulou S (2018) Writing safe smart contracts in Flint. In: Conference Companion of the 2nd International Conference on Art, Science, and Engineering of Programming, ACM, pp 218–219

117.

Blackshear S, Dill DL, Qadeer S, Barrett CW, Mitchell JC, Padon O, Zohar Y (2020) Resources: A Safe Language Abstraction for Money. CoRR abs/2004.05106

118.

Wood G (2014) Ethereum: a secure decentralised generalised transaction ledger. http://gavwood.com/paper.pdf. Accessed 29 Nov 2020

119.

Sergey I, Kumar A, Hobor A (2018a) Scilla: a Smart Contract Intermediate-Level LAnguage. CoRR abs/1801.00687

120.

Bernardo B, Cauderlier R, Pesin B, Tesson J (2020) Albert, An Intermediate Smart-Contract Language for the Tezos Blockchain. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 12063, pp 584–598

121.

Albert E, Gordillo P, Livshits B, Rubio A, Sergey I (2018) EthIR: A Framework for High-Level Analysis of Ethereum Bytecode. In: Automated Technology for Verification and Analysis (ATVA), Springer, Lecture Notes in Computer Science, vol 11138, pp 513–520

122.

Kasampalis T, Guth D, Moore BM, Serbanuta T, Zhang Y, Filaretti D, Serbanuta VN, Johnson R, Rosu G (2019) IELE: A Rigorously Designed Language and Tool Ecosystem for the Blockchain. In: International Symposium on Formal Methods (FM), Springer, Lecture Notes in Computer Science, vol 11800, pp 593–610

123.

Li X, Shi Z, Zhang Q, Wang G, Guan Y, Han N (2019b) Towards Verifying Ethereum Smart Contracts at Intermediate Language Level. In: 21st International Conference on Formal Engineering Methods (ICFEM), Springer, Lecture Notes in Computer Science, vol 11852, pp 121–137

124.

Cadar C, Sen K (2013) Symbolic execution for software testing: three decades later. Commun ACM 56(2):82–90CrossRef

125.

Feng Y, Torlak E, Bodík R (2019) Precise Attack Synthesis for Smart Contracts. CoRR abs/1902.06067

126.

Permenev A, Dimitrov D, Tsankov P, Drachsler-Cohen D, Vechev MT (2020) VerX: Safety Verification of Smart Contracts. In: IEEE Symposium on Security and Privacy (S&P), IEEE, pp 1661–1677

127.

Chang J, Gao B, Xiao H, Sun J, Cai Y, Yang Z (2019) sCompile: Critical Path Identification and Analysis for Smart Contracts. In: 21st International Conference on Formal Engineering Methods (ICFEM), Springer, Lecture Notes in Computer Science, vol 11852, pp 286–304

128.

Mossberg M, Manzano F, Hennenfent E, Groce A, Grieco G, Feist J, Brunson T, Dinaburg A (2019) Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts. In: 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), IEEE, pp 1186–1189

129.

Nehai Z, Piriou P, Daumas FF (2018) Model-Checking of Smart Contracts. IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber. Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), IEEE, pp 980–987

130.

Nelaturu K, Mavridou A, Veneris A, Laszka A (2020) Verified Development and Deployment of Multiple Interacting Smart Contracts with VeriSolid. In: International Conference on Blockchain and Cryptocurrency (ICBC), IEEE, pp 1–9

131.

Osterland T, Rose T (2020) Model checking smart contracts for Ethereum. Pervasive Mob Comput 63

132.

Kongmanee J, Kijsanayothin P, Hewett R (2019) Securing Smart Contracts in Blockchain. In: 34th IEEE/ACM International Conference on Automated Software Engineering (ASE) Workshops, IEEE, pp 69–76

133.

Amani S, Bégel M, Bortin M, Staples M (2018) Towards verifying ethereum smart contract bytecode in Isabelle/HOL. In: Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs, ACM, pp 66–77

134.

Bernardo B, Cauderlier R, Hu Z, Pesin B, Tesson J (2019) Mi-Cho-Coq, a Framework for Certifying Tezos Smart Contracts. In: International Symposium on Formal Methods (FM), Springer, Lecture Notes in Computer Science, vol 12232, pp 368–379

135.

Nielsen JB, Spitters B (2019) Smart Contract Interactions in Coq. In: International Symposium on Formal Methods (FM), Springer, Lecture Notes in Computer Science, vol 12232, pp 380–391

136.

Sergey I, Kumar A, Hobor A (2018b) Temporal Properties of Smart Contracts. In: Leveraging Applications of Formal Methods, Verification and Validation, Springer, Lecture Notes in Computer Science, vol 11247, pp 323–338

137.

da Horta LPA, Reis JS, Pereira M, de Sousa SM (2020) WhylSon: Proving your Michelson Smart Contracts in Why3. CoRR abs/2005.14650

138.

Lahiri SK, Chen S, Wang Y, Dillig I (2018) Formal Specification and Verification of Smart Contracts for Azure Blockchain. CoRR abs/1812.08829

139.

Ahrendt W, Bubel R, Ellul J, Pace GJ, Pardo R, Rebiscoul V, Schneider G (2019) Verification of Smart Contract Business Logic - Exploiting a Java Source Code Verifier. In: Fundamentals of Software Engineering (FSEN), Springer, Lecture Notes in Computer Science, vol 11761, pp 228–243

140.

