Vulnerabilities of smart contracts and mitigation schemes: A Comprehensive Survey

TL;DR

This paper provides a comprehensive review and experimental evaluation of smart contract vulnerabilities, focusing on mitigation strategies and the specific challenges posed by NFT fractionalization.

Contribution

It offers a detailed survey combined with experimental testing of tools, and introduces guidelines for secure smart contract development, especially addressing NFT fractionalization risks.

Findings

Identified common vulnerabilities and mitigation techniques.

Evaluated popular tools through practical testing.

Provided a comprehensive guide for secure smart contract implementation.

Abstract

Ethereum smart contracts are highly powerful, immutable, and able to retain massive amounts of tokens. However, smart contracts keep attracting attackers to benefit from smart contract flaws and Ethereum unexpected behavior. Thus, methodologies and tools have been proposed to help implement secure smart contracts and to evaluate the security of smart contracts already deployed. Most related surveys focus on tools without discussing the logic behind them. in addition, they assess the tools based on papers rather than testing the tools and collecting community feedback. Other surveys lack guidelines on how to use tools specific to smart contract functionalities. This paper presents a literature review combined with an experimental report that aims to assist developers in developing secure smarts, with a novel emphasis on the challenges and vulnerabilities introduced by NFT fractionalization by addressing the unique risks of dividing NFT ownership into tradeable units called fractions. It provides a list of frequent vulnerabilities and corresponding mitigation solutions. In addition, it evaluates the community most widely used tools by executing and testing them on sample smart contracts. Finally, a comprehensive guide on implementing secure smart contracts is presented.