| 题名 | Characterizing Transaction-Reverting Statements in Ethereum Smart Contracts |
| 作者 | |
| 通讯作者 | Yepang Liu; Shing-Chi Cheung |
| DOI | |
| 发表日期 | 2021
|
| 会议名称 | The 36th IEEE/ACM International Conference on Automated Software Engineering
|
| ISSN | 1938-4300
|
| ISBN | 978-1-6654-4784-3
|
| 会议录名称 | |
| 页码 | 630-641
|
| 会议日期 | 14-20 November 2021
|
| 会议地点 | Australia
|
| 出版地 | 345 E 47TH ST, NEW YORK, NY 10017 USA
|
| 出版者 | |
| 摘要 | Smart contracts are programs stored on blockchains to execute transactions. When input constraints or security properties are violated at runtime, the transaction being executed by a smart contract needs to be reverted to avoid undesirable consequences. On Ethereum, the most popular blockchain that supports smart contracts, developers can choose among three transaction-reverting statements (i.e., require, if ... revert, and if ... throw) to handle anomalous transactions. While these transaction-reverting statements are vital for preventing smart contracts from exhibiting abnormal behaviors or suffering malicious attacks, there is limited understanding of how they are used in practice. In this work, we perform the first empirical study to characterize transaction-reverting statements in Ethereum smart contracts. We measured the prevalence of these statements in 3,866 verified smart contracts from popular dapps and built a taxonomy of their purposes via manually analyzing 557 transaction-reverting statements. We also compared template contracts and their corresponding custom contracts to understand how developers customize the use of transaction-reverting statements. Finally, we analyzed the security impact of transaction-reverting statements by removing them from smart contracts and comparing the mutated contracts against the original ones. Our study led to important findings. For example, we found that transaction-reverting statements are commonly used to perform seven types of authority verifications or validity checks, and missing such statements may compromise the security of smart contracts. We also found that current smart contract security analyzers cannot effectively handle transaction-reverting statements when detecting security vulnerabilities. Our findings can shed light on further research in the broad area of smart contract quality assurance and provide practical guidance to smart contract developers on the appropriate use of transaction-reverting statements. |
| 关键词 | |
| 学校署名 | 第一
; 通讯
|
| 语种 | 英语
|
| 相关链接 | [来源记录] |
| 收录类别 | |
| 资助项目 | National Natural Science Foundation of China[61932021,62002125]
|
| WOS研究方向 | Computer Science
|
| WOS类目 | Computer Science, Software Engineering
|
| WOS记录号 | WOS:000779309000054
|
| EI入藏号 | 20220911734448
|
| EI主题词 | Ethereum
; Network security
; Quality assurance
|
| EI分类号 | Computer Software, Data Handling and Applications:723
; Legal Aspects:902.3
; Quality Assurance and Control:913.3
|
| 来源库 | 人工提交
|
| 全文链接 | https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9678597 |
| 引用统计 |
被引频次[WOS]:9
|
| 成果类型 | 会议论文 |
| 条目标识符 | http://sustech.caswiz.com/handle/2SGJ60CL/256582 |
| 专题 | 南方科技大学 工学院_计算机科学与工程系 |
| 作者单位 | 1.Southern University of Science and Technology 2.The Hong Kong University of Science and Technology 3.Huazhong University of Science and Technology |
| 第一作者单位 | 南方科技大学 |
| 通讯作者单位 | 南方科技大学 |
| 第一作者的第一单位 | 南方科技大学 |
| 推荐引用方式 GB/T 7714 |
Lu Liu,Lili Wei,Wuqi Zhang,et al. Characterizing Transaction-Reverting Statements in Ethereum Smart Contracts[C]. 345 E 47TH ST, NEW YORK, NY 10017 USA:IEEE,2021:630-641.
|
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | 操作 | |
| ASE2021-Characterizi(275KB) | -- | -- | 限制开放 | -- | ||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
;
修改评论