IRIS - Institutional Research Information System

Distributed Ledger Technologies are an emerging reality opening the way to new application design paradigms like smart contracts-based distributed applications. If on one side they are creating new markets and opportunities, on the other they are exposing users to new security issues deriving from the scarce maturity in terms of security practices in their design and development. This paper raises a warning about the efficacy of a state-of-the-art software testing tool, namely Mythril, by challenging it with real smart contracts extracted from the Code4arena competitions and comparing its performance with security audits released during the contests. The paper highlights possible root causes of inefficiency, opening the way toward more scalable and efficient smart contract testing tools.

On the Efficacy of Smart Contract Analysis Tools / Bonomi, S.; Cappai, S.; Coppa, Emilio. - 2023 IEEE 34th International Symposium on Software Reliability Engineering Workshops (ISSREW), (2023), pp. 37-38. (IEEE 34th International Symposium on Software Reliability Engineering (ISSRE), Firenze, IT, 7-12 ottobre 2023). [10.1109/ISSREW60843.2023.00041].

On the Efficacy of Smart Contract Analysis Tools

Bonomi S.;Cappai S.;Coppa E.

2023

Abstract

Distributed Ledger Technologies are an emerging reality opening the way to new application design paradigms like smart contracts-based distributed applications. If on one side they are creating new markets and opportunities, on the other they are exposing users to new security issues deriving from the scarce maturity in terms of security practices in their design and development. This paper raises a warning about the efficacy of a state-of-the-art software testing tool, namely Mythril, by challenging it with real smart contracts extracted from the Code4arena competitions and comparing its performance with security audits released during the contests. The paper highlights possible root causes of inefficiency, opening the way toward more scalable and efficient smart contract testing tools.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno del convegno
	
			2023
		
	Codice ISBN
	
			979-8-3503-1956-9
		
	Parole chiave
	
			Smart contracts, vulnerability detection, symbolic execution, software testing, blockchains
		
	Appare nelle tipologie:
	
			04.1 - Contributo in Atti di convegno (Paper in Proceedings)

File in questo prodotto:

File	Dimensione	Formato
On_the_Efficacy_of_Smart_Contract_Analysis_Tools.pdf Solo gestori archivio Tipologia: Versione dell'editore Licenza: Tutti i diritti riservati Dimensione 731.7 kB Formato Adobe PDF Visualizza/Apri	731.7 kB	Adobe PDF	Visualizza/Apri

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11385/236291

Citazioni

0

0

social impact