In Code We Trust? Measuring the Control Flow Immutability of All Smart Contracts Deployed on Ethereum

被引：39

作者：

Froewis, Michael ^{[1
]}

Boehme, Rainer ^{[1
]}

机构：

[1] Univ Innsbruck, Dept Comp Sci, Innsbruck, Austria

来源：

DATA PRIVACY MANAGEMENT, CRYPTOCURRENCIES AND BLOCKCHAIN TECHNOLOGY | 2017年 / 10436卷

基金：

欧盟地平线“2020”;

关键词：

Smart contract; Trustless; Code analysis; Call graph; Ethereum;

D O I：

10.1007/978-3-319-67816-0_20

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Program code stored on the Ethereum blockchain is considered immutable, but this does not imply that its control flow cannot be modified. This bears the risk of loopholes whenever parties encode binding agreements in smart contracts. In order to quantify the issue, we define a heuristic indicator of control flow immutability, evaluate it based on a call graph of all smart contracts deployed on Ethereum, and find that two out of five smart contracts require trust in at least one third party. Besides, the analysis reveals that significant parts of the Ethereum blockchain are interspersed with debris from past attacks against the platform. We leverage the call graph to develop a method for data cleanup, which allows for less biased statistics of Ethereum use in practice.

引用

页码：357 / 372

页数：16

共 10 条

[1]

Atzei N., 2016, 20161007 CRYPT EPRIN

[2]

Bartoletti Massimo, 2017, Financial Cryptography and Data Security. FC 2017 International Workshops WAHC, BITCOIN, VOTING, WTSC, and TA. Revised Selected Papers: LNCS 10323, P494, DOI 10.1007/978-3-319-70278-0_31

[3] Formal Verification of Smart Contracts Short Paper [J].

Bhargavan, Karthikeyan ;

Delignat-Lavaud, Antoine ;

Fournet, Cedric ;

Gollamudi, Anitha ;

Gonthier, Georges ;

Kobeissi, Nadim ;

Kulatova, Natalia ;

Rastogi, Aseem ;

Sibut-Pinote, Thomas ;

Swamy, Nikhil ;

Zanella-Beguelin, Santiago .

PROCEEDINGS OF THE 2016 ACM WORKSHOP ON PROGRAMMING LANGUAGES AND ANALYSIS FOR SECURITY (PLAS'16), 2016, :91-96

[4]

Hirai Yoichi, 2016, Formal verification of deed contract in Ethereum name service

[5] Demystifying Incentives in the Consensus Computer [J].

Luu, Loi ;

Teutsch, Jason ;

Kulkarni, Raghav ;

Saxena, Prateek .

CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, :706-719

[6] Making Smart Contracts Smarter [J].

Luu, Loi ;

Chu, Duc-Hiep ;

Olickel, Hrishi ;

Saxena, Prateek ;

Hobor, Aquinas .

CCS'16: PROCEEDINGS OF THE 2016 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, :254-269

[7]

Nakamoto S., 2008, Bitcoin: A Peer-to-Peer Electronic Cash System

[8]

Norvill R., 2017, AUTOMATED LABELING U

[9]

Szabo N., 1997, First Monday, V2

[10]

Wood G., 2017, ETHEREUM SECURE DECE

← 1 →