lockchain technology is having an ever-increasing impact on distributed applications domain, since the adoption of Blockchain 2.0 led to the spread of smart contracts. In such a context, Ethereum is the framework with the highest diffusion in terms of smart contract’s development, with a consequent rise of exploitation of code vulnerabilities, some of which causing bad financial losses. For this reason, this paper focuses on the issues of Ethereum smart contracts implementation (made with the Turing-complete language Solidity), providing a comprehensive systematization of such vulnerabilities basing on a slice of the Common Weakness Enumeration (CWE). Moreover, some relevant propagation cases among different vulnerabilities and CWE groups, observed in exploited contracts, are highlighted.

Classification of Ethereum Vulnerabilities and their Propagations / Staderini, Mirko; Palli, Caterina; Bondavalli, Andrea. - ELETTRONICO. - (2020), pp. 44-51. (Intervento presentato al convegno The Second International Conference on Blockchain Computing and Applications (BCCA 2020)) [10.1109/BCCA50787.2020.9274458].

Classification of Ethereum Vulnerabilities and their Propagations

Staderini, Mirko
;Palli, Caterina;Bondavalli, Andrea
2020

Abstract

lockchain technology is having an ever-increasing impact on distributed applications domain, since the adoption of Blockchain 2.0 led to the spread of smart contracts. In such a context, Ethereum is the framework with the highest diffusion in terms of smart contract’s development, with a consequent rise of exploitation of code vulnerabilities, some of which causing bad financial losses. For this reason, this paper focuses on the issues of Ethereum smart contracts implementation (made with the Turing-complete language Solidity), providing a comprehensive systematization of such vulnerabilities basing on a slice of the Common Weakness Enumeration (CWE). Moreover, some relevant propagation cases among different vulnerabilities and CWE groups, observed in exploited contracts, are highlighted.
2020
2020 Second International Conference on Blockchain Computing and Applications (BCCA)
The Second International Conference on Blockchain Computing and Applications (BCCA 2020)
Staderini, Mirko; Palli, Caterina; Bondavalli, Andrea
4a - Articolo in atti di congresso
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1218078
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 14
  • ???jsp.display-item.citation.isi??? 7
social impact