Park D, Zhang Y, Saxena M, Daian P, Rosu G (2018) A formal verification tool for Ethereum VM bytecode. In: Proceedings of the 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM, pp 912–915

141.

Brent L, Grech N, Lagouvardos S, Scholz B, Smaragdakis Y (2020) Ethainter: a smart contract security analyzer for composite vulnerabilities. In: Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI), ACM, pp 454–469

142.

Feist J, Grieco G, Groce A (2019) Slither: a static analysis framework for smart contracts. In: Proceedings of the 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), IEEE, pp 8–15

143.

Ellul J, Pace GJ (2018) Runtime Verification of Ethereum Smart Contracts. In: 14th European Dependable Computing Conference (EDCC), IEEE Computer Society, pp 158–163

144.

Chen T, Cao R, Li T, Luo X, Gu G, Zhang Y, Liao Z, Zhu H, Chen G, He Z, Tang Y, Lin X, Zhang X (2020c) SODA: A Generic Online Detection Framework for Smart Contracts. In: 27th Annual Network and Distributed System Security Symposium (NDSS), The Internet Society

145.

Torres CF, Baden M, Norvill R, Jonker H (2019) ÆGIS: Smart Shielding of Smart Contracts. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 2589–2591

146.

Jiang B, Liu Y, Chan WK (2018) ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE), ACM, pp 259–269

147.

Liu C, Liu H, Cao Z, Chen Z, Chen B, Roscoe B (2018) ReGuard: finding reentrancy bugs in smart contracts. In: Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings (ICSE), ACM, pp 65–68

148.

Nguyen TD, Pham LH, Sun J, Lin Y, Minh QT (2020) sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts. In: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering (ICSE), ACM, p 778-788

149.

Viglianisi E, Ceccato M, Tonella P (2020) A federated society of bots for smart contract testing. J Syst Softw 168

150.

Zhang Q, Wang Y, Li J, Ma S (2020) EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts. 27th IEEE Int Conf Soft Anal. Evolution and Reengineering (SANER), IEEE, pp 116–126

151.

Chen J, Xia X, Lo D, Grundy JC (2020b) Why Do Smart Contracts Self-Destruct? Investigating the Selfdestruct Function on Ethereum. CoRR abs/2005.07908

152.

Gao Z, Jayasundara V, Jiang L, Xia X, Lo D, Grundy JC (2019) SmartEmbed: A Tool for Clone and Bug Detection in Smart Contracts through Structural Code Embedding. In: International Conference on Software Maintenance and Evolution (ICSME), IEEE, pp 394–397

153.

Wang W, Song J, Xu G, Li Y, Wang H, Su C (2021) ContractWard: Automated Vulnerability Detection Models for Ethereum Smart Contracts. IEEE Trans Netw Sci Eng 8(2):1133–1144CrossRef

154.

Chatterjee K, Goharshady AK, Velner Y (2018) Quantitative Analysis of Smart Contracts. Programming Languages and Systems, Springer, Lecture Notes in Computer Science 10801:739–767CrossRef

155.

Laneve C, Coen CS, Veschetti A (2019) On the Prediction of Smart Contracts’ Behaviours. From Software Engineering to Formal Methods and Tools, and Back, Springer, Lecture Notes in Computer Science 11865:397–415MathSciNetCrossRef

156.

Adler J, Berryhill R, Veneris AG, Poulos Z, Veira N, Kastania A (2018) Astraea: A Decentralized Blockchain Oracle. IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber. Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), IEEE, pp 1145–1152

157.

Biryukov A, Khovratovich D, Tikhomirov S (2017) Findel: Secure Derivative Contracts for Ethereum. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 10323, pp 453–467

158.

Seijas PL, Nemish A, Smith D, Thompson SJ (2020) Marlowe: Implementing and Analysing Financial Contracts on Blockchain. In: Financial Cryptography and Data Security (FC), Springer, Lecture Notes in Computer Science, vol 12063, pp 496–511

159.

Yu XL, Al-Bataineh OI, Lo D, Roychoudhury A (2020) Smart Contract Repair. ACM Transactions on Software Engineering and Methodology 29(4):27:1–27:32

160.

He J, Balunovic M, Ambroladze N, Tsankov P, Vechev MT (2019) Learning to Fuzz from Symbolic Execution with Application to Smart Contracts. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, pp 531–548

161.

Liu Y, Li Y, Lin S, Zhao R (2020) Towards automated verification of smart contract fairness. In: 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), ACM, pp 666–677

Title: A survey on security in consensus and smart contracts
Authors: Xuelian Cao
Jianhui Zhang
Xuechen Wu
Bo Liu
Publication date: 12-01-2022
Publisher: Springer US
Published in: Peer-to-Peer Networking and Applications / Issue 2/2022
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-021-01268-2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2022

TontineCoin: Survivor-based Proof-of-Stake

Energy-effective artificial internet-of-things application deployment in edge-cloud systems

Updatable privacy-preserving -nearest neighbor query in location-based s-ervice

EEOMA: End-to-end oriented management architecture for 6G-enabled drone communications

SynergyGrids: blockchain-supported distributed microgrid energy trading

Relay selection and power allocation for energy-load efficient network-coded cooperative unicast D2D communications

Premium Partner