Rethinking Blockchain Security: Position Paper

Vincent Chia; Pieter Hartel; Qingze Hum; Sebastian Ma; Georgios; Piliouras; Daniel Reijsbergen; Mark van Staalduinen; Pawel Szalachowski

arXiv:1806.04358·cs.CR·April 26, 2019

Rethinking Blockchain Security: Position Paper

Vincent Chia, Pieter Hartel, Qingze Hum, Sebastian Ma, Georgios, Piliouras, Daniel Reijsbergen, Mark van Staalduinen, Pawel Szalachowski

PDF

TL;DR

This paper analyzes blockchain security incidents, highlighting issues in smart contracts and protocol incentives, and proposes testing and comparison frameworks to improve security practices.

Contribution

It introduces a structured database of incidents, applies software testing to smart contracts, and develops the PRESTO framework for protocol comparison.

Findings

01

Many incidents are specific to blockchain technology

02

Smart contract flaws can be detected pre-deployment using testing

03

PRESTO enables systematic comparison of protocols

Abstract

Blockchain technology has become almost as famous for incidents involving security breaches as for its innovative potential. We shed light on the prevalence and nature of these incidents through a database structured using the STIX format. Apart from OPSEC-related incidents, we find that the nature of many incidents is specific to blockchain technology. Two categories stand out: smart contracts, and techno-economic protocol incentives. For smart contracts, we propose to use recent advances in software testing to find flaws before deployment. For protocols, we propose the PRESTO framework that allows us to compare different protocols within a five-dimensional framework.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.