What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)?

TL;DR

This paper analyzes real-world Ethereum smart contract audits to categorize and compare vulnerabilities, assessing the effectiveness of automated detection tools and highlighting common security flaws.

Contribution

It provides a comprehensive categorization of 246 smart contract defects from professional audits, improving understanding of vulnerability types and detection efficacy.

Findings

Identified and categorized 246 defects in smart contracts

Compared severity and frequency of different vulnerability types

Assessed the effectiveness of automated vulnerability detection tools

Abstract

An important problem in smart contract security is understanding the likelihood and criticality of discovered, or potential, weaknesses in contracts. In this paper we provide a summary of Ethereum smart contract audits performed for 23 professional stakeholders, avoiding the common problem of reporting issues mostly prevalent in low-quality contracts. These audits were performed at a leading company in blockchain security, using both open-source and proprietary tools, as well as human code analysis performed by professional security engineers. We categorize 246 individual defects, making it possible to compare the severity and frequency of different vulnerability types, compare smart contract and non-smart contract flaws, and to estimate the efficacy of automated vulnerability detection approaches.