NeuCheck: A more practical Ethereum smart contract security analysis tool. (28th August 2019)
- Record Type:
- Journal Article
- Title:
- NeuCheck: A more practical Ethereum smart contract security analysis tool. (28th August 2019)
- Main Title:
- NeuCheck: A more practical Ethereum smart contract security analysis tool
- Authors:
- Lu, Ning
Wang, Bin
Zhang, Yongxin
Shi, Wenbo
Esposito, Christian - Other Names:
- Zheng Zibin guestEditor.
Wang Shangguang guestEditor.
Calheiros Rodrigo N. guestEditor. - Abstract:
- Summary: Ethereum is one of the currently popular trading platform, where any one can exchange, buy, or sell cryptocurrencies. Smart contract, a computer program, can help Ethereum to encode rules or scripts for processing transactions. Because the smart contract usually handles large number of cryptocurrencies worth billions of dollars apiece, its security has gained considerable attention. In this paper, we first investigate the security of smart contracts running on the Ethereum and introduce several new security vulnerabilities that allow adversaries to exploit and gain financial benefits. Then, we propose a more practical smart contract analysis tool termed NeuCheck, in which we introduce the syntax tree in the syntactical analyzer to complete the transformation from source code to intermediate representation, and then adopt the open source library working with XML to analyze such tree. We have built a prototype of NeuCheck for Ethereum and evaluate it with over 52 000 existing Ethereum smart contracts. The results show that (1) our new documented vulnerabilities are prevalent; (2) NeuCheck improves the analysis speed by at least 17.2 times compared to other popular analysis tools (eg, Securify and Mythril; and (3) allows for cross‐platform deployment.
- Is Part Of:
- Software, practice & experience. Volume 51:Number 10(2021)
- Journal:
- Software, practice & experience
- Issue:
- Volume 51:Number 10(2021)
- Issue Display:
- Volume 51, Issue 10 (2021)
- Year:
- 2021
- Volume:
- 51
- Issue:
- 10
- Issue Sort Value:
- 2021-0051-0010-0000
- Page Start:
- 2065
- Page End:
- 2084
- Publication Date:
- 2019-08-28
- Subjects:
- blockchain -- Ethereum -- security analysis -- smart contract
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2745 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 18523.xml