Investigation on Vulnerabilities Location in Solidity Smart Contracts

Smart contracts had a very fast increasing development in the last years. Once a smart contract is deployed on a blockchain due to code immutability, its residual vulnerabilities cannot be patched. Reducing the number of residual vulnerabilities becomes thus very important and normally is achieved through static analyzers. This paper investigates the physical position (location) of vulnerabilities in Solidity smart contracts. To this purpose, we use a language-independent systematization of vulnerabilities and we consider the outputs of a set of static analyzers processing a representative set of smart contracts. We analyze the distributions of the locations where tools find positive outcomes. We create the ground truth of vulnerabilities for a subset S of smart contracts through manual inspection and we first perform a comparison of the distributions within this set. Then we generalize our findings by comparing the distributions between the manually inspected subset and the full set. Such comparison allows us to identify where certain classes of vulnerabilities are located, suggesting specific areas in Solidity smart contracts where the search for vulnerabilities should focus.